Even without seeing the talk at Minnebar by Paul Cantrell (@inthehands), this review/reflection/meditation by Matthew Tift (@mtift) moved me deeply.
In particular, I want to share it with my EU friends as they develop and revise their national tech and energy infrastructures to reduce their, um, supply chain risks.
We should pay a lot more attention to the •human system• dependencies we’re introducing when we import a library, not just the code.
For big-co environments: This is also a great argument for making the conversation about dependencies broadly cross-functional, and up and down the organization, rather than a silo'd intra-engineering conversation about whether to "buy or build".
To me, this is a distinction without a difference. That ID company is likely at greater risk to breaching my privacy by leaking my ID, not lesser.
Though to be honest, I'm more concerned about the chilling effect. The internet is affected more by allocations of liability than allocations of compliance.
I think the physical store analog would not be "You are required to show id when buying a porn mag", but rather something like "You are required to give a copy of your ID (not just show it) to the thrift store owner on entry, because they can't be sure some donor didn't wrap their cocktail glasses in pages torn out of a porn mag."
Time flies like an arrow, but fruit flies like bananas.🦥🏳️🌈:donor:Tech Project Therapist (moderately retired)."He has a keen appreciation for kitsch."Disclaimers: Boosts ≠ endorsement. Toots ≠ truths.ProTip: All the cool content is in the Alt Text.