It's not helpful to describe software as "the right way" or "the wrong way."

Instead, focus on finding "something that works" and avoiding "things that don't work" (and of course, "working" can include the requirement of code being readable, flexible, etc). There is never exactly "one right way." There are always several ways that work and are fine.

At work this is no big deal.

Just create a Jira ticket for each bug found, assign the minimum of one story point to each ticket, then spend ten minutes (or an hour) checking it out. If it's a real bug, create another Jira ticket for fixing it (you need to have a meeting to discuss priorities, of course, so don't fix it right away). If it's not a real bug, close it and Voila, a free story point. If it's a duplicate, close it anyway (not marked duplicate, that will take extra work and waste your time) and Voila, another free story point. (If you do need to verify that it's a duplicate, be sure to create a Jira ticket for verifying that it's a duplicate. Don't do any work that is not logged!)

I figure that including meetings, you can get around 60 story points a week just by looking at AI tickets. Adjust the number based on how many you need that sprint. Your manager will be happy, velocity is skyrocketing because of AI!

Of course in the real world, this strategy isn't great.

A lot of incompetent programmers got hired, the kind who not only can't produce elegant code, but also can't recognize it.

The result was managers started micromanaging them.

At these companies, the managers won, the rest of us suffer. At these companies, productivity is down (even if "agile velocity" is up), but they'd rather have control than productivity.

I'm not sure why you think CrowdStrike prevents ransomware.

Adding an extra layer (like crowdstrike or Okta or whatever) often just introduces vulnerabilities. You can still use them, but you should take into consideration when you are doing your security analysis (and not blindly following the crowd) that they will add vulnerabilities to your system.

Any attacker is a nation state actor adversary until proven otherwise.

It makes your customer feel better that way, and gets better headlines.

To be fair, "not having confidence in security researchers" is the default position...there's a reason why an entire book was titled POC||GTFO. https://www.amazon.com/PoC-GTF...

Nope.

It doesn't describe the real world, it matches the worldview of people who have an "us against them" mentality.

Learn To Read. The left/right axis is not related to religion. You can be religious on the right or on the left.

Strictly speaker, if you are not talking about someone sitting on the left or right side of the National Assembly hall, then "left/right" is just an imprecise, lazy metaphor.

For the most part, people who divide the world into left/right are either trying to manipulate the world, or are lazy thinkers. You can guess which one I think you are.

I'm ok with that.

Hamas is trying to overthrow the existing world order, and establish a new order.

The conservative/rightist ones are the ones trying maintain the existing order. In this case, the existing order is Israel/US. It's not related to religion. It's not an accident that leftists around the world feel sympathy with Hamas and antipathy for Israel (although socially Israel is much more liberal).

I don't understand people who try to jam every issue into the left-right spectrum. Most issues are not a left/right thing.

Where do you put Hamas on the left-right spectrum?

Poe's law definitely applies to this comment. I can't tell if the poster is being sarcastic, or genuinely can't speak concretely.

(It looks like he's afraid of the Elders of Zion or some nonsense.)

Good point.