|
|
|
|
|
|
by iagooar
3444 days ago
|
|
|
>> it is a problem that goes back to the people who made the decision of allowing admin accounts without a password.
> No. Just.. no.... Security of YOUR system is YOUR responsibility. I agree. But what you are saying has nothing to do with whether a database should have sane defaults or not. >> In a world where software stacks have multiple applications, programming languages and databases, it happens that people are not experts in everything.
> Hire one. You seem not to know much about the real world out there. Companies are struggling A LOT to find ANY people at all. >> Maybe after this attack some companies ban it from their software stacks.
> Or maybe decision makers realise that yes, you do need to pay for skills. More money is not going to magically increase the pool of skilled software engineers around the world. If all the companies in the world increased what they pay, nothing would change, besides the fact that they would spend more money. |
|
|
Defaults - sane or not - lead to exactly these types of situations. It encourages "it's good enough" thinking, and dilutes the feeling of responsibility.
> You seem not to know much about the real world out there.
yeah, yeah... yawn.
> Companies are struggling A LOT to find ANY people at all.
Uhm, not companies that are willing to pay good money for good devs/devops/sysadmins.
> More money is not going to magically increase the pool of skilled software engineers around the world.
I would argue that it is the software developers' job to develop software. It would be a sysadmin/devops type person to look after the infrastructure, and make sure it is properly secured. I see so many job ads for a single role (developer, engineer, CTO, whatever) and then a jobdescription for "must be able to do everything related to any aspect of all our IT". Hilarious.