• Grimy@lemmy.world
    link
    fedilink
    English
    arrow-up
    87
    arrow-down
    1
    ·
    edit-2
    9 hours ago

    The video is 15 minutes long and at the four-second mark flashes a screenshot from Zoolander, in which the protagonist unveils the “Center for Kids Who Can’t Read Good.”

    It also features a punchy techno backing track while wasting the reviewer’s time with approximately 14 minutes of inactivity.

  • Newsteinleo@infosec.pub
    link
    fedilink
    English
    arrow-up
    117
    arrow-down
    2
    ·
    11 hours ago

    I have heard from friend that teach in higher end that students are struggling more and more with getting information from text. It seems those students have now found there way into the work force.

    • SirEDCaLot@lemmy.today
      link
      fedilink
      English
      arrow-up
      11
      ·
      5 hours ago

      Problem starts earlier in life. I know someone who is a teacher in lower school. Ask the kids to make a presentation and literally in 90 seconds you will have a PowerPoint with 15 slides full of pictures and embedded video. Ask them to write one slide of text and they’ll struggle to put three sentences together.

      Reason is pretty simple, a lot of the parents never read to their kids. They grew up on iPads. Video is the medium they are accustomed to. And so they struggle with written information.

    • chrash0@lemmy.world
      link
      fedilink
      English
      arrow-up
      90
      arrow-down
      1
      ·
      9 hours ago

      bruh i know people in their 40s making 6 figures that couldn’t read an error message if it would save ten generations of their family.

      • Mic_Check_One_Two@reddthat.com
        link
        fedilink
        English
        arrow-up
        8
        arrow-down
        1
        ·
        edit-2
        3 hours ago

        Yeah, one of my most often stated phrases at work is “you can’t make people read.”

        Error pops up, explaining exactly what the issue is and how to fix it? Oh god, let me call IT to see what I need to do. Yeah, you can’t make people read.

        Some piece of equipment or machinery has changed in some meaningful way? Management is quick to go “just hang a sign on it, letting people know the new process.” Nope, you can’t make people read. People will physically move the sign to the side, try to use the machine like they previously did, and get surprised when it doesn’t work as expected.

        Some area is unsafe due to work happening overhead? “Oh just hang signs on the doors, telling people not to come in.” No, you can’t make people read; I have seen people push their way past physical barriers with big “do not enter” signs, just to ask if we’re open. How about we lock the doors, and disable the keyways on all the doors (except one, where we have physical barriers to entry) until the work is completed?

        The floor is freshly painted? People will walk past six different “do not enter - wet paint” signs and physically push past stanchions or barriers, and then act surprised when their shoes stick to the floor.

      • JackbyDev@programming.dev
        link
        fedilink
        English
        arrow-up
        3
        ·
        3 hours ago

        One of my old coworkers from a place I no longer work would come to me for every exception his code threw. Being generous, I understand his intentions, he was curious if they were known problems or things to avoid. That said, every time I asked him what line of code it happened on or if he’d searched online about it the answer was no. I was probably ~25 at the time and had a bachelor’s degree. He was definitely at least 50 and had a PhD.

      • 21Cabbage@lemmynsfw.com
        link
        fedilink
        English
        arrow-up
        18
        ·
        7 hours ago

        Was going to say, very much seems like the opposite of a generational problem. Seems more like everything we’d vaguely define as ‘the tech industry’ has become big enough that it’s workforce now includes the individuals who wouldn’t have been considered competent 10 years ago.

        • corsicanguppy@lemmy.ca
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          4 hours ago
          >>> students are struggling more and more with getting information from text
          
          >>> found there way
          >> people [...] that
          > it's workforce
          

          The question is whether this running gag is intentional.

    • TimeSquirrel@kbin.melroy.org
      link
      fedilink
      arrow-up
      48
      ·
      9 hours ago

      But video is so damn annoying. If you wanna copy-paste something from the video, you’re fucked unless you pause and type each character by hand. I don’t get it.

      But then again I’m not a zoomer.

      • corsicanguppy@lemmy.ca
        link
        fedilink
        English
        arrow-up
        14
        ·
        4 hours ago

        But video is so damn annoying.

        The number of times I’ve all but rage-quit a ‘tutorial’ which is simply an open mic with ‘room’ noises and breathing over a video of someone typing things into a screen which is then captured on iPhone, is far too high.

        It could be a series of documented steps with reasoning, interspersed with screenshots (themselves in a ‘spoiler’-style show/hide setup, and it would then take up 1/1000th the space, require 1/100th the time, and demonstrate the technique in a way I could go over a few times. The typing is interminably slow, watching for someone who says nothing but mouse-overs (and selects) text as a way of communication is frustrating, and the entire thing is a barrier to comprehension. Is it ADHD that makes it far, far preferable to just get a page I can review and pore over and repeat a few times, or is it just a learning style that isn’t passive?

        • kazerniel@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 hours ago

          Is it ADHD that makes it far, far preferable to just get a page I can review and pore over and repeat a few times, or is it just a learning style that isn’t passive?

          Probably the learning style. I don’t have ADHD, but I can’t tolerate someone slowly explaining something over a 10 mins video. I know specifically what I need information about, so I need to be in control of the experience. A text tutorial I can skim until I get to the relevant part, but videos usually feel like they’re wasting my time. The only time I prefer videos over text is for DIY instructions where the physical actions are better conveyed in motion.

          (Feels related to that I very rarely watch TV or films, and even when I do, I get antsy after half hour of just sitting around staring out of my face. So I tend to watch movies in half-hour sessions, which I often can’t be bothered to pick up again lol, and leave them unfinished for years 🙈 In a nutshell I much prefer video games as a hobby :D)

      • jqubed@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        2
        ·
        8 hours ago

        I have a handy little app on macOS called TextSniper that takes a screenshot of a selected area, then runs OCR on that screenshot and puts the text on the clipboard. It’s perhaps the most useful $10 I’ve ever spent and I’m frankly surprised this doesn’t exist on other systems. A year or two after this was released Apple started letting people copy text directly out of images, so they might do the usual Apple thing of killing it by directly adding it to the OS. There might be something like this on Linux by now but I haven’t heard of it on Windows.

          • jqubed@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 hours ago

            I think on macOS and iOS it only works in actual image files, but this tool predates that by a year or two. This does the same thing but doesn’t require an image file; you just press the shortcut on your keyboard, draw a box over whatever’s on your screen that you want, and the text in the box goes on your clipboard. I think it’s effectively taking a screenshot but not saving it to disk, so you don’t have to clean those up later.

          • jqubed@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 hour ago

            The Power Toys link says it’s based on Joe Finney’s Text Grab, and at the bottom of its GitHub page it links to the TextSniper app as the Mac version, with an affiliate link. I’m guessing that means the Mac app was inspired by the Windows program.

          • Mic_Check_One_Two@reddthat.com
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            edit-2
            3 hours ago

            Apple has had it built into iOS for a while now; This person likely got scammed out of $10 to “buy” a feature that was already baked into their OS.

            • jqubed@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              2 hours ago

              No, this predates having it on either iOS or macOS by a year or two. I still found it more useful because this doesn’t require using images; the vast majority of my usage was when working for a company that had stupid ERP software where much of the data was displayed onscreen but couldn’t be copied.

            • Monument@lemmy.sdf.org
              link
              fedilink
              English
              arrow-up
              3
              ·
              edit-2
              4 hours ago

              I can also do that on my MacBook.

              (This comment is not as facetious as it seems. I knew you could copy text from images, but I just tried to test some limitations, and it’s a weirdly comprehensive feature - I can copy text from photos and/or videos in the screenshots app, the Preview app, the Photos app, QuickTime, and even from YouTube videos in Safari (but not Firefox, interestingly enough) - assuming that means it’s an OS-level thing. Quick search says this rolled out in 2021.)

              • sem@lemmy.blahaj.zone
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                4 hours ago

                I wonder how this is different from TextSniper?

                For me on Android it’s built into the app switching interface, similar to Alt-Tab on computer. Instead of selecting the app to bring it into focus, I can instead click something that lets me select text, and it opens it’s own interface to do so.

                • Monument@lemmy.sdf.org
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  3 hours ago

                  I’m not sure. I suspect that TextSniper predates the feature on Mac.

                  On Mac (and iOS, too) recognized text is just treated as text. So on Mac, you just get a text selection/entry cursor (the “I-beam”), and you can select text for whatever action (copy, lookup, etc). On iOS it’s same, except no cursor on account of it being a touch interface. It’s sort of annoying on iOS with images that have a lot of text - double clicking an image to zoom has to be done with care, otherwise it selects text instead of zooming in.

  • gravitas_deficiency@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    54
    arrow-down
    1
    ·
    10 hours ago

    Honestly, I would encourage any researcher who gets a brush-off response like this as a response to a real and meaningful security report to lean even harder into malicious compliance. Simply post it to TikTok or Instagram or whatever - and I am intentionally picking the pervasive platforms that I despise and find problematic, simply because they have the largest user bases. If it’s “not a problem”, they shouldn’t mind if how-to videos explaining how to elicit the “not problematic” behavior start going viral.

  • lemmyng@lemmy.ca
    link
    fedilink
    English
    arrow-up
    22
    arrow-down
    7
    ·
    10 hours ago

    The most likely explanation for requesting a video is to weed out low quality AI-generated “vulnerability” submissions that hallucinate code that doesn’t compile or APIs that don’t exist. In that context a 1 minute video showing that the report is viable is not much to ask for.

    • aramis87@fedia.io
      link
      fedilink
      arrow-up
      46
      ·
      9 hours ago

      I can understand if the reporter is new, or unknown, maybe submitting a lot of videos at once. The guy from the article is a vulnerability expert that’s been working in that role at Carnegie Mellon Software Engineering Institute’s CERT Coordination Center since 2004. I think he gets a pass on the “submitting fake reports for internet clout” front.

    • patatahooligan@lemmy.world
      link
      fedilink
      English
      arrow-up
      23
      ·
      9 hours ago

      Maybe in some cases. But I’ve been requested by Google support to provide a video for a very simple and clear issue we were having. We have a contract with them and we personally brought up the issue to a Google employee during a call. There was no concern of AI generated bullshit, but they still wouldn’t respond without a video. So maybe there’s more to this trend than what you’re theorizing.

  • Lemmist@lemm.ee
    link
    fedilink
    English
    arrow-up
    25
    arrow-down
    5
    ·
    11 hours ago

    Using stupid programs, doing stupid bugreporting.

    Leave Microsoft alone. Let it rot with Tesla, Nintendo, 3dfx, NSDAP and other shitty organizations.

      • Nougat@fedia.io
        link
        fedilink
        arrow-up
        2
        ·
        7 hours ago

        If you have a Voodoo card laying around, it might be worth some money. They were used in some coin-op arcade games.

  • NoForwardslashS@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    19
    ·
    10 hours ago

    I understand that this bug probably didn’t need a video to be actioned, but if it is a 1 minute repro, it isn’t really a huge ask for you to screen cap it. Making a 15 minute troll video isn’t exactly heroic malicious compliance.

    • aramis87@fedia.io
      link
      fedilink
      arrow-up
      44
      ·
      10 hours ago

      Years ago, I was de facto tech lead on a project. Every time a weird issue came up with the closed-system third-party development environment we were using, it fell to me to figure out what was causing it and file a bug report. It took time to figure out what was going on, narrow down the possibilities, get it to reliably reproduce, then word the bug report so that it was clear what the issue was - and this was on top of my regular duties.

      I remember figuring out that if your SQL statement was 683 characters long, you were fine, but if it was any longer than that, the program would crash. I filed a bug report saying exactly that and giving the error message that got generated.

      They came back and said they didn’t understand the bug report or how to reproduce it. I said, “Write a 683-character SQL statement. The program will run. Add one random space-character anywhere; the program will crash.” As far as I was concerned, this wasn’t my problem, and I was fully tired of finding and reporting bugs on their shitty platform (our customer had locked us into it).

      They came whining back, "Oh, but that’s soooo haaarddd … " I’m like, “It’s not. Just write SELECT X, X, X [etc] until you have 683 characters,” (especially true because I had no idea what their database structure looked like) but they kept whining. Eventually they just came straight-out and said, “We need you to send us the entire failing module [because we can’t be arsed to do our own job, tyvm].”

      My manager talked me down from the email I wanted to send back and told me to just strip everything else out. Which I did, but it took me like a day and a half to strip it back to something that had enough to reproduce the error without giving things away. I sent them the 683-character version and said, “Run this. Then add a random space anywhere in the SQL statement and it’ll die. This is your job and you’re not even my company, you figure it out from here.”

      Then they had the nerve to come whining back, “Oh, we don’t understand what to add to the SQL statement or whe-ere. Pweas pweas pweas send us a non-working copy as well!” I’m like, ADD. A. SPACE. ANYWHERE." We went through a couple rounds of that, then my manager told me to add the space and send it to them so they (the people who developed this entire platform we were working on) could figure out the issue.

      Steaming, I sent the second file. Since I had now done their entire diagnose-and-reproduce job for them, they graciously consented to open up a bug report.

      We found multiple bugs like this. If you press the Save button it works fine but if you use Ctl-S it sometimes crashed [why are you using two separate Save routines?!?!]. They didn’t left-pad the time call to the operating system (which they said they did), so any program run before 10am had a chance of randomly crashing - that kind of thing. Probably half my overtime was figuring out their bugs so my developers could actually write code.

      ISTG, after all the repeated time, stress and effort their shitty product cost me, if they’d insisted “Oh, we can’t do anything without a video showing us how to do our effing job” - well, they’d have been lucky to get a 15-minute troll video because I’d’ve vented two years of anger and frustration with their product and their customer “support” into that video.

      • Benjaben@lemmy.world
        link
        fedilink
        English
        arrow-up
        18
        ·
        7 hours ago

        I’ve had an antagonistic relationship with a vendor like this, it’s awful. In my case the vendor was supposed to be a fast moving tech startup - the only thing that moved fast there was the revolving door of engineering talent coming and going.

        Even worse, my boss had been convinced by their founder that he had all this pull with the company, and since the company was super cool, that made him super cool, and I dunno if you’ve ever tried to criticize something that has made a middle aged nerd feel cool for the first time in his life, but let’s just say it was not a fruitful endeavor.

        The number of things I effectively fixed for them via email, the abominations I had to construct to work around the things they refused or failed to fix…bad times.

        • aramis87@fedia.io
          link
          fedilink
          arrow-up
          7
          ·
          7 hours ago

          Oh god, the comments I put in the code, explaining what I was doing and why, and how to test that the product had been fixed before changing my code, because I just knew some junior codebro was going to come in and think, “I should clean this code up!” and they’d have no idea why it wasn’t working anymore …

          • Yaky@slrpnk.net
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 hour ago

            Thank you for your comments.

            Nothing irritates me more than walls of code without any comments and the “cOdE sHoUld bE sElf-DoCuMenTiNg” attitude. No, it’s impossible to describe complex industry-specific processes by naming your variables and functions nicely.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        7
        ·
        8 hours ago

        That’s horrendous.

        My company supports businesses where any issue that prevents them from completing a task could cost them millions if their operations need to stop. We get super vague bug reports, yet we usually turn around a fix in a day or two.

        I just don’t understand how a company could be so blasé about a clear bug report that they’re willing to go back and forth like that.

        • thann@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          1
          ·
          edit-2
          5 hours ago

          “vendor lockin”
          once a company has you by the balls, they will fire everyone competent and hire interns for maintence and support

        • aramis87@fedia.io
          link
          fedilink
          arrow-up
          11
          ·
          8 hours ago

          It rhymed with Smoracle. Which is really ironic because you’d think that’s the ONE company that would (a) understand how to write a SQL statement, and (b) get really effing concerned when a simple database query broke their product.

          • rottingleaf@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            edit-2
            7 hours ago

            It seems from the description that there’s the length of the request there stored in 11 bits, hell knows why, so max of 2046 (682*3, that’s 683*3 = 2049 if starting with 1), and one symbol takes an increment of 3, hell knows why.

            That’s, ahem, yes, a pretty gross mistake for such rhyming companies, the kind only I am allowed to make.

    • moody@lemmings.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      8 hours ago

      What’s the point of screencapping text that’s already included in the submission? Like the whole process is text-based, and adding pictures or video of that text adds nothing useful.