I can understand if someone like Google or Microsoft employs lawyers directly, as they have the resources and scale to do so. But someone like Telegram should really not do that. They should use an external legal office when needed. Even keep them on retainer, but definitely not open a legal office inside the company.
Comment on Telegram says it has 'about 30 engineers'; security experts say that's a red flag
dandi8@fedia.io 2 months ago
There are good reasons to dislike Telegram, but having "just" 30 engineers is not one of them. Software development is not a chair factory, more people does not equal more or better quality work as much as 9 women won't give birth to a baby in a month.
Rinox@feddit.it 2 months ago
Badeendje@lemmy.world 2 months ago
30 engineers. You lose half that to people managing the infrastructure alone. That leaves 15 code monkeys. Of 2 are dedicated to deployment and 3 to setting up unit tests (that’s not many btw) you are left with 10 people. If say for a global platform that’s not many at all.
dandi8@fedia.io 2 months ago
If you have separate developers for writing unit tests, and not every developer writing them as they code, something is already very wrong in your project.
Deployment and infra should also mostly be setup and forget, by which I mean general devops, like setting up CI and infrastructure-as-code. Using modern practices, which lean towards continuous deployment, releasing a feature should just be a matter of toggling a feature flag. Any dev can do this.
Finally, if your developers are 'code monkeys', you're not ready for a project of this scale.
Badeendje@lemmy.world 2 months ago
Infra setup and forget… this is a large system with plenty of stuff that cyclicly needs to be deployed updated and such. Even with automation the sheer volume and tech in use requires bredth of knowledge. Sure you could do it with less I guess. But with changes on supplier side etc it’s still much work.
And for tests, sure you do it as you go along, but usually it helps to have people going over this and making sure it all stays functional, meets standards and fix things.
dandi8@fedia.io 2 months ago
I have never, in my decade as a software dev, seen a role dedicated to "making sure unit tests stay functional, meet standards and fixing them". That is the developer's job, and the job of the code review.
The tests must be up to standards and functional before the functionality they're testing gets merged into main. Otherwise, yes, you may actually need hundreds of engineers just to keep your application somewhat functional.
ilega_dh@feddit.nl 2 months ago
15 engineers for managing infrastructure?? Are they setting up servers by hand?
Badeendje@lemmy.world 2 months ago
I would not want you as my boss, that’s for sure.
Try covering a 24/7 global service window. I’d think this is on the low end.
And you als need full infra stack knowledge: Server, database, Network, connectivity.
And probably some of these schmucks will get stuck managing the corporate environment too.
dandi8@fedia.io 2 months ago
This comment smells of outdated software development practices.
awesome_lowlander@lemmy.dbzer0.com 2 months ago
30 engineers is startup-sized. 30 engineers to deal with the needs of a sensitive software being used by millions worldwide, and is a huge target for cyberattacks? That’s way below the threshold needed.
dandi8@fedia.io 2 months ago
This sounds like the devs are personally, sword and shield in hand, defending the application from attacks, instead of just writing software which adheres to modern security practices, listening to the Security Officer and occasionally doing an audit.
awesome_lowlander@lemmy.dbzer0.com 2 months ago
They’re not just writing the software, they’re responsible for the infrastructure it’s running on. And keeping that running and secure IS a full time job.
Right now, you sound exactly like one of those C level execs who looks at IT and asks “We haven’t had an issue in years, what do we need to pay them for?”
dandi8@fedia.io 2 months ago
Even if you have a full-time role for continuously auditing the infrastructure, you still didn't show how that needs a 15-person team, and an otherwise-untouched infrastructure should just keep on working (barring sabotage), unless someone really messed something up.
vxx@lemmy.world 2 months ago
I checked, Telegram has 1342 employees.
dandi8@fedia.io 2 months ago
Interesting! Out of curiosity, what is the source? Is there a breakdown per role?
pooberbee@lemmy.ml 2 months ago
And lawyers are pretty likely not staff at all.