You guys are talking about copyright but I think a bigger takeaway is there is a process breakdown at Microsoft. Nobody is reading or reviewing these documentation so what hope is there that anybody is reading or reviewing their new code?
I guess the question to leadership is that two of the three pillars , namely security and quality are at odds with the third pillar— AI innovation. Which side do you pick?
(I know you mean well and I love you, Scott Hanselman but please don't answer this yourself. Please pass this on to the leadership.)
I worked at Microsoft for many years and blogged there.
Microsoft was unique among the companies I worked for in that they gave you some guidelines and then let you blog without having to go through some approval or editing process. It made blogging much more personal and organic IMO; company-curated blog posts read like marketing.
I didn’t see the original post but it looks like somebody made a bad judgment call on what to put in a company blog post (and maybe what constitutes ethical activity) and that it was taken down as soon as someone noticed.
I care much less about whether the person exercised good judgment in posting, and don’t care (and am happy) that there was not some process that would have caught it pre-publication.
I care much more if the person works in a team that believes that copyright infringement for AI training is a justifiable behavior in a corporate environment.
And now we know that is a thing, and I suspect that there will be some hard questions asked by lawyers inside the company, and perhaps by lawyers outside the company.
I remember back in 2004 or thereabouts, Microsoft was all in on blogging. There was content published about internal blogs. Huge swaths of people working on Vista (then, Longhorn) were blogging about all sorts of exciting things. Microsoft was pretty friendly with people blogging externally, too: Paul Thurrott comes to mind.
It feels out of character for a company like Microsoft to have such a policy, but I agree that it's insanely cool that some very cool folks get to post pretty freely. Raymond Chen could NEVER run his blog like that at FAANG.
Raymond generally discusses public things and history. That's allowable plenty of places.
Bruce Dawson was publishing debugging stories (including things debugged about Google products done as part of his job) for the entire time he was working at Google: https://randomascii.wordpress.com/
> Nobody is reading or reviewing these documentation so what hope is there that anybody is reading or reviewing their new code?
Why do you assume that reviewing docs is a lower bar than reviewing code, and that if docs aren't being reviewed it's somehow less likely that code is being reviewed?
There's a formal process for reviewing code because bugs can break things in massive ways. While there may not be the same degree of rigor for reviewing documentation because it's not going to stop the software from working.
But one doesn't necessarily say anything about the other.
Regardless, their point is that the argument seems faulty. Indeed, their docs going unreviewed seems moot to whether the code goes unreviewed, given there are much stronger reasons to review code than there are to review documentation; as they wrote, bad documentation doesn't automatically break your application when it's published (there's at least a few more steps involved). Your statement's accuracy is not exclusive to the illogic of an argument which agrees with the statement.
> I don't know if you are just playing devil's advocate
Indeed, that is playing Devil's Advocate but one should remember that such Advocacy is performed to make sure that arguments against the Devil are as strong as they can be. It's not straightforward to see how simply repeating an assertion helps to argue for the veracity of it.
>> I realize BSOD is no longer nearly as common as it once was
Anecdotally, installing wrong drivers (in my case it was drivers for COM-port STM32 interaction) could make it as common as twice a day on Win11.
While my windows server 2008 still doing just great, no BSOD through lifetime.
I agree that for a common user BSOD is now less likely to happen, but wonder whether it's less to do with windows core, and more with windows defender default aggressive settings
At another BigCo I am familiar with any external communications must go through a special review to make sure no secrets are being leaked, or exposes the company to legal or PR issues (for example the OP).
Likely it wouldn't get written at all. The most useful aspect of layered approval processes is people treat them like outright bans and don't blog at all unless it's part of the job description.
If they have the documentation... With Microsoft probably the answer to that is yes, but more often than not documentation is simply absent. And in cases like this not being too aware of where the lines are is probably a great way to advance your career.
Reviewing docs is a lower bar than reviewing code because it's a lower bar than reviewing code.
I have never even heard of a software company that acts otherwise (except IBM, and much of the world of Silicon Valley software engineering is reactionary to IBM's glacial pace).
I'm not saying docs == code for importance is a bad way to be, just that if you can name firms that treat them that way other than IBM (or aerospace), I'd be interested to learn more.
I'm not sure we're talking about the same thing, maybe my use of "lower bar" was ambiguous, and I realize now it has a dual meaning.
What I'm saying is, you have to review code to get it out the door with a certain degree of quality. That's your core product. That's the minimum standard you have to pass, the lowest bar.
In contrast, reviewing documentation is usually less core. You do that after the code gets reviewed. If there's time. If it doesn't get done, that's not necessarily saying anything about code quality.
Even if it's easier to review documentation, that doesn't mean it's getting prioritized. So it's not a lower bar in the sense that lower bars get climbed first.
Whilst I understand it shows a break down somewhere, it a bit of a stretch to extend that idea across their entire codebase.
Organizations are large, so much so that different levels of rigor across different parts of the organization. Furthermore, more rigorous controls would be applied to code than for documentation (you would assume).
Yea, I have a post up there from a couple decades ago (maybe? I haven't looked, I don't know if they keep stuff up forever) and I guarantee you my code went through more review than that post did.
On the contrary, getting away with breaking the law is most of the innovation in the past decade. Look at Uber and AirBNB, and cryptocurrency, and every AI company.
The chrome browser and the v8 engine are innovations. The Go language is an innovation. Pet cameras, simple as they are, are an innovation.
Uber is a rebadged taxi service with seedier people than before.
AirBnB is a less disguised but still rebadged B&B service with seedier people than before.
Charlie Munger said it best. Cryptocurrency is like seeing a bunch of people trading turds and saying to yourself "well.. I don't want to miss out!" The seediest of all people.
AI doesn't even really exist by any common definition. They have supremely weak and power hungry language models trained on terabytes of stolen data and reddit conversations.
Hell, watching a guy hammer himself in his own nuts on youtube is an innovation, and I think I'm going to go do /that/ now instead of being depressed. Watching "ow my balls" and baitin'. What's left?
Bitcoin and shitcoin holders being among "the seediest of all people" while the Western oligarchy mailed each other the most vile things that probably happened iRL leaves a bitter taste. Don't know if you really thought this through.
If you're into cryptocurrency you should have /some/ pause over the fact that child pornographers, drug dealers and murderers all share your love of the technology. I'm sure that's just coincidence.
The people also drive cars, go shopping, have gardens, play online games and generally use the internet and use the same money as you do whenever. Now what?
I also use Tor, try to keep my stuff secure, just as they do.
Yeah, I recently stumbled on some other devblogs post very similar in quality to the one that was linked here, which was basically wholesale plagiarism of a stackoverflow answer. I found it while searching for an error message.
I guess the question to leadership is that two of the three pillars , namely security and quality are at odds with the third pillar— AI innovation. Which side do you pick?
(I know you mean well and I love you, Scott Hanselman but please don't answer this yourself. Please pass this on to the leadership.)