Qubit Me Once, Shame on Microsoft...

GitLab Transcend

Software Development is changing. And so is GitLab.
Stream GitLab Transcend live from London tomorrow. New research. New demos. All virtual.

Register now.

Welcome back! Just a reminder that we were once promised “flying cars,” but we got subscription fees for everything instead. (At least ByteSize is free 😎).

Holy moly! It’s June already… Well, on this day in 1993, Jurassic Park premiered in Washington, D.C., and with it, CGI officially ate animatronics' lunch. Director Steven Spielberg's decision to blend digital imagery with practical effects gave audiences photo-realistic dinosaurs that still hold up better than most AI-generated slop being sold to studios today. The film's groundbreaking visuals triggered a CGI arms race throughout the rest of the decade. Prior to Jurassic Park, the last time a movie rewired what visual effects could do was Star Wars in 1977. Life, uh, finds a way. Unlike Microsoft's quantum computing roadmap. More on that below.

Microsoft's Quantum Hype Machine Adds Another Gear

Microsoft announced it now expects to have a useful quantum computer ready by 2029, cutting four years off its previous estimate of 2033. The reason, per quantum lead Chetan Nayak: improvements to their topological qubit design, which uses a lead-based wire to keep quantum states stable for up to 20 seconds, up from 2 milliseconds in February 2025. That's a 10,000x improvement, which would be jaw-dropping if anyone in the scientific community actually believed it.

Physicist Sergey Frolov at the University of Pittsburgh, who has been a thorn in Microsoft's side on this topic for years, called the new claims "not surprising" given what he calls a "sustained pattern of unreliable claims." Physicist Henry Legg at St. Andrews is equally unimpressed, noting there's no actual evidence the device functions as a qubit, and that the switching behavior Microsoft is celebrating has a much simpler explanation: an electron hopping on and off a quantum dot.

Microsoft, to its credit, essentially admitted it spent years telling researchers to "just trust us." Nayak acknowledged the caginess. In response, the scientific community is doing what scientists do when you tell them to trust you with no data — laughing at you at conferences. (*points finger, shouts: “HA! HA! HA! HA!”*) Frolov confirmed this is literally happening. Judgment day, Microsoft says, is 2029.

Amazon’s Ring Wants You to Know Your Face Is a Data Point Now

A new lawsuit argues that Amazon's Ring should be paying people whose faces have been scanned by its Familiar Faces feature, which identifies people on camera without their knowledge or consent. Yikes!!! That list of unasked faces includes, per the Electronic Frontier Foundation, postal workers, delivery drivers, kids selling cookies, and people who simply walked by on a public sidewalk. (Brb, currently mortified knowing that I’ve picked my wedgie at least once leaving the house.)

Senator Ed Markey got Amazon to confirm the arrangement in writing: privacy protections apply to device owners only, everyone else caught on camera has no meaningful recourse. Worse, if you want your biometric data deleted, you have to individually request removal from every single Ring device owner whose camera your face happened to walk past.

Amazon ended a deal with police-connected surveillance firm Flock Safety after blowback from a Super Bowl ad. The FTC already extracted $5.8 million from the company in 2023 over privacy violations involving employees watching customer footage. Amazon has declined to comment on the new lawsuit, which tracks.

Another Security Researcher Gives Microsoft the Finger, Publicly

Google security researcher Ammar Askar disclosed a VS Code vulnerability to a GitHub contact and then published a working exploit roughly one hour later, deliberately bypassing Microsoft's Security Response Center. The bug lets attackers push malicious VS Code extensions through the Workspace Recommendations feature, steal OAuth tokens, and read or write any public or private GitHub repo the victim can access. Anyone who has used github.dev is potentially affected.

Askar's reasoning is simple: Last time he reported a VS Code bug to MSRC, they quietly fixed it, gave him zero credit, and declared it a non-security issue. He said he's done with that process. He joins a growing number of researchers who've had enough of Redmond's handling of disclosures, including the researcher known as Nightmare Eclipse, who has now dropped six zero-days with no warning. Three have already been exploited. Microsoft's response to Nightmare Eclipse's activity was to vaguely threaten legal action, then back down after the public sided with the hacker.

⚙️ TOOL TIME

Our Summer Challenge Is Back! Yes, We’re Giving Away Cool Merch.

We're running the Experts Exchange Summer 2026 Challenge, and the prize situation has leveled up from last year, because we heard you. Gone is the water bottle. That Yeti tumbler you bought yourself in a moment of self-improvement optimism is still sitting on your desk collecting keyboard dust, and we're not adding to the clutter.

This year, you get an EE Summer T-Shirt and 50,000 points. Something you can actually wear to your next on-site and silently communicate that you know things...

There are three tracks. Pick your fighter.

The base Summer Challenge is for everyone:

• Answer questions

• Ask troubleshooting and research questions

• Mark helpful comments

• Make a post

Want to go further? The Top 1% Asker Challenge:

• Ask 25 questions

• Get solutions on 25 of them

• Mark 20 comments as helpful

• Ask 5 AI Review questions

Complete it and you get the limited Asker 2026 edition shirt in white plus another 50,000 points.

Do you say “well, actually!” a lot? Then here’s the Top 1% Expert Challenge:

• Answer 50 questions

• Publish 3 articles

• Mark 20 comments as helpful

Same reward, different shirt (this time it’s emo black!), same bragging rights.

We're going to be very honest with you, the way we always are: yes, this is about engagement. We want humans talking to humans on Experts Exchange, because a forum run by actual experts who actually know things is genuinely rare in 2026, and worth keeping alive. Completing these tasks takes maybe 20 minutes of your week. The t-shirt and points are the commission.

Anyways, all three challenges run through August 31, 2026. That's 85 days to do things you should probably be doing anyway, in exchange for certified proof that you showed up this summer.

Get moving and track your progress here.

👨‍💻 JOB OPPORTUNITIES

Senior Procurement Manager - IT @ IMC Trading

You'll spend your days negotiating GPU allocations, managing OEM vendor relationships, and explaining to engineers why they can't just order 400 servers on Amazon with the company card. Eight years of procurement experience required. Chaos tolerance: mandatory.

Senior IT Specialist @ Qualtrics

First and second-line support, Mac and Windows, endpoint management, AV setup, the whole circus. Qualtrics calls this role "pivotal," which is either a compliment or a warning that you will be the only person who knows where the Wi-Fi passwords are stored.

IT Manager @ bet365

Build and lead a cross-functional IT team in Denver while coordinating with UK counterparts, which means at least one of your recurring sync calls will be at a time that makes absolutely no sense for anyone. They process 2 million bets per hour at peak. Your uptime expectations will match.

🛩 INDUSTRY MOVES

• Meta scaled back its plan to log employee keystrokes and mouse clicks after staff started a petition with 1,500+ signatures. Workers can now pause the data collection for up to 30 minutes at a time, which is long enough to take a walk but not long enough to remember you used to have privacy at work.

• A ransomware crew working under the RAlord operation accidentally attacked Eriell Group, an oilfield services company based in Uzbekistan with a Moscow office, violating the cardinal rule that CIS countries are completely off-limits. The gang formally apologized and offered to help with recovery for free. Somehow cybercrime now has better customer service than Comcast.

• Google proved its new scam call detector works by cloning a WIRED journalist's voice and making her ask for Venmo money. Their PR pitch was essentially: "See how horrifying this is? Good news, we built it."

• Cisco praised Anthropic's Claude Mythos Preview for scanning 1.8 billion lines of code in 8 weeks, a job Cisco says would have taken its human security team 8 years. How many bugs did Mythos find? The actual results remain classified somewhere between "trust us" and "source: vibes."

Hey, it's your favorite pixelated IT gremlin. I've been lurking in the EE threads again, which is basically my version of doomscrolling. Here's what people were actually asking about this week:

• Someone is trying to handle NULL values in a SQL query without the whole thing falling apart like a badly nested conditional, which, relatable.

• Another user wants to use PowerShell to track down a specific user, which is either a completely normal AD task or the setup for an IT revenge thriller. Either way, the community has the cmdlets.

That’s it for now! Logging off before someone suggests replacing the entire team with AI-generated velociraptors. See you next week :)