Ben is a random engineer, he is definitely not the proper point of contact. FOSS compliance is serious, so if this is real, do escalate it.

Compliance with FOSS licenses isn't a joke.

Internally, depending on what product is being worked on teams will have different development flows and different usage points of AI. For things like VSCode, teams have freedom on how they use it completely.

A random engineer on Hacker News is not the proper channel.

Link: https://www.microsoft.com/en-us/legal/compliance/sbc/report-...

Sure FreeRTOS has a SafeRTOS mode, but its not sufficiently functional for a modern ADAS stack or complex robotics systems. QNX is used in all major automotive companies around the world for a reason, and a crucial part of NVIDIA's DriveOS stack.

"Microsoft made both changes in response to antitrust concerns from the European Commission. Led by Symantec, the world's largest antivirus software maker, security companies had publicly criticised Microsoft over both Vista features and also talked to European competition officials about their gripes."

Perhaps reactive, but there were definitely conversations between EU and MS.

As someone that watched the video (and directly worked on this stuff during my time at MS), I think Marcus has no idea on how the OS vendors relationships work with governments. He misses the fact that if Windows releases user-level APIs that provide similar functionality, it would break existing functionality and force a migration.

For the example he uses patch guard, existing functionality did not break anywhere as significant as say would evicting drivers from the kernel.

Reversing a change from 2006 would likely bring anti-trust action from the remainder of the world immediately, as that change from 2006 is relied on by everyone else globally today.

The EUs stance isn't bad either, as MS has a competitor in this space that also relies on a kernel driver (MDATP does use a kernel driver) and it is unlikely MS would remove its own competitor from the kernel (at least this item was not discussed during my time at MS and I was in the security space of Windows).

I do not know enough to properly answer on the concrete reasons why, only that it was external. Sorry.

MS has an entire forum for discussing these things with industry (https://learn.microsoft.com/en-us/defender-xdr/virus-initiat...) and has had variants of said forum for some time (I think the first effort was in 2010).

Kaspersky was running an SSL/TLS Proxy in the kernel IIRC and didn't want to have to move it elsewhere due to the fact it would require them to rework their product quite a bit.

The solutions MS (we) proposed were agnostic and overall better, the anti-malware industry simply doesn't want to make the changes as these things do impose technical work on existing products.

This is and has been a thing for quite some time. Windows is a highly regulated OS.

Via Google: https://www.techtarget.com/searchsecurity/news/450420491/Mic...

(Also via myself, as I was at MS when we wanted to make this change and the EU said no.)

Microsoft has long desired to kick AV vendors out of kernel space and has even attempted to do so prior, however because of its dominant position in the market, it is unable to do so. I was at MS when an iteration of this effort was underway, and the EU said no.

See, Windows is a highly regulated OS today, and making a change like kicking out AV vendors from the kernel runs afoul of antitrust laws.

Example: https://www.techtarget.com/searchsecurity/news/450420491/Mic...

Microsoft does provide user-space capabilities: https://learn.microsoft.com/en-us/windows/win32/amsi/antimal... but vendors are not required to use it, nor can Microsoft require vendors to use it (for the aforementioned antitrust reasons).

Microsoft also has ELAM: https://learn.microsoft.com/en-us/windows-hardware/drivers/i... which is a rootkit / bootkit defensive mechanism. A defect in the definition files (as noted in the twitter thread) is what caused the crash in an ELAM driver. CrowdStrike obviously was not following the required process for ELAM drivers.

Mind you, the claim about CrowdStrike not impacting Linux is also bogus: https://www.neowin.net/news/crowdstrike-broke-debian-and-roc...

The poster clearly thought about search in terms of the existing Google search functionality which is near instantaneous.

Usability matters to the average end user and a delayed search is not usable for most people.

If you're serious about this than go talk to a non-tech person and tell them to self-host email and see how they do. Look at their challenges, build a solution and then offer it.

Naming and shaming does work.

The right people will read it (Chattr.ai’s customers) and respond . Right now everyone looks at it and some CISO will overreact and make everyone go check their Firebase configurations which may likely be a non-value add.

That’s what you should call it. It explains to readers what’s going on without over sensationalism.

That isn’t too long either.

These companies are responsible for their employees behavior and data but they are not responsible for nor legally liable for (in most cases, some exceptions apply) the actions of a third party that they have retained to help with hiring.

In fact the contract they have with said third party likely absolves them of any liability.

The title should be: I owned an AI startup via Firebase misconfiguration.

You can even name the startup if you want. That’s not flashy though and this person wants marketing.

Title is misleading.