Skip to content
  • Hjem
  • Seneste
  • Etiketter
  • Populære
  • Verden
  • Bruger
  • Grupper
Temaer
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Kollaps
FARVEL BIG TECH
  1. Forside
  2. Ikke-kategoriseret
  3. Anybody who has worked in IT support in the trenches in enterprise IT will tell you there are some Excel power users who basically run the company, are macros wizards and actual ninjas.. about 0.1% of the workforce.

Anybody who has worked in IT support in the trenches in enterprise IT will tell you there are some Excel power users who basically run the company, are macros wizards and actual ninjas.. about 0.1% of the workforce.

Planlagt Fastgjort Låst Flyttet Ikke-kategoriseret
88 Indlæg 60 Posters 0 Visninger
  • Ældste til nyeste
  • Nyeste til ældste
  • Most Votes
Svar
  • Svar som emne
Login for at svare
Denne tråd er blevet slettet. Kun brugere med emne behandlings privilegier kan se den.
  • bontchev@infosec.exchangeB bontchev@infosec.exchange

    @GossiTheDog This is stupid, of course - but, as they say, show me the incentive and I'll show you the outcome.

    Still, I don't quite understand the "cost" thing. If used properly, AI should reduce cost. By using Claude, I was able to do in 3 months what I previously couldn't do in 5 years. This is on a Pro subscription (the cheapest one) that costs something like 180 euros per year.

    If we had hired a professional programmer for the same work, their *monthly* salary would have been more than 10 times higher - and they would have become annoyed with me and left after 2 months anyway.

    goedelchen@mastodontech.deG This user is from outside of this forum
    goedelchen@mastodontech.deG This user is from outside of this forum
    goedelchen@mastodontech.de
    wrote sidst redigeret af
    #23

    @bontchev @GossiTheDog Are you paying the full price, which covers all cost or are you using AI burning VC capital?

    Edit: Stupid question, I overlooked that you're paying 180 €. So burning VC capital.

    1 Reply Last reply
    0
    • masek@infosec.exchangeM masek@infosec.exchange

      @GossiTheDog I am no general opponent of AI use. But as every tool it takes a lot of learning.

      The shallow learning curve at the beginning fools users and managers alike.

      For long term reliable and reproducible success you need a lot of structure.

      Developing that and enforcing it is a real challenge for most users.

      G This user is from outside of this forum
      G This user is from outside of this forum
      glitzersachen@hachyderm.io
      wrote sidst redigeret af
      #24

      @masek @GossiTheDog

      > I am no general opponent of AI use.

      I am, though.

      > Developing that and enforcing it is a real challenge for most users.

      Is it even worth the trouble or feasible? I'd like to remind people that this is the same group of users where it was too much hassle to learn "the command line" or even how a filesystem works. It all needed to be point & click "discoverable" interface (never mind that this promise was never fulfilled).

      The point is discoverability, though: An interface where function is (visually) recognizable.

      I wonder how (chat based) AI --- where no feature is actually _visible_ --- will work for this user group.

      Yes, I think it has a use, though: As a normal, only smart feature. Like cropping subjects from a picture as in Apple Photo (on iPad, YMMV): It's just a very smart lasso, but the concept is the same as of any other cropping tool: There is a line and the image is cropped along the line (if the user wants it).

      But it doesn't have a use a smartass ghost in the machine which does magic things or nags or bosses around the user.

      The average user won't "develop" a "structure", though: We (the software industry) have weaned them from doing so successfully now for almost 3 decades. The capability is gone. The promise of achievement without effort has stayed ...

      1 Reply Last reply
      0
      • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

        In an era where companies need to become more efficient and diverse they’ve basically picked the least efficient way to do it, with the biggest risks and highest costs - because everybody else is doing it.

        I know somebody at one of the big 4 who has written something in Claude that prompts Claude each twenty minutes for a question, then feeds Claude’s question back into Claude to use their tokens - because token usage is factored into employee evaluations. What are we even doing.

        goedelchen@mastodontech.deG This user is from outside of this forum
        goedelchen@mastodontech.deG This user is from outside of this forum
        goedelchen@mastodontech.de
        wrote sidst redigeret af
        #25

        @GossiTheDog Show me a metric and I'll show you a game.

        1 Reply Last reply
        0
        • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

          I’m really serious about this one btw. Companies have no measurable way of knowing what employees are doing with GenAI. They’re giving Claude Code out like it’s candy and just presuming everybody is an IT power user. They aren’t. They’re converting PDFs and vibe coding garden planning tools.

          Copilot M365 has a fake dashboard showing how productive people are.. it has no actual data. It just shows people use it. It’s CIO porn for the CEO. Orgs are pissing money up a wall worldwide.

          B This user is from outside of this forum
          B This user is from outside of this forum
          bakachu@infosec.exchange
          wrote sidst redigeret af
          #26

          @GossiTheDog i've found it to be quite difficult to use the various security copilots for their (supposedly) intended uses without simply swapping previously automated processes for them, which is insane but also what one rather supposes to be the point.

          i have however also used generic corporate copilot to do arbitrarily silly things like deobfuscate malware so anybody snooping on my prompts in the name of metrics or other glory may be in for a surprise 🙂

          1 Reply Last reply
          0
          • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

            In an era where companies need to become more efficient and diverse they’ve basically picked the least efficient way to do it, with the biggest risks and highest costs - because everybody else is doing it.

            I know somebody at one of the big 4 who has written something in Claude that prompts Claude each twenty minutes for a question, then feeds Claude’s question back into Claude to use their tokens - because token usage is factored into employee evaluations. What are we even doing.

            malwareminigun@infosec.exchangeM This user is from outside of this forum
            malwareminigun@infosec.exchangeM This user is from outside of this forum
            malwareminigun@infosec.exchange
            wrote sidst redigeret af
            #27

            @GossiTheDog I wish I could find the original to attribute it properly but this fits

            hans5524@mastodon.nlH scarlett@gamepad.clubS 2 Replies Last reply
            0
            • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

              RE: https://mastodon.social/@404mediaco/116908074107231828

              Anybody who has worked in IT support in the trenches in enterprise IT will tell you there are some Excel power users who basically run the company, are macros wizards and actual ninjas.. about 0.1% of the workforce. About 99% of people can’t align a table in Word.

              Giving the 99% of people tools which cost $$$ per user a month and letting them do anything is like giving a child a car, and being surprised when they ram the car into a wall three days later and cost $10k after achieving nothing.

              hyc@mastodon.socialH This user is from outside of this forum
              hyc@mastodon.socialH This user is from outside of this forum
              hyc@mastodon.social
              wrote sidst redigeret af
              #28

              @GossiTheDog How it started: "I want you to use more AI"

              1 Reply Last reply
              0
              • bontchev@infosec.exchangeB bontchev@infosec.exchange

                @GossiTheDog This is stupid, of course - but, as they say, show me the incentive and I'll show you the outcome.

                Still, I don't quite understand the "cost" thing. If used properly, AI should reduce cost. By using Claude, I was able to do in 3 months what I previously couldn't do in 5 years. This is on a Pro subscription (the cheapest one) that costs something like 180 euros per year.

                If we had hired a professional programmer for the same work, their *monthly* salary would have been more than 10 times higher - and they would have become annoyed with me and left after 2 months anyway.

                malwareminigun@infosec.exchangeM This user is from outside of this forum
                malwareminigun@infosec.exchangeM This user is from outside of this forum
                malwareminigun@infosec.exchange
                wrote sidst redigeret af
                #29

                @bontchev Claude with effectively unlimited usage isn't going to stay $180/year for long. When they do usage based billing like everyone else has been forced to do it's really easy to have a 2 sentence input that costs $100

                (It still might be cheaper than hiring a developer but it is still very expensive)

                bontchev@infosec.exchangeB 1 Reply Last reply
                0
                • xan@xantronix.socialX xan@xantronix.social

                  @bontchev @GossiTheDog Why would your hypothetical employee have become annoyed with you?

                  gulfie@mastodonapp.ukG This user is from outside of this forum
                  gulfie@mastodonapp.ukG This user is from outside of this forum
                  gulfie@mastodonapp.uk
                  wrote sidst redigeret af
                  #30

                  @xan @bontchev@infosec.exchange @GossiTheDog read his bio and then you might get it

                  1 Reply Last reply
                  0
                  • xan@xantronix.socialX xan@xantronix.social

                    @bontchev @GossiTheDog Why would your hypothetical employee have become annoyed with you?

                    nudelnaldente@mstdn.socialN This user is from outside of this forum
                    nudelnaldente@mstdn.socialN This user is from outside of this forum
                    nudelnaldente@mstdn.social
                    wrote sidst redigeret af
                    #31

                    @xan @bontchev @GossiTheDog My guess would be some combination of "doesn't know how to determine & articulate what is actually required" & "doesn't know how to assess outcomes".
                    This is less a dig at the poster in question, more a comment on the general state of working in pretty much any corporate tech role over the past few decades.

                    1 Reply Last reply
                    0
                    • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                      I’m really serious about this one btw. Companies have no measurable way of knowing what employees are doing with GenAI. They’re giving Claude Code out like it’s candy and just presuming everybody is an IT power user. They aren’t. They’re converting PDFs and vibe coding garden planning tools.

                      Copilot M365 has a fake dashboard showing how productive people are.. it has no actual data. It just shows people use it. It’s CIO porn for the CEO. Orgs are pissing money up a wall worldwide.

                      stevel@hachyderm.ioS This user is from outside of this forum
                      stevel@hachyderm.ioS This user is from outside of this forum
                      stevel@hachyderm.io
                      wrote sidst redigeret af
                      #32

                      @GossiTheDog notable here that all excel/word macro, activex embedding is for that 0.1% and it's the security nightmare for the 99.9% who don't actually use this stuff.
                      Really office should have been designed so that scripting was something you had to explicitly install.

                      1 Reply Last reply
                      0
                      • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                        I’m really serious about this one btw. Companies have no measurable way of knowing what employees are doing with GenAI. They’re giving Claude Code out like it’s candy and just presuming everybody is an IT power user. They aren’t. They’re converting PDFs and vibe coding garden planning tools.

                        Copilot M365 has a fake dashboard showing how productive people are.. it has no actual data. It just shows people use it. It’s CIO porn for the CEO. Orgs are pissing money up a wall worldwide.

                        webhat@infosec.exchangeW This user is from outside of this forum
                        webhat@infosec.exchangeW This user is from outside of this forum
                        webhat@infosec.exchange
                        wrote sidst redigeret af
                        #33

                        @GossiTheDog if they are like me, they are using it only as needed to keep their jobs until this fad blows over and the company comes to it's senses

                        1 Reply Last reply
                        0
                        • xan@xantronix.socialX xan@xantronix.social

                          @bontchev @GossiTheDog Why would your hypothetical employee have become annoyed with you?

                          lerxst@az.socialL This user is from outside of this forum
                          lerxst@az.socialL This user is from outside of this forum
                          lerxst@az.social
                          wrote sidst redigeret af
                          #34

                          @xan @bontchev @GossiTheDog says more about the poster than the benefits of AI, IMO.

                          1 Reply Last reply
                          0
                          • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                            I’m really serious about this one btw. Companies have no measurable way of knowing what employees are doing with GenAI. They’re giving Claude Code out like it’s candy and just presuming everybody is an IT power user. They aren’t. They’re converting PDFs and vibe coding garden planning tools.

                            Copilot M365 has a fake dashboard showing how productive people are.. it has no actual data. It just shows people use it. It’s CIO porn for the CEO. Orgs are pissing money up a wall worldwide.

                            spartan_1986@infosec.exchangeS This user is from outside of this forum
                            spartan_1986@infosec.exchangeS This user is from outside of this forum
                            spartan_1986@infosec.exchange
                            wrote sidst redigeret af
                            #35

                            @GossiTheDog And then there is the non-monetary costs. We recently completed our first penetration test against Copilot in my corp and to say we found a lot of secret and confidential stuff out there just for the prompting is an understatement. The company totally believed Microsoft when they said everything would be safe guarded, yet I personally found a document with every marketing service account name and password. Vender contracts, company secrets, legal documents: we found it all. Copilot in a corporate environment is the single largest amplifier of poor IAM configurations. It is the largest insider threat I’ve ever seen.

                            spartan_1986@infosec.exchangeS n_dimension@infosec.exchangeN avirr@sfba.socialA 3 Replies Last reply
                            0
                            • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                              I’m really serious about this one btw. Companies have no measurable way of knowing what employees are doing with GenAI. They’re giving Claude Code out like it’s candy and just presuming everybody is an IT power user. They aren’t. They’re converting PDFs and vibe coding garden planning tools.

                              Copilot M365 has a fake dashboard showing how productive people are.. it has no actual data. It just shows people use it. It’s CIO porn for the CEO. Orgs are pissing money up a wall worldwide.

                              stompyrobot@mastodon.gamedev.placeS This user is from outside of this forum
                              stompyrobot@mastodon.gamedev.placeS This user is from outside of this forum
                              stompyrobot@mastodon.gamedev.place
                              wrote sidst redigeret af
                              #36

                              @GossiTheDog

                              Yes and people post on mastodon in their work supplied browsers too.

                              If your manager doesn't understand whether you do good work or not, it's natural to exploit that. That's not a tool problem, it's a manager problem!

                              1 Reply Last reply
                              0
                              • brnrd@bsd.networkB brnrd@bsd.network

                                @GossiTheDog honestly, isn't most of the stuff IT teams do nowadays extremely wasteful?
                                I look at CI pipelines and feel the need to scream.
                                Upgrade your OS image with hundreds of packages on every push,
                                Build all layers of your container every time...
                                Then migrate to the next git service and CI/CD framework every year, complete rewrites.
                                How many bloody Artifactory mirrors does a company need?!!!

                                Etc. etc. These kids should start with a C64 or ZX80 before let loose on this hot garbage

                                jeroenvanbergen@mstdn.socialJ This user is from outside of this forum
                                jeroenvanbergen@mstdn.socialJ This user is from outside of this forum
                                jeroenvanbergen@mstdn.social
                                wrote sidst redigeret af
                                #37

                                @brnrd @GossiTheDog There is a ‘certain amount of waste’ built into the modern way of writing, testing and deploying software.

                                That amount can be totally insane when changing a minor detail. If the pipeline is not able to isolate what to build, test and deploy it will just do it all. Is it necessary? No. Is it able to prevent mistakes? Maybe.

                                brnrd@bsd.networkB ingram@mastodon.socialI 2 Replies Last reply
                                0
                                • spartan_1986@infosec.exchangeS spartan_1986@infosec.exchange

                                  @GossiTheDog And then there is the non-monetary costs. We recently completed our first penetration test against Copilot in my corp and to say we found a lot of secret and confidential stuff out there just for the prompting is an understatement. The company totally believed Microsoft when they said everything would be safe guarded, yet I personally found a document with every marketing service account name and password. Vender contracts, company secrets, legal documents: we found it all. Copilot in a corporate environment is the single largest amplifier of poor IAM configurations. It is the largest insider threat I’ve ever seen.

                                  spartan_1986@infosec.exchangeS This user is from outside of this forum
                                  spartan_1986@infosec.exchangeS This user is from outside of this forum
                                  spartan_1986@infosec.exchange
                                  wrote sidst redigeret af
                                  #38

                                  @GossiTheDog PS: we did raise these concerns when management announced everyone was getting Copilot. Took months (and months) to get them to agree to a test. “No one will be able to see anything they don’t already have access to,” they said.🤷‍♂️

                                  Yes. Exactly.

                                  darryl@toot.communityD 1 Reply Last reply
                                  0
                                  • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                                    In an era where companies need to become more efficient and diverse they’ve basically picked the least efficient way to do it, with the biggest risks and highest costs - because everybody else is doing it.

                                    I know somebody at one of the big 4 who has written something in Claude that prompts Claude each twenty minutes for a question, then feeds Claude’s question back into Claude to use their tokens - because token usage is factored into employee evaluations. What are we even doing.

                                    deepthoughts10@infosec.exchangeD This user is from outside of this forum
                                    deepthoughts10@infosec.exchangeD This user is from outside of this forum
                                    deepthoughts10@infosec.exchange
                                    wrote sidst redigeret af
                                    #39

                                    @GossiTheDog I’m starting to see some companies log all AI prompts and review them to see what people are using AI to do. The ones I’ve seen do this are positioning it as a way to discover additional training opportunities for their staff — to train them that they gave other, better tools to compare PDFs, for example. It makes sense if you have the tools and resources to put together this kind of analysis.

                                    euroinfosec@infosec.exchangeE 1 Reply Last reply
                                    0
                                    • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                                      RE: https://mastodon.social/@404mediaco/116908074107231828

                                      Anybody who has worked in IT support in the trenches in enterprise IT will tell you there are some Excel power users who basically run the company, are macros wizards and actual ninjas.. about 0.1% of the workforce. About 99% of people can’t align a table in Word.

                                      Giving the 99% of people tools which cost $$$ per user a month and letting them do anything is like giving a child a car, and being surprised when they ram the car into a wall three days later and cost $10k after achieving nothing.

                                      nosirrahsec@infosec.exchangeN This user is from outside of this forum
                                      nosirrahsec@infosec.exchangeN This user is from outside of this forum
                                      nosirrahsec@infosec.exchange
                                      wrote sidst redigeret af
                                      #40

                                      @GossiTheDog Fucking. Bingo.

                                      1 Reply Last reply
                                      0
                                      • gossithedog@cyberplace.socialG gossithedog@cyberplace.social

                                        In an era where companies need to become more efficient and diverse they’ve basically picked the least efficient way to do it, with the biggest risks and highest costs - because everybody else is doing it.

                                        I know somebody at one of the big 4 who has written something in Claude that prompts Claude each twenty minutes for a question, then feeds Claude’s question back into Claude to use their tokens - because token usage is factored into employee evaluations. What are we even doing.

                                        en3py@onlyarts.socialE This user is from outside of this forum
                                        en3py@onlyarts.socialE This user is from outside of this forum
                                        en3py@onlyarts.social
                                        wrote sidst redigeret af
                                        #41

                                        @GossiTheDog I would add to yours, that it's a good way to do things in the least diverse way possible, as they are all pivoting everything to a common point: the statistical standard AI is trained on. Everything will look the same.

                                        1 Reply Last reply
                                        0
                                        • jeroenvanbergen@mstdn.socialJ jeroenvanbergen@mstdn.social

                                          @brnrd @GossiTheDog There is a ‘certain amount of waste’ built into the modern way of writing, testing and deploying software.

                                          That amount can be totally insane when changing a minor detail. If the pipeline is not able to isolate what to build, test and deploy it will just do it all. Is it necessary? No. Is it able to prevent mistakes? Maybe.

                                          brnrd@bsd.networkB This user is from outside of this forum
                                          brnrd@bsd.networkB This user is from outside of this forum
                                          brnrd@bsd.network
                                          wrote sidst redigeret af
                                          #42

                                          @jeroenvanbergen @GossiTheDog
                                          Some waste is inherent. But frugality is nowhere to be found nowadays.

                                          The FreeBSD ports I maintain I will build / test on all tier-1 platforms I support.
                                          You need to build and run the test-suite on whatever changes you provide.

                                          Shit gets out of hand quickly.
                                          We needed to migrate BitBucket to a cluster because of the load on the system, but couldn't be arsed to punish people doing full git clones continuously instead of restricting depth and cloning only the branch you need.
                                          I see pipelines doing the same builds multiple times for different purposes, why?

                                          Convenience not only trumps security, it also trumps efficiency.

                                          (yes, I know how awful bitbucket is, don't @ me)

                                          jeroenvanbergen@mstdn.socialJ 1 Reply Last reply
                                          0
                                          Svar
                                          • Svar som emne
                                          Login for at svare
                                          • Ældste til nyeste
                                          • Nyeste til ældste
                                          • Most Votes


                                          • Log ind

                                          • Har du ikke en konto? Tilmeld

                                          • Login or register to search.
                                          Powered by NodeBB Contributors
                                          Graciously hosted by data.coop
                                          • First post
                                            Last post
                                          0
                                          • Hjem
                                          • Seneste
                                          • Etiketter
                                          • Populære
                                          • Verden
                                          • Bruger
                                          • Grupper