An individual can change an organization

Posted by zdw 17 hours ago

An individual can change an organization(notes.eatonphil.com)

92 points | 34 commentspage 2

est 13 hours ago|

sorry but

1. who is Drew DeVault?

2. what change did he bring to Linode?

I lost the context after 'the same title "Developer"'

jackblemming 14 hours ago||

Why would you work your ass off trying to do this for a likely meager raise and a pat on the back? No thanks, I’ll take my sanity instead. Keep this energy for your own projects. Do NOT use it to make someone else rich.

I know I’ll get some whataboutisms of people who work for places that give good raises for good work. Great for you but you’re in the minority.

johanbcn 13 hours ago||

Yeah, no.

If it's not part of my job, and neither is my own company, it's not my problem.

sublinear 15 hours ago||

> there are plenty of companies with people who will make a good faith effort to do what makes sense ... I always like working for these companies

Everyone likes working for these companies, but this requires a mature work culture. The people with seniority have to be competent and experienced enough to distinguish good ideas and not abuse their position for personal gain.

In my experience these good places tend to be midsized companies. In contrast, just about any team you land in at a big tech company is going to be siloed off with one or more psychopaths at the helm who never "spent enough time in the trenches" to understand what healthy management looks like. The same is true at a startup. Those are workplaces mired in politics precisely because nobody in charge knows what good sense is and they do everything in their power to make sure anyone with a good idea is silenced or bullied out.

democracy 15 hours ago||

A typical cowboy - start breaking things and quit with a nice achievement in the CV before it all goes down

gct 15 hours ago|

One of those that thinks everyone owes them explaining everything to them in every detail or its not "right".

MrDarcy 15 hours ago||

There aren’t many situations where expecting everyone to explain everything in every detail is correct, but there are some.

Many of those situations where it is OK are down at the foundational level of the internet itself, which is what linode and Drew DeVault were concerned with back in the day.

An example today I’m wrestling with is TLS interception (valid) vs protecting against TLS man in the middle attacks. It’s tough to get people to see it’s an either or situation, they truly are mutually exclusive.

Unless, we walk together through every painstaking detail to reach the necessary conclusion together.

zdw 15 hours ago|||

The TLS issue mentioned can be more easily conceptualized if you view the root CA lists as "The people you're OK with MITM-ing you".

And then whether your trust in the browser vendor coalition to push back against and punish even accidental CA malfeasance are reasonable.

MrDarcy 5 hours ago||

The crux of the issue is reasonable people can disagree on what is OK at a large org.

Security, like every human, believes they’re the good guys.

Platform teams cannot enforce the principle of least privilege.

Truly a paradox.

computerfriend 11 hours ago|||

I feel like I've been in the same position as you. I ended up not being able to convince those who mattered so I left. Hope you have better luck!

sublinear 15 hours ago||

I'm confused by this take. Explaining things in full detail shouldn't be a chore for a reasonably competent leader.

It's just basic due diligence, and it's worth reviewing details when these topics come up. Maybe the new ideas aren't always fully baked, but they may have a point. Regular discussion is just part of the job.

gct 4 hours ago||

This person admits he drove people to quit with his behavior, that goes wayyyyyy beyond trying to get the full details. I've worked with this type before and I can envision the cold sweats in the office as he comes around to hold people hostage explaining every micro-detail of their work until he understands it.