Currently I’m acting as a PI in a research institute. I’m still baffled by the amount of people we hire that have a postdoc in advanced computational topics and still struggle to do the most basic things such as sshing into a computational cluster to run their calculations.
I hired you because you’re more expert than me on the topic, and I always end up studying what you’re supposedly expert about so that I can explain you what to do…
From my experience, a password is a tool used to secure my workday from a bad guy called “productivity”.
Because why use an SSH key when I can enter the same username and password I used to log into the workstation every time I need to do something through the VPN? (It keeps logging off every time the connection breaks.)
What if hacker steals the SSH key?
Then they might as well steal the password from my clipboard.
government job: it haven’t set your laptop up yet, but you should have it by the end of the week.
Startups are notoriously bad at knowing what needs to be done and will just shoot in any direction to look busy.
Guess how we call this, but scaled up.
One time at a startup I had a bunch of mandatory document training that started day 1 and didn’t have a concrete timeline. I finished in the four hours I had on the first day, but pretended to still be reading them for the full second day as well. Go to my boss day 3 and tell him I’m done, and he said “Already?!” with narrowed eyes.
It was so weird, how long did he expect it to take? I later realized that he fully expected me to memorize every one of the many technical documents, and not just remember what information was where so I could look it up when I needed it. He also refused to give me what hours he wanted me to be there, which I thought was laid back but later learned was his way of saying “I expect you to get here before me and leave after me, which is a twelve hour period that moves four hours in either direction depending on my mood.”
But to put all of that in context you have to remember the pay, which was also bad.
But to put all of that in context you have to remember the pay, which was also bad.
Lol the one I worked at had a 30% turnover rate because of this. Ridiculously skilled engineers working for a 8-14 month stint before they secured a much better job at a different company.
Even their longest working lead, who had joined since the start as a junior, left a couple of months after I joined
The funniest moment was when
HRpeople ops posted the average expected salary ranges to confluence, which was a full 30% higher than what they announced for yearly raises.
I’m working at a mega Corp now (not one you’ve probably heard of) and it’s a fucking farce.
We had a meeting last week about some problems with the current process. People kind of nodded along. Meeting was drawing to a close. No concrete tasks or assignments.
I say, “great. Who’s taking lead on this? Can we have a proposal by Monday and make a decision by Wednesday?”
Suddenly management people are like “whoa whoa whoa stay in your lane”
Okay then why don’t you fucking manage?
This happens all the time. We have long ass meetings with the whole team, talk about problems, but then no one is assigned to do anything and nothing changes.
There’s just so much incompetence and ineptitude. Some of it is probably coming from hidden, bad, incentives
Honestly this one’s on you, pal. Why do you even care about the megacorp’s business?
Because the current process means constant merge conflicts that I have to deal with, and constant bugs I have to deal with.
But, on the other hand, maybe you’re right and I should just check out and spend a day “fixing git problems” too
I don’t want to push back too much, but I disagree with the other poster. You deserve meaningful work, and you seem like an educated person, so probably society as a whole would benefit more if you did something more interesting than fixing the outcomes of poor process. The amount of of human potential flushed down the toilet because MBAs insist on an ill fitting Taylorist approach to managing software projects is, in my view, a great moral harm. It is your professional duty, and in your personal interest, to either push back or move.
Not just managing software projects, it’s like the whole economy right now tbh.
I was in the corporate medical industry. The only things that got handled at all in a efficient time was those required by law. Like if there was a incident in the field we had to have an initial report within a week and a corrective action within 30 days. Preventive actions were longer term, didn’t have a deadline so it was not uncommon for it to go on for a year or more.
I can’t give a real example for legal reason but let’s a product was sold which gave electrical shocks to a patient. Within a week we had to tell the fda the cause was a faulty resistor. Within 30 days we had to correct our system, for example assign a person to test that resistor with a dmm on every device. Easy enough, give the operator who installs the resistor a dmm, update the instructions to say to measure that resistor and give a 5 minute training to said operator telling them that they have to measure it. Easy to do in 30 days and required. Now really the root cause was we didn’t test for that in our multiple automated tests. The preventive solution would be update the automated testing software to check that. That has no time limit. It now becomes low priority. We did have to give an estimated time line, say within 2 years. By the time that deadline approaches most people who originally said that have left the company and new people are unaware. They submit an extension, and it’s low priority again. Another 2 years go by. Now the high priority is the next product release. The old product will be discontinued so no one cares. So for 4 years and possibly several more years after it the company pays a person to manually measure a resistor. The automated test would eliminate this need, be more reliable, have documented results but wasn’t implemented because it’s low priority since there’s no legally obligated time line.
Sounds like Honeywell.
more of a Sanofi thing to me
Healthcare day 1: There are 3 emergencies you have to tend to immediately. If you have any questions your supervisor will show up eventually (or not) to go with you through all your cases for 7 minutes. Please be prepared. Of course you can call him anytime (if you dare). Oh and please take this student with you and teach him everything.
Like anyone in a corporate job has correct access on day 1
I was surprised by my current job. When I walked in the first thing they did was give me a badge to open doors. The second thing they did was take me to “orientation,” which mostly consisted of them handing me a laptop and giving me the password for my already configured administrative user.
My first day was sitting for 8 hours abandoned in a cubicle because my new boss forgot to put in the new hire requests for IT. No user, no email, no nothing. Only reason I had a laptop at all was because they happened to find an old one in a drawer.
I had a job where that happened, but I was fortunate enough that they called me before I left to head to them. (It was a long drive.)
Every morning they called to say “I’m sorry, we haven’t been able to get your account setup yet. Can you come in tomorrow instead?”
That lasted for a week. The last day I didn’t even bother to get ready because I figured they’d be doing the same thing and just starting me the next Monday. It was a risk but it all worked out.
This was my first month and a half one time
A Password is a thing that protects you from hackers. If you work here for long enough, you might even get your own account.
It’s not always for lack of trying. I spent a year or so building the integration (from a box of scraps!) between the shiny new HR system and our IDP. This integration was supposed to be functional out of the box according to the HR system salesgoblin. It didn’t just need to be configured, it needed to be built from scratch because they didn’t actually support hybrid AD/Entra setups managed from the AD side. Which was only the unofficial standard for Windows based shops at the time.
Anyway, I wanted to make it grant employees access to shit based off a combo of Job Title and Department. On a technical level, it’s basic baby stuff. Concatenate the Dept and Title into a string, use that as the key to a hashtable with the access they need listed. Bish bash bosh, bob’s your uncle.
It would have been a cakewalk compared to all the shit I had to build for handling separations and all the data retention shit around those.
But none of the department managers could actually tell us what the fuck their workers needed access to. Like maybe 3% had any idea at all. And I didn’t have the team or time to try and do data analytics across the access of everyone at the company just to get an unreliable best guess.
So it just handles setting new hires up with the basic access everyone gets and separations. Still a savings of ~1 hour per employee.
It’s been something like 7 years since I built that integration. They’re finally going to replace it with a true access management platform. It’s cost them multiple millions so far, has an entire new department dedicated to the thing, it has been “in-progress” for two years, and it still hasn’t replaced my shit yet.
My favorite part is when they come to me months in to something they’re trying to get working, and I’m able to point them at where they made mistaken assunptions at the first step leading to the mess they’re currently in.
I provided a ton of in-depth notes on our current standards, the weird gotchas/deviations, every single stumbling block and edge case I had found, all the seemingly logical and safe assumptions that don’t actually hold. I don’t think they read any of it. I keep asking them to reach out before they start working on a new piece of functionality. They don’t.
So now I get to tell them things like “that assumption you built this piece of logic off of will bite you in the ass in this specific way”, they say they’ll take it under consideration, and I laugh knowing this whole project will probably implode under the weight of incorrect assumptions before it’s finished.
heck, i had a consultancy gig where the customer wanted me on-site for intro 400km away, and i had to spend a few days with no hardware at all, never mind access. also it was a high-security thing so i had to be escorted around at all times until they could sort out the badge thing. very productive week, that. at least got a few hotel breakfasts out of it.
I sure hope you got paid for just milling about.
i had a job where jack fucking shit happened. I just went on reddit all day. this was worth paying me thousands to do.
I had a job like that. It was a public secret that the night shift people were there just in case someone called - we generally got 3-5 calls per shift and there were something like 7 people. I didn’t really use Reddit at the time, but they didn’t block Netflix or Hulu so I (and most of the others) just watched those. I read a lot of books, too. Some people slept through their entire shifts. I only fell asleep once, by accident; I was always too nervous I’d miss a call. One shift a co-worker and I just played Fluxx waiting for calls.
I was at that job for eighteen months. When I left, I was worried that I didn’t know how to work anymore. I was well liked, sometimes even specifically requested, at my next job, though, so perhaps the time semi-off helped me.
oh loads. my rate was 100€/h for that, plus travel, food, and accommodation. not that i got all of that money but it definitely hurt them more than it hurt me.
End of week one: “you should have your work account by this time next week… at the earliest”
They sent that as an email to the address you don’t have access to yet
frigging bad guys
So yes there is unfortunately a small number of people in the corporate world who need that specific training but what it mostly is is plausible deniability for the company. In case you do get your password stolen or some such the company can then turn around and say that you had the mandated security training which makes it easier to let you go. It’s all so they can cover their asses
I have told my coworkers before.
The company does not make you take ladder training so you can learn how to climb a ladder, its so if you fall off, a lawyer can ask if you were following the ladder training exactly.
Could also be some compliance thing. The only job where I had mandatory security training was incidentally the same one where I had mandatory HIPAA training.
Funny enough I’ve worked at several companies where they will tell you to take the training and if you don’t do it they’ll keep telling you but after a while they just stop.
Big Corpo HR: “We’re going to need you to watch 8 hours of videos about ‘empathy’ and ‘active listening’.”
6 hours later…
“…and body language is very important. It’s perfectly ok to rest your chin on your hand but DO NOT cover your mouth because it gives the impression that you’re holding something back.”
“Now we need you to watch 4 hours of videos to teach you how not to sexually harass everybody.”
Accidentally harass anyone. You have to be careful because it’s easy to say things that are not necessarily intended to cause offense but could be perceived offensively by the other party.
Things like, “Wow! You look great today, Janice. That top really accents your tits.”
Or, “Ryan, I think you would be a great fit for the managers job. If your interested, you should stop by my place tonight and fuck my brains out.”
Now, as innocent as both of those scenarios might appear on the surface, they are both examples of different types of sexual harassment.
thanks to these fucken libtards these days you cant even spank the new girl’s ass AS A JOKE!!! without being called a sex predator
Oh my god you’re a life saver. I would have totally harassed my coworkers had I not been armed with that knowledge. To say thanks, would you care for a handjob?
Wow you guys are coworkers?
Corporate fishing training makes me feel genuinely bad for the people who actually need it. I can’t say it’s through “no” fault of their own, but I at least recognize I was greatly privileged to grow up in an era where I had home computing technology nearly all of my life but there was enough friction that I had to learn how to be smart about it. Some of it really is statistically the era they grew up in, and it makes me reflect if, in 30 years, I’ll be getting training on how not to get blip blop zooped by a schmazdazzler and get all the questions wrong because the answer was that you never smap your smoop with a schmazdazzler.
The phishing testing at my company entertains me. They had to put in a mail header to get it past their own filters and we’re not required to report them, we just get a lecture if we’re tricked.
Someone put that all together and wrote their own filters to automatically delete them. They shared how to do so in a public room and now I imagine the only people who ever fail are new hires.
I set mine only to mark them read, not delete them, in case it got triggered incorrectly.
We have these and i have term filtered but honestly the most obvious giveaway before you even read it is the font.
I can only think of 1 person who routinely used a different font from Outlook’s default in my entire working life. Sometimes you get something copy pasted with formatting from elsewhere but that’ll be in the middle of an email.
I dont know why the phishing tests always use a different font.
We only have to do these tests at all because someone bought a load of Apple gift cards for the “CEO”.
My dad was one of the guys who was in charge of administering those to his company. They had different tiers of difficulty, i think ranging from 1-5. They always sent IT and Engineering the 5s and they passed with flying colors.
Hr and finance never got harder than a 2 and they always fucked them up
I’m willing to do a consultation about proper schmazdazzler use for the right price…
Nearly accurate. Apart from corporate job only providing you a laptop after a week or two because someone forgot to notify the IT about your starting date or the IT processing jobs in the order of receiving them rather than urgency of these.
Don’t put that shit on IT. HR is the department that can’t get the fuckin onboarding form right, can’t send it to the right people, or just straight up don’t do one and expect us to be mind reader’s.
I used to work in IT. At one point we ordered like 100 laptops from Dell, and they pretty much just said lol no. Apparently one of the business teams needed to renegotiate our contract with them or something. It was 3 months before we got any computers from Dell. Warranty replacements or otherwise. We had people with 6 figure salaries sharing laptops. We were stealing desktops from engineering to replace production systems. And no, we couldn’t get the green light to just go to Best Buy and buy some computers or anything like that.
Gotta love corporate efficiency.
I have seen both, including the IT only placing an order one day before someone was starting.
In my own experience as an IT tech, this is still on HR because HR is still adding people to the job past the deadline to be able to ship stuff out in time. We do what we can but we’re not miracle workers. Can’t ship stuff to someone if we don’t have their name or address.
I worked in this specific space for a couple of years and it can be a shockingly complex process. The standard workflow is oftentimes simple, but it’s full of exceptions and considerations on both the HR and IT side.
I’m in IT and I still don’t have one after 7 months.
can’t get an interview unless you’ve been doing the exact job they’re hiring for for the last five years, but once you’re hired they assume it’s your first day on earth
A password is something we send via email when someone else wants access to the admin account.
Rookie mistake. The password is what we write on a sticky note and tape to the edge of our screen.
Birthright membership in the Domain Admins group is what keeps all our users from being pestered when they want to install that neat new tool they found. Then you don’t need to harden the built in admin account against attacks, you can just disable it!
Hilariously if this is internal only, it may be “secure in transit” as most mail doesnt flow over SMTP in that case. Some vendors, including m365, also encrypt mail by default between other m365 users, and I think all of gmail last I checked.
If that password isn’t then deleted from email or is otherwise archived automatically, then you have problems.
Cc: all@verysecurecorporation.com so we don’t have to keep sending it whenever somebody asks.
