L5 hasn't been the promote or fire cutoff at Google for perhaps a decade. L4 is the new L5, mostly because Google would have to pay L5s more, and it has been terrified of personnel costs for years.
But even so, an L5 at Google is basically a nobody as far as prestige or convincing other people to adopt your plan goes. Even L6 is basically just an expert across several mostly local teams. L7 is where the prestige gets going.
These premises may or may not make sense, but the thing that matters is capturable revenue.
European settlers being on the north american continent would be an amazing technical tour de force. But relatively speaking, there isn't much revenue there.
I'm not sure that the continental Colonies brought in much revenue, though. The individual colonists could do quite well, but viewed as an financial investment for the British Crown (which they were not, but that's the OP's analogy) I don't think they were very good. Plus, when they wanted to extract revenue via taxes, the Colonies revolted. Eight years of war probably cost a pretty penny, too.
(Sourcing my claim is difficult. I include this reference [1], which says that the Caribbean colonies were more profitable than all the continental colonies together. It doesn't comment on the cost of the war.)
I think you are in agreement. The poster you replied to seem to insinuate that immediate revenue (in the Americas/space) isn't the best indicator of latter successful pioneering markets.
Something may be bad, but accurately describing why it is bad significantly elevates the discourse.
Eg, someone could use the phrase "Won't someone think of the children?" to describe a legitimately bad thing like bank fraud, but the solutions that flow from the problem that "children are in danger" are significantly different from the solutions that flow from "phishing attacks are rampant".
The two issues in this case aren't quite as different as child-endangerment and bank fraud. But if the problem was as the original title describes, the solution is quite different (better sandboxing) than what the actual solution is. Which I don't know, but better sandboxing ain't it.
Sure it is, show me one business that actually closed from union costs and I’ll show you a million unionized businesses that have never closed for that same reason.
Cherry picking a few businesses and then saying all businesses are doomed because of unions is exactly propaganda.
So other businesses moved for cheaper labor elsewhere but one stayed open is proof that the cost of living in GA went up not that unions cause businesses to move. The greed of the business owner is what caused them to move.
I have seen this phenomenon especially at a couple of FAANGs over the past couple of years. Things are getting locked down so much, and so many special permissions are required that now people ask for permissions to systems or procedures preemptively. Because by the time they know if they will need it or not, it's too late.
And no one in the security business seems to consider the overall burden of yet another step. Each of which is simple in by itself, but cumulatively they are a giant hassle, and so people look for workarounds.
> And no one in the security business seems to consider the overall burden of yet another step. Each of which is simple in by itself, but cumulatively they are a giant hassle, and so people look for workarounds.
This is a tale as old as time.
At a prior gig, IT took away touch ID for ... $reasons. ~40% of the engineering team was already big into mechanical keyboards so it only took one person to "just FYI, VIA allows you to program macros". Is it _as bad_ as password on a sticky note? Not quite but I can't imagine that touch ID was _more_ of a threat.
You know what's funny is that, at least by default, these strings have some information in them that tells you the serial number and model of the key, among other things.
Curious, why remove Touch ID? Been moving everything into it seems like a really good mix of convenience + security (especially if the alternative is copying your key into AI :) )
I call this sort of thing a self-DoS. If the system is unusable enough, it's indistinguishable from a DoS attack. This sort of sabotage isn't restricted to the security team, anything that makes the system unreliable enough from bad design through bad performance can have the same effects as an external attack.
>> Things are getting locked down so much, and so many special permissions are required that now people ask for permissions to systems or procedures preemptively.
Currently dealing with this at our current company. People were clamoring for access to various LLM's. They were slow to adopt and since we're a huge MS client, we were granted limited licenses for copilot. Then more people made waves about getting access and they slow walked a ton of licenses until a small portion finally had access.
Then came all the other non-MS apps that people wanted to plug copilot into (such as Figma) and that was another round of frustrations with users here as they locked stuff down, then slowly relented.
The company is still struggling with giving access to AI tools and LLM's since now the company is really lagging behind many other companies who are just running wide open with AI.
We're 100% dealing with what you're saying. EIS has been making people jump through so many hoops that every time they add an LLM, its completely locked down to just the enterprise network and people are getting really frustrated since so many of us are already well along using AI at home and elsewhere. Yet here our day-to-day stuff using AI is an act of congress to get access to the LLM and tools.
> And no one in the security business seems to consider the overall burden of yet another step. Each of which is simple in by itself, but cumulatively they are a giant hassle, and so people look for workarounds.
This is certainly not true. I personally consider how much friction things introduce for users, things like normalizing having to reenter your password too much making phishing easier, and so on. It's well understood that you will get shadow IT, which is worse, if you make doing things the right way too difficult. I regularly advocate for streamlining processes and procedures, introducing more user-friendly systems, hosting office hours where the security team is available for any question or concern you have making us more available to the company, etc.
What's the issue? Well, for one, there's a ton of incompetent people in the field, so they'll just do whatever to make themselves look like they're working. Two, most security departments are criminally understaffed, so even if you have competent people they just have to put things together quickly and can't clean it up. Three, there's tons of idiotic regulatory and legal requirements that take forever to modernize. And finally, half of security is playing politics and arguing with the rest of the company, meaning that half the time the solutions you get are a slop of compromise with which nobody is happy.
TL;DR we aren't psychopaths without empathy, we struggle for the same reasons you developers have tech debt and other things that suck even though you would prefer not to.
Almost instantly, compared to my experience working for a big health care provider... I waited 6 moths for IT department to allow me install development tools on work laptop.
And while security rules created enormous roadblocks for work, whey also left enough holes to be exploited. Before getting required permissions, I managed to create dual boot with linux and share files between 'approved' and 'illegal' systems
All of these techniques are entirely routine for the average company with even a semi decent accountant, and only marginally increase the chance of an audit.
You do have to be sure you follow the rules and avoid various gotchas that other people in this section have pointed out, but otherwise it is entirely legal and routine.
No kidding. It's pretty normal for a high-growth company to not turn a profit for years because they keep on taking on expenses to try to grow quickly, and this is explicitly allowed now for R&D.
Actively involved owners live off of a salary paid by the company.
It wasn't performant, and it didn't scale. I was in a Notes shop in the mid-nineties and it was dog slow for practically everything in a perhaps fifty person company.
But even so, an L5 at Google is basically a nobody as far as prestige or convincing other people to adopt your plan goes. Even L6 is basically just an expert across several mostly local teams. L7 is where the prestige gets going.
reply