Yeah, shows that the internal client is researching security topics

Sounds like the kind of oversight that tends to come with a union and the representation therein.

I would hate to work where you developed the idea a protected main/prod branch is something novel.

That depends on what you run it on.

How could one Dev commit to prod without other Devs reviewing the MR? IF you’re not protecting your prod branch that’s a cultural issue. I don’t know where you’ve worked in the past, or where you’re working now, but once it’s N+1 engineers in a code base there needs to be code reviews.

Hey man, look, our scrums are supposed to be confidential. Why are you putting me on blast here in public like this?

That’s not how any of this worked. Also not how working in a large team that develops for thousands of clients works. It wasn’t just one dev that fucked up here.

Crowd Strike Falcon uses a signed boot driver. They don’t want to wait for MS to get around to signing a driver if there’s a zero day they’re trying to patch. So they have an empty driver with null pointers to the meat of a real boot driver. If you fat finger a reg key, that file only containing the 9C character, points to another null pointer in a different file and you end up getting a non bootable system as the whole driver is now empty.

If you don’t understand what I just said here’s some folk that spent good time and effort to explain it.

https://www.youtube.com/watch?v=pCxvyIx922A&t=312s

https://www.youtube.com/watch?v=wAzEJxOo1ts

Git Blame exists for a reason, and that’s to find the engineer who pushed the bad commit so everyone can work together to fix it.

Blame the Project manager/Middle manager/C-Level exec/Unaware CEO/Greedy Shareholders who allowed for a CI/CD process that doesn’t allow ample time to test and validate changes.

Software needs a union. This shit is getting out of control.

Exactly! Why would I sit next to myself?

That testing period, plus 24 months

Shutup Feinstein

$60

I would really appreciate it if you found the time to edit this post and expand a bit more on your general thesis here.

Pen, paper and dice

I’m not seeing too many buzzwords here

https://grizzlyreports.com/we-believe-pdd-is-a-dying-fraudulent-company-and-its-shopping-app-temu-is-cleverly-hidden-spyware-that-poses-an-urgent-security-threat-to-u-s-national-interests/

Use rclone

Absolutely!

If anyone is interested here’s a great thread on it

https://stackoverflow.com/questions/185899/what-is-the-difference-between-a-symbolic-link-and-a-hard-link#185903

A bunch have done so preemptively out of EEE fears. valid concerns based on historical precedent

Fixed that for you

Might want to audit what they MR though, ctrl+f “.cn” is a quick audit for most of what the chinese “hackers” try

Just be cautious when moving or backing up the files, things like rsync and bakula have specific flags needed to preserve symlinks.