
Discovering the hypocrisy gap in reliability the hard way - praseodym
https://rachelbythebay.com/w/2020/05/23/gap/
======
l0b0
This resonates so much. One way to gauge the gap is to look for redefined
reliability terms:

\- Do they call it continuous deployment when it's really continuous
integration? CD is when the build pipeline goes all the way to production
without any human interaction (except possibly a review step).

\- Do they call it continuous integration when it's really nightly builds,
manual builds, local builds, or per-feature rather than per-change?

\- When HTTP doesn't redirect to HTTPS, when common credentials aren't rotated
whenever anyone who knows them leave, when full-disk encryption is optional,
when someone can walk in from the street and look at or change _anything,_
when not using common password storage protections or anything like that, even
an amateur knows it's not "excellent" security.

------
more_corn
The note about opening the door resonates with me. On two different occasions
I've come across IT people scratching their heads about how to get into the
server closet. On the first occasion the guy with the key was at a BBQ and in
no shape to drive. I opened it with a library card. On the second, the Kisi
server controlling the door had crashed (guess where the server was). I opened
it with a butter knife. On both occasions I opened the door quicker than my
wife can find her keys in her purse. Lesson 1) Secure your server room against
physical attacks Lesson 2) As you secure your server room make sure you make
an emergency plan for how to get in to your newly secured server room.

------
beervirus
I enjoy a lot of the writing on Rachel’s site, but the bitterness is too much
for me sometimes.

~~~
HenryBemis
I find this "bitterness" an eye-opener, especially when I see how true it is.

~~~
justapassenger
When taken with a right skepticism, then yeah, it is. But especially junior
folks should be careful taking stories like that at face value.

Being senior engineer is about much, much, more than just technical chops.
I've worked with many people like that - they were extremely good technically,
but their attitude alienated them and made it harder (and over time - often
impossible) for them to do their jobs. If you think that you need total
immunity and authority by reporting to the CEO, then you most likely doesn't
understand how your organization operates. Being able to navigate an org and
get stuff done, like it or not, is critical skill to being a successful senior
engineer at any bigger modern tech company.

~~~
cinquemb
> Being able to navigate an org > is critical skill to being a successful
> senior engineer at any bigger modern tech company.

Yeah, this is why after almost half a decade of working remote, I refuse to
entertain the song and dance for working for the giants. Plenty of other
places pay enough, with less stress, less koolaid drinking and less rear
orifice licking for those that prefer it.

~~~
justapassenger
Yeah working at smaller shops has an advantage of less overhead and you can
focus more on the pure technical stuff. It can be very rewarding.

But aligning and navigating how to work through the org doesn’t have to be
rear licking (although, it often is). Any big org requires you to figure out
how to navigate it, even if it’s meritocracy.

Understanding what your business needs and figuring out right solutions for
it, that are realistic and can be delivered, is a very valid engineering work.

