• Treczoks@lemmy.world
    link
    fedilink
    English
    arrow-up
    93
    arrow-down
    5
    ·
    2 days ago

    Oh wonderful. Replacing all IT because they were hacked? Let me guess, they will use Windows, Exchange, and MS Office again on the new system. The software triumvirate screaming “please hack me”.

      • sp3ctr4l@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        1
        ·
        1 day ago

        Entirely seriously, yes.

        Most project managers I’ve ever met or known or worked with are basically incompetent technically, and very insecure / in denial about that, and thus vastly prefer the ‘safe’ option of someone else being responsible over the ‘risk’ of… hiring actual quality people that can make/support their own quality product.

        • Saleh@feddit.org
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 day ago

          Did you consider that project managers often have to follow all sorts of company standards, have to figure out a way to get a dozen departments with conflicting standards together, on top of that have to catch the stupid ideas from the upper-management and marketing without telling the upper-management that they have no idea what they are talking about, on top of getting something actually done in the project?

          Because often the level of tech competency has very little to do with the decision corridor that the project manager has, given everything else.

          • sp3ctr4l@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            8
            arrow-down
            1
            ·
            1 day ago

            Yep.

            I’ve been one.

            Thats how I know what I am saying.

            Like you’re not even challenging what I’m saying really, you admit that most PMs are technically incompetent, because their job is mainly playing office politics.

            It didn’t used to be this way.

            And it still doesn’t have to be.

            A good PM is someone who actually knows their relevant field, and can also do some office politics, but much more importantly, is a responsible and helpful team leader.

            A person with only an MBA just has a degree in how to play office politics and gaslight people.

            • SheeEttin@lemmy.zip
              link
              fedilink
              English
              arrow-up
              1
              ·
              24 hours ago

              It’s always been that way, and always will be. Most people are mediocre at most things.

    • CallMeAnAI@lemmy.world
      link
      fedilink
      English
      arrow-up
      14
      arrow-down
      52
      ·
      edit-2
      2 days ago

      🤣 should we get a list of foss projects that have had security issues? Or how about how someone slips some shit in upstream every few weeks it seems?

      Stop this nonsense. You can hate Microsoft for legitimate reasons.

      • toothpaste_ostrich@feddit.nl
        link
        fedilink
        English
        arrow-up
        23
        arrow-down
        2
        ·
        1 day ago

        I mean… For real, I’ve never heard of Linux systems being hacked this way. I’m sure it’s possible, but it certainly seems rarer.

        Slipping shit in upstream also certainly doesn’t happen "that* often. It takes effort to become recognised enough as a developer to be allowed access to the upstream code, meaning you can’t automate those kinds of attacks. (I imagine. Correct me if I’m wrong.)

        • sp3ctr4l@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          6
          ·
          edit-2
          1 day ago

          It does happen occasionally, from time to time, but, because everything is gasp open source, it tends to get caught, identified, blocked/quarantined and then fixed considerably more rapidly, with decent fallback instructions/procedures in that interim period.

          Like apparently it actually just recently happened with some asshole uploading bs malware libs/sources to the AUR… even still, got caught pretty quickly.

          Also, you can basically describe the entire CrowdStrike fiasco as exactly this kind of upstream oopsie doopsie.

          Doesn’t really matter in the big picture if it was intentionally malicious or not, when you Y2K 1/4 of the world’s computer systems.

        • CallMeAnAI@lemmy.world
          link
          fedilink
          English
          arrow-up
          11
          arrow-down
          8
          ·
          1 day ago

          Absolute opposite. The majority of successful attacks you see today are identity management and supply chain attacks. If you walk into any OCIO office supply chain will be a top 3 concern.

      • trolololol@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        23 hours ago

        Mate have a look at the SharePoint vulnerability. It’s embarrassingly bad. Like really really bad, and btw so bad that it’s very easy to understand and exploit. And prevent too, if a jr in my team did this I’d get them in trouble.

        • sp3ctr4l@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          6 hours ago

          No no, you don’t get it.

          Random Windows ‘Powerusers’ obviously know more about programming and cybersecurity than people who actually do that for a living, as a professional line of work, duh!

          See, I wrote a bash file once, so I basically know everything about software dev, especially on linux as well, which is basically just the whole OS is powershell, right?

          /s/s/s