this post was submitted on 01 Oct 2025
        
      
      1268 points (99.4% liked)
      linuxmemes
    27800 readers
  
      
      487 users here now
      Hint: :q!
Sister communities:
Community rules (click to expand)
1. Follow the site-wide rules
- Instance-wide TOS: https://legal.lemmy.world/tos/
- Lemmy code of conduct: https://join-lemmy.org/docs/code_of_conduct.html
2. Be civil
- Understand the difference between a joke and an insult.
- Do not harrass or attack users for any reason. This includes using blanket terms, like "every user of thing".
- Don't get baited into back-and-forth insults. We are not animals.
- Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
- Bigotry will not be tolerated.
3. Post Linux-related content
- Including Unix and BSD.
- Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudoin Windows.
- No porn, no politics, no trolling or ragebaiting.
4. No recent reposts
- Everybody uses Arch btw, can't quit Vim, <loves/tolerates/hates> systemd, and wants to interject for a moment. You can stop now.
5. π¬π§ Language/ΡΠ·ΡΠΊ/Sprache
- This is primarily an English-speaking community. π¬π§π¦πΊπΊπΈ
- Comments written in other languages are allowed.
- The substance of a post should be comprehensible for people who only speak English.
- Titles and post bodies written in other languages will be allowed, but only as long as the above rule is observed.
6. (NEW!) Regarding public figuresWe all have our opinions, and certain public figures can be divisive. Keep in mind that this is a community for memes and light-hearted fun, not for airing grievances or leveling accusations.
- Keep discussions polite and free of disparagement.
- We are never in possession of all of the facts. Defamatory comments will not be tolerated.
- Discussions that get too heated will be locked and offending comments removed. Β
Please report posts and comments that break these rules!
Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't remove France.
        founded 2 years ago
      
      MODERATORS
      
    you are viewing a single comment's thread
view the rest of the comments
    view the rest of the comments
 
          
          
There is a high skill level needed to configure Windows properly in enterprise settings. Regardless, I wouldn't be working for an organization that trusts any Microsoft software.
Keep your popcorn ready though, it's only a matter of time before Microsoft loses the security battle - unless Microsoft makes gigantic strides in a more sustainable direction.
Irrelevant. The defense of "they should do better" will do jack to prevent the firing of someone that willfully circumvented company policy.
I think their performance is relevant. Why would an employee be able to easily run an unknown binary from the internet to begin with? If the systems were properly configured to block this, there would be no issue. If I were an executive, I would absolutely be looking at my IT team in this case.
If the employee went entirely out of their way to run an unknown binary, bypassing OS-level restrictions, and sidestepping established procedures - then the employee should be fired.
You really are not familiar with the concepts of company policy and liability, are you? Whether there is an effective technical restriction in place is relevant to the question "can you run the thing". It is irrelevant for the question "did you circumvent company policy?" and, subsequently, to the blame/firing that comes from it.
This is the exact same discussion people keep having about "government can't block VPN" or "encryption can't be broken" when the idea of a law forcing backdoors in services floats around. Sure, you can still use encryption, technically. But if there's a law that say "encryption too strong to be broken is illegal", then you'll get arrested all the same, effective technical restriction or not.
I'm well-aware of how corporate policy, liability, and hierarchy works - the issue with your take is that you act like the IT team is innocent to somebody higher up on the ladder. My issue isnβt with the concept of policy itself (and the enforcement thereof) and the issue of liability, but with the misplaced absolution of IT teams from any responsibility when things go wrong.
IT teams are essentially the secret police in companies. I'm aware of how they usually function. I've heard many first-hand accounts from those behind the big screens making sure Bob doesn't watch porn or that somebody doesn't do something unauthorized with company computers. I'm unimpressed and it's frankly a dystopian twist of what IT actually should be; which is best serving a company's technical needs collaboratively - not roleplaying as the NSA.
It effectively shouldn't be possible for Bob to watch porn on company devices/internet. It shouldn't be possible or desirable for somebody to skirt policy to run binaries (even on a whim) for software they feel that they require for maximum productivity. There should be reasonable, timely, and accessible procedures for employees to request necessary software to be deployed.
If I recall correctly in another part of the thread, a user discussed a group of employees (including themselves) needing WSL for job duties and it being blocked without notice. This is an example of sheer incompetence of the IT team - blocking necessary software and failing to maintain/establish timely and accessible procedures to contest a block as an employee who needs specific software to function in their job.
Required software should never be blocked - so who is at fault? Who caused the most damage to the company? The people attempting to work? Or the people who have no idea what they're doing; making employees feel they need to completely disregard them to function in their duties - the people sabotaging operations?
You're free to fantasize about the little guy as the only one getting disciplined in these scenarios. I'm sure most corporate environments do work like that, but it just protects incompetency - unless, again, the employee went out of their way to run the binary in an abnormal way or otherwise had less than ideal intentions.
I never, not once, implied that. And frankly speaking I have no idea why you would think that. I said that a user, circumventing a company policy, would be in a tight spot, and depending on the policy most likely fired, regardless of the actual effectiveness of these policies implementation.
At no point have I said that nobody else would be in hot water for failing to do their job, nor did I say that the IT teams is above all and always perfect. But, for the user that did go around the aforementioned policy, the fate of someone else on another team is pretty much irrelevant after they're put down themselves.
Thanks for the exchange, it seems you misunderstood my intentions in commenting/responding.
I will stand by my points: corporate policy and course of action isn't always by the book β it can be unevenly enforced (depending on the circumstance, environment, and context).
As for me? I'll never work for Nazis or in environments ruled by people roleplaying as Nazis. It's demeaning.
The cool thing is that you can have better security without such an atmosphere β and I described it: it starts with locked-down systems and networks, IT actually being approachable human beings that communicate (who also understand business needs and requirements), policies that only punish and target bad actors (because it is effectively impossible for good faith actors to violate them), and accessible procedures for employees to escalate their needs to IT.
Anyway, have a good one. I apologize for being slightly rude with my phrasing, but I truly am aware of how draconian some environments are (especially depending on the context) and it was rude of you to confidently assert that I had no idea.
No problem. It was mostly hypothetical worst case scenario anyway. It would be nice if understanding, workplace improvements, and overall security where the targets everywhere, but unfortunately that's not always the case. It's also easy to lose the point in an online discussion, sorry about that.