O(n^2) issues can typically be solved using keyed lookups, but I agree that the base processing speed is slow and the language really is too obscure to provide good DX.
I worked with a guy who knew all about complexity analysis, but was quick to assert that "n is always small". That didn't hold - but he'd left the team by the time this became apparent.
More that half of Danish municipalities have equipped schoolkids with Chromebooks -- but some failed to limit which services thay could/should use and so effectively send the kids' personal data out of the country, which caused quite the furor.
I believe Chromebooks will damage childrens digital education. Especially in that age you learn by experimenting and such a system isn't made for that. It is made to display something an equally digitally unqualified teacher wants to display.
Sure, schools cannot offer administration for the numerous IT related issues some systems might have. But that is a secondary problem.
Denmark must become less dependent on the major tech giants when it comes to digital solutions in the public sector. Therefore, the Ministry of Digitalization is now starting to test a new open source solution.
This week, the Ministry of Digitalization is launching a new pilot project, where a group of employees will begin testing an open source alternative to the Microsoft Office suite.
Specifically, the open source platform in question is Collabora, which is based on the open source software LibreOffice. The employees in the Ministry of Digitalization’s department participating in the pilot project will have the Office suite in their case management system replaced with Collabora.
"As minister, I’ve spoken about the need to challenge our digital independence. Now we’re taking the first step ourselves in the Ministry of Digitalization with this new pilot project. I don’t delude myself into thinking that this means we’re ready to kick the tech giants out tomorrow, but I see it as a welcome step in the right direction. As politicians, we have an obligation to ensure that our IT systems in the future aren’t dependent on a few large companies," says Minister for Digitalization Caroline Stage.
The ministry is beginning tests of a new integrated document editing module in the F2 case management system, based on the open source platform Collabora built on LibreOffice. This means that ministry employees will test an alternative to the Microsoft Office suite and use open source document editing tools instead of Microsoft’s solutions like Word, PowerPoint, and Excel.
The solution will be rolled out for broader testing in the Ministry of Digitalization’s department on June 19, 2025. At that time, a group of departmental employees will have their Office suite in F2 replaced with the open source alternative. In the months that follow, the ministry will monitor and test whether Collabora can support the ministry’s workflows and needs in a satisfactory manner.
The upcoming testing work will focus, among other things, on functionality related to the ministry’s templates, formatting for government cases, use of 'track changes', tables, etc., and whether the solution can handle conversion to and from Word format without altering the layout of documents.
If the test period proceeds satisfactorily, the next step is expected to be a broader rollout of the open source alternative throughout the department.
Nearly all of state and local administration uses various 3rd party solutions which have bespoke Office add-ins and rely on close integration with the formats (and security models) on the Office suite -- and are likely shifting more heavily into Microsoft 365 specific features.
So it's not as simple as rolling out LibreOffice and calling it a day. Much less Linux.
A lot of debate at the moment about digital sovereignty, with a very trusted ally threatening to annex Greenland while perhaps shifting its internal power structure (courts vs executive powers) while also continuing a trend of increased executive power over private companies (NSL etc.)
Meanwhile, EU is apparently way behind both China and US in high-tech industry and digital infrastructure in general and AI technology in particular.
So it's a welcome discourse - we really should go through the threat scenarios, in light of the changed parameters. My observations:
* Consider: Could the society function if major cloud services (say, Microsoft 365 or Azure's IaaS services) - were suddenly nullrouted from Denmark? (Keep in mind that Denmark is heavily digitalized in both the private and public sectors)
* While that not a likely scenario, it's no longer an unthinkable scenario, which it seemed to be in 2024. If it's not unthinkable, it could quickly become a credible threat. "Surrender Greenland, or else..."
* Public sector Denmark is very much a "Microsoft first" country, 99.9% of desktops, office networks and productivity. On back-ends, MS is maybe not so big at the state-level systems, but quite dominant at regional and municipal levels.
* Due to GDPR (and various related side quests), public Denmark has been slow-ish in moving to cloud infrastructure, but e.g. Microsoft 365 is gaining marketshare over locally or semi centralized hosted Exchange servers. So the blast radius is unclear.
* At the same time, Microsoft is taking home quite substantial license fees. The minister's reaction could also play into that.
However, the thing to note is that the Ministry of Digital Affairs is a small ministry. While they control some key infrastructure components (few of which run on Windows, AFAIK), they are not at all responsible for choosing other administrative bodies' choice of office suite or the bargaining with Microsoft. In practice, that power is held by the Ministry of Finance, as is so much else. They might be seeing things differently.
Interesting times indeed. And certainly long overdue to consider alternatives realistically and reduce vendor lock-in where feasible.
At least, in this case, the WAF in question had the decency to return 403.
I've worked with a WAF installation (totally different product), where the "WAF fail" tell was HTTP status 200 (!) and "location: /" (and some garbage cookies), possibly to get browsers to redirect using said cookies. This was part of the CSRF protection.
Other problems were with "command injection"-patterns (like in the article, expect with specific Windows commands, too - they clash with everyday words which the users submit), and obviously SQL injections which cover some relevant words, too.
The bottom line is that WAFs in their "hardened/insurance friendly" standard configs are set up to protect the company from amateurs exposing buggy, unsupported software or architectures. WAF's are useful for that, but you still gave all the other issues with buggy, unsupported software.
As others have written, WAFs can be useful to protect against emerging threats, like we saw with the log4j exploit which CloudFlare rolled out protection for quite fast.
Unless you want compliance more than customers, you MUST at least have a process to add exceptions to "all the rules"-circus they put in front of the buggy apps.
Whack-a-mole security filtering is bad, but whack-a-mole relaxation rule creation against an unknown filter is really tiring.
So, no you don't need a "Microsoft-esque" company, you need independent service providers who just know their stuff. Today, a company (any company!) with the proper skills CAN offer setting up and maintaining government infrastructure, independent and sovereign from Microsoft, by using commoditized hardware and open source software, with no long term vendor lock-in.
The offerings do exist, and get some traction. If done right, they should be cheaper in both short and long run, compared to Microsoft licensing.
So, what's holding us back?
1) One element is aggressive pricing for key customers and partners, on the part of the smarter incumbents (in this case Microsoft).
2) Another is a "reverse network effect": Scarcity of talent to create companies like the ones I suggest. And with too little supply, the demand side will be afraid to "not choose IBM" (figuratively).
3) A third is Microsoft 365's real-time collaborative editing. Yeah, really. The needs of some specific users get to dominate decision-making, since the key decisions are pitched in PowerPoint, analysed in Word, budgeted in Excel and distributed using Outlook. A lot of old dogs would have to learn new tricks.
The Eclipse Compiler for Java [1] is a notable exception, architected around incremental compilation, an API for “live” AST manipulation, and a layered non-batch approach to when to invoke various analysis steps.
The LSP for Java [2] used in eg. VSCode’s Java plugins, builds on this API.
But, no, I haven’t seen a generalized approach to this architecture discussed in literature.
I worked with a guy who knew all about complexity analysis, but was quick to assert that "n is always small". That didn't hold - but he'd left the team by the time this became apparent.
reply