Skip to content
  • Hjem
  • Seneste
  • Etiketter
  • Populære
  • Verden
  • Bruger
  • Grupper
Temaer
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Kollaps
FARVEL BIG TECH
  1. Forside
  2. Ikke-kategoriseret
  3. Anybody who has worked in IT support in the trenches in enterprise IT will tell you there are some Excel power users who basically run the company, are macros wizards and actual ninjas.. about 0.1% of the workforce.

Anybody who has worked in IT support in the trenches in enterprise IT will tell you there are some Excel power users who basically run the company, are macros wizards and actual ninjas.. about 0.1% of the workforce.

Planlagt Fastgjort Låst Flyttet Ikke-kategoriseret
88 Indlæg 60 Posters 0 Visninger
  • Ældste til nyeste
  • Nyeste til ældste
  • Most Votes
Svar
  • Svar som emne
Login for at svare
Denne tråd er blevet slettet. Kun brugere med emne behandlings privilegier kan se den.
  • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

    RE: https://mastodon.social/@404mediaco/116908074107231828

    Anybody who has worked in IT support in the trenches in enterprise IT will tell you there are some Excel power users who basically run the company, are macros wizards and actual ninjas.. about 0.1% of the workforce. About 99% of people can’t align a table in Word.

    Giving the 99% of people tools which cost $$$ per user a month and letting them do anything is like giving a child a car, and being surprised when they ram the car into a wall three days later and cost $10k after achieving nothing.

    hyc@mastodon.socialH This user is from outside of this forum
    hyc@mastodon.socialH This user is from outside of this forum
    hyc@mastodon.social
    wrote sidst redigeret af
    #28

    @GossiTheDog How it started: "I want you to use more AI"

    1 Reply Last reply
    0
    • bontchev@infosec.exchangeB bontchev@infosec.exchange

      @GossiTheDog This is stupid, of course - but, as they say, show me the incentive and I'll show you the outcome.

      Still, I don't quite understand the "cost" thing. If used properly, AI should reduce cost. By using Claude, I was able to do in 3 months what I previously couldn't do in 5 years. This is on a Pro subscription (the cheapest one) that costs something like 180 euros per year.

      If we had hired a professional programmer for the same work, their *monthly* salary would have been more than 10 times higher - and they would have become annoyed with me and left after 2 months anyway.

      malwareminigun@infosec.exchangeM This user is from outside of this forum
      malwareminigun@infosec.exchangeM This user is from outside of this forum
      malwareminigun@infosec.exchange
      wrote sidst redigeret af
      #29

      @bontchev Claude with effectively unlimited usage isn't going to stay $180/year for long. When they do usage based billing like everyone else has been forced to do it's really easy to have a 2 sentence input that costs $100

      (It still might be cheaper than hiring a developer but it is still very expensive)

      bontchev@infosec.exchangeB 1 Reply Last reply
      0
      • xan@xantronix.socialX xan@xantronix.social

        @bontchev @GossiTheDog Why would your hypothetical employee have become annoyed with you?

        gulfie@mastodonapp.ukG This user is from outside of this forum
        gulfie@mastodonapp.ukG This user is from outside of this forum
        gulfie@mastodonapp.uk
        wrote sidst redigeret af
        #30

        @xan @bontchev@infosec.exchange @GossiTheDog read his bio and then you might get it

        1 Reply Last reply
        0
        • xan@xantronix.socialX xan@xantronix.social

          @bontchev @GossiTheDog Why would your hypothetical employee have become annoyed with you?

          nudelnaldente@mstdn.socialN This user is from outside of this forum
          nudelnaldente@mstdn.socialN This user is from outside of this forum
          nudelnaldente@mstdn.social
          wrote sidst redigeret af
          #31

          @xan @bontchev @GossiTheDog My guess would be some combination of "doesn't know how to determine & articulate what is actually required" & "doesn't know how to assess outcomes".
          This is less a dig at the poster in question, more a comment on the general state of working in pretty much any corporate tech role over the past few decades.

          1 Reply Last reply
          0
          • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

            I’m really serious about this one btw. Companies have no measurable way of knowing what employees are doing with GenAI. They’re giving Claude Code out like it’s candy and just presuming everybody is an IT power user. They aren’t. They’re converting PDFs and vibe coding garden planning tools.

            Copilot M365 has a fake dashboard showing how productive people are.. it has no actual data. It just shows people use it. It’s CIO porn for the CEO. Orgs are pissing money up a wall worldwide.

            stevel@hachyderm.ioS This user is from outside of this forum
            stevel@hachyderm.ioS This user is from outside of this forum
            stevel@hachyderm.io
            wrote sidst redigeret af
            #32

            @GossiTheDog notable here that all excel/word macro, activex embedding is for that 0.1% and it's the security nightmare for the 99.9% who don't actually use this stuff.
            Really office should have been designed so that scripting was something you had to explicitly install.

            1 Reply Last reply
            0
            • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

              I’m really serious about this one btw. Companies have no measurable way of knowing what employees are doing with GenAI. They’re giving Claude Code out like it’s candy and just presuming everybody is an IT power user. They aren’t. They’re converting PDFs and vibe coding garden planning tools.

              Copilot M365 has a fake dashboard showing how productive people are.. it has no actual data. It just shows people use it. It’s CIO porn for the CEO. Orgs are pissing money up a wall worldwide.

              webhat@infosec.exchangeW This user is from outside of this forum
              webhat@infosec.exchangeW This user is from outside of this forum
              webhat@infosec.exchange
              wrote sidst redigeret af
              #33

              @GossiTheDog if they are like me, they are using it only as needed to keep their jobs until this fad blows over and the company comes to it's senses

              1 Reply Last reply
              0
              • xan@xantronix.socialX xan@xantronix.social

                @bontchev @GossiTheDog Why would your hypothetical employee have become annoyed with you?

                lerxst@az.socialL This user is from outside of this forum
                lerxst@az.socialL This user is from outside of this forum
                lerxst@az.social
                wrote sidst redigeret af
                #34

                @xan @bontchev @GossiTheDog says more about the poster than the benefits of AI, IMO.

                1 Reply Last reply
                0
                • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                  I’m really serious about this one btw. Companies have no measurable way of knowing what employees are doing with GenAI. They’re giving Claude Code out like it’s candy and just presuming everybody is an IT power user. They aren’t. They’re converting PDFs and vibe coding garden planning tools.

                  Copilot M365 has a fake dashboard showing how productive people are.. it has no actual data. It just shows people use it. It’s CIO porn for the CEO. Orgs are pissing money up a wall worldwide.

                  spartan_1986@infosec.exchangeS This user is from outside of this forum
                  spartan_1986@infosec.exchangeS This user is from outside of this forum
                  spartan_1986@infosec.exchange
                  wrote sidst redigeret af
                  #35

                  @GossiTheDog And then there is the non-monetary costs. We recently completed our first penetration test against Copilot in my corp and to say we found a lot of secret and confidential stuff out there just for the prompting is an understatement. The company totally believed Microsoft when they said everything would be safe guarded, yet I personally found a document with every marketing service account name and password. Vender contracts, company secrets, legal documents: we found it all. Copilot in a corporate environment is the single largest amplifier of poor IAM configurations. It is the largest insider threat I’ve ever seen.

                  spartan_1986@infosec.exchangeS n_dimension@infosec.exchangeN avirr@sfba.socialA 3 Replies Last reply
                  0
                  • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                    I’m really serious about this one btw. Companies have no measurable way of knowing what employees are doing with GenAI. They’re giving Claude Code out like it’s candy and just presuming everybody is an IT power user. They aren’t. They’re converting PDFs and vibe coding garden planning tools.

                    Copilot M365 has a fake dashboard showing how productive people are.. it has no actual data. It just shows people use it. It’s CIO porn for the CEO. Orgs are pissing money up a wall worldwide.

                    stompyrobot@mastodon.gamedev.placeS This user is from outside of this forum
                    stompyrobot@mastodon.gamedev.placeS This user is from outside of this forum
                    stompyrobot@mastodon.gamedev.place
                    wrote sidst redigeret af
                    #36

                    @GossiTheDog

                    Yes and people post on mastodon in their work supplied browsers too.

                    If your manager doesn't understand whether you do good work or not, it's natural to exploit that. That's not a tool problem, it's a manager problem!

                    1 Reply Last reply
                    0
                    • brnrd@bsd.networkB brnrd@bsd.network

                      @GossiTheDog honestly, isn't most of the stuff IT teams do nowadays extremely wasteful?
                      I look at CI pipelines and feel the need to scream.
                      Upgrade your OS image with hundreds of packages on every push,
                      Build all layers of your container every time...
                      Then migrate to the next git service and CI/CD framework every year, complete rewrites.
                      How many bloody Artifactory mirrors does a company need?!!!

                      Etc. etc. These kids should start with a C64 or ZX80 before let loose on this hot garbage

                      jeroenvanbergen@mstdn.socialJ This user is from outside of this forum
                      jeroenvanbergen@mstdn.socialJ This user is from outside of this forum
                      jeroenvanbergen@mstdn.social
                      wrote sidst redigeret af
                      #37

                      @brnrd @GossiTheDog There is a ‘certain amount of waste’ built into the modern way of writing, testing and deploying software.

                      That amount can be totally insane when changing a minor detail. If the pipeline is not able to isolate what to build, test and deploy it will just do it all. Is it necessary? No. Is it able to prevent mistakes? Maybe.

                      brnrd@bsd.networkB ingram@mastodon.socialI 2 Replies Last reply
                      0
                      • spartan_1986@infosec.exchangeS spartan_1986@infosec.exchange

                        @GossiTheDog And then there is the non-monetary costs. We recently completed our first penetration test against Copilot in my corp and to say we found a lot of secret and confidential stuff out there just for the prompting is an understatement. The company totally believed Microsoft when they said everything would be safe guarded, yet I personally found a document with every marketing service account name and password. Vender contracts, company secrets, legal documents: we found it all. Copilot in a corporate environment is the single largest amplifier of poor IAM configurations. It is the largest insider threat I’ve ever seen.

                        spartan_1986@infosec.exchangeS This user is from outside of this forum
                        spartan_1986@infosec.exchangeS This user is from outside of this forum
                        spartan_1986@infosec.exchange
                        wrote sidst redigeret af
                        #38

                        @GossiTheDog PS: we did raise these concerns when management announced everyone was getting Copilot. Took months (and months) to get them to agree to a test. “No one will be able to see anything they don’t already have access to,” they said.🤷‍♂️

                        Yes. Exactly.

                        darryl@toot.communityD 1 Reply Last reply
                        0
                        • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                          In an era where companies need to become more efficient and diverse they’ve basically picked the least efficient way to do it, with the biggest risks and highest costs - because everybody else is doing it.

                          I know somebody at one of the big 4 who has written something in Claude that prompts Claude each twenty minutes for a question, then feeds Claude’s question back into Claude to use their tokens - because token usage is factored into employee evaluations. What are we even doing.

                          deepthoughts10@infosec.exchangeD This user is from outside of this forum
                          deepthoughts10@infosec.exchangeD This user is from outside of this forum
                          deepthoughts10@infosec.exchange
                          wrote sidst redigeret af
                          #39

                          @GossiTheDog I’m starting to see some companies log all AI prompts and review them to see what people are using AI to do. The ones I’ve seen do this are positioning it as a way to discover additional training opportunities for their staff — to train them that they gave other, better tools to compare PDFs, for example. It makes sense if you have the tools and resources to put together this kind of analysis.

                          euroinfosec@infosec.exchangeE 1 Reply Last reply
                          0
                          • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                            RE: https://mastodon.social/@404mediaco/116908074107231828

                            Anybody who has worked in IT support in the trenches in enterprise IT will tell you there are some Excel power users who basically run the company, are macros wizards and actual ninjas.. about 0.1% of the workforce. About 99% of people can’t align a table in Word.

                            Giving the 99% of people tools which cost $$$ per user a month and letting them do anything is like giving a child a car, and being surprised when they ram the car into a wall three days later and cost $10k after achieving nothing.

                            nosirrahsec@infosec.exchangeN This user is from outside of this forum
                            nosirrahsec@infosec.exchangeN This user is from outside of this forum
                            nosirrahsec@infosec.exchange
                            wrote sidst redigeret af
                            #40

                            @GossiTheDog Fucking. Bingo.

                            1 Reply Last reply
                            0
                            • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                              In an era where companies need to become more efficient and diverse they’ve basically picked the least efficient way to do it, with the biggest risks and highest costs - because everybody else is doing it.

                              I know somebody at one of the big 4 who has written something in Claude that prompts Claude each twenty minutes for a question, then feeds Claude’s question back into Claude to use their tokens - because token usage is factored into employee evaluations. What are we even doing.

                              en3py@onlyarts.socialE This user is from outside of this forum
                              en3py@onlyarts.socialE This user is from outside of this forum
                              en3py@onlyarts.social
                              wrote sidst redigeret af
                              #41

                              @GossiTheDog I would add to yours, that it's a good way to do things in the least diverse way possible, as they are all pivoting everything to a common point: the statistical standard AI is trained on. Everything will look the same.

                              1 Reply Last reply
                              0
                              • jeroenvanbergen@mstdn.socialJ jeroenvanbergen@mstdn.social

                                @brnrd @GossiTheDog There is a ‘certain amount of waste’ built into the modern way of writing, testing and deploying software.

                                That amount can be totally insane when changing a minor detail. If the pipeline is not able to isolate what to build, test and deploy it will just do it all. Is it necessary? No. Is it able to prevent mistakes? Maybe.

                                brnrd@bsd.networkB This user is from outside of this forum
                                brnrd@bsd.networkB This user is from outside of this forum
                                brnrd@bsd.network
                                wrote sidst redigeret af
                                #42

                                @jeroenvanbergen @GossiTheDog
                                Some waste is inherent. But frugality is nowhere to be found nowadays.

                                The FreeBSD ports I maintain I will build / test on all tier-1 platforms I support.
                                You need to build and run the test-suite on whatever changes you provide.

                                Shit gets out of hand quickly.
                                We needed to migrate BitBucket to a cluster because of the load on the system, but couldn't be arsed to punish people doing full git clones continuously instead of restricting depth and cloning only the branch you need.
                                I see pipelines doing the same builds multiple times for different purposes, why?

                                Convenience not only trumps security, it also trumps efficiency.

                                (yes, I know how awful bitbucket is, don't @ me)

                                jeroenvanbergen@mstdn.socialJ 1 Reply Last reply
                                0
                                • brnrd@bsd.networkB brnrd@bsd.network

                                  @GossiTheDog honestly, isn't most of the stuff IT teams do nowadays extremely wasteful?
                                  I look at CI pipelines and feel the need to scream.
                                  Upgrade your OS image with hundreds of packages on every push,
                                  Build all layers of your container every time...
                                  Then migrate to the next git service and CI/CD framework every year, complete rewrites.
                                  How many bloody Artifactory mirrors does a company need?!!!

                                  Etc. etc. These kids should start with a C64 or ZX80 before let loose on this hot garbage

                                  thepwnicorn@infosec.exchangeT This user is from outside of this forum
                                  thepwnicorn@infosec.exchangeT This user is from outside of this forum
                                  thepwnicorn@infosec.exchange
                                  wrote sidst redigeret af
                                  #43

                                  @brnrd @GossiTheDog it doesn't have to be if you're considering those issues you've pointed out worth addressing. Though you're probably right that plenty don't. You could build small purpose-built container images that have the required tools installed and cache them on the runners. You can have proxy registeries / pull through caches to not download the same npm/pypi/maven/... packages all over again.

                                  thepwnicorn@infosec.exchangeT 1 Reply Last reply
                                  0
                                  • brnrd@bsd.networkB brnrd@bsd.network

                                    @jeroenvanbergen @GossiTheDog
                                    Some waste is inherent. But frugality is nowhere to be found nowadays.

                                    The FreeBSD ports I maintain I will build / test on all tier-1 platforms I support.
                                    You need to build and run the test-suite on whatever changes you provide.

                                    Shit gets out of hand quickly.
                                    We needed to migrate BitBucket to a cluster because of the load on the system, but couldn't be arsed to punish people doing full git clones continuously instead of restricting depth and cloning only the branch you need.
                                    I see pipelines doing the same builds multiple times for different purposes, why?

                                    Convenience not only trumps security, it also trumps efficiency.

                                    (yes, I know how awful bitbucket is, don't @ me)

                                    jeroenvanbergen@mstdn.socialJ This user is from outside of this forum
                                    jeroenvanbergen@mstdn.socialJ This user is from outside of this forum
                                    jeroenvanbergen@mstdn.social
                                    wrote sidst redigeret af
                                    #44

                                    @brnrd @GossiTheDog There is a certain irony to burning so many CPU cycles to make minor steps forward in quality or features.

                                    For software that is run by a lot of machines that might be fine, but most corporate software uses the same kind of pipeline these days. The ratio of effort to build, test and deploy that kind of software vs the times a feature is actually used could be wrong for a long time.

                                    1 Reply Last reply
                                    0
                                    • thepwnicorn@infosec.exchangeT thepwnicorn@infosec.exchange

                                      @brnrd @GossiTheDog it doesn't have to be if you're considering those issues you've pointed out worth addressing. Though you're probably right that plenty don't. You could build small purpose-built container images that have the required tools installed and cache them on the runners. You can have proxy registeries / pull through caches to not download the same npm/pypi/maven/... packages all over again.

                                      thepwnicorn@infosec.exchangeT This user is from outside of this forum
                                      thepwnicorn@infosec.exchangeT This user is from outside of this forum
                                      thepwnicorn@infosec.exchange
                                      wrote sidst redigeret af
                                      #45

                                      @brnrd @GossiTheDog Don't stuff everything in platform specific CI tools, but rather have them in scripts. You can thus test them properly and also have an easier time if CI systems should change for whatever reason. Similarly, have local mirror of git repositories if you're building from source. All of that is unglamorous work though and doesn't generate revenue, so I suspect that many companies don't give engineers much time and resources to address this unless they see releases at risk because jobs get too slow or fail.

                                      1 Reply Last reply
                                      0
                                      • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                                        I’m really serious about this one btw. Companies have no measurable way of knowing what employees are doing with GenAI. They’re giving Claude Code out like it’s candy and just presuming everybody is an IT power user. They aren’t. They’re converting PDFs and vibe coding garden planning tools.

                                        Copilot M365 has a fake dashboard showing how productive people are.. it has no actual data. It just shows people use it. It’s CIO porn for the CEO. Orgs are pissing money up a wall worldwide.

                                        t2r@infosec.exchangeT This user is from outside of this forum
                                        t2r@infosec.exchangeT This user is from outside of this forum
                                        t2r@infosec.exchange
                                        wrote sidst redigeret af
                                        #46

                                        @GossiTheDog good let the. When the bubble bursts they’ll be held accountable by shareholders.

                                        1 Reply Last reply
                                        0
                                        • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                                          In an era where companies need to become more efficient and diverse they’ve basically picked the least efficient way to do it, with the biggest risks and highest costs - because everybody else is doing it.

                                          I know somebody at one of the big 4 who has written something in Claude that prompts Claude each twenty minutes for a question, then feeds Claude’s question back into Claude to use their tokens - because token usage is factored into employee evaluations. What are we even doing.

                                          gunstick@mastodon.opencloud.luG This user is from outside of this forum
                                          gunstick@mastodon.opencloud.luG This user is from outside of this forum
                                          gunstick@mastodon.opencloud.lu
                                          wrote sidst redigeret af
                                          #47

                                          @GossiTheDog this autofeeding also happens at facebook for the same reason. Tokenmaxing.

                                          1 Reply Last reply
                                          0
                                          Svar
                                          • Svar som emne
                                          Login for at svare
                                          • Ældste til nyeste
                                          • Nyeste til ældste
                                          • Most Votes


                                          • Log ind

                                          • Har du ikke en konto? Tilmeld

                                          • Login or register to search.
                                          Powered by NodeBB Contributors
                                          Graciously hosted by data.coop
                                          • First post
                                            Last post
                                          0
                                          • Hjem
                                          • Seneste
                                          • Etiketter
                                          • Populære
                                          • Verden
                                          • Bruger
                                          • Grupper