Ask Lemmy

I work in IT. Most systems have laughable security. Passwords are often saved in plain text in scripts or config files. I went to a site to help out a very large provincial governmental organization move some data out of one system and into another. They sat me down with a loaner laptop and the guy logged me into his user account on the server. When I asked for escalated privileges, he told me he'd go get someone who knew the service account passwords.

After a few minutes, I started poking around on my own... And had administrative access within an hour. I could read the database (raw data), access documents, start and stop the software, plus, figured out how to get into the upstream system that fed data to this server... I was working on figuring out the software's admin password when the guy came back. I'm sure that given some more time, I could have rooted the box because the OS hadn't been updated in years.

Worked support for an electricity supplier. I was able to see a frightening amount of info about the customers. Even past ones who had moved elsewhere.

We also kept notes about each call, email, web or app chat. So if you were an asshole in the past, everyone will know going forward.

Also fuck landlords and landladies etc. More often than not, they were shitty to deal with.

Also we would often use Google Maps and Streetview to see what your house looked like. We also had pictures of the inside because the installation techs took pictures to confirm that works were completed as specified.

Alll of this was available to us for any reason, at any time with no oversight. And none of it was encrypted. There was also government websites in use up to 2020 that required internet explorer to use and had passwords as trivial as 'Password1'.

I left that job because the pay was lousy and the stress was pretty full on. I respected a lot of people that worked there. Both higher ups and people who came after me. But fuck was there a lot of potential for bad actors or like stalkers etc to mess with your info.

I would reccomend to everyone. Please use password managers. Especially decent open source ones like Bitwarden. Take note of every piece of info that you give a company. From your phone number, address, email etc to even when you contacted them. Also try to not have your home look like an abandoned hovel on Streetview lol. Easier said than done I know. But it may affect your dealings with support people that you need help from. And lastly, please dont use Password1 as a login. Ever. Like please.

The people who negotiate your medical claims make more money on the settlement commissions than the doctors even make from their procedures.

And there’s like 25-40 people total who handle the claims for every single health insurance company.

That I made their DropBox account, and they can't access it anymore..

Snake Farm, when asked how to sell a policy that's clearly more expensive than the competition's answer was "They should feel privilege to be a Snake Farm customer."

The hubris was baffling.

I used to work at Starbucks (almost a decade ago now), but at the time, the motto was "just say yes" to any customer requests. We also had free drink cards that you could give out to deesclate any issue. So I would say any time you're even the slightest bit unhappy, bring it up, and you should at least have your problem solved, if not compensated for a free drink next time.

We also had customer satisfaction surveys that would print on reciepts, where filling one out would get the customer a free drink. We always kept them for customers that were happier to try and rig the odds in our favour of a higher rating, but also if a customer asked for one, I would give it if I had it. You could always ask the cashier if they have any of those as well.

Again, not sure how much either of those things have changed in the past 10 years, and I'm not sure how regional it was (this was in Canada at a corporately run store), but maybe worth a try.

Also I love these types of threads -- great topic to post.

My company is infested with cats. I think the CEO doesn't know about it.

I find it humorous that y’all think it’s only the company you worked at that had a fragile tech solution held together (sometimes literally) with duct tape and coat hangers, as part of a mission critical business process.

Pretty much every company big or tiny has at least one permanent “temporary” solution in place.

When I worked at Bob Evans I watched a manager peel the expiration dates off of expired food and replace them with dates in the future to avoid waste.

The last company I worked for has both NDA's and arbitration agreements, which would keep me from spilling company secrets and would screw me over if I did. But here is a secret - they use online PDF forms and don't check what text is entered into the signature.