Posts by saraislet@infosec.exchange
(DIR) Post #AmR6LqAq9lhjEwiEy0 by saraislet@infosec.exchange
2024-09-27T07:21:45Z
1 likes, 0 repeats
An awkward part of joining teams that were previously all men is eventually learning that they inevitably used a generic man's name for a shared account to manage a vendor relationshipWhich is really disappointing because it's a terrible security practice to use shared accountsAlso it's short-sighted and a sexist default to not consider that people other than men might join the team eventually. But it tracks that such a shortsighted assumption would match up with poor security practices
(DIR) Post #Aq942srYjc2N1BR7cu by saraislet@infosec.exchange
2024-12-28T19:49:11Z
1 likes, 0 repeats
The whole England/Britain/UK thing is a load of bollocks. You can't have a country INSIDE of a country!And then the whole "British Overseas Territories" mess, and the British Commonwealth. And Scotland is an "independent country" but it's part of the UK country so it's not independent, while Ireland is genuinely independent, but Northern Ireland isn't even a country even though it clearly is. And don't get me started on Wales, which is somehow more independent than Northern Ireland while being about as independent as a cat's tail is from its spine.
(DIR) Post #AsrzZOot7JySruYJBw by saraislet@infosec.exchange
2025-04-08T02:26:06Z
0 likes, 1 repeats
I'm hiring an L4 (mid-career, early side of senior/pre-senior) infrastructure software engineer! I'm looking for someone with:• A broad understanding of AWS cloud infrastructure fundamentals• Strong python or golang skills• Ready to work with code managing infrastructure at scale (e.g., we break AWS APIs because they time out on describe calls)and would like to see at least one of these skill areas:• Experience building robust systems or easy to use abstractions for AWS native services such as EC2, Lambda, S3, SNS, SQS, DDB, etc.• Experience leveraging AWS Config, Cloud Control API, CloudFormation, and CloudTrail• Experience with Infrastructure as Code (IaC) toolsNetflix Cloud Security has industry-leading cloud security capabilities, and one of the most sophisticated AWS environments in the world. As a manager, I prioritize inclusion in order to maintain both the wellbeing and productivity of our diverse team. We hold folks to delivering high quality work by creating environments where you can operate to the best of your ability, through work-life balance, expecting folks to take ample time off (~6 weeks, but no one will track it). I'm happy to talk about this role and about how I manage teams — e.g., my Explicit Expectations and my commitments to my reports. I'd love to hear what perspectives, skills, and experiences you could bring to our team!https://explore.jobs.netflix.net/careers/job/790301953900#Hiring #Infrastructure
(DIR) Post #AsrzZU5NXR8VCVJ35c by saraislet@infosec.exchange
2025-04-08T02:31:56Z
0 likes, 0 repeats
note: This is NOT a security engineering role and does NOT expect security expertise. I am strongly prioritizing infrastructure engineering over security experience
(DIR) Post #AsrzZZ1fAg8QWQbeUa by saraislet@infosec.exchange
2025-04-08T02:34:03Z
0 likes, 0 repeats
If you're interested in seeing what I value as a manager, please read about my Explicit Expectations, my commitments to my reports, my people leadership approach, and my technical leadership approach:https://managinginthemargins.com/explicit-expectations-leadership-by-example-edcb451abfb4
(DIR) Post #Au8ewYUHh0g0iNaocq by saraislet@infosec.exchange
2025-05-16T02:45:00Z
1 likes, 1 repeats
I would like to walk into a forest, curl up under a tree, and become part of the mossy forest floor forever
(DIR) Post #AuKv6qSJXuIH9Iv8tM by saraislet@infosec.exchange
2025-05-22T00:55:45Z
0 likes, 1 repeats
"There might, for instance, be mitigating circumstances such as when the subject's patterns of judgement are influenced by the prejudices of his day in a context where it would take a very exceptional epistemic character to overcome those prejudices. These might be circumstances in which it is simply too much to expect the subject to achieve awareness that a certain prejudice is structuring his social consciousness, let alone to realign his habits of credibility judgement accordingly." [Epistemic Injustice]Oh fuck off, rational judgement from a position of ignorance does not produce extenuating circumstances to negate a clear case of identity-prejudicial credibility deficitFucking philosophers, y'know some of us have to actually live in this fucking world#mitm_reading
(DIR) Post #AudIhMvonvjgAsEJGa by saraislet@infosec.exchange
2025-05-30T21:58:30Z
0 likes, 1 repeats
"If your reports don't feel safe, they won't tell you" — This is one of the clearest and most important pieces of advice I've heard for managers.It's a perfect illustration of the "monster in the middle dilemma for navigating both social and organizational/authoritative power dynamics as a manager. Power dynamics are the monster in the middle — and if a manager doesn't actively work to mitigate that, they will fail to operate effectively as a manager. It's not something anyone can fix or prevent, it's an inevitable, inescapable aspect of the management threat model.#mitm
(DIR) Post #Av4wIoBYyWlsiP510K by saraislet@infosec.exchange
2025-06-12T04:38:46Z
0 likes, 1 repeats
I'm disappointed that someone stole my book idea
(DIR) Post #Aw8R1rC79WmRWbkHbc by saraislet@infosec.exchange
2025-07-14T11:32:47Z
2 likes, 1 repeats
One of the problems with vibe coding is that the hardest part of software engineering is not writing the code, rather it's *choosing* what to code, and designing the system (and, later on, maintaining the code/operations/etc)The barriers and investment cost to writing code is itself a *desirable* aspect of software engineering because it forces you to make careful, good choices before you invest in building somethingBecause the majority of the time spent writing, say, curl, is not writing the original tool but rather maintaining it over time, it's important to make good choices from the beginning, and at every major version change
(DIR) Post #Axi0gZseTTvuxNOXRY by saraislet@infosec.exchange
2025-08-30T20:10:30Z
0 likes, 0 repeats
We need to stop the US corn subsidies. Everything comes back to corn!Why is German butter yellow?→ Why isn't US butter yellow?→ Beta carotene in cow diets turn their milk fat yellow→ And German cows eat primarily grass, while US cow diets are mostly grain and corn@SwiftOnSecurity was right, everything is made of corn
(DIR) Post #Ay0ZUq29aMAYoyFtyK by saraislet@infosec.exchange
2025-09-08T18:40:18Z
0 likes, 0 repeats
"If a product is free, then you're the product"Signal is freeLinux is freeShutting up is freeI'm starting to think this adage isn't accurate
(DIR) Post #AzNKIB2E9touxZrwjA by saraislet@infosec.exchange
2025-10-19T18:02:26Z
0 likes, 0 repeats
As brachiosaurus could reach a height of 1216 meters, eh? That's like a quarter of Mount Everest
(DIR) Post #B0DeiN5CKOJXizyLMe by saraislet@infosec.exchange
2025-11-13T21:45:20Z
3 likes, 2 repeats
If I had a penny for every time I heard something like"We're going to track increases in productivity that we gain by adopting GenAI"1. So you're assuming it's an increase2. Against what control group3. With no acknowledgement of confounding variables or experiment design4. Around the...famously open problem of measuring software engineering productivity?
(DIR) Post #B0DeiRj34AZG7keE2C by saraislet@infosec.exchange
2025-11-13T21:48:43Z
2 likes, 0 repeats
In other news, I'd like to share that I measured a 100% gain in productivity after turning the lights on for a team that was previously operating entirely in darkness.Though I still need to do some research to understand the Hawthorne effecthttps://en.wikipedia.org/wiki/Hawthorne_effect
(DIR) Post #B1dhXlLzLPvdNDQP56 by saraislet@infosec.exchange
2025-12-25T23:08:20Z
0 likes, 0 repeats
Eat the richIt's French revolution time, baby
(DIR) Post #B1dhXmXMwact2nl0SW by saraislet@infosec.exchange
2025-12-25T23:09:22Z
1 likes, 0 repeats
Proposal to Unicode for a guillotine emoji
(DIR) Post #B1dhXsegCK2U1DDvge by saraislet@infosec.exchange
2025-12-25T23:32:18Z
0 likes, 0 repeats
If anyone asks you to work 7 days a week, that should be a once a year thing for a genuinely urgent priority that is highly likely to materially impact humans imminently Working 7 days a week is a Black Swan event: a rare exception, on the order of log4j or WannaCryNot, for comparison, like weekly critical network security software vulnerabilities — ("Massive slam on Fortinet out of nowhere", said Gideon) — but for the unusual, atypical, anomalous catastrophes
(DIR) Post #B1wuJiomxt8QrZlmZk by saraislet@infosec.exchange
2026-01-04T17:53:36Z
1 likes, 0 repeats
Chain Control to Major TomChain Control to Major TomTake your protein pills and put your snow chains on (Ten) Chain Control (Nine) to Major Tom (Eight, seven)(Six) Commencing (Five) countdown, engines on (Four, three, two)Check ignition (One) and may snow's love (Lift off) be with you
(DIR) Post #B2J31Uauxgifee6A9Q by saraislet@infosec.exchange
2026-01-14T20:19:57Z
1 likes, 0 repeats
@atax1a the lesson that too many people haven't yet learned is that it's harder to turn mediocre code or documents into high quality code or documents than it is to write high quality work from scratch And while some may defend that mediocre work is fine for "boilerplate" product text or documents or code, I think we're already on the same page that you shouldn't need boilerplate, least of all in code