Most of US government runs significant workloads on AWS now and that’s only increasing. They’ve cornered govt cloud infrastructure (with Azure, GCP, etc. very far behind) so not sure this matters in grand scheme of things.
Anecdotal based on industry experience, no citations.
I figure whatever they are trying to achieve probably doesn’t work. Otherwise Cash App would do it. But important decision makers are in too deep to admit they were wrong. Smells of turning the Magic Mouse upside down to charge it.
It is definitely odd. I think it started off as a KYC-kind of check. If there’s some weird, possibly illegal reason you type into the “what is this payment for?” input, I read that someone on behalf of Venmo will contact you to have you explain it further and to investigate if it should lead to the closure of your account.
It is unsurprising that Venmo has a log of transactions, right? That’s a necessary part of the job. Having it as something that can be presented as a social feed is the weird thing…
It almost seems like a radical art project, philosophical statement, or social experiment around transparency. Like, hypothetically in some alternate universe if they did no KYC, and just published everybody’s transactions, your peers could inspect your transactions, the police could just look and see if you were transacting with criminals… sort of like open source transactions. Maybe that was the original idea? And then eventually they got some actual customers and said “shit we’re a real company now, let’s put the social experiment on the back burner, add an opt-out, and start doing in-house kyc.”
I had no idea this was true until a buddy of mine who I play hockey with started putting super offensive notes on the payment, trying to trigger someone since it was a hot debate after one of our games if this actually occurred. After about five or six of these, someone did in fact contact him first via email, then actually called him and asked him to explain the notes and yes they do monitor these and yes, if its really suspect, the feds will be notified.
Which then begs the obvious - if you're buying drugs, then don't put you're buying drugs or paying off your bookie.
I guess it's law enforcement on the honor system - when you do something illegal, you're expected tell the police-monitored feed that you did it. We assume that no one is so unethical that they keep their illegal acts secret.
For extra credit, let's put this stuff on the blockchain. Crime is solved!
Engagement. It's part of a dark pattern that triggers that little neuron tie our tendency to compare ourselves to others, a sort of "keeping up with the Joneses" type thing. It is also billed as a free advertising for businesses (e.g. hey, look where your friends shop!) which encourages more businesses to accept Venmo as a payment method.
Anything for the sake of growth or perceived growth, up to and including privacy violations.
If i put your information in a feed, you'll look really stupid when you cry privacy violation down the road as you realize what I've been doing with your information.
In high school physics I procrastinated until the night before our egg drop competition to finally address what I was going to do. I got a medium/large size plastic tupperware container (rigid plastic body with a rigid lid). I took a bag of cotton balls, stuffed them in there as tight as I could, put an empty cardboard toilet paper roll vertically in the center, with more cotton balls designed to go in said cardboard below and above the egg. Taped the lid shut. People laughed at my concoction, especially those that went to great efforts to design theirs. I even tossed mine in the air beforehand to test it, which gave me extreme confidence going into the 30 ft drop that I'd be fine. I was. I do not recall what side it landed on but obviously it bounced several hard times after hitting the ground.
i've done this experiment 2 years in a row with my youngest kiddo as a STEM challenge in elementary school. i thought we got pretty close this year with using heavy duty sponges, paper plates, and a parachute, but was always operating under the assumption that the egg needs to be vertical. i'm excited to try again next year after reading this.
oh and at our school, they bring in a big bucket truck from the local power company and send the teachers up to the top with the devices and let them drop them :)
Get a block of styrofoam, slice it in two, and carve out a hole between the blocks exactly the size and shape of your egg. Tape the blocks together with the egg in the centre.
It is incredibly effective to have a solid surface in contact with the whole shell. And, the outer styrofoam will absorb the worst of the landing. It's also very light, so it minimizes the energy that must be dissipated.
Lesson learned from my failed attempt at the egg drop in high school. The guy with the styrofoam absolutely destroyed everyone at that challenge.
That was the solution employed in the ActionLabs video linked in another comment, but you'll note that their first attempt failed with that approach.
It's difficult to prevent any container that heavy from breaking open when hitting concrete at terminal velocity. I'd bet that the styrofoam block could be dropped from any height and survive landing on any surface, no matter how unyielding.
The one time I did it in highschool I suspended the egg in a small cloth bag within a box. No padding just the secure cloth bag attached to the inside corners of the box with taut twine. Egg survived the 3 story drop easily, even was fine when we kicked it around afterwards.
Yeah, I carefully followed the rules on that competition and made a cage that had the egg suspended with rubber bands. Worked pretty well in home testing. Lost to the kids that shoved wadded up paper towels into Tupperware containers.
Proud to say that in the early-mid 2000s I was a consultant dev at NSF and worked on the research proposal submission and eval website called Fastlane. They’ve since moved the functionality to research.gov, but my code ran in production for 20ish? years? It was old school Java Struts, JSPs, EJB’s..typical J2EE of the time. Lots of people I worked with decided to leave consulting and became NSF employees. They were good and smart people.
The contract expired today, but had an option period through March of 2026. DHS just needed to exercise the option.
Edit: Note the contract ended today April 16 - so performance would stop midnight tonight if the option wasn't exercised. Government contracts routinely go down to the wire like this, and often are late getting exercised. Why the uproar over this one? Did CISA signal to MITRE that they weren't going to exercise the option?
> Did CISA signal to MITRE that they weren't going to exercise the option?
An internal letter sent to CVE board members was making the rounds yesterday warning the current contract ("contracting pathway") would expire. The letter was authenticated by Brian Krebs[0]. Once Krebs authenticated the letter, people more or less assumed CISA was pulling funding, at least based on the infosec social media posts I saw.
CISA officials responded to multiple media inquiries (including the OP) with a statement that more directly said the contract would expire:
Although CISA’s contract with the MITRE Corporation will lapse after April 16, we are urgently working to mitigate impact and to maintain CVE services on which global stakeholders rely.[1]
Assuming this is the correct contract, which it appears to be, it had an option period starting today through March of next year. DHS just needed to exercise the option.
I disagree - no one is calling large scale gov contractors such as Northrop Grumman, GDIT, CGI, CACI, many more etc. consultants - yet a lot of the IT work they do overlaps with the consultancies.
“Contractors” has become the more common term over time.
Anecdotal based on industry experience, no citations.
reply