Maybe the fact that US soldiers and military bases exist inside Germany's borders is slightly more important than where the gold is. First regain your sovereignty, I'd say.
I am guessing that these bases are one of the last things to go. Would be a major diplomatic incident. But then again Trump creates those for breakfast, so who knows when we finally have had enough.
Yes but you cannot make up more than about 10-15 examples everyone will agree with, seeing as those are subsidized in practically every country on earth, and then apply the thinking the guy above you gives for everything else.
In my opinion internet access is as fundamental a right now as water access so I think it should be subsidized to a fair degree.
But not for example if it is to supply only a small island of rich people just because they happen to want to live there and force the rest of the state to supply them. There's nuance to these things and we can't just outright subsidized everything and we can't market economy everything either
I agree with you. The internet is now important enough that it's required for almost everything past basic sustenance. Governments worldwide are moving services to the internet, so it's not even optional any more.
As precedent, the framers of the US Constitution specifically authorized the government to run a national service provider of last resort...
In that technological era of horses and handwriting, it became the US Postal Service, but I think if it occurred today it would be the US Networking Service.
Those extreme takes are taken mostly for clicks or are exaggerated second hand so the "other side's" opinion is dumber than it is to "slam the naysayers". Most people are meh about everything, not on the extremes, so to pander to them you mock the extremes and make them seem more likely. It's just online populism.
Someone said "its fine nobody uses this" and someone else gave the world's biggest slam dunk of "Ubuntu in 1 month" and your reply is that "not everyone does it". How far from the point can you be!
In the Linux world this is the worst possible scenario, distro with the largest adoption, LTS.
Not trying to downplay the importance of this, but the LTS versions aren't until the first point release, so 26.04.1 (typically six months or so after the release).
I can't find any link, so I think I'm getting mixed up between what they consider LTS and when the upgrade tool starts prompting to upgrade. If you're on the 24.04 LTS, then you don't get prompted to upgrade until 26.04.1
> We're working hard to harden the codebase with folks from Nvidia, ByteDance, Tencent and OpenAI.
But coding is solved? Why do you need those guys if all they do is use claude code? Just have it solve it overnight. You forgot to prompt "make it secure pls"?
They didn't say the "folks" from those companies were engineers! Maybe it's a group of PMs from Nvidia, ByteDance, Tencent and OpenAI that are working to harden the codebase.
It's auditing, nobody that is good at doing anything goes to auditing, unfortunately its one of those jobs. I haven't interacted with any auditor that actually understood all they were auditing, some are better than others but the average is worse than almost any other job description I have dealt with.
If you care about this stuff you need to in-house auditing and do your own audits with people who care. Then get certified by an external auditor for the paper.
You can start very lightweight with doing spec driven development with the help of AI if you're at a size where you can't afford that. It's better than nothing.
But the important part is you, as a company, should inherently care.
If you rely on an auditor feedback loop to get compliant you've already lost.
Nobody really tries to get technical people to do the work.
Like cool, it's a great idea and would potentially produce positive results if done well, but the roles pay half the engineering roles, and the interviews are stacked towards compliance frameworks.
There's very little ability to fix a large public company when HR is involved
Maybe it should be treated like on-call duty and have the load spread between existing engineers on some kind of schedule, maybe with some extra comp as incentive because it's boring and will take more effort/time in the "easy case" compared to pager duty.
Maybe that's just a goid moment to review your _policy_. About a half of our compute is exactly that, and we just don't have to do this sort of backups, that'd be silly.
We don't deal with the military though, only fintech (prime brokers and major banks, funds) some government. Plenty of certifications (have someone all site all year round),!no silliness.
But companies don't care. They don't want compliance for feel goods, they want compliance because their partners require it. They do the minimum amount required to check the box
Caring about security and comparing about some of the arbitrary hoops you have to jump through for some of these compliance regimes don’t always overlap as much as you’d expect.
I’ve been at companies where we cared deeply about security, but certain compliance things felt like gimmicks on the side. We absolutely wanted to to do the minimum required to check that box so we could get back to the real work.
You should check out the banking industry sometime if you'd like to interact with a competent auditor.
Compliance gets taken quite seriously in an industry where one of your principal regulatory bodies has the power to unilaterally absorb your business and defenestrate your entire leadership team in the middle of the night.
I've seen this up close. The regulatory bodies as a rule are understaffed, overworked and underpaid. I'm sure they'd love to do a much better job but the reality is that there are just too many ways to give them busywork allowing the real crap to go unnoticed until it is (much) too late.
Because they’re put there as a box ticking exercise without ever being given the power or resources to be able to do damage or negatively impact the bottom line of the big rule breakers. It’s just supposed to maintain the appearance of doing something without ever supporting these activities for real. For the most part they are a true Potemkin village. If the risk is diffuse (just some average Joe suckers will lose money) I wouldn’t hold my breath that anyone is controlling for real.
Usually on a Friday night. If you see a bunch of rental cars hanging out near a bank HQ on a Friday afternoon, get all your money out before the doors close. FDIC is about to wreck shop.
They do it on a Friday so they can work through the weekend and reopen the bank on Monday as a branch of a different bank which is solvent, so I wouldn't worry too much. I'd be more worried about putting my money in a fintech not regulated by FDIC or NCUA (though many contract with a "real" bank so that your money is still protected).
The industry is paid to provide a fig leaf for shady practices. Everyone knows what's going on, no one is going to do anything about it unless governments step in and give regulators more resources and more teeth, and "errors" lead to prosecutions and jail time.
None of those are likely.
This is the industry that missed Enron, WorldCom, Wirecard, Lehman, and many others.
Every morning it summarizes a bunch of stuff for me, suggests me PRs to review, emails to reply to, freshly cloned any new repos, pulled all others, presents me with the suggested approaches to my PRs of that day, and gives me a list of my slack mentions that look more urgent.
This is just the morning ones, and saves shitloads of time of clicking around from tool to tool, freeing up time for the thinking and deciding.
How? Most of what was mentioned requires discretion and judgment. You can question whether an LLM would be able to offer that, but there’s no script that can do b it.
How can you reconcile the rest of your comment with:
> That had short to mid-term positive impacts and long-term catastrophic ones, as is the typical strategy in modern times.
Is the catastrophe still coming from the 70s to now? 50 years later? This is the most repeated quip that makes no sense. Same with companies, everyone just repeats "omg they only care about short term" and then years after years the company trots on.
But I guess it's easy to say since the defense is "oh just wait". As if the online commenter is able to see N+1 moves more than whoever they comment about, but that person just simply cannot. Like come on.
The site [1] I already linked has a number of excellent graphs of the endless major inflection points driven by the shift in 1971. Most started in the years prior to 1971 since 1971 was, itself, also a longer term consequence of years of previous mistakes.
Many of those issues started out fairly small and had a rather small impact relative to the initial benefits of 'financial liberty', but those benefits faded fairly rapidly, while the consequences not only remain, but continue to grow. It turns out that free money is rather expensive.
If you look at the achievements and progress that was being made in the 60s in the US in practically every domain, and then you showed them what 60 years in the future awaited for them, the most common response, outside of digital gizmos, would probably be 'what went wrong?'
There's no way a popular show like that needs money, they were probably millionaires already with sponsorships. Why are we pretending these people are poor or need help to survive?
reply