Read on Twitter
I’d had a gestating idea for a thread, based on what I’ve learned moving from Helpdesk in an SME, to being (I guess) a security engineer IC at a Fortune 500.
So anything, these are my thoughts, two years later.
So anything, these are my thoughts, two years later.
1.) Arbitrary Power, and what that means, is something you are likely not taught or socialized to. It is a skill you likely will not have any idea how to exploit.
At a certain level, you are instead limited by what people say No to, instead of Yes.
This is... hard to understand
At a certain level, you are instead limited by what people say No to, instead of Yes.
This is... hard to understand
I grasp a lot better how failsons and faildaughters of the elite, imprinted with a lifelong expectation of uninformed decision, excel so well, without merit.
Human systems built around deferment to authority instead of doubt about its providence are extremely vulnerable to this.
Human systems built around deferment to authority instead of doubt about its providence are extremely vulnerable to this.
As a new entrant to power, you still learn the “system” and take it as immovable creation.
But you can wipe that system away on a whim. As someone socialized to groveling, you will accept the conceit you cannot.
Thus, people willing to rebuild it are rarely qualified to do so..
But you can wipe that system away on a whim. As someone socialized to groveling, you will accept the conceit you cannot.
Thus, people willing to rebuild it are rarely qualified to do so..
Dunning-Kruger is tired but still applicable.
Those most willing to question and improve the status-quo are raised from birth not to.
And those with no business in judgement find it a natural fit.
Those most willing to question and improve the status-quo are raised from birth not to.
And those with no business in judgement find it a natural fit.
This isn’t a complaint, everyone I work with is great.
Instead, it’s a realization of the implications of my own experiences and years-long retraining as somebody who was nobody.
Instead, it’s a realization of the implications of my own experiences and years-long retraining as somebody who was nobody.
Exploitation of power, whether for good or ill, is a skill. And depending on your society... only one side may get training in it.
Today I realized a security design, something I learned at day 3 in the org, was totally expired by current realities.
I was only prompted by a chat with a user who was hurting under it.
I’d never questioned it or felt any power to change the policy.
But that’s literally my job
I was only prompted by a chat with a user who was hurting under it.
I’d never questioned it or felt any power to change the policy.
But that’s literally my job
So I emailed a few people, told them what I wanted to do, and they said sure, schedule a change this weekend.
This policy only existed because of my blindness, and reticence to execute my power. It was literally my whim alone that persisted it.
And I had no conscious idea.
This policy only existed because of my blindness, and reticence to execute my power. It was literally my whim alone that persisted it.
And I had no conscious idea.
If you had asked me me two years ago afresh, hey is this a good idea to implement anew, I would have understood the arguments, but rejected it as too disruptive.
But because it was already there I did nothing. Someone secure in their power would have. Make it happen. Delete.
But because it was already there I did nothing. Someone secure in their power would have. Make it happen. Delete.
Of course, in some way it was right that I waited. I waited two years to throughly understand every technical aspect and business case and vendor interest. Because it’s important.
But I could have short-circuited everything in my blind faith in my right to power.
But I could have short-circuited everything in my blind faith in my right to power.
