Microsoft announces Python formulas in Excel... which have to get sent to the cloud
Microsoft announces Python formulas in Excel... which have to get sent to the cloud
Since its inception, Microsoft Excel has changed how people organize, analyze, and visualize their data, providing a basis for decision-making for the..
Since its inception, Microsoft Excel has changed how people organize, analyze, and visualize their data, providing a basis for decision-making for the flying billionaires heads up in the clouds who don't give a fuck for life offtheline
Firstly, there's no technological reason for this. It's all rent-seeking bullshit. But the thing is, there's no version of Office that this point that works without a subscription, which also assumes you're probably always online, so it's honestly moot anyway.
It's so tiresome. Big tech really doesn't want people to run, own, or operate their own systems independently.
68Full disclosure, I work for MSFT, but I do not speak for them. I fucking hate python and am forced to write it a lot while working here, but I want to suggest there's a complementary technological reason for wanting to run it in the cloud. This isn't to say that MSFT will stand to make more money if you are using their cloud services, and I don't have any insight at all into the "gib us money plz" side of this business.
The reason: One of the biggest headaches for IT depts has been attack vectors through office productivity suites. Download a sketchy excel spreadsheet from someone, and suddenly custom macros are purposefully creating avenues for attack, or are attacks themselves. Ken and Debra in accounting aren't security people. They got a spreadsheet from an email that seems superficially plausible, so they pop it open. Suddenly, your entire org is ransomwared just because two people who are just doing their normal duties get tricked.
That's why the ol' VBA shit and all those fancy macro systems from the past got neutered. Sandboxed and isolated, removed entirely, whatever. But a good feature gets lost.
Enter The Cloud, or in other terms, "Someone Else's Computer". As in, someone else's computer out there, far from your corporate network, that has no ability to reach back through your security perimeter and have a rummage around your business guts. The worst thing that will happen is the attack-vector-spreadsheet, itself, might be compromised. Or Microsoft's cloud computers, which are, again, not your computers.
Anyway, that's honestly a great reason for it. And there's also the business cat reasons, which I don't like in principle; I always begrudge businesses their attempts at squeezing us for more and more every single fucking day. So anyway, it probably isn't worth it to the average home user, but IT departments are going to be thrilled, even if the tech budget is going to get even fatter paying for all these users using someone else's computer.
I have strong opinions about home users who can write Python already but choose to use excel, but I'll keep them to myself. They're elitist and basically just me being a little shit, so... you do you, boo.
32Actually, I believe you just need to root out the networking and disk access then 90% of the attack surface vanished. At least it will not be persistant.
7I can see the case of just not wanting to build or bundle a python interpreter into Excel (since they're not going make having python installed on a local machine a dependency). But the security issue can make sense I suppose from a certain point of view. Don't agree with it, but I can understand it.
Also as a python dev, I fucking love python 😂
7Works for Microsoft and hates Python. Checks out at least.
IMHO opinions (read: “hard takes”) on popular and useful programming languages doesn’t have to be part of any disclosure, it just creates unnecessary drama.
At the end of the day programming languages are tools, and Python is a good tool. Part hammer, part Swiss Army knife.
Sure, you can grab your compressor, a hose and a nail gun, but the fact is that with Python I can process CSV documents that excel struggle to open in less time than it will take most people to setup a new project in Visual Studio.
I fully agree that running stuff in the cloud may be good for security, but it will probably also open the door for a number of security holes that may or may not be exploited before being patched.
Giving full access to random scripts on random people’s computers is begging for problems.
Sandboxing only works until there’s an escape. But IMO that should have been the target. Proper ground up sandboxing.
On the other hand - how on earth do you make sure that it’s escape proof? I certainly wouldn’t carry that responsibility.
If it’s Python or something else doesn’t matter, but Python certainly carries a lot of the “accessibility” that VB did way back when they made VBA.
Will be interesting to see what people make of it. And if they’ve managed to make the programming interfaces better than during the VBA era.
5The worst thing that will happen is the attack-vector-spreadsheet, itself, might be compromised. Or Microsoft’s cloud computers, which are, again, not your computers.
But they house my information, and goodness knows Microsoft will not compensate me when my information gets leaked through no fault of mine.
No cloud, no how. Keep it local.
5See, I kind of see all this, but they control the OS, all the enterprise policy tools, and the software. They could very easily facilitate IT locking execution to the cloud (or custom environments) for their domains without ridiculously limiting people who know what they're doing and want tools that aren't dogshit.
1
Why would they want that? They want to maximize profits for the software they make. That's almost all tech companies today.
4There isn't money in it. Either you have to maintain it forever or you get yelled at for cutting off support by people who haven't paid you in years.
2
And just wait till some random accountant with basic knowledge of python builds out the next "great" critical system that uses this as its underlying technology. IT departments everywhere rejoice!
38At this point microsoft is actively hurting technological progress all around the world by doing stupid shit like this. I don't see how anyone could actually support stuff like this.
15If it fails, they can just say "nObOdY wAnTs tHiS oPeN sOuRcE sTuFf AnYwAy". It is also way more limited than VBA (at least it cannot change your boot sector) as it seems to be confined to spreadsheet cells. A full console with the ability to load
.pyfiles would probably be friendlier to power users. Excel formulas get convoluted in that tiny space they show up in, and Python code will need its own separate window for a usable editor.2
Why send it to the cloud when Excel is running on a perfectly capable hunk of silicon? That's doesn't make a lick of sense to me
38To charge a subscription. I massively use Microsoft 365 for work, and they are really good at making sure they get a cut for everything you do. They also want to make sure every new Office feature is supported by their web version of office. I imagine they could run the python in a web browser, but it is easier to make it a cloud service you have to pay a subscription to. Did I say easier, I meant more profitable.
39Collection of corporate secrets?
23Because python wasn't slow enough already.
7I’m guessing it’s to train AI models for Microsoft 365 Copilot.
3
So Python, Excel, Cloud, Decision-Making... Who has bingo?
14On lemmy.world somebody pointed out that xlwings, a FOSS python-in-excel thingamajig, already exists
13Siiiiiiiiiiiiiiiiiiiiiiiiiiiiiiigh
* Reads headline again
Siiiiiiiiiiiiiiiiiiiiiiiiiiiiiiigh
11I love how "PY" appears as "Ad" when put upside down on the right part of the image. Probably unintentional but it makes it look like a subliminal message
4I would use embedded Lua. Cloud python sounds like a headache and won't pass an internal security review.
3