Bad & meh engineers get praised because they “waste” less time directing ai and reviewing output - barely working is good enough in the race to market.
I’ve seen things as serious as a privileged user for one customer having admin access to all customers being discovered during the last minute pentest literally days before the planned product launch. That product is supposed(and likely will) to move 250M USD for customers in the second half of this year. Under the current policy at my day job, coming all the way from the top, reviewing ai generated code at all should be an exception reserved for 0.1% most critical code. Yes, in finance.
I was working in a university town, happened to get hired in at decent market rates by a biomed startup that didn’t mind paying for me. When they left town, I stayed, and a precious few other companies would pay “my rate” - so I ended up cold calling on quite a few places just to see what they were about. I stumbled into the software development manager’s office of a company that did ATM and POS software - they used the same tech stack I was using for biomed. After a few minutes the manager stopped the conversation and said “sure, fine, I want you, but: can I afford you? What’s your current salary?” I told him, he laughed and said: “Well, I’m the highest paid software guy in the building and I don’t make half that. Mostly we hire kids from the Uni who think they want the experience, they turn over every few months on average. I’ve told management how bad that is for the quality of our software, they don’t care.”
The major difference is that payment processors and money transfer agents are heavily regulated and require a government issued license to operate. At least KYC is not yet handled by ai…
Hopefully, those are the sorts of companies that should fail or get sued, so they learn their lesson. Not holding my breath though.
Companies have been doing insane shit for the sake of saving a buck or getting to market fast for decades, it’s nothing new. AI may or may not just make it worse.
It comes down to risk-reward. If the risk is low enough, they take it - assuming the additional reward outweighs the consequences.
When your decision makers can just declare corporate bankruptcy when the risk finally happens, with no personal exposure other than loss of future income? You can bet they’ll take that risk every time.
The neck of the finance woods my employer is in is highly regulated.
Just failing to notify a regulator on time you blocked a transaction attempt involving a sanctioned individual means hundreds of thousands in fines per transaction (not up to, flat 6-digit fine) + potential prison time (can’t remember if it was up to 15 or 20 years)
Bad & meh engineers get praised because they “waste” less time directing ai and reviewing output - barely working is good enough in the race to market.
I’ve seen things as serious as a privileged user for one customer having admin access to all customers being discovered during the last minute pentest literally days before the planned product launch. That product is supposed(and likely will) to move 250M USD for customers in the second half of this year. Under the current policy at my day job, coming all the way from the top, reviewing ai generated code at all should be an exception reserved for 0.1% most critical code. Yes, in finance.
Finance software is astoundlingly sloppy.
I was working in a university town, happened to get hired in at decent market rates by a biomed startup that didn’t mind paying for me. When they left town, I stayed, and a precious few other companies would pay “my rate” - so I ended up cold calling on quite a few places just to see what they were about. I stumbled into the software development manager’s office of a company that did ATM and POS software - they used the same tech stack I was using for biomed. After a few minutes the manager stopped the conversation and said “sure, fine, I want you, but: can I afford you? What’s your current salary?” I told him, he laughed and said: “Well, I’m the highest paid software guy in the building and I don’t make half that. Mostly we hire kids from the Uni who think they want the experience, they turn over every few months on average. I’ve told management how bad that is for the quality of our software, they don’t care.”
The major difference is that payment processors and money transfer agents are heavily regulated and require a government issued license to operate. At least KYC is not yet handled by ai…
Insane stuff.
Hopefully, those are the sorts of companies that should fail or get sued, so they learn their lesson. Not holding my breath though.
Companies have been doing insane shit for the sake of saving a buck or getting to market fast for decades, it’s nothing new. AI may or may not just make it worse.
It comes down to risk-reward. If the risk is low enough, they take it - assuming the additional reward outweighs the consequences.
When your decision makers can just declare corporate bankruptcy when the risk finally happens, with no personal exposure other than loss of future income? You can bet they’ll take that risk every time.
The neck of the finance woods my employer is in is highly regulated.
Just failing to notify a regulator on time you blocked a transaction attempt involving a sanctioned individual means hundreds of thousands in fines per transaction (not up to, flat 6-digit fine) + potential prison time (can’t remember if it was up to 15 or 20 years)