Our system wasn’t quite as critical, thankfully, but the app owners failing to respond to “Hey, by the way, your service account for your data base is gonna be closed” is just gross negligence. My condolences that you had to take the brunt of their scrambling to cover their asses.

For all the complaints I may have about certain processes and keeping certain stakeholders in the loop about changing the SQL Views they depend on, at least I acknowledge that plenty of people did heed the announcement and make the switch. It’s just that the “Oops, that mail must have drowned in my pile of IDGAF what our sysadmins are writing about again. Can’t you just give me the new password again, pretty please?” are far more visible.

We had that some time ago with a service account for a specific system where individual personal accounts weren’t (yet) feasible. The credentials were supposed to be treated with confidence and not shared without the admins’ approval. Yeah, you can guess how that went.

When the time came to migrate access to the system to a different solution using personal accounts, it was announced that the service account password would be changed and henceforth kept under strict control by the sysadmin, who would remotely enter it where it was needed but never hand it out in clear text. That announcement was sent to all the authorised credential holders with the instruction to pass it on if anyone else had been given access, and repeated shortly before the change.

The change was even delayed for some sensitive reasons, but eventually went through. Naturally, everyone was prepared, had gone through the steps to request the new access and all was well. Nobody called to complain about things breaking, no error tickets were submitted to entirely unrelated units that had to dig around to find out who was actually responsible, and all lived happily ever after. In particular, the writer of this post was blissfully left alone and not involuntarily crowned the main point of contact by any upset users passing their name on to other people the writer had never even seen the name of.

Maybe it will be enough to alert some of them to those issues? If the effects of corruption are felt more strongly, people may be more vocal about it and realise how many like-minded people there are. Then they may come to wonder how these bills keep getting passed if so many people oppose them.

Or they may keep their heads low for fear of sticking out and becoming the next target, or become dog-in-burning-house impersonators: “This is fine :)”

That sounds like a blockchain with signature verification against a previously established and acknowledged set of keys as consensus mechanism. Pretty reasonable, as far as use cases go.

However, it doesn’t solve the issue of disagreements and community splitting. If one part of the mod team decides to add another mod, but the rest doesn’t, what’s to prevent that part from splitting off and continuing their own version of the moderation chain? How is abuse of power handled? And in case of a split, how are community members informed?

Don’t get me wrong, I’m not saying it’s a poor idea, I’m just saying that it won’t solve the issues of community splits, and I’m not sure anything ever can.

Disturbed - Legion of Monsters

You made sure the world will remember the name But didn’t the thought even enter your mind? You′d give a new legion of monsters A reason to take your life

The song originally is about a school shooting, but the point is the same

“And this is why US-centrismis such a big problem in the internet. Everybody speaks Engliah, and the United States are the biggest in terms of English speakers. And through that a situation occurs where most users are seen as Americans, unless stated otherwise”

About right?

I can’t comment on the general trend, but this specific one seems a bit too circumstantial to be of use for a serious spying effort. You’d have to have the spyware running parallel to the apps usong passwords you want to steal in a specific way.

The risk exists, which is bad enough for stochastic reasons (eventually, someone will get lucky and manage to grab something sensitive, and since the potential damage from that is incalculable, the impact axis alone drives this into firm "you need to get that fix out asap), but probably irrelevant in terms of consistency, which would be what you’d need to actually monitor anyone.

If you manage to grab enough info to crack some financial access data, you can steal money. If you can take over some legit online account or obtain some email-password combo, you can sell it. But if you want to monitor what people are doing in otherwise private systems, you need some way to either check on demand or log their actions and periodically send them to your server.

It would be far more reliable to have injection backdoors to allow you access by virtue of forcing a credential check to come up valid than to hope for the lucky grab of credentials the user might change at an arbitrary moment in time.

I sorta do? My employer has been making commitments to improving things, and I’m involved in one of those projects, but they’re a very slow ship to turn and I can’t say I 100% stand behind what they’re generally doing.

I joined out of a mix of necessity, opportunism and the chance to develop new skills, and grew to like the specific job I’m doing. I didn’t have many choices for private reasons, but needed the money when I signed up, so in a way the money was good enough to compromise on ethics.

I got a permanent position now, and again, I stuck for personal reasons, to improve my future prospects and because I like the job, but for all the security a permanent position offers, I’m still planning to start looking for different opportunities when circumstances allow, unless the internal culture makes some masive progress in the next two years.

In the medium run? Not sure. I’d like to think I’d compromise money over ideology, but I also know that I tend to be selfish and really good at mental gymnastics to justify decisions. I would probably not sign on with Exxon, so there’s definitely the severity of opposition to account for, but there isn’t any clear line that I’d swear my life on. On the other hand, if the money was enough to support political causes that I feel (or tell myself) would weigh up the toll on my conscience, I might fold.

In the long run, I hope to get to a point where I can answer that with a firm “No”. Maybe once life stabilises, I’ll grow firmer in my convictions. Maybe once the question of pay shifts from covering necessities to the amount of luxury I can afford, the exact number will lose meaning. Maybe I’ll find a place that I both support fully and earn enough at that any more would feel obscene anyway.

So basically, it comes down to the factors of

1. How strongly do I oppose the company?
2. How much money, compared to what I need to live, and compared to what I need to support a pleasant lifestyle?
3. Where am I on the scale from nihilism to idealism at the given point in time?

It’s a copypasta, I’ve seen it on reddit before. I’m not sure if the original poster of that pasta was trolling too, but this one most definitely is making fun of them.

You mean the magazine would pay people to write a story people would want to read… only to make money for the magazine? Like, they’re doing it for profit, and not out of the goodness of their hearts? Next you’re going to tell me my grocer is only selling me food to generate revenue.

There’s a difference between “just marketing” and “buy this stuff, but also, turns out Lebanon has quite some distance to go in terms of human rights in general and gender equality in particular”. Companies can’t have morals, because they’re not a natural person, but the humans working for them can, and it’s not unthinkable for this story to be both: An expression of moral frustration on part of the journalist that also happens to be profitable for their employer.

If we divide, we’ll be conquered. That wisom is at least two thousand years old by now. Better to unite and defy.

The whole point of making a federated network of independent instances is to avoid the issues arising with one central instance, right? Putting the content out to multiple instances plays into that: If it’s important content, no single authority can easily censor it, and the loss of a single instance won’t erase it.

If it’s trash, of course, every community in every instance you post it to will have to clean it up separately. Arguably, that puts more strain on the respective moderation teams, but if (ideally) those are disjunct people (again, to avoid the issues of a single authority), the strain should be distributed.

And on the plus side, it would enable each community (in the lemmy sense) to enforce their own nuanced rules, additionally leading to slightly more choice between the types of moderation you favour (as opposed to “There’s one big sub, take it or leave it”).

Individual communities may be smaller, but maybe some more form of coordination of similar communities across instances could amend that (like linking to the other communities in your sidebar etc.).

I could also imagine a super-community solution that would allow you to aggregate several communities across instances similar to multireddits. I’m new here, so I’m not sure if that exists, nor have I given the implementation any thought, but I suppose that could be convenient.