Re: We Just Advise, We Don't Implement
>For just one, where are all of these new experts with access to every app's source code supposed to come from?
I was one of these "experts" as you call them. It was part of my sysadmin gig. Maintain the tool chain, audit new toolchain requests, continuously audit the infrastructure, move slow especially when devs want you to move fast, etc. This wasn't exactly a safety-critical industry either - we made consumer electronics - tvs, computers, phones, cable set-top boxes, walkie talkies, etc.
Most of us were laid off, I suppose you can just re-hire us from the unemployment lines?
The goal is not to get access to *every app's source code*, the goal is to not even allow the app onto your network to begin with. It's really not that hard man. This place where I worked at was around 2004 timeframe, and it was for sure happening decades before then in safety-critical work spaces. Lets stop making excuses for doing the responsible and prudent thing, for the sake of cheap, low-quality and often unsafe goods.