Phil Pennock wrote: > On 2007-09-10 at 18:58 -0700, Michael G Schwern wrote: >> Or hell, build a cheap ass server, put the repo on it and put it off in a >> corner. >> >> Hate security fascists. > > Oh, well if we're off hating just software ... > > Hate lame-arsed developers who think that it's appropriate to entrust > all the work they're paid to produce to some cheap-arsed server off in > the corner without reliable disks, backup or anything else. And not > just the current snapshot, no, but the entire revision history. > > And one where the devs control it and can fake up the entire history. > Way to make the C<x>Os go to jail, there, when the SOX auditors find out > about it. > > Hate people who're so selfish that they won't even try looking at things > from the other perspective and are so cavalier with stuff when its other > peoples' necks on the line.
Hate admins who use "security" as a club to refuse to upgrade anything to get my job done so that I HAVE to go run critical services off on a crappy little dev box. Grrrrrrr. While we're hating things merely related to software, why does a government program intended to stop executive fraud reach down into minor aspects of software development? At my last job with a public company, nobody seemed to know what is necessary to be SOX compliant. They just slavishly went with whatever their auditor said to do. "OH GOD, DON'T CHANGE ANYTHING! IT MIGHT NOT PASS THE NEXT SOX AUDIT!!" It was paralyzing. And for some reason QA was put in charge. The NON TECHNICAL QA group headed by an ex-DoD guy. Oh god the paperwork. QA people were signing off on feature changes and code they don't know how to read. We had to push little pieces of paper around and get them signed by managers to make changes AND WE ALREADY HAD AN ELECTRONIC CHANGE TRACKING SYSTEM! Hell, we nearly had to PRINT OUT DIFFS of each change and STORE THEM IN A CABINET before we convinced them of the lunacy of that plan. Oh yes, I've dealt with SOX. I hate it with the firey passion of a million burning shares of Enron stock. I think twice before ever working for a public company in the US again. I've also secured CVS and SVN servers against developer tweaking, so nyah. ;) -- Hating the web since 1994.
