Back in 2011/2012 I worked with LinkedIn's api on a product for one of our clients at a small web shop. While coding the login auth my team and I discovered more than 10 security issues and addressed them to LinkedIn. According to them they had only one dev working on the api and there was no time or resource available to fix these issues. So we filed bug reports w/o LinkedIn ever acknowledging them. Two weeks later LinkedIn was hacked and 167mio user accounts were sold for a few bitcoins on the darkweb.
Bottom line: take security serious. Throw so money and resources on it! Don't be greedy and let things like this happen again. Oh, and don't hire people who can't spell SRE or are 22-year-old fresh out of college folks who are not fully aware of their responsibility.
All this shows us the ridiculous hiring strategy of LinkedIn, a terrible, understaffed and greedy business, you should never work for.
The key phrase is "who are not fully aware of their responsibility". The commenter is not wrong in identifying a subset of the candidate pool which has a high risk of inadequate experience for this kind of work.
Is this a perfect storm like the Tacoma Narrows bridge, or British Rail's wrong kind of snow etc?
Today's systems have become astoundingly, barely-manageably complex, to the point where this kind of thing happens all the time, but let's not delude ourselves with the slightly mystical 'perfect storm' analogy.
"SREs have a saying, “every day is Monday in operations,” which means our systems are in a constant state of change and our teams are on call 24/7 to address any site issues that do pop up."
Back in 2011/2012 I worked with LinkedIn's api on a product for one of our clients at a small web shop. While coding the login auth my team and I discovered more than 10 security issues and addressed them to LinkedIn. According to them they had only one dev working on the api and there was no time or resource available to fix these issues. So we filed bug reports w/o LinkedIn ever acknowledging them. Two weeks later LinkedIn was hacked and 167mio user accounts were sold for a few bitcoins on the darkweb.
Bottom line: take security serious. Throw so money and resources on it! Don't be greedy and let things like this happen again. Oh, and don't hire people who can't spell SRE or are 22-year-old fresh out of college folks who are not fully aware of their responsibility.
All this shows us the ridiculous hiring strategy of LinkedIn, a terrible, understaffed and greedy business, you should never work for.