this post was submitted on 02 Apr 2024
1068 points (96.0% liked)

Programming

17511 readers
23 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
1068
Microsoft opens a "high priority" bug ticket in ffmpeg, attempting to leech the free labour of the maintainers (trac.ffmpeg.org)
submitted 7 months ago* (last edited 7 months ago) by [email protected] to c/[email protected]
227 comments fedilink hide all child comments
 

Microsoft employee:

Hi, This is a high priority ticket and the FFmpeg version is currently used in a highly visible product in Microsoft. We have customers experience issues with Caption during Teams Live Event. Please help

Maintainer's comment on twitter:

After politely requesting a support contract from Microsoft for long term maintenance, they offered a one-time payment of a few thousand dollars instead.

This is unacceptable.

And further:

The lesson from the xz fiasco is that investments in maintenance and sustainability are unsexy and probably won't get a middle manager their promotion but pay off a thousandfold over many years.

But try selling that to a bean counter

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 11 points 7 months ago

He’s talking about Andres Freund, who uncovered the OpenSSL backdoor that was slipped into liblzma from the xz malicious maintainer. Dude saw a valgrind error and a function with a fixed runtime was taking too long and using too much CPU and reversed out and saved a major ssh backdoor from going upstream as Fedora was going to release it just days later.