|
Well, they may have nukes but they don't have FMA Bill. Edit: They do not do Bounty SYSV Fanfic fucked around with this message at 20:11 on Dec 29, 2021 |
# ? Dec 29, 2021 20:01 |
|
|
# ? Mar 28, 2024 23:35 |
|
MononcQc posted:https://twitter.com/fxcoudert/status/1476204806381395969 on a nine figure procurement hpe can spend a few dollars to make nnsa happy
|
# ? Dec 29, 2021 20:11 |
|
PCjr sidecar posted:on a nine figure procurement hpe can spend a few dollars to make nnsa happy Dudes' just a schmuck namedropping, who told his client they didn't need to buy a fortran compiler.
|
# ? Dec 29, 2021 20:17 |
|
“customer has nukes” sounds like a brag or an indirect way of saying “customer thinks they are super important but have an awful, bureaucratic internal culture”
|
# ? Dec 29, 2021 20:23 |
|
SYSV Fanfic posted:Dudes' just a schmuck namedropping, who told his client they didn't need to buy a fortran compiler. i can guess which procurement this is, and I can guarantee they’re paying orders of magnitude more for compilers than what they’d pay for a bounty id bet they validated one of their forty year old go-boom code on gfortran a decade ago, or they need to have fma on all supported compilers before they can use it in the code
|
# ? Dec 29, 2021 20:31 |
|
i took it as meaning the customer is a government entity and can't offer a bounty because that's not how government contracts work ofc that doesn't preclude the contractor from paying the bounty
|
# ? Dec 29, 2021 20:32 |
|
and hpe is not lacking in bureaucracy either
|
# ? Dec 29, 2021 20:41 |
|
PCjr sidecar posted:i can guess which procurement this is, and I can guarantee they’re paying orders of magnitude more for compilers than what they’d pay for a bounty Sandia/LLM has some of the top people in the world across all CS disciplines. Probably it's just in the unit tests that have to compile and perform to fulfill the contract. If it was actually holding anything up, they would have had it implemented within two weeks.
|
# ? Dec 29, 2021 20:45 |
|
Wonder if he bid on a sub contract for HPE thinking he'd be able to get the gfortran guys to do it for free.
|
# ? Dec 29, 2021 21:39 |
|
lol. https://www.linkedin.com/in/bill-long-a5a0957
|
# ? Dec 29, 2021 21:51 |
|
"principal engineer at cray for 25 years" should tell you everything you need to know about this guy
|
# ? Dec 29, 2021 21:54 |
|
rotor posted:"principal engineer at cray for 25 years" should tell you everything you need to know about this guy Hey, at least he let whoever implements this know that their FOSS hobby could help kill a couple of million people at once. Edit: Is it poop touching to reach out to HPE media relations and ask whether he was implying his customer was important, or implementing features useful for perpetrating nuclear holocaust is a cool once in a life opportunity you shouldn't let pass you by? SYSV Fanfic fucked around with this message at 22:07 on Dec 29, 2021 |
# ? Dec 29, 2021 21:57 |
|
yes, yes it is.
|
# ? Dec 29, 2021 22:09 |
|
i wouldn’t continue to post about doing that, no
|
# ? Dec 30, 2021 01:05 |
|
Man, gently caress having a hobby that could make me the hacking/rendition target of a foreign nation state. I was thinking about the gfortran thing today, and realized they truly meant op-sec in the counter intelligence way. I asked a friend who worked at a national lab. Only thing they could figure (besides contracts) is HPE/Cray exec said he knew people and could get it taken care of b/c he wanted to look important. Otherwise they'd just ask under the auspices of getting some of their open source fortran code working.
|
# ? Jan 1, 2022 01:53 |
|
good principle for all elements of life: anything you can achieve without involving nuclear weapons, even indirectly, is best achieved without involving nuclear weapons
|
# ? Jan 3, 2022 06:42 |
|
https://snyk.io/blog/open-source-maintainer-pulls-the-plug-on-npm-packages-colors-and-faker-now-what/
|
# ? Jan 9, 2022 22:53 |
|
Tankakern posted:https://snyk.io/blog/open-source-maintainer-pulls-the-plug-on-npm-packages-colors-and-faker-now-what/ It should come as no surprise to anyone that I support this dude 5000% also lmao @ github revoking his access to his own loving source code, that is some loving shameful bullshit
|
# ? Jan 10, 2022 00:09 |
|
https://twitter.com/VessOnSecurity/status/1480189534625320960 gently caress this rear end in a top hat, and not in the good way
|
# ? Jan 10, 2022 00:14 |
|
lmao at his meltdown https://web.archive.org/web/20210628030444/https://marak.com/blog/2021-04-25-monetizing-open-source-is-problematic
|
# ? Jan 10, 2022 00:15 |
|
rotor posted:https://twitter.com/VessOnSecurity/status/1480189534625320960 ed: nevermind. you side with the meltdown guy
|
# ? Jan 10, 2022 00:16 |
|
I'm pretty sure I've used faker for some one off test type things. I wouldn't appreciate this guy putting malicious code in a dependency because he didn't like his npm fame.
|
# ? Jan 10, 2022 00:19 |
|
hardly counts as malicious, just intentionally broken. which should also be a reality check on how many unknown people could push actually malicious code into your codebase.
|
# ? Jan 10, 2022 00:25 |
|
by discontinuing the free software i was relying on, you're hurting me
|
# ? Jan 10, 2022 00:34 |
|
also gently caress people who write "coz" instead of "cause."
|
# ? Jan 10, 2022 00:35 |
|
akadajet posted:I'm pretty sure I've used faker for some one off test type things. I wouldn't appreciate this guy putting malicious code in a dependency because he didn't like his npm fame. If you want dependable code, your company should pay for it.
|
# ? Jan 10, 2022 00:45 |
|
i have some idiot spare time rust stuff and if one of the dependencies started spamming in a for loop i'd just lol out loud at it sure there'd be some annoyance with needing to pin a not-busted version but ultimately not a big deal. it wouldn't be the first time i've had a dependency introduce a regression so i think the "this hurts the little people just as much" argument is a bit bullshit, it's not like my desktop music visualizer or half finished DNS server have an SLA or paying customers
|
# ? Jan 10, 2022 00:50 |
|
Progressive JPEG posted:the "this hurts the little people just as much" argument is a bit bullshit
|
# ? Jan 10, 2022 00:57 |
|
rotor posted:If you want dependable code, your company should pay for it. lol if you think paying for code makes it dependable.
|
# ? Jan 10, 2022 01:08 |
|
if you want to make companies pay for your open sores project do the old fashioned thing and license it under gpl and offer a commercial license
|
# ? Jan 10, 2022 01:15 |
|
dude apparently really lost it https://nypost.com/2020/09/16/resident-of-nyc-home-with-suspected-bomb-making-materials-charged/
|
# ? Jan 10, 2022 01:15 |
|
rotor posted:https://twitter.com/VessOnSecurity/status/1480189534625320960 lol this rules. hopefully some of these idiots learn not to use js
|
# ? Jan 10, 2022 01:16 |
|
also i was curious about the retool scumminess thing and the cdn was embedded into the library. retool was dumb for not catching that but guy is acting like he didn't just set things up to have everyone using it hit his domain
|
# ? Jan 10, 2022 01:23 |
|
Shaggar posted:lol this rules. hopefully some of these idiots learn not to use js yeah the biggest problem with npm is the lovely people who contribute to it
|
# ? Jan 10, 2022 01:34 |
|
akadajet posted:lol if you think paying for code makes it dependable. it totally does not, but at least you have a leg to stand on when you're bitching about it breaking
|
# ? Jan 10, 2022 01:50 |
|
i'm trying to imagine a world where i have to explain to executives that a critical application broke because some random internet guy got mad and broke some free stuff we used and yep, hard to come up with any sympathy for counterfactual me
|
# ? Jan 10, 2022 01:51 |
|
"he should have just quietly taken his project offline" "why cant he just protest quitely somewhere no one will hear him?"
|
# ? Jan 10, 2022 01:52 |
|
Any open source dependencies you get in a project of yours is just a loaned, temporary piece of code you don't have to write, for the time being. If it goes, it goes. "But I don't like this perspective, it makes me feel my product is far more brittle than I thought" Yes, exactly.
|
# ? Jan 10, 2022 02:05 |
|
Sagebrush posted:by discontinuing the free software i was relying on, you're hurting me i especially like when apple made that change to prevent cross app tracking on my default, Facebook immediately went with “thinknof the small businesses that will suffer”
|
# ? Jan 10, 2022 03:11 |
|
|
# ? Mar 28, 2024 23:35 |
|
think of the small, struggling adtech startups (whose entire business model is to get acquired by facebook or google)
|
# ? Jan 10, 2022 04:14 |