The article doesn't seem to address fully how much of the "Humans are to blame" part is Waymo cars driving in a manner that isn't normal.
The cases they highlight, such as a multi-collision hit and run, are obvious bad human situations. But, this article feels like it's being a bit generous in its interpretation.
After all, I've seen Waymo cars cause wild traffic jams, and that sort of unexpected behavior could absolutely cause collisions.
Being rear ended (16 out of 23 serious accidents according to the article) is a pretty clear case of the car not doing anything wrong at all. It's the one case where collision avoidance is going to be useless because the car is waiting for e.g. a red light and is supposed to be stopped and has to blindly trust cars behind us will do the same thing.
Your assumption is that it was stopped at a red light. What if if slams the brakes on in the middle of the road due to a mylar balloon, etc? Does it sense a vehicle approaching quickly and sound the horn to hopefully alert the driver to stop, and pull forward from the stop line into the crosswalk if it's clear to provide extra braking distance?
Hypothetically possible but the article suggests these were situations where Waymo was not at fault. And I actually know people that have been rear ended at traffic lights or junctions. Twice. In the same month. Both times after they came to a full stop in a spot where they were definitely required to stop.
There's nothing you can do when that happens. Some idiot coming in way too fast not paying attention for whatever reason. Stuff like this is quite common. I don't see how you could mitigate that easily.
I've mitigated it in the past. You sound your horn, which can cause them to look up from their phone, etc. You can also pull forward through the crosswalk if it's clear. If anything, Waymo sensors should be better able to identify vehicle speed delta to sound the horn when a vehicle is approaching it too quickly.
Management perceives people to be more replaceable than they are. Years of working in, or being the architect of, the company's core product will make you a true expert in it.
But, from the company perspective, your value is based on the 'market rate' for your generically defined skills and experience.
It only takes a company messing up exactly once, and the damage is catastrophic.
Everyone gets their social security number leaked...identity thieves have a field day.
Everyone gets their medical history leaked...insurance companies suddenly find another edge against the consumers.
Everyone gets their texts leaked...scammers now have blackmail against anyone who ever got spicy with their significant other.
Huge companies have been exploited before, and they will do so again and again. The only long-term winning strategy is to not let them have your data in the first place.
Nearly all SSNs have leaked by this point. The US needs a cryptography based ID system. That way each identification event is distinct, and each company gets a different (irreversible) derived ID for a person.
On that larger point I'd agree that companies should not have PII data they don't need.
This reeks of an answer given by someone who simply hasn't been impacted by an of this yet - I'm sure for those who HAVE been impacted the world didn't simply "go on" it caused real stress, problems, issues for them.
That’s the precious bodily fluids paranoia I’m talking about.
Nobody is coming for anyone. [Again doesn’t apply to spies and dissidents]
Systems can fail and that can mean ruined lives. However, that’s only part of the equation. There were actually anti-automobile societies in the US and Europe who opposed cars for safety reasons.
If there's an edge, people will use it. Car manufacturers share data with insurance companies[1], which can impact drivers' insurance rates or lead to coverage denial.
Do you believe the same thing will never happen in healthcare?
Do you believe that sophisticated criminals won't engage in large-scale fraud attempts? In 2021, about 23.9 million people (9% of U.S. residents age 16 or older) had been victims of identity theft during the prior 12 months.[2]
You haven't been hurt by this sort of thing, which is great for you. But millions of other people aren't so lucky.
On one hand, culturally, we pushed young people into colleges and universities at ever-increasing and frankly unethical price points. Many people have spent "buy a house" money on education. These people are then given a heavy burden which holds them back significantly both socially (raising families) and financially (owning a home, saving for retirement).
On the other hand however is the many people who decided not to go to school because it was simply unaffordable. They went to work instead, and often in the kinds of careers that are unappealing to college graduates who prefer white-collar work. Any student loan forgiveness is coming directly from the pockets of these people, who have on-average lower incomes and shorter career spans than their white-collar counterparts.
It's easy to see both sides on this one. The only meaningful solution I can see is to remove the (again, unethical) protections which prevent students from declaring bankruptcy over student loans. In turn, this would hopefully force wiser lending and more price-competition to bring the cost down.
Bankruptcy for student loans should be allowed, with appropriate restrictions against the obvious abuses.
I think the federal government should cap the student loans amounts they secure also and standardize all fee and interest service that can be applied to them. That cap should be modest too. The ability for students to get larger and larger loans is the primary driver of tuition fee inflation.
Lastly, and this is maybe a bit controversial. But any university that is either non-profit or receives government subsidies must have a limits on the amounts paid to executive staff like presidents and also a limit on the ratio of administrative spending to education spending. The crazy growth of the the former compared to the latter is form on theft from the students, in my humble opinion.
Except you don't have to tax low earners! Progressive taxation is the norm in the US; you just need to tax where the wealth lies, and the ways in which it moves.
2. Cost of living rises, wages follow (but not closely enough)
3. Buying power is decreased, but the tax brackets don't change much
4. The lower income groups proceeds to pay more taxes than they "should" while simultaneously being the group that can afford it the least. At the same time, this group is the most affected by inflation, hurting even more.
The money printer hurts everyone. Spinning it up as the expedited solution to every problem for political expedience is how we ended up with an enormous and ever-growing amount of debt.
Who gets taxed only really matters for a specific federal expense if the spending were being covered directly by an increase in taxes. Any money spent on buying up student debt will come from new federal debt without a tax increase or levee to pay for it.
React or Svelte - Building landing and product pages
These tools are extremely popular and well documented, so anything you get stuck on is bound to be readily searchable online. If you've already got over a decade of front-end work experience I'd say just spin up Sveltekit or NextJS and follow along with a guide like this one:
After all the security events, including the most recent. And after learning they didn't even deploy basic techniques like canary builds to prevent these events. And now this.
The pattern seems to reveal that CS truly has no concept of risk management whatsoever.
In finance this level of recklessness would get you banned from the industry.
Just to be clear within the analogy: are you expecting the auto manufacturers to "force-eject" any hotel on Park Ave that has a record of valet mishaps? Or did you mean individual cars should force-eject the valet?
If a Caesars Entertainment property in Macao has enough incidents, should GM update the firmware on their automobiles to force-eject valets at Caesars Entertainment properties in Las Vegas?
Now imagine that GM actually operates valet services in Macao and Las Vegas. Should they be allowed to force-eject valets from competing services?
I am not a Microsoft apologist. I think they should do better. I think Linux and FreeBSD should do better. I personally avoid Microsoft products. But I place more blame on people who use MS products than I do on MS. After all, I never intend to hand my beat up old Corolla over to a valet so why should I have to pay for a "valet mode" feature that Toyota is forced to build into all their cars? Isn't it reasonable that motorcycles, 18-passenger vans, and scooters don't need "valet mode"?
In my book, the auto manufacturer is lower on the list of culprits than the valet, "the establishment that keeps a valet with an abominable record on staff", and the vehicle owner. But some place like Car and Driver could definitely prioritize encouraging GM or Toyota to develop valet modes over berating owners; so I don't mind a place like HN shooting a few arrows at MS. Unless the general public follows their lead and lets bad guys off the hook by shifting too much focus to somebody lower on the list.
> Just to be clear within the analogy: are you expecting the auto manufacturers to "force-eject" any hotel on Park Ave that has a record of valet mishaps? Or did you mean individual cars should force-eject the valet?
Not OP, but I think the analogy here is the hotel "fore-ejecting" (firing) the valet with a history of doing joy rides. That seems very reasonable.
In the analogy, it seems Microsoft is a car manufacturer. The hotel is the company that bought software from CrowdStrike. The problem is that Microsoft should not control who has access to which APIs, that is a huge can of worms, and actually called anticompetitive by the EU from what I understand. At MS level, either they publish APIs or not. If published, anyone should be able to write software for them. This is especially bad if MS themselves also sell security software that uses the same APIs. It would literally mean MS deciding who is allowed to compete with their security software.
I think it works better (please allow me to change it) if Microsoft is the hotel. Crowdstrike is the restaurant inside the hotel. The restaurant is serving poisoned food to the guests, who assume it is a decent restaurant because it is in their hotel.
Also the restaurant has their own entrance without security and questionable people are entering regularly, and they are sneaking into the hotel rooms and stealing some items, breaking the elevator.
At the same time, the hotel is in a litigation process with the restaurants association, because in the past they did not allow any restaurant on their premises. The guests, naturally, do not care about this, since their valuables have been stolen, and they have food poisoning. The reputation of the hotel is tarnished.
I don't think this works since Microsoft isn't the hotel. The hotel in your example chooses which restaurants are inside, but Microsoft doesn't. In this example, Microsoft is the builder who built the hotel building for a 3rd party. That 3rd party decides which restaurants it wants to partner with, as well as any other rules about what goes on in the building.
If the builder came around and made changes to ban the 3rd party's restaurant partner, that would cause a ton of issues and maybe get the builder sued.
Microsoft can't decide what can and can't run on their platform - the most they can do is offer certification which can't catch everything, as we just saw with Crowdstrike since they decided to take a shortcut with how they ship updates. Microsoft also had to allow for equal API access so they don't get sued by the EU.
Operating system (hotel) decides which programs run in kernel mode (Crowdstrike) but ok. Let me address the other point.
Again the reasoning of allowing equal API access to avoid getting sued is a false dichotomy: Microsoft could choose to make an OS that would not need such mechanisms to be simply usable.
They could also remove their own crowdstrike-alike offering, so that it would not be considered anti-competitive. They could also choose not to operate in EU. Of course, that would lower their profits, which is the real motive here.
Once you sum it up the reasoning goes: hospitals/flights can stop working because a company cannot lower its profits, and said company is not to blame at all. It is clearly false, the rest is sophism, and back-bending arguments IMO.
I am conceding that point (the "but ok" part). Maybe I could have expressed it better.
Please note, that in my analogy the hotel has input in which restaurant is allowed (opposite of your scenario). There are also not infinite Crowdstrike-like offerings, only a few. Same thing applies to the hotel, yes, only limited by the surface of the building and cultural norms.
I any case, the analogy cannot please everyone, and I can see how there are some errors with it in some aspects. In others, I consider it accurate. Using an analogy is an invitation to nitpick on it, so it is my fault really, but I could not resist.
There are other points in the analogy that I feel reflect very well how ridiculous it is to claim Microsoft has no responsibility whatsoever. IMO they do have at least partial responsibility. One cannot simply excuse them "because EU".
But this implies that even the guests who never went to that restaurant and have no links whatsoever to it might somehow still be directly suffering because of its presence.
In reality this doesn’t seem to be the case at all.
I'm expecting restaurant owners to fire bad valets.
Or in Microsoft's case, via regulatory, social, or software, prevent Crowdstrike from causing harm to their customers.
I'm aware it's a sticky regulatory situation, but CS has a history of these failings and the potential damage could be severe. Despite this, no effort (that I am aware of) was made by Microsoft to inform customers that Crowdstrike introduced potential risks, nor to inform regulators, nor to remove the APIs CS depends on.
I don't believe Microsoft is solely responsible, but I do believe that throwing all of the blame for the very real harm that was caused onto CS alone is missing a piece of the puzzle.
Last aside, every large corp has team(s) focused on risk. There's approximately zero chance they didn't discuss CS at some point. The only way this would not have happened is negligence.
Microsoft was required to let them have the same access their own software used. Which seems fair to me. Microsoft can remove those APIs entirely, they just can't restrict them.
Can Microsoft legally ban a competitor for percieved incompetence? I doubt it . partiuclarly seeing how much competence is shown with windows and MS teams software
Microsoft assigns driver levels to these guys etc. and allows them to load kernel mode components as protected etc.. If they do not allow that - CS cannot cause such damages. ofcourse, as you pointed out, this will then turn into some lawsuit blaming MS for killing competitors, even if they do it to try and protect their customers.
Problem is that the establishment here is well the establishment. That is the state itself. Or at least one of them. As somehow MS is in position where for any slight anti-trust thing they will be prosecuted. Our system is setup to allow these actors in...
One step further, many rust libs use `#![forbid(unsafe_code)]` to explicitly disallow any unsafe. The rust community really likes that sort of thing, and for good reason.
It's not just the type system either. It also helps that rust has a great ecosystem of tools that catch all kinds of errors at build time. The compiler and clippy together genuinely do prevent a lot of mistakes.
This is a big part of why people often say "if it compiles, it works" in rust.
The cases they highlight, such as a multi-collision hit and run, are obvious bad human situations. But, this article feels like it's being a bit generous in its interpretation.
After all, I've seen Waymo cars cause wild traffic jams, and that sort of unexpected behavior could absolutely cause collisions.