I have this queued up to listen tomorrow and fully expect it to be stellar. Oxide podcasts have always been a highlight of my week (and almost restore my faith in the industry, because someone, somewhere, is _right_ about the way they develop and integrate product).
I've only had a chance to listen to the beginning of it, but I share their disgust with the NYT article [1]. In any other field, journalists feel responsible for simplifying and explaining. Professionals in science, law, or medicine are often critical of these explanations, because the journalists' understanding of the relevant background material is often flawed, and the simplifications either ignore crucial distinctions or get the facts wrong. But they are at least trying, because the journalists understand that it's their responsibility to explain the issues at hand to the audience; that's the point. Instead, here we see a sort of flip shrug, with a "geek stuff, amirite?" wink. Obviously, there's a limit to the amount of technical detail a general-interest article can include, but it needn't deliver its elisions with a smirk, and I can't imagine any other subject area the NYT would approach that way.
My brother, who is not in IT, sent me the article a few days ago. He was fascinated by the underlying story but frustrated with the article's tone and lack of explanation, so I'm confident this isn't just me suffering from a bout of Gell-Mann amnesia.
They are criticizing the journalist (Kevin Roose) because of this line from his NYTimes article:
> "[Andres Freund's] job involves developing a piece of open-source database software known as PostgreSQL, whose details would probably bore you to tears if I could explain them correctly, which I can’t."
And that line doesn't matter at all for the purposes of understanding the "xz" attack. To me it's pretty innocuous and self-deprecating and makes sense for the general readership the NYTimes writes for.
I spent 15y+ writing in C/C++/.NET and and I have hard time understanding what is going on with xz with all twists and turns, why you are expecting your brother to understand and NYT will give you clear explanation that laymen can understand this very intricate hack ?
The issue isn't about explaining xz, it's about explaining Postgres. "It's a very popular piece of database software, and Andres' job is making sure that whenever people make changes to it, it doesn't get slower". There you go.
I don't understand the hate for the article. The article is written for a layperson audience, where the technical details would absolutely be eye-wateringly boring. Instead, the article (imo, correctly) focuses on the human side of the story: the fact that a highly detail oriented developer, working on unrelated software, stumbled across a small discrepancy in their measurements, triggering a series of events that led to discovering what is arguably one of the biggest attempted supply chain attacks since Solarwinds.
I don't understand what people wanted to be covered in this article? At what point would there be sufficient technical detail to suffice yet still keep the layperson interested enough to read the rest of the article?
On the other hand if you feel somehow slighted by the flippant attitude in the article, give it a rest! Why are you so sensitive? It's not like he's personally insulting you! The tech community is hardly the underdog any longer, so let's just take a joke once in a while, no? As President Eisenhower quoted[0], "Always take your job seriously, never yourself"
Not every criticism comes from a place of personal offense, and it's unreasonable to cast things you disagree with as its author having a case of the vapors. He's not insulting me and I'm not insulted; instead I think the article is bad for the reasons I explained. I could just as easily point out that you seem strangely offended by criticism of an article you did not write.
Again, the job of a journalist is to simplify and explain. Think about general-audience articles on subjects you're _not_ deeply familiar with. They typically do not patronize you or tell you that the details are boring; instead they try to explain the issues at hand in the most accessible way they can. Software is no different from science, law, or medicine in having lots of arcane terminology and intricate technical detail; it is not somehow the case that those topics can be simplified and explained but that a software problem can only be understood, even in concept and imprecisely, by a special cast of techno monks. But we seem to pretend it is, because we have strangely low standards for technology journalism.
The point of the article though is not about the technical details, it's a human interest story. It's about a guy, working in obscurity on an unrelated topic, stumbling upon what is arguably the biggest story in tech so far in 2024. I still don't see how this shows "low standards" as I don't see any factual errors in the article.
As a technical person, I did not feel patronized by the article. My non-technical wife forwarded it to me, and she also did not feel patronized by the article. If he said "you're too stupid to understand", then, yeah, that'd be patronizing.
I'll just conclude this way- when I used to sit in IDA Pro all day reverse engineering malware, I didn't expect to carry on a conversation with a perfect stranger talking at length about the intricacies of static and dynamic analysis. I have myself made similar comments about how my job involves staring at thousands of lines of assembly code and that would probably be mindnumbingly boring for them. We both have a laugh. Sometimes they do have an interest, and I can make it sound really interesting by focusing on the outcomes of the work rather than the toil and frankly mindnumbing grind; but other times, they say, yea, that sounds crazy, and we move on.
Nobody ever felt insulted- it's as they say "different strokes for different folks." I have had folks in other fields say similar things to me about how I would find the details of their work boring. A lot of times I am intrigued and hold a conversation to learn more, other times I agree and move on. At no point am I offended or feel patronized, though, because I am confident that if I truly cared I could learn more myself or ask questions.
As a lifelong nerd, programming gets a bad rap, and no respect, for the right reasons.
Programming is to engineering as math is to science. Namely, it's made up. Less basis in physical reality.
Same reason learning Elvish isn't as respectable as learning Spanish. One guy made it up, and it hasn't been proven by centuries of actual use.
Programming carries the same odor of "fantasy". Maybe in 300 years, when we're all living in holodecks on spaceships, it'll have a patina of authenticity. For now, we're Mr Robot and Silicon Valley
