@kostchei @SwiftOnSecurity Preach it.

I once proposed a training course about how to secure SQL Server to the point stoneage mindset auditors couldn't find a fault.

Better part of a week required if we made them do labs properly.

Nope, was made to cut it down to half-day of training, and two half-day of labs (second one optional for juniors)

@venzann @kostchei @SwiftOnSecurity It's almost as if the problem was...

capitalism 🤔

Until corporations are held accountable with severe economic penalties for not doing their homework, we'll keep finding this over and over because instead of investing in security ("it's cheaper to pay the fines"), top execs prefer to maximize their profits.

@ajmurmann

wow, such optimism

@venzann @kostchei @SwiftOnSecurity @yuki2501

@ajmurmann
your fear of a post-capitalist, class-less society that is not built on capital accumulation is funny and also quite disturbing

the "baby" is right now causing incomprehensible suffering to a degree and on a scale that makes the disasters of the hebrew bible look like jokes, and most of the people alive are participating knowingly in this

@yuki2501 @venzann @SwiftOnSecurity @kostchei

@ajmurmann
and no, your religious hope that somehow capitalism will overcome itself spontaneously and suddenly stop eradicating our habitat isn't pessimism, it's optimism fueled by a fanatic, religious fervour

please join us apostates

@yuki2501 @venzann @SwiftOnSecurity @kostchei

@ajmurmann
if by communism you mean the attempts at replacing the dictatorship of the market with dictatorships of the proletariat in soviet and china and you also seriously think we aren't way, way worse today than they were, that's also a religious opinion

@yuki2501 @venzann @SwiftOnSecurity @kostchei

@venzann @troglodyt @yuki2501 @SwiftOnSecurity @kostchei life today by almost any metric you can think of is better than it was twenty years ago.

I'm fairly convinced that as long as there is scarcity we are gonna either have economic or social pressure. I do hope that once we reach post-scarcity we can alleviate those. But that's far out.

@troglodyt @kostchei Do you have any pointers to write-up as on how to do away with those pressures while being highly resource constraint?

On the original point here about software projects cutting corners, I think it's always gonna happen. Even if it's just excited folks waiting for your software. Time is limited and some stuff needs to get pushed off and abstract-seeming risks are gonna need the most likely to get pushed off.