upvote

points

by 9x392 hours ago |
comments
upvoteby maccard2 hours ago|
next
[-]
I replied above but basically we still need something; some people are just incapable of not making a total mess and they will literally go to Trojan.com and install dangerous.msi, ignore all the optional dismissible pop ups that say this is bad, and then still drop me a DM that the cracked plugin they got for maya to try out before asking to spend $8 isn’t working…

If there’s a middle ground I’d love to hear it!

reply
upvoteby fluoridation2 hours ago|
parent|
[-]
Couldn't you disable on a per-user basis? Everyone shouldn't be punished just because a few people can't be careful with their stuff.
reply
upvoteby maccard2 hours ago|
parent|
[-]
The person mentioned is a special case but the reality is that most people do need _something_. What happens if one trusted person makes a mistake and submits an exe to perforce? Now absolutely everyone is hosed.
reply
upvoteby fluoridation1 hours ago|
parent|
[-]
Why would everyone be hosed just because a binary got committed to version control? Either way, surely you can set up some policies or monitoring for that sort of thing.

I don't know, I've been developing on Windows for decades without an antivirus and I've never had these issues. Are your people downloading and installing random software all the time? In my experience, once I'm set up with my usual tools I rarely need to install anything else.

reply
upvoteby maccard1 hours ago|
parent|
[-]
> Why would everyone be hosed just because a binary got committed to version control?

We’re hosed if someone submits malware to source control and other people run it?

> Either way, surely you can set up some policies or monitoring for that sort of thing.

Like a tool that comes with windows that checks that nobody has done that, called windows defender? The tool I have a problem with?

> I've been developing on Windows for decades without an antivirus and I've never had these issues

This is a 100 person company with maybe 30 programmers, 30 artists and 30 designers. I don’t know which of those people are “capable” - and the people who say they are are the people I probably trust least. In a perfect world we’d tell everyone to be careful, and not click on random phishing links, and they’d listen. But they don’t, and we have to take some basic precautions. Using the OS provided, historically good, tools is a good starting point.

> Are your people downloading and installing random software all the time?

Dunno, we don’t monitor what people do. We just get an email if defender quarantines something. But we’re dealing with people working from home, and being given gaming spec machines. I would put money in the fact that people are using these for personal use.

reply
upvoteby fluoridation1 hours ago|
parent|
[-]
>Like a tool that comes with windows that checks that nobody has done that, called windows defender? The tool I have a problem with?

No, like a tool that's running on a machine of its own, monitoring what gets pushed to version control, or a policy on the version control server that rejects attempts to push files of the wrong type.

reply
upvoteby fluoridation2 hours ago|
prev|
[-]
Eugh. Well, whatever. Not like it makes any difference to the employee. They get paid whether they're waiting for the computer to finish spinning or doing useful work.
reply
upvoteby maccard1 hours ago|
parent|
[-]
We’re spending $4-8000 on these machines to try and offset these problems.

The problem is that there’s 100 of these “little” issues - and I have a full time job that _isnt_ doing IT support. If someone can help me find an IT support contractor that I can hire that will fix it I’d love to chat to them, but it goes in the pile alongside “why on earth does teams take longer to boot than my entire machine” and “why are we using zoom (because the person who makes the decision there prefers zoom to teams”)

reply