The video is 15 minutes long and at the four-second mark flashes a screenshot from Zoolander, in which the protagonist unveils the “Center for Kids Who Can’t Read Good.”
It also features a punchy techno backing track while wasting the reviewer’s time with approximately 14 minutes of inactivity.
Should have had a single tone growing in volume and intensity
The best would be to have recorded audio that slowly goes down in volume, with the tone at full blast at the end
Should have been an AI generated voice narrating the issue showing the words on the screen with Minecraft gameplay as background.
Idiocracy is now
I have heard from friend that teach in higher end that students are struggling more and more with getting information from text. It seems those students have now found there way into the work force.
bruh i know people in their 40s making 6 figures that couldn’t read an error message if it would save ten generations of their family.
Yeah, one of my most often stated phrases at work is “you can’t make people read.”
Error pops up, explaining exactly what the issue is and how to fix it? Oh god, let me call IT to see what I need to do. Yeah, you can’t make people read.
Some piece of equipment or machinery has changed in some meaningful way? Management is quick to go “just hang a sign on it, letting people know the new process.” Nope, you can’t make people read. People will physically move the sign to the side, try to use the machine like they previously did, and get surprised when it doesn’t work as expected.
Some area is unsafe due to work happening overhead? “Oh just hang signs on the doors, telling people not to come in.” No, you can’t make people read; I have seen people push their way past physical barriers with big “do not enter” signs, just to ask if we’re open. How about we lock the doors, and disable the keyways on all the doors (except one, where we have physical barriers to entry) until the work is completed?
The floor is freshly painted? People will walk past six different “do not enter - wet paint” signs and physically push past stanchions or barriers, and then act surprised when their shoes stick to the floor.
Was going to say, very much seems like the opposite of a generational problem. Seems more like everything we’d vaguely define as ‘the tech industry’ has become big enough that it’s workforce now includes the individuals who wouldn’t have been considered competent 10 years ago.
>>> students are struggling more and more with getting information from text >>> found there way >> people [...] that > it's workforceThe question is whether this running gag is intentional.
One of my old coworkers from a place I no longer work would come to me for every exception his code threw. Being generous, I understand his intentions, he was curious if they were known problems or things to avoid. That said, every time I asked him what line of code it happened on or if he’d searched online about it the answer was no. I was probably ~25 at the time and had a bachelor’s degree. He was definitely at least 50 and had a PhD.
Savage
got to submit those bugreports as tiktok dances
Problem starts earlier in life. I know someone who is a teacher in lower school. Ask the kids to make a presentation and literally in 90 seconds you will have a PowerPoint with 15 slides full of pictures and embedded video. Ask them to write one slide of text and they’ll struggle to put three sentences together.
Reason is pretty simple, a lot of the parents never read to their kids. They grew up on iPads. Video is the medium they are accustomed to. And so they struggle with written information.
Set up a potato phone camera on a tripod to record the screen 😂
Honestly, I would encourage any researcher who gets a brush-off response like this as a response to a real and meaningful security report to lean even harder into malicious compliance. Simply post it to TikTok or Instagram or whatever - and I am intentionally picking the pervasive platforms that I despise and find problematic, simply because they have the largest user bases. If it’s “not a problem”, they shouldn’t mind if how-to videos explaining how to elicit the “not problematic” behavior start going viral.
That wouldn’t get you paid though.
They’re not going to pay you if they classify it as “not a problem”. And you get what you pay for.
A definite opportunity for a Loops video
Using stupid programs, doing stupid bugreporting.
Leave Microsoft alone. Let it rot with Tesla, Nintendo, 3dfx, NSDAP and other shitty organizations.
3dfx, haven’t heard of them for a long time, good old voodoo card
If you have a Voodoo card laying around, it might be worth some money. They were used in some coin-op arcade games.
Is there a video version of this article?
The most likely explanation for requesting a video is to weed out low quality AI-generated “vulnerability” submissions that hallucinate code that doesn’t compile or APIs that don’t exist. In that context a 1 minute video showing that the report is viable is not much to ask for.
Maybe in some cases. But I’ve been requested by Google support to provide a video for a very simple and clear issue we were having. We have a contract with them and we personally brought up the issue to a Google employee during a call. There was no concern of AI generated bullshit, but they still wouldn’t respond without a video. So maybe there’s more to this trend than what you’re theorizing.
Have you considered that you may be a hallucinating AI yourself?.. Quick, try drawing a full glass of wine!
I cant beleive google would be so shitty to its paying customers! Can you provide video of this interaction?
Removed by mod
You can excuse the genocides of uyghurs and tibetans but misspellings are unforgivable huh?
Your illiteracy is a fact, unlike your wild, politically motivated claims.
I can understand if the reporter is new, or unknown, maybe submitting a lot of videos at once. The guy from the article is a vulnerability expert that’s been working in that role at Carnegie Mellon Software Engineering Institute’s CERT Coordination Center since 2004. I think he gets a pass on the “submitting fake reports for internet clout” front.
The bullshit managers that automate all systems are to blame
Probably so they can have an AI Agent watch the video and do the thing or some bullshit
AI agent would process text much easier…
But they need to look busy! Chug along the video!
You need to include videos of Subway surfers and Family Guy funny moments on the sides of the report, and a compilation of satisfying videos in the background
I understand that this bug probably didn’t need a video to be actioned, but if it is a 1 minute repro, it isn’t really a huge ask for you to screen cap it. Making a 15 minute troll video isn’t exactly heroic malicious compliance.
Or the people at Microsoft could learn to read. While that takes more than a minute, it can also be useful for other purposes.
Years ago, I was de facto tech lead on a project. Every time a weird issue came up with the closed-system third-party development environment we were using, it fell to me to figure out what was causing it and file a bug report. It took time to figure out what was going on, narrow down the possibilities, get it to reliably reproduce, then word the bug report so that it was clear what the issue was - and this was on top of my regular duties.
I remember figuring out that if your SQL statement was 683 characters long, you were fine, but if it was any longer than that, the program would crash. I filed a bug report saying exactly that and giving the error message that got generated.
They came back and said they didn’t understand the bug report or how to reproduce it. I said, “Write a 683-character SQL statement. The program will run. Add one random space-character anywhere; the program will crash.” As far as I was concerned, this wasn’t my problem, and I was fully tired of finding and reporting bugs on their shitty platform (our customer had locked us into it).
They came whining back, "Oh, but that’s soooo haaarddd … " I’m like, “It’s not. Just write SELECT X, X, X [etc] until you have 683 characters,” (especially true because I had no idea what their database structure looked like) but they kept whining. Eventually they just came straight-out and said, “We need you to send us the entire failing module [because we can’t be arsed to do our own job, tyvm].”
My manager talked me down from the email I wanted to send back and told me to just strip everything else out. Which I did, but it took me like a day and a half to strip it back to something that had enough to reproduce the error without giving things away. I sent them the 683-character version and said, “Run this. Then add a random space anywhere in the SQL statement and it’ll die. This is your job and you’re not even my company, you figure it out from here.”
Then they had the nerve to come whining back, “Oh, we don’t understand what to add to the SQL statement or whe-ere. Pweas pweas pweas send us a non-working copy as well!” I’m like, ADD. A. SPACE. ANYWHERE." We went through a couple rounds of that, then my manager told me to add the space and send it to them so they (the people who developed this entire platform we were working on) could figure out the issue.
Steaming, I sent the second file. Since I had now done their entire diagnose-and-reproduce job for them, they graciously consented to open up a bug report.
We found multiple bugs like this. If you press the Save button it works fine but if you use Ctl-S it sometimes crashed [why are you using two separate Save routines?!?!]. They didn’t left-pad the time call to the operating system (which they said they did), so any program run before 10am had a chance of randomly crashing - that kind of thing. Probably half my overtime was figuring out their bugs so my developers could actually write code.
ISTG, after all the repeated time, stress and effort their shitty product cost me, if they’d insisted “Oh, we can’t do anything without a video showing us how to do our effing job” - well, they’d have been lucky to get a 15-minute troll video because I’d’ve vented two years of anger and frustration with their product and their customer “support” into that video.
That’s horrendous.
My company supports businesses where any issue that prevents them from completing a task could cost them millions if their operations need to stop. We get super vague bug reports, yet we usually turn around a fix in a day or two.
I just don’t understand how a company could be so blasé about a clear bug report that they’re willing to go back and forth like that.
“vendor lockin”
once a company has you by the balls, they will fire everyone competent and hire interns for maintence and support
I’ve had an antagonistic relationship with a vendor like this, it’s awful. In my case the vendor was supposed to be a fast moving tech startup - the only thing that moved fast there was the revolving door of engineering talent coming and going.
Even worse, my boss had been convinced by their founder that he had all this pull with the company, and since the company was super cool, that made him super cool, and I dunno if you’ve ever tried to criticize something that has made a middle aged nerd feel cool for the first time in his life, but let’s just say it was not a fruitful endeavor.
The number of things I effectively fixed for them via email, the abominations I had to construct to work around the things they refused or failed to fix…bad times.
Oh god, the comments I put in the code, explaining what I was doing and why, and how to test that the product had been fixed before changing my code, because I just knew some junior codebro was going to come in and think, “I should clean this code up!” and they’d have no idea why it wasn’t working anymore …
Thank you for your comments.
Nothing irritates me more than walls of code without any comments and the “cOdE sHoUld bE sElf-DoCuMenTiNg” attitude. No, it’s impossible to describe complex industry-specific processes by naming your variables and functions nicely.
Just askin’, this company wasn’t called something like Microstrategy, no?
It rhymed with Smoracle. Which is really ironic because you’d think that’s the ONE company that would (a) understand how to write a SQL statement, and (b) get really effing concerned when a simple database query broke their product.
It seems from the description that there’s the length of the request there stored in 11 bits, hell knows why, so max of 2046 (682*3, that’s 683*3 = 2049 if starting with 1), and one symbol takes an increment of 3, hell knows why.
That’s, ahem, yes, a pretty gross mistake for such rhyming companies, the kind only I am allowed to make.
Oh, cool! I never figured out why they had the 683/684-character limit thing, so it’s cool beans to you - thank you!
They ended up “fixing” the problem by increasing the character limit to 2048, which was nice.
Oracle doesn’t know how to write software. Only contracts and lawsuits.
What’s the point of screencapping text that’s already included in the submission? Like the whole process is text-based, and adding pictures or video of that text adds nothing useful.
