Oh I do let him wait a while. Partially because I’m really not short on things to do. Partially because he’s happy enough when I get his request done in two days and I really don’t want to start setting higher expectations.
Unless everything is on fire and he’s about to present his shit to the division head and only now realised he missed something, which might reflect poorly on my tool and is critical enough to prompt immediate action, his messages can stew a bit.
It’s an internal client, same department, so there’s no billing.
If I could, I would.
One client has a whole solution from me and occasionally keeps asking for this or that thing and I have to tell him what part of the app already does that because he can’t keep track of all the things he’s asked for already.
If I had the time, I’d use the benefit of hindsight to restructure the whole thing and hope it’d help his pea brain along, but as it is, I spent too long just adding features wherever he asked me to, without taking the time to question whether that makes sense.
None of us are paid well
Does that extend to the bosses too?
I didn’t know about the “revert single file” trick either. The rest is a handy reference too, thanks for sharing!
Does management love them too? Financially, in particular? I don’t know their hobbies, but Games Workshop don’t accept colleague approval as payment.
MBAs in action: John was the biggest expense, his professional infidelity a welcome justification and his importance just a number on a sheet.
Unfortunately for him, the fallout hit too hard and too fast, so he couldn’t leverage the cost savings brag for a better position and let some other lucky fella deal with the disaster.
If you replace the ü in “Das Wetter ist schwül” (“the weather is humid”) with a u though, you get “the weather is gay”.
And the commas between function arguments in formulas become Semicola instead
There was some Jason Statham flick, Crank, where he has to keep his heart rate up after being poisoned, so he goes on one hell of a adrenaline-junkie-spree, from picking fights over reckless driving and illegal drugs to public sex. Also, there’s some generic mafia gang triad war stuff going on, with kidnappings and all, but really, “you’re gonna die if you stop doing stupid shit” is about as dumb a premise as it gets.
But damn if it didn’t entertain me to watch.
LLMs are the embodiment of “close enough”. They’re suitable if you want something resembling a certain mode of speech, formal tone or whatever without having to write it yourself.
When using it to train other LLMs, you’re basically training them to get “close enough” to “close enough”, with each generation getting a little further from “actually good” until, at some point, it’s just not longer close enough.
Me when I get a request for PII pertaining to a suspected corruption case: Have one of our corporate lawyers give me a written and explicit statement of what data I’m supposed to send to whom or get bent. I’m not touching that with a ten foot pole and gloves unless I have a legally solid affirmation that what I’m doing won’t come back to bite me, and that our workers’ council knows about it and will back me up.
I’m reluctant to even confirm that I can get that information in the first place. I mean, I’m the one with full access to the audit tool, so I probably do, but I’d have to access that data in the first place to check. I don’t think that anyone would notice or care so long as I don’t share that information, but as you said: dangerously radioactive; don’t touch if I can help it.
Who hurt you?
They apparently lost eight years of data, 858TB, with no backups at all because it’s “too much”. That’s a disaster for sure, but I’m not so optimistic about there being a lot of recovery…
Their explanation for having no backups was that 858 TB of data was “due to its large capacity”. They stored eight years of data without backups. Even with systems where they had backups, it sounds like there’s no redundancy – nobody can work because the single building where all the servers are located is currently out of order.
Sounds like the acute symptoms of chronic penny-pinching when it comes to IT infrastructure. I hope they take some good lessons from it at least. Just a shame that it’s such a devastating way to learn.
The person in charge of allotting budget. “You want how many thousands for backup solutions? Here, take this flashdrive I picked up in the parking lot and use it for backups, that should be plenty enough. I mean, how many bytes can our data be? Two, three maybe?”
Does the database use the same authentication and permissions as the API? If the API authenticates against the DB with a technical user, it may be still be an exploitable vulnerability for people who can’t access the DB directly but can access the API. I don’t know what database it is, what other databases run on the same server and what privileges might be achievable or escalatable, but generally “there are worse weaknesses” isn’t a solid security policy.
You could give me a VPN access and I’ll take a look around :p
(Please don’t, actually – in case it needs to be said, running pentests on prod is a dangerously bad idea already even before we get to the whole “trusting a stranger on the Internet just because they sound sorta knowledgeable” issue)
I feel the morbid desire to display both of the Ubuntu-Debian bastardisations from cursed-logos next to each other, despite using neither
Pentesters: “Bet”
I’d argue you cna never fully escape the problem of enshittification, unless you produce and maintain everything you use by yourself. Given how much of what we need today requires specialist labour and how impossible it is to be a specialist in everything, chances are you’d be trading enshittification for plain shit.
But using Debian at least shuts down one source of enshittification. Just because perfection can’t ever fully be attained is no reason not to try and get as close as you can.