Let's blame the dev who pressed "Deploy"

Brkdncr@lemmy.world to Technology@lemmy.world – 266 points –
Let's blame the dev who pressed "Deploy" - Dmitry Kudryavtsev
yieldcode.blog
66

You are viewing a single comment

I do wonder how frequent it is that an individual developer will raise an important issue and be told by management it's not an issue.

I know of at least one time when that's happened to me. And other times where it's just common knowledge that the central bureaucracy is so viscous that there's no chance of getting such-and-such important thing addressed within the next 15 years is unlikely. And so no one even bothers to raise the issue.

Reminds me of Microsoft's response when one of their employees kept trying to get them to fix the vulnerability that ultimately led to the Solar Winds hack.

https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers

And the guy now works for CrowdStrike. That's ironic.

I’m imagining him going on to do the same thing there and just going “why am I the John McClain of cybersecurity? How can this happen AGAIN???”

His next job might look at his job history and suddenly decide that the position is no longer available.

Hey man, look, our scrums are supposed to be confidential. Why are you putting me on blast here in public like this?

1 more...