[ziddoap]

I always have to laugh a little bit when someone says NIST, NSA, etc. just "don't really know what they are talking about".

They aren't perfect (you know, being humans and all), and can sometimes be slow in disseminating information to the public, but you're out to lunch if you think they "don't really know" anything.

[moochmooch]

I'm scoping my statement to container security & orchestration best practices, not their competency as a whole. I know the specifics of their guidance due to the industry I work in, so I feel comfortable speaking generally about specific guidance in regards to specific technology.

Your comments reads overly defensive to me.

[ziddoap]

>I'm scoping my statement to container security & orchestration best practices, not their competency as a whole.

vs.

>It's funny that you use the term "actual" to describe the guidance from the US government. They don't really know what they are talking about.

Perhaps you can understand why I thought you were speaking generally, when your comment is written generally. I can't read minds to figure out what your silently scoping your comment to.

But if saying I laughed and why I laughed is overly defensive, my apologies. I'm not sure how else I would tell someone I find their comment funny.

[blowski]

Yeah. Typical dev hyperbole.

In a similar vein, a fairly mid-level dev was recently trying to convince me that "Rob Pike is a clueless idiot who knows nothing about language design".

[y4mi]

I somehow think that their opinion was a little more nuanced then that.

And fwiw, Rob Pike definitely did make mistakes. Golang is a great language, but it's not perfect.

[blowski]

It really wasn’t more nuanced than that - I’m pretty much quoting verbatim. The argument stemmed from the lack of generics in Go, which apparently was a sign of incompetence.

My general point is that there a lot of people who see the world in binary - genius or idiot, perfect or incompetent.