Microsoft employee:

Hi, This is a high priority ticket and the FFmpeg version is currently used in a highly visible product in Microsoft. We have customers experience issues with Caption during Teams Live Event. Please help

Maintainer’s comment on twitter:

After politely requesting a support contract from Microsoft for long term maintenance, they offered a one-time payment of a few thousand dollars instead.

This is unacceptable.

And further:

The lesson from the xz fiasco is that investments in maintenance and sustainability are unsexy and probably won’t get a middle manager their promotion but pay off a thousandfold over many years.

But try selling that to a bean counter

  • kbotc@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    ·
    9 months ago

    He’s talking about Andres Freund, who uncovered the OpenSSL backdoor that was slipped into liblzma from the xz malicious maintainer. Dude saw a valgrind error and a function with a fixed runtime was taking too long and using too much CPU and reversed out and saved a major ssh backdoor from going upstream as Fedora was going to release it just days later.