Mastodawn

Paul Cantrell Oct 1, 2025

Note that the post @briankrebs quotes here (which is a good post!) doesn’t just talk about layoffs creating idle hands or bad incentives for the unemployed. It also zeros in on the security impact of losing people.

Companies have ❝commoditized the defenders while adversaries are professionalizing the attackers.❞

Whole bunch of companies are about to find out that cutting costs is really, really, really costly. https://infosec.exchange/@briankrebs/115294965578833460

BrianKrebs (@[email protected])

Attached: 1 image Been thinking a lot lately about how many fresh college grads are probably going to wind up joining the cybercrime community thanks to AI's impact to entry-level jobs, particularly in IT. We've spent years telling everyone we had this huge shortage of qualified IT workers, and that those pursue a career in cyber have a promising future. Whoops. And then I was tagged in this LinkedIn post, which seems to agree. Financial Times recently had a good video story on how AI is affecting the job market https://www.youtube.com/watch?v=IeTFpsuCor8 NPR's Planet Money on which jobs are least threatened by AI https://www.wbur.org/hereandnow/2025/09/30/jobs-ai

Infosec Exchange

Paul Cantrell Oct 1, 2025

Roman Mars said something in a recent 99pi about how much he hates “efficiency” as a virtue, and I am 200% ready to join his movement.

Paul Cantrell Oct 1, 2025

It was around 18:50 here: https://99percentinvisible.org/episode/641-99pi-anniversary-special-15-for-15/

(and I’d go even wider and harder than he does!)

The 99PI Anniversary Special: 15 for 15 - 99% Invisible

This year marks the 15th anniversary of 99% Invisible! If our little design podcast were a person, it would be old enough to have a provisional driver’s license in some states or celebrate a quinceañera. Since we first launched on September 3rd, 2010, we’ve spent 15 years telling stories about design, architecture, and the choices

99% Invisible

Paul Cantrell Oct 1, 2025

Here’s the lightning sketch of Paul’s Treatise Against Efficiency that I’ve never written:

1. Efficiency is asymptotically inefficient: as costs approach zero, the cost of further reducing them approaches infinity.
2. Efficiency prioritizes the measurable over the difficult-to-measure.
3. Efficiency prioritizes what those in power see (or imagine) over on-the-ground reality.
4. Following from 2 and 3, efficiency reduces the amount and quality of information flowing into a human system.
5. Efficiency foments institutional inflexibility.
6. By removing slack, efficiency causes small failures to cascade more readily and increases the risk of catastrophic failure.
7. Following rom 4, 5, and 6, efficiency trades small costs for massive risks: from failures, from missed opportunities, and from inability to adjust.
8. Efficiency, when pushed, strangles the emergent phenomena that in the long term create all new things of value.
9. Thus, although it can be a by-product of evolution, efficiency as a goal in itself strangles evolution.
10. Efficiency as a goal strangles joy.

@inthehands efficient and effective are orthogonal, which is something else I didn’t learn until later in my career. The point about slack is well taken; elasticity is often seen as a failure to maximize use of resources, but what it *actually* is is insurance against the unexpected.

rhempel Oct 1, 2025

@darkuncle @inthehands I can only recommend Eli Goldratt's "The Goal" - not as a work of literary genius but as a parable about the mistaken goal of 100 % utilization as a poor proxy for efficiency.

Tldr; machines running at 100 % capacity are a bottleneck

My argument is then, why would you try to run people at 100% ?

W6KME Oct 1, 2025

@rhempel @darkuncle @inthehands Running a machine at 100% as part of your plan is a disaster. Every minute of downtime now affects every related part of the process, and it spreads like a virus.

Scott Francis Oct 1, 2025

@W6KME @rhempel @inthehands I mean, elasticity is the *entire reason* behind public cloud (there are others now, but that was first)

rhempel Oct 1, 2025

@W6KME @darkuncle @inthehands ... Exactly. So why are we expecting humans to run at 100% capacity?

@rhempel @darkuncle @inthehands Meanwhile, "agile" methodology has people working back to back "sprints" to hide the fact that it's actually a marathon that requires us to pace ourselves. Then they wonder why everyone is burnt out. It's a death march.

@hosford42 @darkuncle @inthehands That's just waterfall in an agile jacket :-)

I have experienced "good" agile on a 1 year project and it did not feel like a grind at all - we set a goal for each sprint and NEVER filled it up just to make it look like we were 100% loaded.

I'm giving a talk on this at the Embedded Summit in San Jose in mid October on exactly this topic :-)

@rhempel @darkuncle @inthehands I think the good version of agile is doomed because managers miss the point. It always turns into an extractive mechanism: How do we drive people to work more and harder and better and never rest? If this is the unstated goal, then it doesn't matter which tools you (mis)use towards that end. The managers are already committed to that extractive mindset, and everything gets twisted into service of that.

Tane Piper ⁂Oct 5

@rhempel @darkuncle @inthehands this! We have scripts that can detect and overused system and scale up as needed

With humans we push them to 100% then break them and replace them - that's not only unsustainable, but a sickness we've let infect corporate society

Cassandrich Oct 1, 2025

@darkuncle @inthehands This is a general problem with the ability to opt out of insurance. While for a given participant, doing so is almost surely a mistake, at a population scale, the highest winners will be a very small subset of the group who did behave recklessly.

Scott Francis Oct 2, 2025

@dalias @inthehands one of the strongest arguments for universal, single-payer coverage

Cassandrich Oct 2, 2025

@darkuncle @inthehands Yes, but I'm not even thinking just about medical care. This applies to basically everything uncontrollable you could have insurance against. Not having it is a losing move, but the winners don't have it. Because probability is confusing.

@dalias @darkuncle @inthehands People always have such a hard time with the concept of variance.