GizVault

The CEO of Microsoft (Satya Nadella, from India) just hired a new, unqualified VP of Xbox (Asha Sharma, whose family is from India), replacing a white guy (Phil Spencer). Normally the ethnicity of a person in a role doesn't actually matter. Who cares what part of the world a person has ancestry from, as long as they do a good job... right? But, in this case, it's worth pointing out a strange -- highly racist -- pattern within Microsoft. That pattern is this: Microsoft managers from India, disproportionately hire people also from India (even if those people are less qualified than other, non-Indian, candidates). A pattern which is overtly racist and anti-meritocracy. In the case of Asha Sharma, the new Xbox lead, this is glaringly obvious... as she has no experience, whatsoever, working in games. Zero. Not a drop of gaming. (Her longest tenures were at Instacart and working on Facebook messaging.) Are we to believe that there were zero candidates available, to lead one of the largest gaming organizations in the world (Xbox), with significant experience working in the gaming industry? Not *one*? That is extremely unlikely. In fact, I can say with absolute certainty that there are many managers and directors, already working within Microsoft, with extensive experience (decades) shipping successful games and gaming hardware. And that's just the internal candidates. Which means that Asha Sharma was likely hired for a reason other than her applicable work experience. It is a reasonable assumption, based on Microsoft's established patterns, that she was hired because of her ethnicity. Microsoft is one of the largest users of H1-B visas within the entire Tech industry -- with the vast majority of those H1-B's going to employees from India. More workers from India, replacing non-Indian workers. Every Microsoft employee has seen this happen over the years. A little personal anecdote: Back in the late 1990's, I worked within a small team at Microsoft (only a dozen or so people). When I first joined, the team looked roughly like the surrounding area (Redmond, WA): Mostly white, with one Indian, and one Korean. It was roughly proportional to the community. The Indian man was then promoted to a management position. And, quickly, things changed. In less than 1 year, the team was now predominantly Indian (with a few people of other Asian ancestry)... with only 3 White guys remaining. Within a single year, the demographic ratio had flipped. It now no longer matched the city in which we worked. Then things got weird. The team moved to a new floor of the building, and every employee within the group was given their own, individual office. Well. Every employee... except for the 3 White guys. We were put, together, in the smallest office available. The size of a long, thin closet. In fact... I believe it was originally just a storage closet. It was so cramped that, whenever the guy at the back of the "office" needed to leave the room... the other two guys had to get up and exit one at a time. Single file. We called it "The Honky Closet". All requests for the "Honkies" to move to space where we could fit was denied by non-Honky management (despite several offices remaining empty). The purpose was clear. It was one, of many, attempts to get the remaining "White guys" to willingly quit. Which we all did within a matter of months. And, yes, those roles we also replaced with "non-Honkies".

In 1984, Ken Thompson modified the C compiler to secretly add a backdoor whenever it compiled the UNIX login program. Then he deleted all traces of that code from the compiler itself. Even recompiling from scratch couldn’t remove the backdoor. It wasn’t an attack it was a demo. A proof that you can’t truly trust code. Only the person who built the compiler.

I just added Fil-C runtime support for the prctl(2) argument that sshd uses to enable its seccomp filter sandbox. It works great! Just had to change sshd's seccomp filter to allow sched_yield, since the Fil-C runtime uses it. So, I now have a memory safe OpenSSH on Linux that also has zero security or functionality regression versus normal OpenSSH. Like normal OpenSSH, it gets constant time crypto from OpenSSL. Like normal OpenSSH, it gets a seccomp filter and does privsep. Unlike normal OpenSSH, it's memory safe!