Amazon is leveraging machine learning to fight fraud, audit code, transcribe calls, and index enterprise data. From a report: Today during a keynote at its Amazon Web Services (AWS) re:Invent 2019 conference in Las Vegas, the tech giant debuted Amazon Fraud Detector, a fully managed service that detects anomalies in transactions, and CodeGuru, which automates code review while identifying the most "expensive" lines of code. And those are just the tip of the iceberg. With Fraud Detector (in preview), AWS customers provide email addresses, IP addressees, and other historical transaction and account registration data, along with markers indicating which transactions are fraudulent and which are legitimate. Amazon takes that information and uses algorithms -- along with data detectors developed on the consumer business of Amazon's business -- to build bespoke models that recognize things like potentially malicious email domains and IP address formation. After the model is created, customers can create, view, and update rules to enable actions based on model predictions without relying on others.

Under Project Verona, Microsoft is working to make Windows 10 more secure by integrating Mozilla-developed Rust for low-level Windows components. "'Memory safety' is the term for coding frameworks that help protect memory space from being abused by malware," reports ZDNet. "Project Verona at Microsoft is meant to progress the company's work here to close off this attack vector." From the report: Microsoft's Project Verona could turn out to be just an experiment that leads nowhere, but the company has progressed far enough to have detailed some of its ideas through the UK-based non-profit Knowledge Transfer Network. Matthew Parkinson, a Microsoft researcher from the Cambridge Computer Lab in the UK who's dedicated to "investigating memory management for managed programming languages," gave a talk last week focusing on what the company is doing to address these memory issues.

In the talk, Parkinson discussed the work Microsoft has done with MemGC, which is short for Memory Garbage Collector, for Internet Explorer (IE) and Edge. MemGC addressed vulnerabilities in the standard browser feature known as a Document Object Model (DOM), a representation of the data used by browsers to interpret web pages. Google's elite Project Zero hackers were impressed with Microsoft's MemGC after canvassing major browsers. [...] The other class of bugs Microsoft is working on to address relates to uninitialized memory in a way that also doesn't kill performance. [...] Parkinson said Microsoft is rewriting some "targeted" components in Rust. His talk focused on language design and compartmentalization. "If we want compartments, and to carve up the legacy bits of our code so [attackers'] exploit code can't get out, what do we need in the language design that can help with that?" This is Project Verona and Parkinson said it was the first time he'd discussed the project, which will be made open source "soon". It is a new language for what Microsoft is calling "safe infrastructure programming." "The challenge for Microsoft is dealing with the 'application spectrum,' which spans from C# for desktop apps through to C and C# for Exchange, ASP.NET, Azure, and device drivers, to deep Windows components like memory management and boot loaders and the Windows kernel hardware abstraction layer (HAL)," the report says.

"The ownership model in Verona is based on groups of objects, not like in Rust where it's based on a single object," said Parkinson. "In C++ you get pointers and it's based on objects and it's pretty much per object. But that isn't how I think about data and grammar. I think about a data structure as a collection of objects. And that collection of objects as a lifetime. So by taking ownership at the level of ownership of objects, then we get much closer to the level of abstraction that people are using and it gives us the ability to build data structures without going outside of safety."

Dropbox's Work in Progress blog shared a 2000-word "conversation with the creator of the world's most popular programming language," noting that many computer science schools are switching over from Java to Python, and arguing that "JavaScript still owns the web, and Java runs 2.5 billion Android phones, but for general purpose programming and education, Python has become the default standard."

They also write that the language's recently-retired creator Guido van Rossum "thinks Python may be closer to our visual understanding of the structures that we are representing in code than other languages." "While I was researching my book, CODERS," says author Clive Thompson, "I talked to a lot of developers who absolutely love Python. Nearly all said something like 'Python is beautiful.' They loved its readability -- they found that it was far easier to glance at Python code and see its intent. Shorn of curly brackets, indented in elegant visual shelves, anything written in Python really looks like modern poetry." They also find that Python is fun to write, which is more important than it may seem. As Thompson writes, "When you meet a coder, you're meeting someone whose core daily experience is of unending failure and grinding frustration."

Building the priority of the programmer's time into the language has had a curious effect on the community that's grown around it. There's a social philosophy that flows out of Python in terms of the programmer's responsibility to write programs for other people. There's an implicit suggestion, very much supported by Van Rossum in the ways he talks and writes about Python, to take a little more time in order to make your code more interpretable to someone else in the future. Expressing your respect for others and their time through the quality of your work is an ethos that Van Rossum has stealthily propagated in the world. "You primarily write your code to communicate with other coders, and, to a lesser extent, to impose your will on the computer," he says...

Part of the enduring appeal of Python is the optimism and humility of starting over. "If you've invested much more time into writing and debugging code, you're much less eager to throw it all away and start over." Co-founder and CEO, Drew Houston wrote the first prototype of Dropbox in Python on a five-hour bus ride from Boston to New York. "The early prototypes of Dropbox were thrown away, largely, many times," says Van Rossum....

What has he taken away from his thirty year journey with Python? "I have learned that you can't do it alone, which is not an easy lesson for me. I've learned that you don't always get the outcome that you went for, but maybe the outcome you get is just as good, or better."
Though two decades ago van Rossum had tried a short-lived project called Computer Programming 4 Everybody (or CP4E), he now says "I'm not so sure that it needs to happen anymore. I think computers have made it to that point, where they're just a useful thing that not everybody needs to know what goes on inside."

Long-time Slashdot reader theodp also flagged van Rossum's remarks that "there are certain introductions to programming that are fun for kids to do, but they're not fun for all kids, and I don't think I would want to make it a mandatory part of the curriculum."

It's the first day of December, which means the return of an annual geek tradition: the computer programming advent calendars!

An anonymous reader delivers this update: It's the very first year for the Raku Advent Calendar (using the language formerly known as Perl 6).

Meanwhile, Perl 5 still has its own separate advent calendar. Amsterdam-based Perl programmer Andrew Shitov is also writing a special "Language a Day" advent calendar in which he'll cover the basics of an entirely different programming language each day. And the Go language site Gopher Academy has also launched their 7th annual advent calendar.

The 24 Ways site is also promising "an advent calendar for web geeks," offering "a daily dose of web design and development goodness to bring you all a little Christmas cheer."

And each day until Christmas the Advent of Code site will offer "small programming puzzles for a variety of skill sets and skill levels that can be solved in any programming language you like. People use them as a speed contest, interview prep, company training, university coursework, practice problems, or to challenge each other." (Their Day One puzzle explains this year's premise. "Santa has become stranded at the edge of the Solar System while delivering presents to other planets....!")
There's also one particularly ambitious advent calendar from closer to the north pole. The Norwegian design/technology/strategy consulting firm Bekk is attempting 12 different geeky Christmas calendars, each running for 24 days (for a total of 288 articles).

And each one is hosted at a .christmas top-level domain

• CSS Christmas
• Functional Christmas
• Java Christmas
• JavaScript Christmas
• Kotlin Christmas
• ML Christmas
• Open Source Christmas
• Product Christmas
• React Christmas
• Security Christmas
• The Cloud Christmas
• UX Christmas

According to The Register, Oracle is suing the Department of Labor for repeatedly accusing the company of discriminating against and underpaying women and minorities. From the report: In a lawsuit [PDF] filed Wednesday in a Washington DC district court, Big Red accuses the U.S. Department of Labor of "unprecedented overreach by an executive agency," and claims the agency doesn't have the authority to cut Oracle out of government contracts for its discriminatory practices or sue it for underpaying certain staff. With one hand holding the constitution and the other bashing its chest, the database giant warned perilously that "the rise of the modern administrative state has altered our government structure" but that it had "not undone our constitutional structure."

The folks at the Office of Federal Contract Compliance Programs (OFCCP) have "created a coercive administrative enforcement and adjudicative regime" the lawsuit bellows. "Without authority from any Act of Congress - indeed, in contravention of congressional legislation - a group of unelected, unaccountable, and unconfirmed administrative officials have cut from whole cloth this adjudicative agency enforcement scheme." The lawsuit is just the latest in a brutal battle between Oracle and the Labor Department that started in 2017 when the government sued the database biz for pay and employment discrimination. According to federal investigators, Oracle pays its white male employees more than women and minorities even when they are in the same job with the same title. It studied Oracle's hiring practices since 2013 and concluded that there were "gross disparities in pay even after controlling for job title, full-time status, exempt status, global career level, job speciality, estimated prior work experience, and company tenure."

An anonymous reader quotes a report from Ars Technica: Since March, Google has been promising that its streaming Stadia platform would be capable of full 4K, 60fps gameplay (for users with a robust Internet connection and $10/month Stadia Pro subscription). But technical analyses since launch have shown that some of the service's highest profile games aren't hitting that mark. A Digital Foundry analysis of Red Dead Redemption 2 on Stadia, for instance, found that the game actually runs at a native 2560x1440 resolution, which is then upscaled to the 4K standard of 4096x2160 via the Chromecast Ultra. And a Bungie representative said that the Stadia version of Destiny 2 runs at the PC equivalent of "medium" graphics settings and that the game will "render at a native 1080p and then upsample [to 4K] and apply a variety of techniques to increase the overall quality of effect."

Over the weekend, Google issued a statement to 9to5Google that essentially places the blame for this situation on Stadia developers themselves (emphasis added): "Stadia streams at 4K and 60fps -- and that includes all aspects of our graphics pipeline from game to screen: GPU, encoder, and Chromecast Ultra all outputting at 4K to 4K TVs, with the appropriate Internet connection. Developers making Stadia games work hard to deliver the best streaming experience for every game. Like you see on all platforms, this includes a variety of techniques to achieve the best overall quality. We give developers the freedom of how to achieve the best image quality and frame rate on Stadia, and we are impressed with what they have been able to achieve for day one. We expect that many developers can, and in most cases will, continue to improve their games on Stadia. And because Stadia lives in our data centers, developers are able to innovate quickly while delivering even better experiences directly to you without the need for game patches or downloads."

"What tech skills do U.S. employers want? Researchers at job search site Indeed took a deep dive into its database to answer that question," reports IEEE Spectrum: [A]t least for now, expertise in SQL came out on top of the list of most highly sought after skills, followed by Java. Python and Amazon Web Services (AWS) are coming on fast, and, should trends continue, may take over the lead in the next year or two...

Indeed's team considered U.S. English-language jobs posted on the site between September 2014 and September 2019; those postings encompassed 571 tech skills. Over that period, Docker, the enterprise container platform, sits at number 20 on the list today, but that is the result of a dramatic climb over that five-year period. Demand for proficiency in that platform-as-a-service grew more than 4000 percent, from a barely registering share of 0.1 percent of job post mentions in 2014 to 5.1 percent today. Azure jumped more than 1000 percent during that period, from 0.6 percent to 6.9 percent; and the general category of machine learning climbed 439 percent, closely followed by AWS at 418 percent.

Indeed's researchers note that the big jumps in demand for engineers skilled in Python stems from the boom in data scientist and engineer jobs, which disproportionately use Python.
"Python" has overtaken "Linux" in just the last two years, while in the same period "AWS" overtook C++, C, C# and .net.

A new Facebook blog post explains the company doesn't mandate one development environment internally. "Some developers use vim. Some use Emacs. And even more engineers use our internal, unified development environment called Nuclide," which originally was a set of open-source packages built on top of the Atom editor.

But in late 2018, Facebook "announced to our engineers" that the company was moving to Microsoft's Visual Studio Code, a free and open source editor released under the permissive MIT License that runs on macOS, Windows, and Linux. And the Facebook for Developers blog reports that they're now actually helping Microsoft build the IDE: While engineers at Facebook have Visual Studio Code installed locally on laptops, most development is done directly on individually-reserved development servers that live within our data centers. Being able to access code on these servers in a seamless, performant way is critical for productivity.

As Microsoft's Visual Studio Code team stated when they first released the remote extensions, remote development is an emerging trend... [W]e at Facebook believe that we can apply our unique expertise in this problem space to help. That's why today we are excited to share not just our usage of their remote development extensions, but our involvement in helping Microsoft further improve remote development extensions, with a lens on enabling engineers to do remote development at scale with Visual Studio Code...

Microsoft has now created such a robust remoting experience, it has allowed us to move off our own custom solution... Visual Studio Code is now an established part of Facebook's development future. In teaming with Microsoft, we're looking forward to being part of the community that helps Visual Studio Code continue to be a world class development tool.

theodp writes: This week, Apple unveiled its Hour of Code and Computer Science Education Week plans which, predictably, call for the nation's kids to learn coding the Apple way (vs. the Google, Microsoft or Amazon way!). "The new [Swift-focused] Everyone Can Code curriculum," explains the Apple Newsroom, "integrates Apple's Everyone Can Create project guides to help students express what they learn through drawing, music, video and photos." And it appears that Tim Cook may no longer be content with waiting until kids are in 4th grade before requiring them to start coding. From the press release: "Preschool-age kids can try creative pre-coding activities in the new Coding Lab with the Helpsters, a team of vibrant monsters who love to solve problems and are featured in the new live-action preschool series, available now on Apple TV+, from the makers of Sesame Street." Today at Apple adds: "Kids aged 3 to 5 will get hands-on with iPad and Apple Pencil to learn fun precoding activities that teach them how to solve everyday problems like finding a shoe or helping their parents."

Apple is overhauling how it tests software after a swarm of bugs marred the latest iPhone and iPad operating systems, Bloomberg reported Thursday. From the report: Software chief Craig Federighi and lieutenants including Stacey Lysik announced the changes at a recent internal "kickoff" meeting with the company's software developers. The new approach calls for Apple's development teams to ensure that test versions, known as "daily builds," of future software updates disable unfinished or buggy features by default. Testers will then have the option to selectively enable those features, via a new internal process and settings menu dubbed Flags, allowing them to isolate the impact of each individual addition on the system. When the company's iOS 13 was released alongside the iPhone 11 in September, iPhone owners and app developers were confronted with a litany of software glitches.

Apps crashed or launched slowly. Cellular signal was inconsistent. There were user interface errors in apps like Messages, system-wide search issues and problems loading emails. Some new features, such as sharing file folders over iCloud and streaming music to multiple sets of AirPods, were either delayed or are still missing. This amounted to one of the most troubled and unpolished operating system updates in Apple's history. The new development process will help early internal iOS versions to be more usable, or "livable," in Apple parlance. Prior to iOS 14's development, some teams would add features every day that weren't fully tested, while other teams would contribute changes weekly. "Daily builds were like a recipe with lots of cooks adding ingredients," a person with knowledge of the process said.

theodp writes: To help Prince Charles quickly learn the Welsh Language, viewers of The Crown learned this week, Labour prime minster Harold Wilson engaged Welsh nationalist Dr. Edward "Tedi" Millward as his reluctant tutor. To help U.S. children quickly learn to code, readers of Medium learned this week, Code.org and Amazon have engaged Lil Nas X and Katy Perry to be their Hour of Code tutors this December (guess the pair aced their interview with Jeff Bezos!). Last year's signature Hour of Code tutorial Dance Party , Code.org explains, has been given a facelift -- "New backgrounds and foregrounds!" "New songs!" "A brand new character!" -- to yield this year's signature Hour of Code tutorial, Dance Party (2019 Remix) . Separately, the AWS Public Sector Blog Team just announced it's teamed up with the MIT Media Lab on a Scratch-based Hour of Code activity to introduce AWS cloud computing technologies to kids 7 and up. AWS Educate also recently announced it's out to connect the K12 crowd to AWS cloud services, offering free capped AWS Educate Starter Accounts as well as look-Ma-no-limit credit-card backed regular AWS accounts to the 570,000+ students and 300,000+ volunteers participating in the FIRST Robotics Competition and FIRST Tech Challenge.

Brad McQuaid, best known as a formative hand in the creation of EverQuest, has passed away at the age of 51. From a report: McQuaid's death was reported by the official Pantheon: Rise of the Fallen Twitter account, which is the MMO he was working on until his death. A message was also left on the Pantheon MMO forums by user BenD -- Visionary Realms' director of comms Benjamin Dean -- who writes that McQuaid passed away in his home. "Brad was a visionary, a mentor, an artist, a trailblazer, a friend, a husband, a father," the message reads. "He touched thousands of lives with his dreams and concepts. He changed the landscape of video games forever. He will be deeply missed and forever remembered in life and in Pantheon. Thank you, Brad, for bringing us together through your worlds. Rest in peace, Aradune. All of us at Visionary Realms offer our deepest condolences to Brad's family and during this most difficult time, we kindly ask that you respect the privacy of Brad's family."

Known as Aradune in the MMO community, McQuaid joined Sony Online Entertainment in 1996 as a lead programmer and later producer on EverQuest, before later becoming chief creative officer. In 2002 he left SOE and founded Sigil Games, which shipped the MMO Vanguard: Saga of Heroes. Sigil Games was eventually purchased by SOE. He briefly rejoined SOE in 2012-2013 before going independent. Pantheon: Rise of the Fallen was successfully Kickstarter funded in 2014.

Apple is holding a special event on December 2nd to highlight its favorite apps and games of 2019. The live event will take place in New York City. 9to5Mac reports: Invites went out this afternoon for the surprise event that will be held in just two weeks. Curiously, it appears the event will just be to highlight Apple's top app and game picks from 2019. In the event invitation, Apple leads with the tagline "Loved by millions. Created by the best." While Apple normally livestreams its events it's also not known whether this will app event will be broadcast live. Apple's Special Events landing page doesn't include any information on the December event.

An anonymous reader quotes a report from CNBC: The Supreme Court said on Friday that it will hear a dispute between tech giants Oracle and Google in a blockbuster case that could lead to billions of dollars in fines and shape copyright law in the internet era. The case concerns 11,500 lines of code that Google was accused of copying from Oracle's Java programming language. Google deployed the code in Android, now the most popular mobile operating system in the world. Oracle sued Google in 2010 alleging that the use of its code in Android violated copyright law.

Google won two victories in the lower courts but ultimately lost on appeal before the U.S. Court of Appeals for the Federal Circuit, which ruled last year for Oracle. Oracle has previously said it is entitled to $9 billion in damages, though no official penalty has been set. Java was developed by Sun Microsystems, which Oracle purchased in a deal valued at $7.4 billion that was completed in 2010. Underlying the legal issues in the case is a technical dispute over the nature of the code that Google used. Google has said that the code was essentially functional -- akin to copying the placement of keys on a QWERTY keyboard. Oracle maintains that the code, part of Java's application programming interface, or API, is a creative product, "like the chapter headings and topic sentences of an elaborate literary work." A number of high-profile tech firms urged the top court to take the case in order to side with Google.

TechCrunch reports that another employee, engineer Alice Goldfuss, has resigned from GitHub over the company's $200,000 contract with Immigration and Customs Enforcement (ICE). From the report: In a tweet, Goldfuss said GitHub has a number of problems to address and that "ICE is only the latest." Meanwhile, Vice reports at least five staffers quit today. These resignations come the same day as GitHub Universe, the company's big product conference. Ahead of the conference, Tech Workers Coalition protested the event, setting up a cage to represent where ICE detains children.

Last month, GitHub staff engineer Sophie Haskins resigned, stating she was leaving because the company did not cancel its contract with ICE, The Los Angeles Times reported. Last month, GitHub employees penned an open letter urging the company to stop working with ICE. That came following GitHub's announcement of a $500,000 donation to nonprofit organizations in support of "immigrant communities targeted by the current administration." In that announcement, GitHub CEO Nat Friedman said ICE's purchase was made through one of GitHub's reseller partners and said the deal is not "financially material" for the company. Friedman also pointed out that ICE is responsible for more than immigration and detention facilities.

An anonymous reader quotes a report from The Intercept: For years, the New York Police Department illegally maintained a database containing the fingerprints of thousands of children charged as juvenile delinquents -- in direct violation of state law mandating that police destroy these records after turning them over to the state's Division of Criminal Justice Services. When lawyers representing some of those youths discovered the violation, the police department dragged its feet, at first denying but eventually admitting that it was retaining prints it was supposed to have destroyed. Since 2015, attorneys with the Legal Aid Society, which represents the majority of youths charged in New York City family courts, had been locked in a battle with the police department over retention of the fingerprint records of children under the age of 16. The NYPD did not answer questions from The Intercept about its handling of the records, but according to Legal Aid, the police department confirmed to the organization last week that the database had been destroyed. To date, the department has made no public admission of wrongdoing, nor has it notified the thousands of people it impacted, although it has changed its fingerprint retention practices following Legal Aid's probing. "The NYPD can confirm that the department destroys juvenile delinquent fingerprints after the prints have been transmitted to DCJS," a police spokesperson wrote in a statement to The Intercept.

Still, the way the department handled the process -- resisting transparency and stalling even after being threatened with legal action -- raises concerns about how police handle a growing number of databases of personal information, including DNA and data obtained through facial recognition technology. As The Intercept has reported extensively, the NYPD also maintains a secretive and controversial "gang database," which labels thousands of unsuspecting New Yorkers -- almost all black or Latino youth -- as "gang members" based on a set of broad and arbitrary criteria. The fact that police were able to violate the law around juvenile fingerprints for years without consequence underscores the need for greater transparency and accountability, which critics say can only come from independent oversight of the department. It's unclear how long the NYPD was illegally retaining these fingerprints, but the report says the state has been using the Automated Fingerprint Identification System since 1989, "and laws protecting juvenile delinquent records have been in place since at least 1977." Legal Aid lawyers estimate that tens of thousands of juveniles could have had their fingerprints illegally retained by police.

pacopico writes: GitHub's CEO Nat Friedman traveled to Svalbard in October to stash Linux, Android, and 6,000 other open-source projects in a permafrost-filled, abandoned coal mine. It's part of a project to safeguard the world's software from existential threats and also just to archive the code for posterity. As Friedman says, "If you told someone 20 years ago that in 2020, all of human civilization will depend on and run on open-source code written for free by volunteers in countries all around the world who don't know each other, and it'll just be downloaded and put into almost every product, I think people would say, 'That's crazy, that's never going to happen. Software is written by big, professional companies.' It's sort of a magical moment. Having a historical record of this will, I think, be valuable to future generations." GitHub plans to open several more vaults in other places around the world and to store any code that people want included.

Researchers at Intezer and IBM X-Force have detected an unconventional form of ransomware that's being deployed in targeted attacks against enterprise servers. They're calling it PureLocker because it's written in the PureBasic programming language. ZDNet reports: It's unusual for ransomware to be written in PureBasic, but it provides benefits to attackers because sometimes security vendors struggle to generate reliable detection signatures for malicious software written in this language. PureBasic is also transferable between Windows, Linux, and OS-X, meaning attackers can more easily target different platforms. "Targeting servers means the attackers are trying to hit their victims where it really hurts, especially databases which store the most critical information of the organization," Michael Kajiloti, security researcher at Intezer told ZDNet.

There's currently no figures on the number PureLocker victims, but Intezer and IBM X-Force have confirmed the ransomware campaign is active with the ransomware being offered to attackers 'as-a-service.' However, it's also believed than rather than being offered to anyone who wants it, the service is offered as a bespoke tool, only available to cyber criminal operations which can afford to pay a significant sum in the first place. The source code of PureLocker ransomware offers clues to its exclusive nature, as it contains strings from the 'more_eggs' backdoor malware. This malware is sold on the dark web by what researchers describe as a 'veteran' provider of malicious services. These tools have been used by some of the most prolific cyber criminal groups operating today, including Cobalt Gang and FIN6 -- and the ransomware shares code with previous campaigns by these hacking gangs. It indicates the PureLocker is designed for criminals who know what they're doing and know how to hit a large organization where it hurts.

"The hit programming language Python has climbed over once-dominant Java to become the second most popular language on Microsoft-owned open-source code-sharing site GitHub," reports ZDNet: Python now outranks Java based on the number of repository contributors, and by that metric Python is now second only to JavaScript, which has been in top spot since 2014, according to GitHub's 'State of the Octoverse' report for 2019...

Another interesting aspect of GitHub's report is its ranking of fastest-growing languages. Google's Dart programming language and Flutter, for building UIs for iOS and Android apps, are getting major traction with developers on GitHub. Dart was the fastest-growing language between 2018 and 2019, with usage up a massive 532%. It was followed by the Mozilla-developed Rust, which grew a respectable 235%. Microsoft is experimenting with Rust in its Windows code base because it was designed to address memory-related security bugs -- the dominant flaw-type in Microsoft software over the past decade.

Last year Kotlin, the Google-endorsed programming language for Android app development, was the fastest-growing language on GitHub. It's not a top-10 language yet, but it still grew 182% over the year. Microsoft-backed TypeScript, its superset of JavaScript, is also growing fast, up 161% over the past year as more developers use it to grapple with large-scale JavaScript apps.

Other languages making up the top 10 fastest-growing category are HCL, PowerShell, Apex, Python, Assembly, and Go.

Candice Ciresi, GitLab's director of risk and global compliance, has resigned after less than six months on the job, apparently saying that the $2.75 billion startup is "engaging in discriminatory and retaliatory behavior." Business Insider reports: Notably, Ciresi resigned in public: GitLab espouses a culture of transparency, whereby all major product and corporate policy decisions are announced and discussed where anybody can see. She posted her resignation in response to one such discussion -- an active debate over a proposed GitLab policy, in which it would ban the hiring of people who live in China or Russia for any role that would require access to customer data. At the time of writing, Ciresi's post announcing her resignation had been reviewed and then "redacted" by GitLab, citing concerns that it would "further inflame this situation." However, Ciresi's comment went out via email to GitLab users who had subscribed to this particular discussion.

Per a screenshot posted to Reddit, Ciresi wrote: "As I believe GitLab is engaging in discriminatory and retaliatory behavior, I have tendered my resignation." "We did decide to moderate this post for review, as there have already been credible personal and physical threats against GitLab employees in this issue thread," GitLab says, in part, in place of Ciresi's comment. "While this particular post did not contain a personal threat to anyone, we were concerned it would further inflame this situation." GitLab confirmed Ciresi's departure but didn't comment any further.