Microsoft loves sending emails with "Action required" in the subject, when actually no action is required, or it doesn't apply to you, or whatever. Such corporate speak. It's fun searching your email for "Action required" and finding all the things you were supposed to do and it turns out didn't need to do anything about.
"Crying wolf" constantly like this is so frustrating. It waters down the message until they send something you really need to worry about, which you ignore like the rest of the pointless messages.
I saw someone had an idea to have a ticket system where the user chose the priority, and it displaced the current ticket at that priority, with the catch being that this ticket was sent back to the user with "are you sure?"
CEO can't login during a demo. Sandra from accounting can't print from the closest printer and confirmed this is higher priority
Early on in my career my manager told me "a monitoring system that sends more than a dozen notifications a day actually sends zero notifications". Words to live by.
This is a bit off topic, but I always say that priority is a ranking of actual demands, it is an ordering, one that needs curating and keeping updated based on context and changes in environment.
Nothing else works for prioritisation, any other categorising into "High/Medium/Low" just fails.
By doing so you end up with the nonsense we had at a company I once worked for, where stories were all put in medium.
This was because stories in low were simply never actioned, they'd never ever get done, everyone came to implicitly understand this. It was still a useful dumping ground for the kinds of stories you know you ought to do, but no-one wanted to do, but it was useful to have noted on record. But for prioritising actual work, it was useless.
Stories in High had a special process defined in a handbook that no-one wanted the hassle of dealing with.
So everything was Medium.
This had obvious problems, and it grew larger than could be managed.
So "Just Above Medium" was born, for stories that were higher priority than your everyday stories in Medium.
This in time grew too, so "Just Above Just Above Medium" (aka JAJAM) was born.
By the time I started, there was even a "JAJAM+" category, for stories that had to be fast-tracked through the process too.
The whole thing essentially fell back to having the product/development leads come to an understanding of what work needed to be done. Which is the right way to do it, but that should simply be made more explicit and part of the process by simply having all stories ranked.
Then you don't need the mental overhead of trying to decide in a design meeting if something is "Just above Medium" or just above that...
My spam folder is full of "Action Required" emails. So many of them are phishing attempts that I would never even open such an email even if it really truly came from Microsoft.
I unfortunately took part in their startup program. I was awarded the credits. However, I noticed that everything was super pricey, especially the AI services and the azure interface is basically garbage. It is very easy for you to enable a service and never be able to find it later until you have been billed for it later in the month. Maybe the GCP interface has spoilt me too much.
Long story short: I discontinued their program and it's been 2 years and I still receive those action required emails only to find out that there is absolutely no action required on my side. Harassing users is their favorite past time I swear. Ask the Github desktop folks. On Mac OS, there is no option to disable automatic updates. It loves installing a helper that runs 24/7 with admin privileges. If you click on deny, it will keep harassing you - every. single. day. First thing in the morning - 3 times, 3 times in the evening. You could be in the middle of something important, like a meeting or a screen share or running some serious stuff like CNC milling (which I do) and this thing will just popup and ask you for admin privileges until you accept.
And even if you accept and give it permissions, it just buys you a few days time. People have tried before to open an issue on Github - their response was simply "This isn't a priority for us right now" and they just closed the issue.
Same story with Windows too. I wish there was a law to prevent this kind of bullying behaviour.
Google famously just did this with their Captcha service. Had lots of people signing up for a more complicated version on Google Cloud that they didn't need to do.
Same with GCP. I have Private test account with nothing on it. I get emails about actions being required regarding APIs I have never used, a few times per year.
Because it absolves them of liability of anything goes wrong. They can point to the email say "we warned you". Having to filter and target the specific set of customers that a notice applies to carries risk and costs to them and they wanna pass it to you.
I've no idea whether MS either has a veeeeery clever plan about what they are doing, and I just don't get it, or whether that's just completely stupid in the current times when Windows' fanbase is somewhat declining anyways.
On the other hand, people always have a hard time understanding the trouble they order when they let things centralize too much. When they are too okay with depending on e.g. BigTech companies too much.
And in that regard, those news are probably actually good news... It helps people learning about how things work... So they can make better decisions in the future. Better for all of us.
I spent 20 minutes trying to log in to Teams on my phone today and I just couldn’t. After my username and password, it would redirect to Microsoft Authenticator, then ask me to create a passkey for some reason, show a loader, and then bug out and restart the flow in an infinite loop.
I’m being told we are in the incredible age of fully automated AI programming and yet Microsoft can’t even get login to work.
We are in the age of fully automated AI programming, and that's the expected outcome. (.. is what I would say if this wasn't Microsoft's standard for the last 10 years)
If someone already has MS Teams installed, and their Authenticator App, there is no compelling reason to not install Copilot. Unless the system permissions they ask differ substantially, let's say.
Either you trust MS or you better have nothing installed from them on your (personal) devices at all. No?
Satya Nadella had built up so much Microsoft goodwill from 2014 - 2022. When they first purchased Github, it looked like Microsoft was opening up and was going good things.
The first sign things were souring was when Microsoft dumped their gaming plans after just buying up all he major studios. First sign they only cared about Azure and AI.
Now it's blatantly obvious they're giving up everything to chase enterprise AI.
Yes, maybe. Although they explicitly promised the opposite some days ago, no?
And there was also that article some days ago that told the story about all the management stupidities at MS from the last years/decades. It was very interesting, and would suggest that this might be yet another very stupid move.
I would just disagree with one detail: With some basic understanding about how human beings work, and how the world works, MS never stopped to be a problematic company. Some were optimistic when they started to open some things up a little, some less so. Are they today more open than they were 20 years ago? Definitely! Was it ever a company that was healthy to depend on? Not a single day imho.
In the tech world, security is mostly just a theater , it is used to push though unwanted and unpopular things, like access control, privacy invasion, etc...
All this signing business, leads to one party having the final say, and guess what, they are going to abuse that power...
Because some people realised that insurance is the ultimate form of security? Why prevent failure when the consequences of failure can simply be offloaded to others?
Passkeys are here to improve your login security! All you have to do is give complete control over your ability to log in to a service to one of three American big tech companies. Yay!
> I was ready to login to the Partner Portal and submit my...
I used to work for companies that were Microsoft Partners. One of Microsoft's rules was that they required Partners to employ one (or more) developers that have some Microsoft certification. As an MSCD, I met those requirements (for silver and gold levels). That cert is no longer offered, so I wonder if some exception/rule got removed and now all the partners without "certified" developers got kicked to the curb?
No one considers anything in these tech companies. It’s all some bot automatically banning people who are then faced with a brick wall looking for a contact to get unbanned.
this source is a bit better and answers a couple questions.
first the verification wasn't just "click this link to prove you own this email"
>That account verification process meant that developers were required to upload their government-issued ID before they were allowed to publish potentially highly sensitive code to the broader Windows user base.
Also according to at least one affected user they didn't actually get notified of the process.
> “Microsoft never sent me any notification at all about this. I’ve looked in every inbox in every spam folder in every mail log, and zero, nothing, zilch,” Donenfeld said.
Some devs did get the email and follow the process and still got kicked out
> Don’t let anyone tell you it’s because we didn’t read our emails or submit the right verification paperwork. Cuz we did all that back in October.
> And this month, we were suddenly and without any warning locked out.
And also consider moving some of your repos to Forgejo. I’m running it for more than a year now and it is by far my favorite service. Way faster and essential features do not require monthly payment (branch protection for example). It can easily run on a Raspberry Pi 4 1 GB RAM.
Use Docker Compose and put Caddy in front of it for HTTPS. For backups the easy way is to just git pull your repos via cron on some remote systems. Or use syncthing to also move the server configs over. For the runner, 1 GB RPi 4 should be fine for many situations. It can compile and run many Rust/Python tests fine or build static sites. You could also setup an old x86 next to it (this is essentially what GitHub Runners are too: old x86 cpu’s).
Apple has done the exact same with its iphone app store, lots of companies got shut down because of their app not beeing available anymore with no explanation. The problem is with exclusive app stores.
I don't often praise Apple, but their kernel hardening on macOS has been in the form of a deliberate, decades-long plan to move kernel extensions to userspace by providing the appropriate SDKs. Meanwhile Microsoft is running around like a headless chicken.
Have gone back to Linux after 23 years, Ive only had to go to the console once to make all hardware of my framework 12 work since i chose to use a non supported distro.
That's definitely a breath of fresh air compared to the old times, where getting wifi to work was a major hassle, anyone remember ndiswrapper? ouch.
Writing this from a corporate win11 computer, the whole thing is so laggy, it's unbelievable. Last year, I had revived my old desktop from 2007 with an intel Q6600, windows xp and a clicky dying HDD, and that thing flied compared to this. Dear Microsoft and its partners (Especially DELL!), what the hell happened?!
Your actions, intentional and direct or not, allowed for one more sale of Win11 and an accompanying sad Dell computer, giving them the signal (however weak from you as one single individual) that whatever crap they have been doing up to now, still is a good choice in order to sell one of those combinations.
Dozens of youtube video reviews showing that the 8GB is not really a limitation for what most people need to do with the laptop. Heck I saw a review where the guy played minecraft on it with 20 rather hefty tabs in safari open, without any stuttering.
So what is the actual limitation of a neo, and how to they apply to users in that price class?
> The list of affected projects includes, but is not limited to, Virtual Private Network (VPN) software WireGuard, on-the-fly encryption (OTFE) utility VeraCrypt, the MemTest86 Random Access Memory (RAM) testing and diagnosis tool, and the Windscribe VPN software.
This, on top of the recent mystery app updates pushed by Apple, has me concerned. So much of security relies on the assumption that, say, Apple, Google, or Microsoft can't be coerced into pushing an update that undermines the entire security model. The "Apple gets hit with a wrench attack" is more salient nowadays.
Hopefully this is nothing but I think it's worth being vigilant. But judging by Microsoft's response, it seems more likely to be an administrative error commensurate with the state of their company rather than something more nefarious.
> Wednesday, Microsoft Vice President Scott Hanselman said the developer accounts were automatically suspended because they failed the "mandatory account verification for all partners in the Windows Hardware Program who have not completed account verification since April 2024" that the company had been emailing "everyone" about since October 2025.
It doesn't sound like suspention, because they would be able to fill out the form and get unsuspended. This is closer to account termination.
I feel like Hanselman is one of the few old generation Microsoft people. When he leaves it’ll be young people who don’t know Microsoft and have no understanding of or connection with Microsoft products.
I don't know about his career in general, but Hanselman once spoke at a conference I was helping organize here in Thessaloniki, and he was great. Really knowledgeable and very down to earth.
As the strongest OS advocate who has not ran Windows in a quarter century and is posting this over a Wireguard link; the is some double standards here. A corporate VPN vender who did not ensure they received all notifications from Microsoft regarding a certificate that effectively let's them root millions of computers would be a strong signal of concern.
FYI: on macOS you can’t even ship VPN software that uses the modern APIs outside of the app store for self-distribution. An ADP membership is required, full stop.
Alongside talk from the UK Labour government about intervening on VPNs, I'm getting uneasy vibes about this move, especially since Microsoft is one of the most government-friendly corporations in the big tech arena.
The surveillance state is growing more sinister every day (especially in the UK), but the efforts are somewhat thwarted by the existence of VPNs.
Once they find a way to undermine VPNs, the UK govt will have literal CCP-level control over our access to information and communication.
CCP-level control over access to information is not actually very tight, technologically nor ideologically, but it does enable a form of rule-by-law which is far more useful.
The problem is that the social media companies have not been dealing with abusive posts of various sources. Governments can't take action against the bad posters are they are from another Government (and in some cases are employed by that government to cause trouble). Thus Governments have to take actions which they can control, unfortunately these actions will affect more than the bad abusers.
You assume your premise. No the government actually doesn't 'have to' take action about mean things on the internet. The UK has such an obsession with regulating what is, essentially, politeness.
While I don't particularly care for the UK's approach to these things, I can't help but be shocked at how many governments seem to all of a sudden have dreamed up the same idea. Independently, I'm sure.
I suppose the US is the unique one really, when it comes to a history of protecting certain types of speech. They've never really regulated (what I would call) politeness between people in any form.
The UK, and I assume much of Europe, criminalizes truly petty levels of speech. For example, it's illegal to insult someone and cause them 'alarm' or 'distress' in the street.
Thus the non-technical populace see rudeness on the internet as the result of some kind of wild west situation that the government needs to control, to bring it in line with the rest of the public realm.
This should be made a problem for the social media companies (which it largely has, hence all the age verification fiasco), not absolutely everyone on the internet.
Modern computing does not make me feel good. Really hate this signing business controlled by the OS vendors. I get the added security benefits, but I'm not sure the tradeoff is worth it.
At this rate, I'd say we have less than a year before world governments simultaneously start rolling out laws making Linux illegal. Of course they won't call it "The Ban Linux Bill" but it will be back-channeled through some bullshit security or user verification requirement.
It's too late to close that Pandora's box. Linux is far too ubiquitous now. Even if it still lags behind Windows in the desktop computing space, it is already a non-trivial market share and growing quickly. And in many other computing spaces, Linux is king.
They can't realistically make Linux illegal. But they can put onerous requirements on popular Linux distributions - such as the age "verification" features they're currently trying to require[0]. Hopefully that proves to be ineffective.
Well corporations decide on that. I abandoned rubygems.org when they added
the 100.000 download limit; past that point I was no longer able to remove
old gem. Then came the new corporate laws for rubygems.org and mass-firing
of about 8 open source developers who were involved with the ruby ecosystem.
We simply need to accept that corporations controlling an ecosystem can lead
to HUGE problems. We need an alternative here. I don't have a good alternative
either to suggest - money is influential. People adjust their behaviour and how
they think with regards to money all the time. We could need some kind of model
that also handles the economy. And, again - I have absolutely no clue how that
could or should look like.
We need to create a special interest org for people that support general computing. I'm open to be part of something like this.[0]. Reach out to me if interested
Well, Microsoft is evil so no surprise - but this seems like targeted censorship:
"The list of affected projects includes, but is not limited to, Virtual Private Network (VPN) software WireGuard, on-the-fly encryption (OTFE) utility VeraCrypt, the MemTest86 Random Access Memory (RAM) testing and diagnosis tool, and the Windscribe VPN software."
It seems to go against VPN right? Is there a connection to other things such as the mem-test tool? This one is the only one that does not fit here. Or perhaps we don't have the full picture.
It seems to go against developers of Windows drivers (which includes VPNs) - apparently there was a “mandatory account verification for all partners in the Windows Hardware Program who have not completed account verification since April 2024”, but for some reason it looks like no one notified these guys that they have to verify their accounts.
This is preemption, I believe, in the US for what's coming. Given the states trying to ram in "age verification" (mass surveillance propaganda, same agenda as CSAM) I no doubt believe that the only VPNs the USG wants people to have access to are corporate (easy entry point) and pwn'd VPNs [0] (in the media lately).
I read elsewhere (here?) that it was the main developer of WireGuard who had their account suspended. If true, and based on what I read seems it is true, I am surprised this did not reach the "mainstream" press.
All I can say is this is another proof of M/S abuse of their users:
"I've been using the same account doing the same actions for 10 years what changed"
"We updated our policy 2 years ago. We have been sending you vaguely worded emails this would happen for 2 years, straight to your junk hotmail account you setup for this, why didn't you read them?"
Microsoft terminates VeraCrypt account, halting Windows updates (575 points, 239 comments)
https://news.ycombinator.com/item?id=47690977
CEO can't login during a demo. Sandra from accounting can't print from the closest printer and confirmed this is higher priority
Nothing else works for prioritisation, any other categorising into "High/Medium/Low" just fails.
By doing so you end up with the nonsense we had at a company I once worked for, where stories were all put in medium.
This was because stories in low were simply never actioned, they'd never ever get done, everyone came to implicitly understand this. It was still a useful dumping ground for the kinds of stories you know you ought to do, but no-one wanted to do, but it was useful to have noted on record. But for prioritising actual work, it was useless.
Stories in High had a special process defined in a handbook that no-one wanted the hassle of dealing with.
So everything was Medium.
This had obvious problems, and it grew larger than could be managed.
So "Just Above Medium" was born, for stories that were higher priority than your everyday stories in Medium.
This in time grew too, so "Just Above Just Above Medium" (aka JAJAM) was born.
By the time I started, there was even a "JAJAM+" category, for stories that had to be fast-tracked through the process too.
The whole thing essentially fell back to having the product/development leads come to an understanding of what work needed to be done. Which is the right way to do it, but that should simply be made more explicit and part of the process by simply having all stories ranked.
Then you don't need the mental overhead of trying to decide in a design meeting if something is "Just above Medium" or just above that...
Long story short: I discontinued their program and it's been 2 years and I still receive those action required emails only to find out that there is absolutely no action required on my side. Harassing users is their favorite past time I swear. Ask the Github desktop folks. On Mac OS, there is no option to disable automatic updates. It loves installing a helper that runs 24/7 with admin privileges. If you click on deny, it will keep harassing you - every. single. day. First thing in the morning - 3 times, 3 times in the evening. You could be in the middle of something important, like a meeting or a screen share or running some serious stuff like CNC milling (which I do) and this thing will just popup and ask you for admin privileges until you accept.
And even if you accept and give it permissions, it just buys you a few days time. People have tried before to open an issue on Github - their response was simply "This isn't a priority for us right now" and they just closed the issue.
Same story with Windows too. I wish there was a law to prevent this kind of bullying behaviour.
Even MS's staff couldn't figure out what resources the "Action Required" email had to do with.
As I'm sure the Vogons did after they blew up Earth for the hyperspace bypass road and realized the planet had inexplicably still been habitated.
I've no idea whether MS either has a veeeeery clever plan about what they are doing, and I just don't get it, or whether that's just completely stupid in the current times when Windows' fanbase is somewhat declining anyways.
On the other hand, people always have a hard time understanding the trouble they order when they let things centralize too much. When they are too okay with depending on e.g. BigTech companies too much.
And in that regard, those news are probably actually good news... It helps people learning about how things work... So they can make better decisions in the future. Better for all of us.
I’m being told we are in the incredible age of fully automated AI programming and yet Microsoft can’t even get login to work.
they would like you to use copilot, so it all checks out, have you installed it on your phone yet? /s
If someone already has MS Teams installed, and their Authenticator App, there is no compelling reason to not install Copilot. Unless the system permissions they ask differ substantially, let's say.
Either you trust MS or you better have nothing installed from them on your (personal) devices at all. No?
The first sign things were souring was when Microsoft dumped their gaming plans after just buying up all he major studios. First sign they only cared about Azure and AI.
Now it's blatantly obvious they're giving up everything to chase enterprise AI.
And there was also that article some days ago that told the story about all the management stupidities at MS from the last years/decades. It was very interesting, and would suggest that this might be yet another very stupid move.
I would just disagree with one detail: With some basic understanding about how human beings work, and how the world works, MS never stopped to be a problematic company. Some were optimistic when they started to open some things up a little, some less so. Are they today more open than they were 20 years ago? Definitely! Was it ever a company that was healthy to depend on? Not a single day imho.
All this signing business, leads to one party having the final say, and guess what, they are going to abuse that power...
Most security is done badly, but it doesn't mean that security is unnecessary.
But I agree: TooBigTech has TooMuchPower.
Passkeys are here to improve your login security! All you have to do is give complete control over your ability to log in to a service to one of three American big tech companies. Yay!
Microsoft response at the end of that article.
I used to work for companies that were Microsoft Partners. One of Microsoft's rules was that they required Partners to employ one (or more) developers that have some Microsoft certification. As an MSCD, I met those requirements (for silver and gold levels). That cert is no longer offered, so I wonder if some exception/rule got removed and now all the partners without "certified" developers got kicked to the curb?
developers, developers; nah- AI, AI ...
when Copilot is certified, you'll be fine
Apparently nobody at Microsoft considered that blocking critical software hurts Microsoft more than the open source developers being blocked.
first the verification wasn't just "click this link to prove you own this email"
>That account verification process meant that developers were required to upload their government-issued ID before they were allowed to publish potentially highly sensitive code to the broader Windows user base.
Also according to at least one affected user they didn't actually get notified of the process.
> “Microsoft never sent me any notification at all about this. I’ve looked in every inbox in every spam folder in every mail log, and zero, nothing, zilch,” Donenfeld said.
> Don’t let anyone tell you it’s because we didn’t read our emails or submit the right verification paperwork. Cuz we did all that back in October. > And this month, we were suddenly and without any warning locked out.
https://x.com/OSRDrivers/status/2042286973461709183
At this point people will move to MacOS or Linux because so much damage to their brand can’t simply be ignored anymore.
Use Docker Compose and put Caddy in front of it for HTTPS. For backups the easy way is to just git pull your repos via cron on some remote systems. Or use syncthing to also move the server configs over. For the runner, 1 GB RPi 4 should be fine for many situations. It can compile and run many Rust/Python tests fine or build static sites. You could also setup an old x86 next to it (this is essentially what GitHub Runners are too: old x86 cpu’s).
[1]: https://github.com/offen/docker-volume-backup/
I think most people just don't care about their computer. Most people just use whatever they are told to use at work.
So, what happened is Microsoft is first a rent-seeker and afterwards, a service and software company.
The fix may vary, but I'm guessing the diagnosis is rather less divisive.
Your actions, intentional and direct or not, allowed for one more sale of Win11 and an accompanying sad Dell computer, giving them the signal (however weak from you as one single individual) that whatever crap they have been doing up to now, still is a good choice in order to sell one of those combinations.
So what is the actual limitation of a neo, and how to they apply to users in that price class?
Yet, they are still around, they are still deeply embedded in most businesses, and no matter how much they screw up, it just keeps going.
Don't know who those people are or if they exist, but not the brightest ones for sure.
This, on top of the recent mystery app updates pushed by Apple, has me concerned. So much of security relies on the assumption that, say, Apple, Google, or Microsoft can't be coerced into pushing an update that undermines the entire security model. The "Apple gets hit with a wrench attack" is more salient nowadays.
Hopefully this is nothing but I think it's worth being vigilant. But judging by Microsoft's response, it seems more likely to be an administrative error commensurate with the state of their company rather than something more nefarious.
It doesn't sound like suspention, because they would be able to fill out the form and get unsuspended. This is closer to account termination.
1. claims they do not have access to the signing account
2. Recently said that they are not planning any important release in the next 60 days
Then I would claim that rushing to update is plain reckless. But move fast and break things, I guess
The surveillance state is growing more sinister every day (especially in the UK), but the efforts are somewhat thwarted by the existence of VPNs.
Once they find a way to undermine VPNs, the UK govt will have literal CCP-level control over our access to information and communication.
The UK, and I assume much of Europe, criminalizes truly petty levels of speech. For example, it's illegal to insult someone and cause them 'alarm' or 'distress' in the street.
Thus the non-technical populace see rudeness on the internet as the result of some kind of wild west situation that the government needs to control, to bring it in line with the rest of the public realm.
If you are really disgusted by those moves, you have a time to switch. If enough people switch, then we can just forget about that garbage.
They can't realistically make Linux illegal. But they can put onerous requirements on popular Linux distributions - such as the age "verification" features they're currently trying to require[0]. Hopefully that proves to be ineffective.
[0] https://agelesslinux.org/distros.html
Well corporations decide on that. I abandoned rubygems.org when they added the 100.000 download limit; past that point I was no longer able to remove old gem. Then came the new corporate laws for rubygems.org and mass-firing of about 8 open source developers who were involved with the ruby ecosystem.
We simply need to accept that corporations controlling an ecosystem can lead to HUGE problems. We need an alternative here. I don't have a good alternative either to suggest - money is influential. People adjust their behaviour and how they think with regards to money all the time. We could need some kind of model that also handles the economy. And, again - I have absolutely no clue how that could or should look like.
[0]: https://scottRlarson.com
"The list of affected projects includes, but is not limited to, Virtual Private Network (VPN) software WireGuard, on-the-fly encryption (OTFE) utility VeraCrypt, the MemTest86 Random Access Memory (RAM) testing and diagnosis tool, and the Windscribe VPN software."
It seems to go against VPN right? Is there a connection to other things such as the mem-test tool? This one is the only one that does not fit here. Or perhaps we don't have the full picture.
Fuck Microsoft (aka Microslop).
[0] https://www.wired.com/story/using-a-vpn-may-subject-you-to-n...
All I can say is this is another proof of M/S abuse of their users:
https://news.ycombinator.com/item?id=47710149
"I've been using the same account doing the same actions for 10 years what changed"
"We updated our policy 2 years ago. We have been sending you vaguely worded emails this would happen for 2 years, straight to your junk hotmail account you setup for this, why didn't you read them?"
Nothing nefarious unless you consider bureaucracy