On the other hand I also worked in opposite unhealthy paranoid environment. I was hired to design Ethernet camera, but Wireshark usage in their office was prohibited. Packet analysis was seen as the worst thing in the company. I quit after few months trying to explain, that I need to analyze the packets during design phase. I think, it’s very normal, that other countries abuse illiteracy of German industry.
They (meaning the big 3: VW, BMW and Mercedes) apparently still think that building the best engines/transmissions and being the best at putting them all together is all it takes in order to make a modern car, unfortunately I think EVs will be more about software and the way said software can best manage the car's power resources. From far away Tesla looks like it's doing quite a nice job with its EV software, the Germans, not so much.
If it matters I've never worked in Germany but as an IT person/programmer living in Europe I've followed the German IT industry pretty constantly as Germany is one of the best countries in terms of quality of life (I know it's not perfect, but it sure beats my Eastern European country). Unfortunately for me its backwards IT industry (again, as seen from the outside) keeps me away from it.
So much about: they don't know about software.
BTW: The difference between IT and automotive aka embedded is that embedded should work even without DevOps. Well, IT we know.
If Berlin IT industry is a golden standard I'm really not very hopeful for Germany.
That stopped being true at least 10 years ago. In 2019 I would bet on a Renault engine every time (so does Mercedes btw :P)
Consequently, Germany's most brilliant tech minds leave for The Valley, Zurich or London.
You reap what you sow.
Salary for developers really isn't that much of an issue. In Berlin for example a developer gets two or three times the median salary easily. That's enough for attracting people who are talented enough to choose, e.g. git and JIRA over whatever crusty system of shared folders and zip files or IBM crap you'd see for projects in many companies.
[1] https://www.heise.de/newsticker/meldung/Missing-Link-Der-Kam...
I witnessed this and moved out of the large rich corporate to a small startup to keep my sanity.
As if outsourcing wasn't a common trend across Western companies "thanks" to globalization and the utter dominance of US-american neoliberalism.
> and companies' tradition of rewarding management incompetence over technical competence
Again, quite common - the "old" Soziale Marktwirtschaft moguls with decades-long visions would not let today's next-quarter-only shit fly for long.
> Consequently, Germany's most brilliant tech minds leave for The Valley, Zurich or London.
Care to have a source for SV and London? People avoid SV/USA due to the current President and London due to the Brexit uncertainity - in fact, whoever can flees from the UK before Johnson drives everything into the ground. Only correct point is Switzerland but that's not surprising since their wages run way, way higher than Germanys across the board...
[1]: https://en.wikipedia.org/wiki/Economy_of_the_Netherlands
Honestly security at this point is a myth, we can't close the door after the horse bolted as the barn is currently on fire and the horse has been gone so long it's settled down and raised a family.
[0] - https://stenon.io [1] - https://stenon.io/en/career/
Wow, that is just insane... "We want you to put a nail in that board but, by god do not even think of using a hammer". That must be the worst case of "security" by obscurity I have ever heard. Was this one of the bigger companies or a smaller firm? I wonder what kind of decision making process leads to such policies.
The only time I've been involved in a hacking attempt (it was ransomware) the company I work for contacted the CCN-CERT. I wonder if US companies contact NSA/Other gov agencies or deal with it themselves with security companies.
Also, while I understand the care and concern they put into securing their networks, many german companies basically gift their tech to china, like Deutsche Bahn, or being bought and transfered there, like it happend with Kuka. So be it by hacking into your network or "partnering", they'll copy your tech and kick you out of their market sooner or later.
> The only time I've been involved in a hacking attempt (it was ransomware) the company I work for contacted the CCN-CERT. I wonder if US companies contact NSA/Other gov agencies or deal with it themselves with security companies.
In the US, most large companies that have suffered breaches contact the FBI.
We face this threat in my business - daily fishing attempts or schemes to get employees to open files. It never stops.
This is a primary reason when we started designing our new web app at bomquote.com a few years ago, we first focused on communication tools which reduce our use of email both internally and in our dealings with our customers.
Sure, there will be attempts to hack our app servers, but from my view we can deal with that easier than preventing our accounting admin from clicking on a well crafted email.
https://krebsonsecurity.com/2018/07/google-security-keys-neu...
U2F won't save you there, it will just make the attack a bit more annoying.
Yes I suppose it would be easily faked if the faker had performed a similar analysis on the malware...
Now where do I get that script? More detail would of course always be nice.
The nmap script was written by ThyssenKrupp's security division and can be found here: https://github.com/TKCERT/winnti-nmap-script/blob/master/win...
Hacking groups are corporations and spread risk away from indictable individuals just as efficiently, with a separation of liability and actions and knowledge
This needs to be understood
