You must log in or register to comment.
More like:
“IT people when software people talk about their requirements”No, we won’t whitelist your entire program folder in Endpoint Protection.
I started getting messages every week from a carbon black scan blocking access to some npm’s package.json.
IT just white listed files named package.json.
Yep, unrealistic expectations.
Or “you need a 12th gen i7 to run this thing”… the thing is a glorified Avidemux.
Christ, if you could see the abysmal efficiency of business tier SQL code being churned out in the Lowest Bidder mines overseas…
Using a few terrabytes of memory and a stack of processors as high as my knee so they can recreate Excel in a badly rendered .aspx page built in 2003.
We have a table with literally three columns. One is an id, another a filename and a third a path. Guess which one was picked as the primary key?
Never seen something so stupid in 28 years of computing. Including my studies.
Well, you don’t want to waste space by adding the same file path twice
As a dev, I had to fix an O( n! ) algorithm once because the outsourced developer that wrote it had no clue about anything. This algorithm was making database queries. To an on-device database, granted, so no network requests, but jesus christ man. I questioned the sanity of the world that time, and haven’t stopped since.
Oh yeah, I love people who stick SQL lookups in a For Loop. Even better, the coder who puts conditional if (but no then/else) clauses around a dozen raw text execution commands that fire in sequence. So you’re making six distinct lookups per iteration rather than answering your question in a single query and referencing the results from memory.
Internal screaming
No, we can’t get gigabit fiber everywhere. No, I don’t care if your program needs it. Yes, the laws of physics are laws for a reason. Write more robust code.
Write more robust code.
Sure, I could read a book about best practices and Big O…but…What if we just table the idea for a few iterations of Moore’s Law instead?
and Big O
It’s asymptotic. Slower O doesn’t mean faster program.
When I say Big O, I’m talking about the slick jazzy anime about rejecting true love and living with heartbreak because we believe a lie about our own superiority. This is always true, no matter what the discussion context. If I happen to say anything remotely relevant to mathematical Big O, that is just a deeply weird coincidence.
Oh! You meant Moore’s Law is asymptotic!?
Yes! That is key to the joke I was making.
Gigabit fiber? You’re in some posh spot but needs to downgrade for some reason, right?
Ouch yeah that windows endpoint stuff is really rattling though. I get you just can’t whitelist some folder without compromising security, but when the “eNdPoInt pRoTeCtIon” just removes dlls and exes you are compiling (and makes your PC crawl) you really hate that shit.
Right click? 40 seconds plz (maybe any of the possible contextual right clicks might be on a virus so lets just check them all once again).
At home I have an old linux pc, and it blows those corpo super pcs out the window.
Rant off :-D
Ah yeah, IT people are chill, always be cool with them is also a good idea, not their fault all this crap exists.
As a software person i have to protest at being called out like this. It’s the fucking weekend man…stop picking on me for just one damn day.
Hahaha! We’ve an “architect” who insists he needs to be the owner on the gitlab. My colleague has been telling him to fuck off for the entire week. It reached the point that fool actually complained to our common boss… The guy is so used to working as a start-up and has no fucking clue about proper procedures. It’s terrifying that he could be in charge of anything, really.
In a rapidly churning startup phase, where new releases can and do come out constantly to meet production requirements, this one size fits all mentality is impractical.
If you refuse to whitelist the deployment directory, you will be taking 2am calls to whitelist the emergency releases.
No it can’t wait until Monday at 9am, no there will not be a staged roll out and multiple rounds of testing.
I am more than willing to have a chat; you, me and the CEO.
No it can’t wait until Monday at 9am, no there will not be a staged roll out and multiple rounds of testing.
I hope you’re doing internal product development. Otherwise, name and shame so I can stay the hell away from your product. This is a post-Crowdstrike world.
It IS bespoke internal development, not for deployment outside of the facility.
The computers running the software exist only to run this software and have no business talking to the internet at all.
IT is provided by an external third party vendor who operate on an inflexible “best practices dogma”.
In my experience it’s been IT people telling me you can’t use a certain tool or have more control over your computer cause of their rules.
The expression is appropriate but the meme assumes that im doubting the IT person’s expertise. I’m not, I’m just not liking the rules that get in the way of my work. Some rules do make sense though.
Edit: just wanted to point out, yes I agree, you need the rules, they are still annoying tho.
“Their rules” are basic security precautions
Their rules have stopped me from being able to do my job. Like the time the AV software quarantined executables as I was creating them so I literally could not run my code. When security enforcement prevents me from working, something needs to change.
As an IT guy, I’d love to give software devs full admin rights to their computer to troubleshoot and install anything as they see fit, it would save me a lot of time out of my day. But I can’t trust everyone in the organization not to click suspicious links or open obvious phishing emails that invite ransomware into the organization that can sink a company overnight.
Fair points but as someone who works in cybersecurity. Phishing emails can happen without admin access. I haven’t heard of any randsomware that is triggered by just clicking on a link.
I think there should be some restrictions but highly technical people should slowly be given more and more control as they gain more trust/experience.
Of course but the impact could be much worse if the victim is admin on their computer.
Exactly this. we try to prevent cyberattacks as much as we can, but at a certain point, they’re impossible to perfectly defend against without also totally locking down our users and making it impossible for them to do their jobs. so then the game becomes one of containing the amount of damage an attack can do.
Security is restriction. our job is to balance our users’ ability to perform their jobs with acceptable levels of risk.
Not a security guy but I heard there’s a whole term for it, “one-click attacks”
This is why we only hire competent engineers.
And the more corporate the organisation the more rules, at least the places I have worked trusts developers enough to give local admin, that takes the edge off many tasks.
I think you probably don’t realise you hate standards and certifications. No IT person wants yet another system generating more calls and complexity. but here is iso, or a cyber insurance policy, or NIST, or acsc asking minimums with checklists and a cyber review answering them with controls.
Crazy that there’s so little understanding about why it’s there, that you just think it’s the “IT guy” wanting those.
I thought my comment was pretty clear that some rules are justified and that the IT person can just be the bearer of bad news.
Maybe not, hopefully this comment clarifies.
So you don’t trust me, but you trust McAfee to give it full control over the system. Yet my software doesn’t work because something is blocked and nothing is showing up in the logs. But when we take off Mafee, it works. So clearly McAfee is not logging everything. And you trust Mcafee but not me? /s kinda.
No one on earth trusts McAfee, be it the abysmal man or abysmal AV suite.
If the EDR or AV software is causing issues with your code running, it’s possibly an issue with the suite, but it’s more likely an issue with your code not following common sense security requirements like code signing.
you don’t code sign during development…
It’s not common, but it should be.
Still, that was just one example. EDR reacting to your code is likely a sign of some other shortcut being taken during the development process. It might even be a reasonable one, but if so it needs to be discussed and accounted for with the IT security team.
You’re talking about during CI. Not during the actual coding process. You’re not signing code while you’re debugging.
I worked in software certification under Common Criteria, and while I do know that it creates a lot of work, there were cases where security has been improved measurably - in the hardware department, it even happened that a developer / manufacturer had a breach that affected almost the whole company really badly (design files etc stolen by a probably state sponsored attacker), but not the CC certified part because the attackers used a vector of attack that was caught there and rectified.
It seemingly was not fixed everywhere for whatever reason… but it’s not that CC certification is just some academic exercise that gives you nothing but a lot of work.
Is it the right approach for every product? Probably not because of the huge overhead power certified version. But for important pillars of a security model, it makes sense in my opinion.
Though it needs to be said that the scheme under which I certified is very thorough and strict, so YMMV.
I think the meme is more about perspectives and listening to the way someone thinks about operating IT is very different from the way someone things about architecting IT
I think it’s on a case by case basis but having help desk ppl help you out and opening powershell and noodling without any concept of problem solving made me make this face once.
It probably goes both ways, I’m a dev and I assembled computers at 12 yo so I believe I have a lot of experience and knowledge when it comes to hardware. I’ve also written code for embedded platforms.
IT people in my pov can really come across as enthusiast consumers when it comes to their hardware knowledge.
“did you guys hear Nvidia has the new [marketing term] wow!” . Have you ever thought about what [marketing term] actually does past just reading the marketing announcement?
At the same time I swear to God devs who use macs have no idea how computers work at all and I mean EXCLUDING their skill as a dev. I’ve had them screen share to see what I imagine is a baby’s first day on a computer.
To close this rant: probably goes both ways
Interesting comment on the Mac. At my workplace we can choose between Mac or Windows (no Linux option unfortunately, my personal computer runs Debian). Pretty much all the principle and senior devs go for Mac, install vim, and live in the command line, and I do the same. All the windows people seem over reliant on VSCode, AI apps, and a bunch of other apps Unix people just have cli aliases for and vim shortcuts. I had to get a loaner laptop from work for a week and it was windows. Tried using powershell and installing some other CLI tools and after the first day just shut the laptop and didn’t work until I got back from travel and started using my Mac again.
If you don’t have access to Linux, MacOS is the closest commercially available option so it makes sense.
Also please take what I said lightly, I by no means want to bash Mac users and generalize them. It just has been my experience. I’m sure there are thousands of highly competent technical users who prefer Mac.
Why wasn’t wsl an option?
WSL is interesting because it manages to simultaneously offer everything a Linux user would want while also actually capable of none of what a Linux user would need it to do. Weird compatibility issues, annoying filesystem mappings that make file manipulation a pain, etc
In a Windows environment I’ve found it honestly works better to either ssh into a Linux machine or learn the PowerShell way of doing it than to work through WSL’s quirks
Windows is an option
Agreed. I have colleagues that I write scripts for (I don’t do that any more, I stopped and shit stopped working, so they solve things manually now), they don’t know shit about scripting… and still don’t.
On the other hand, I’ve had the pleasure of working with a dev that was just this very positive, very friendly person and was also very knowledgeable when it came to hardware, so we were on the same page most of the time. He also accepted most of my code changes and the ones that he didn’t, gave him an idea of how to solve it more efficiently. We were a great team to be honest. We’re still friends. Don’t see him as frequently, but we keep in touch.
devs who use macs
Do they exist? Are you sure they are devs?
I’m writing python in PyCharm on my M2 right now.
MacOS is literally certified UNIX though.
I’m not a Mac user at all, and I’m lucky enough to be able to run Linux full time at work, but it seems like macs should be alright in many cases.
They do exist and some of them swear Mac has better workflows (than windows because most of the time your options are Windows or Mac). I would call them loonies but I’ve seen some smart people use Macs.
That’s the face I’ve made just yesterday when my friend told me she’s now eligible for a subsidized IT mortgage. That thing was one of Russia’s last ditch attempts at stopping skilled workers from fucking off to different countries. The problem is, she’s a web designer. I guess that counts as IT nowadays, so good for her. But it’s bitter to hear as sr. backend tech who never hit the criteria…
That’s pretty much how the Russian economy works right now, in a nut shell. To stop emigration caused by the expensive war, they’re giving away a ton of expensive handouts.
The interest rate is at 19% and counting. Very cool, very sustainable. I have a feeling “the last laugh” will be yours, OP, even if they win in Ukraine.
Yep, I know the face… made it a few times with colleagues that don’t know basic Windows scripting, but somehow got bonuses… but I don’t kiss upper management ass, so I never do. That’s life I guess…
Containerise everything!
Exactly what a dev would say… you guys don’t have to deal with that 3rd gen i3 Jenny from accounting is running.
Ticket opened I need soda intalled high importance!!! get up there companies paying for Adobe suite it’s there on the desktop…
How is software not a subset of IT?
IT is an administrative function and is really part of operations.
Software development is generally a creative position and is a profit center. If you work somewhere where you develop internal apps, you may have a different perspective.
My current workplace organizes both development and infrastructure within IT which itself is a sub department of finance. I’m not saying this is the best approach because honestly it only took 1.5 layers of apathetic management to make long term planning a nonstarter
I’m both, and while I do hate myself, I don’t think it’s related, so I’m not sure I get it.
(I hate computers more, though, except when they’re turned off — no bugs when they’re off —, but they’re the only thing I’m good enough at to make a living off of.)
Hating computers is normal for people who love computers
This is so true… it’s so frustrating sometimes…
This entire thread is giving me impostor syndrome
Bruh I’m a software architect but I don’t know how to code competently in any language.
I don’t get it. And I’ve been both.
Is it about how some software shouldn’t need the resources that they demand for?
I’d say… elitism
Meh it’s usually for shitty companies that expect their devs to write real software, ssh into things, access databases, but put the same hurdles in front of them as joeblow from sales who can’t use an ipad to buy a sandwich without clicking a phishing link. So every new project is slowed down cause it takes weeks of emails and teams conversations to get a damn db sandbox and it’s annoying.
On the other hand IT doesn’t know you and has millions of issues to attend to
IT guy here. If we give one user special rights, that login will get passed around like a blunt at a festival to “save time”.
Users are dumb and lazy, and that includes devs.It’s not special rights, it’s project materials approved by leadership, and noted on a published and approved feature roadmap
Edit assuming requisitioning a scaled db replica is “special” is kinda aligned with the meme lol
Users are dumb and lazy
Funny, that has actually been my entire experience with corporate IT. This field attracts the type of firemen that won’t climb down the pole because it’s a safety hazard. Y’all are… something special.
I took it as software engineers tend to build for scalability. And yep, IT often isn’t prepared for that or sees it as wasted resources.
Which isn’t a bad thing. IT isnt seeing the demands the manager/customer wants.
I’m glad you’ve done both because yeah, it’s a seesaw.
If IT provisions just enough hardware, we’ll hit bottlenecks and crashes when there’s a surprise influx of customers. If software teams don’t build for scale, same scenario, but worse.
From the engineer perspective, it’s always better to scale with physical hardware. Where IT is screaming, “We dont have the funds!”
This is exactly my face when IT is telling me the rules for my passwords.
Sorry, those rules come from our cybersecurity insurance, or some compliance rules.
We hate them as much as you do.Then why are they different between systems? Do you have different insurers per application?
Those other applications come from an external vendor, we only provide the VM to run them.
We hate those even more than you do.You can’t
Every single issue that occurs with those applications gets thrown in our laps to fix.
This includes all of yours as well as all your colleagues.
See I think this is where in general people in it misunderstand the impact.
Like, if it’s -40 and your furnace breaks, who is having the worse day, you or the furnace repair man?
The repair man might be grumbling because they have to do their job, but you’re grumbling because you’re freezing. You both might be grumbling, but by way of impact there is a massive asymmetry in impact.
I love unix shops.
🫶
That’s how I look at 90% of the shit “systems” I’m forced to interact with (xiaomi’s MIUI, banking apps, govt apps, apps that should’ve been fucking websites, websites that “gently nudge” you to use the app, electron apps that are windows only)
MiUI is not that bad IMO. The ad services and the integrated apps are horrible (even without the ads), but apart from that, the UI is fairly usable. They really haven’t changed that much from what Android comes with by default.
I try to be understanding with my software brethren. We’re different sides to the whole. Ying and yang, so to speak.
That said, I’ve gotten some brain-dead requests from you developer types.
I’m not saying all of you are the problem, but there’s definitely some of you that need to learn how things work.
It goes both ways. At my old job, they took away local admin. But for some reason they configured visual studio to run as admin. So, I just wrote a little program that opens the shell. Whenever I needed admin, I just ran that program from Visual Studio.
Fair enough. Local admin is generally not something that I would want to restrict from people, especially those that are, or at least, should be, more knowledge than most.
I’ll fight for that right for people most of the time.
Some users I would say should not have it, but generally developers are not those people. You know the ones.
deleted by creator
