alt Hacker NewsToday some auditor (like me) would fail your ITGCs because of the undocumented partition/file/change/etc (take your pick) and force you to submit a deviation to the SOC team, ask you to "review and update the Secure Design Document to reflect to the change", ask you to create a Jira and/or ServiceNow ticket, etc. etc. etc.
Oh, and you would get a red mark on your "HR P&D record" for the 'Secure Software Policy' violation.
(Shit.. I hated myself writing the above, but it's true)
In 2001 though, we would all laugh if we would have 'caught' the devs doing something cool like this!
Replies
Yeah, the federal government used to pay extra for versions of Win/9x with the easter eggs taken out.
Gross.
I hope we do shrink software companies down to the mythical "1-person unicorns" so we can be done with this madness.
I prefer the taste of small auteurs to the consensus of product orgs and their politicking. (Add to that whatever design refreshes we are faced with when the designers declare a new design language.)
>"HR P&D record"
Let HR run your engineering, go broke.
That’s just how government work be, no shame.
> Oh, and you would get a red mark on your "HR P&D record" for the 'Secure Software Policy' violation.
What a time to be alive.
Meanwhile real bugs (security issues) would go unnoticed as it often happens.