(Edit)

I’m tired and rambling. Don’t mind me.

I did read the text. I suggest you read the article. Microsoft lied and literally called it “expected behaviour”, then silently patched it. Why would they patch expected behaviour?

The exploit discovered and lodged by O’Leary was confirmed independently to exist and function by CERT/CC and they gave it an interim CVE entry. The only reason it was not finalized and publicized is that Microsoft has the right to overrule CVEs as part of the CNA hierarchy rules.

As the researcher said, it’s a privelige escalation bug. So yes, an attacker would need some privilege… But this is still a major vulnerability.

The vulnerability allowed a user with only Backup Contributor (an Azure RBAC role with zero Kubernetes permissions) to trigger this access grant [for the entire Kubernetes cluster].

Azure’s Backup Contributor is a role widely assigned in organizations to their mid and even low-level IT staff. At a Fortune 500 company there may be hundreds of people around the world with that permission to manage their own site’s or office’s backups.

Azure’s Kubernetes Cluster Admin is a much more powerful role. It allows unrestricted access to the entire Kubernetes cluster - including retrieving admin credentials for the cluster via powershell, and accessing or modifying any data on the cluster. How much that could impact a particular environment depends on what services they have containerized into their Kubernetes cluster, but it could be almost anything… web frontend for user logins, a payroll system interface also with logins, etc - attacker would be able to access all that information with some skill. They could also simply install a pod that acts as a backdoor into the whole environemnt and take their time looking through all data to extract what further access they need or want.

That’s why this was assessed by CERT to a CVE rating of 9.9 - critical vulnerability that poses a severe risk.

The bigger issue as I said is not the bug, its Microsoft’s response. Lie, use their power to quash the report, silently patch it, alert nobody. There may be impacted businesses/orgs out there that have been breeched through this vulnerability, and now they will not even know to check their logs, rotate Kubernetes cluster admin password or audit & validate their Kubernetes pods.

Feels like a really, really dumb decision. Has Microsoft forgotten the reason CVEs and bug bounties exist is to bring them to the light of day and prevent them being packaged and sold on the darkweb for abuse?

Or maybe AI tools are just helping researchers identify such a wealth of MS bugs that Microsoft is overwhelmed with notifications and pushing back by aggressively closing them?

Either way - this is a bad choice and will come back to bite them.

It was Experts Exchange. Then they paywalled everything like greedy idiots - hiding decades of useful community knowledge.

Then everyone moved rapidly to StackExchange, which had coexisted but been quite small until EE did their thing.

Me too! Nice to feel the joy of optimism occasionally.

Yeah… I don’t drink Coke often but I like caffeine free diet coke / coke zero. I don’t want the sugar and I don’t need caffeine.

¯\_(ツ)_/¯ 

Two things can be true at once.

They do still produce and use a lot of coal - highest in the world by country, but are transitioning to green energy (solar, wind, hydro etc) significantly more rapidly than most other nations.

Once that chart is updated for 2025 data it will show that China’s fossil fuel use actually decreased in 2025 over 2024 for the first time ever, as shown in the Wiki table. While energy use increased, all renewable energy continued to increase from a 32.33% share in 2024 to a 35.58% share in 2025 and fossil fuels fell. Their nuclear share is also increasing several percent every year.

Compare and contrast to western natkons like US, Australia etc… Our share of renewables is either increasing small amounts or flatlining, while fossil fuels mostly goes up.

Additionally even though they consume a lot of fossil fuels as a country, they’re not near the per capita fossil fuel use of Australia, the US, Canada, and dwarfed by Singapore and gulf states (Qatar, UAE etc).

There’s plenty to complain about with respect to China’s government policies and actions, but their green energy policy is certainly not one of them IMO.

Smells like sewerage (which is why they’re banned in most hotels, planes, transit and enclosed spaces where they’re common), tastes like a fancy dessert. It’s a complex flavour that’s honestly unique, and they don’t all taste the same - various sub-varieties exist.

To me the most consistent flavour of them is a very creamy mild honeydew-melon and vanilla flavour, with a dash of banana. Very pleasantly floral and generally quite sweet.

Given that description you’d think I’d love them but I actually can’t stand the smell and look (bro the fruit flesh looks like yellow turds), I’ve only ever eaten them under duress haha.

If I ever wake up feeling really ill and see someone wearing that Outbreak PPE, I think I’d just nod and flatline.

IMDb has been making shitty decisions for a long time. They have always been a business first, community last.

I doubt RT is much better but I use it mostly. It at least has been consistently the same amount of shitty UI since inception. TheMovieDb.org has a decent ratings system too and is getting more use, but again it’s privately owned.

I’m not aware of a community run and operated ratings DB that’s got any significant uptake… Would be glad to hear of one if anyone knows.

Interesting numbers on the One Nation voters there, I’d have expected them to be ride or die Trumpers. Good to hear some of them have some comprehension of reality. Some… They were still the highest percentage of responders that supported Trump & the US across all questions.

Yep. It’s happening. Ignore the naysayers.

The market share data showing increase is still early to make sweeping predictions on, but that’s not important because the processes driving the uptake are measurable and show consistent trends.

Windows won’t get better. Apple won’t get cheaper. Steam will continue supporting investment in Linux. Linux will continue to get more developers and community support and keep improving from its already very respectable usability.

needs that better 5G signal under all the cement

I believe it was the Florida supreme court that said ‘nuh uh’ after several recount stalls and mismanagements. Florida govenor at the time in charge of directing recounts? Jeb Bush, George Bush’s brother.

Then the conservative-led Supreme Court said ‘we agree with said ‘nuh uh’.’ and quoted Florida’s decision in their ruling. Which ruffled a lot of legal experts.

But hopefully it’s a once-off horrible event that won’t affect future legal decisions. Lemme check the names of the lawyers involved here… Hmm John Roberts, Brett Kavanaugh, and Amy Coney Barrett. OK you guys are screwed.

The amount of websites I’m forced to create accounts on for various mandatory crap that insist on a short password (12-16 characters seems common) is embarrassing, and causing a large part of this issue.

I agree. The problem isn’t the AI or technology in general - per Hawking’s quote.

It’s the people in charge of making decisions about how to use the technology and what aspects of it to advance.

Yes, the AI guided target decisions and missile technology propelled it to the ground, but it was the ‘Department of War’ that decided there was no need for human intelligence to validate and ensure targets are legitimate, that collateral damage is unimportant, and that missiles should be double-tapping to kill first responders (the Iran school was hit twice). All disgusting examples of the worst people humanity has to offer - and they presently run the USA govt, and some of the most valuable tech businesses within.

Get your point, but I was referring to recent history given the context of his statement.

I’d argue that it’s still worse now too… Seeing as we have everything from little kids in Africa foraging heaping dumps of toxic electronics waste from first-world nations and burning it in piles to extract metals - destroying their health and lives in the process - to Palantir AI literally drone-striking children’s all-girls primary schools that it mislabels as terrorist targets and wiping out hundreds of children at a time…

Me reading the article and understanding the reason for this action, and pointing out how ironic it is to be grumbing that ‘the Democrats aren’t doing their jobs’ on a news article post about the Democrats who are actually doing their jobs is definitely not the same as having trust in the US legal system, or believing it will work.

Getting rid of the fascists in the white house, the supreme court and congress, while cleaning up their own internal corruption. Ask Chuck Schumer what his job is.

And how do they do this, as legally appointed representatives in your govt? Can’t win a vote in the senate, barely in the house?

Its easy to throw stones but I never see suggestions. And then whenever they do actually try legal actions and maneuvers toward solutions (ie: their goddamn job) there’s whining that they’re not doing anything 🤷

Do you expect dems to just drag Trump and the fascists out with their bare hands? A coup? Because if you’re waiting for your moderate party politicians to do those things, you’re dreaming.

Your first link supports my statement - the majority of US citizens supported Israel’s military action (50% support, 45% disapproved)?

By March 2024, well into the most gratuitous parts of the genocide - and after four months of respected authorities and institutions worldwide had been quoted in hundreds of news articles denouncing it as genocide, 58% still said that Israel’s reasons for fighting Hamas were valid, while only 22% said Hamas’ reasons for fighting Israel were valid (vs 49% claiming it invalid) and the majority agreed that “Israel’s conduct during the war has been acceptable” (38% vs 34%)..

Left the end of his statement off the quote…

“So far, the trend seems to be toward the second option, with technology driving ever-increasing inequality.”

Stephen Hawking, quoted in “Stephen Hawking Says We Should Really Be Scared Of Capitalism, Not Robots” Huffington Post, (8 October 2015)

Those in power at the time of his quote (and since) have done everything they can to put their foot on the accelerator, and it’s now worse than ever 🌈