return to table of content

Figure out who's leaving the company: dump, diff, repeat

jedberg
175 replies
15h35m

Layoffs in the WFH era are weird. Back in the day you had a pretty good idea of who got laid off because you saw them walking out the door with a box of their stuff. You could go up to them and say, "hey let's meet at $local_watering_hole and hang out". You could swap contact info if you didn't already have it.

You could get closure.

Now, one day a bunch of people just stop replying to email. You have a to wait a while to figure out if they are actually gone or just busy. And if you're waiting on them for some output to work on your project, they may just never deliver and you won't know why for a while.

The company directory, if there is one, often still shows them for 60+ days because of the WARN act. And it seems most companies won't make a "layoff list".

It's really hard to get closure if they won't even tell you who got let go, and if they don't give the people a chance to say goodbye by cutting off their access before telling them they are laid off.

Aurornis
61 replies
14h32m

Watching people’s accounts go into deactivated status in Slack with no goodbye is sad.

The most toxic boss I ever worked for would request access to former employee’s Slack accounts under the guise of looking for data to transition their job. Their accounts would periodically go green when he logged in as them. Spooky to see ex-coworker accounts go green and know the boss is scouring their private messages.

I know companies can get slack messages anyway, but seeing your boss do it in real time is extra creepy.

kunley
25 replies
13h37m

Fortunately in Europe what the said boss did is illegal and this can end with a criminal prosecution.

yau8edq12i
18 replies
13h29m

What? First, Europe isn't a single country and there are large difference between legal systems.

Second, what you said is just plain wrong in at least one. In France (which is known for strict worker protections) the employer can go through any employee's mailbox or files on their work computer/account provided 1. that the messages/files in question aren't clearly marked as personal 2. that the conditions for the access are laid down in advance with proper notice. When an employee is let go, they need to be given time to empty their mailboxes etc of private correspondence or files. https://www.cnil.fr/fr/lacces-la-messagerie-dun-salarie-en-s...

sillysaurusx
12 replies
13h3m

I had some DM’s which were of personal nature that were rifled through after a contract ended. How do you "clearly mark a DM as personal"? It was creepy, and further illustrated that anything you say in Slack can and will be viewed by the whole company. If not literally, then that’s how you should treat it.

You might be right that it’s not illegal, but it would be nice to have those kinds of protections. Trying to talk to anyone at work in the WFH era is a field of landmines, because you never know at any given time whether what you say will make it back to the person you’re discussing. Discussions like that are a normal and healthy part of socializing with coworkers, and it happens at every company. Except in the WFH era everything you’ve typed is a permanent record, whereas previously you’d be able to say something to a coworker without worrying that someone else will someday hear it.

But, it’s a new era. It’s easy to adjust. Just don’t get personal at work. It sucks, but work is designed to suck, or else it wouldn’t be work.

Gabrys1
8 replies
12h40m

anything you say in Slack can and will be viewed by the whole company. If not literally, then that’s how you should treat it.

Anyone thought otherwise?

sillysaurusx
5 replies
12h24m

In private DMs?

TeMPOraL
4 replies
12h11m

In company Slack?

Private != personal. At least I never ever imagined one could even assume DMs on work IM are personal private conversations. They're organizationally grouped as chat between to accounts, as opposed to group chat, but they're at work, for work, using work-provided tools...

Or put another way: why would anyone consider work Slack to be different in this regard than company e-mail? Much like with e-mails, the difference between DMs and group chats is whether the number of participants is > 2.

sillysaurusx
3 replies
11h59m

I guess the cognitive dissonance is that I used to be able to say things to a coworker in-person which wasn’t recorded and tracked, using my voice. This was always a normal part of work, and I didn’t give it a second thought until it was gone. Nowadays it feels like someone is constantly standing over your shoulder whenever you’re at work, and there’s never a private moment. This is especially strange during holidays, since personal conversations tend to spontaneously happen around those times.

You’re right of course. I just wish we had something to fill the void that was left by in-person interactions vanishing. I think I’ll be doing WFH pretty much the rest of my life, and I absolutely hate going into an office in general, but there are definitely some aspects I miss. Being able to chat off the record with a coworker is one of them.

bombcar
1 replies
7h7m

Call! Yes, most communication can be done with chats in slack or teams, but take the excuse to call and chit chat a bit before getting down to business.

Unless all calls are transcribed and recorded, it’s pretty “watercoolerish”.

ghaff
0 replies
6h33m

At that point, the bigger risk is that someone repeats something to someone that you wish they hadn't. But I've had that happen with an in-person conversation.

bcrosby95
0 replies
3h14m

That's funny, because as someone who has worked mostly remotely, I consider the recording of every chat a feature. For example, I have been able to use this to figure out why code I wrote a decade ago is the way it is.

prepend
0 replies
3h10m

It is still strange to me that:

1) people think that anything sent on an employer system isn’t visible to the employer

2) people send private DMs from work accounts

michaelt
0 replies
10h9m

Most large companies will tell you two contradictory things:

First of all, they'll tell you that even the most junior helpdesk workers can remote onto your machine, reset your password, disable your 2FA, and monitor all your web browsing and chat history.

Second of all, that this unannounced product, this not-yet-filed patent, this big planned layoff, this prospective hire background check result, these upcoming financial results, this employee's reason for needing medical leave, this pentest result document, and this forthcoming change to pricing are Strictly Confidential. You shouldn't discuss them even with your own boss, unless you've first confirmed they're on the need-to-know list, and that certainly doesn't include level 1 helpdesk workers.

Most large companies, to address this contradiction, will say access is possible but rarely used, tightly controlled and carefully audited.

donalhunt
2 replies
12h12m

The way this was communicated to me in the past was "don't say/write anything using company resources that you don't want to see on the front of <insert major news publisher>". All communications on employer-operated platforms are subject to discovery.

Senior leaders tend to skirt this by using the telephone or video calls predominantly. However the infiltration of machine learning and AI means transcripts of calls, etc are now possible too.

In addition, the growing use of "disappearing" messages despite litigation holds has come up in more legal cases recently.

ghaff
0 replies
6h38m

A video call on a company account isn't ironclad but, unless you're discussing something actually illegal, it's probably good enough for most purposes. Maybe not as good as personal cell phones or in-person, but a lot better than anything written--especially on company systems.

DiggyJohnson
0 replies
5h45m

That seems like it would be a much larger constraint than you're making it out to be.

theologe
1 replies
13h3m

I agree with you, Europe has different countries and some of them are not in E.U. so different rules may apply. However, since France is in E.U. what you describe should be illegal. The article you refer to is 15yrs old btw....

yau8edq12i
0 replies
4h51m

The "article" is published by the French data protection authority. They update them when regulations change. They didn't update this one. Make a deduction, now.

However, since France is in E.U. what you describe should be illegal.

What's the regulation or directive you're talking about?

donkeyd
1 replies
8h45m

Europe isn't a single country

Correct, but it does have a single ECHR. Even though some countries still ignore them.

yau8edq12i
0 replies
4h55m

What ECHR principle are you referring to here?

laserlight
0 replies
10h57m

What the said boss did sounds to me like impersonation, which is not only illegal, but a crime. Accessing records kept on company assets is one thing, logging in to someone's account in a communication software is another.

fullspectrumdev
4 replies
11h7m

The rules on this vary across Europe, though broadly speaking accessing an employees mailbox is “something you only do after speaking to legal”.

The patchwork of national laws and national interpretations of EU regulations is quite interesting, and rather confusing especially if you do offensive security work or DFIR.

As an example, when doing consultancy we would do the usual phishing as part of an assessment. Usually this is followed by dumping the users mailboxes to look for further credentials/access to corporate resources (eg: are they emailing passwords around?) - but in some countries such as Germany that’s often explicitly ruled out due to fear of breaching privacy regulations.

donkeyd
3 replies
8h47m

The rules on this vary across Europe

Not really, ECHR has already ruled on this.

It's pretty much only allowed if there's an important reason for it. For example, to recover something invaluable (contract, code, report) that isn't available somewhere else and cannot be replaced. In that case that's also the only thing that them employer can look for. They can't open obviously unrelated e-mails. So before talking to legal, make sure you have a valid reason.

lotsofpulp
2 replies
7h1m

What mechanism is there to prove who looked at what emails? And who would be there to enforce it, especially at a small business?

hef19898
0 replies
6h37m

Difficult, very difficult on deed. As with most corporate and whize collar crime, the investigation rate is extremely low. That being said, worker councils and unions. The former has to involved in these things, if the exist. The latter pushes for the former.

That is valid for Germany.

donkeyd
0 replies
6h24m

There really is none. A smart company would work with the 4 eyes principle though (still no guarantee).

However, if a company does find an unrelated e-mail they want to use against you (which is what most people fear), that makes them liable.

delfinom
0 replies
6h9m

It's completely legal in the US and often mandated by regulation. In some US industries, even your phone calls are recorded by law.

economicalidea
16 replies
13h49m

You can’t get private Slack messages easily if you don’t have direct access to the account. There is an audit feature on the Enterprise version that allows it, and you can appeal to slack to open the messages due to a crime or similar - but AFAIK on the normal plans you are out of luck of you want to read private messages as workspace owner.

adastra22
12 replies
13h45m

Request access to former employee’s corporate email and reset the password.

sillysaurusx
10 replies
13h2m

Yep. That’s how it happened for me.

planede
9 replies
11h23m

Ouch. My takeaway is that I should probably delete my slack account before leaving the company.

exitb
6 replies
10h30m

The takeaway is that no message on Slack should be considered private.

wil421
4 replies
10h17m

Why would anyone consider a company provided messaging service as private? Or even a company provided laptop, cellphone, etc.

TimTheTinker
2 replies
5h48m

Because private messages carry an expectation of privacy.

They're different parts of speech from the same root word, after all.

voidfunc
0 replies
2h18m

The only expectation of this is in your head. It is a fantasy that doesn't exist.

adastra22
0 replies
5h39m

There’s no legal obligation of privacy on a work system though. Not in the US at least.

adastra22
0 replies
5h56m

People have terrible opsec.

bluescrn
0 replies
5h42m

I'd extend that way beyond that, to anything done on a company system/network/device.

If you need privacy, use your personal phone (and don't connect it to the company wifi)

hiatus
0 replies
6h13m

Deleting company data before leaving probably won't end well.

delfinom
0 replies
6h11m

Slack keeps those messages even if you delete the account when you leave. It's a data retention setting.

morkalork
0 replies
6h10m

Hah, that would be the trick wouldn't it. My old manager used to get all of his former employees work emails forwarded to an account he had access to. Ostensibly it was a precaution against accidentally missing anything critical from a vendor or partner.

the_gipsy
0 replies
12h39m

And all but extremely early startups or cheapskate companies have the Enterprise version.

camgunz
0 replies
10h40m

I haven't checked in a while, but I think there's also an API for it too.

amenghra
0 replies
11h39m

The correct mental security model here is “if you used an account on a company issued laptop/phone/any hardware” == “the company technically already has or can get access to the data”. There are so many ways for a company to do that.

Granted, some of these ways might be legal or not depending on jurisdiction, but then lots of company will thread or cross the legal fine line if they are happy with the risk/benefit trade off.

seer
13 replies
13h8m

One company I worked for used to have an unofficial “ex-company” slack setup, where people would get invited to by others that have already left and were in there, it was kinda nice since you form bonds with people and suddenly they’re just gone. You might have not managed to connect with them in any other form. But you login to “ex-company” slack workspace and here they are - everyone that went through the company. I mean lots of people would stop responding after a while, but there was enough time “buffer” to allow people to connect with other means.

itsrajju
8 replies
10h48m

I am a part of one such group! It started as a WhatsApp group for all ex-employees, but has now morphed into a discord server. It's a great way to remain connected to friends you make at work, and recently, it has also become a way to share job openings to your network to help laid-off people.

nick7376182
7 replies
10h10m

Anybody have connection to the ex-google one if there is? I just left and didn't see it referenced in any of the leaving guides.

doublerabbit
5 replies
9h55m

Leaving guides? I imagine a pamphlet.

"We wish you well on your departure; as you embark on new adventures your about to open your eyes for the first time.

This may be a shock to some of you as you may discover that the world is more dystopian than you've may of seen from your altered reality mind-implants.

We would like to thank you for your service as a tool at the corporation."

bombcar
3 replies
7h11m

You could rewrite Plato’s Cave for some companies, especially the insular ones where there’s some culture shock when you get into “the real world”.

yieldcrv
2 replies
6h53m

Plato’s cave needs to be rewritten anyway

time to just acknowledge that its an overly long arduous convoluted setup that can be vastly simplified for the message it creates

taylorfinley
0 replies
3h42m

Tempt me with a good time lmao. "Imagine someone spends their entire life in a dark room with only an ebook reader..."

kevindamm
0 replies
4h15m

if Plato's cave were rewritten today, it would probably be from the perspective of the cave

jasonjayr
0 replies
9h37m

"Handbook for the Recently Terminated"

As long as it doesn't read like stereo instructions ....

laz
0 replies
8h54m

https://xoogler.co/ has a xoogler slack

data-ottawa
1 replies
7h7m

This seems common now, I’m part of two such groups and it’s a nicer experience than trying to keep up via LinkedIn.

dylan604
0 replies
6h6m

Only a recruiter would think keeping up on LinkedIn would be the route to take

SideburnsOfDoom
0 replies
5h11m

One company I worked for used to have an unofficial “ex-company” slack setup,

More than one for me.

ElevenLathe
0 replies
6h48m

I am in a Discord of full people that all got laid off from the same place in 2019 (I actually left on a Wednesday for a new job, and everyone else got their pink slips Friday that same week). At first it was pretty lively, as you can imagine, but its settled into a wonderfully cozy online space and I'm so glad I'm a part of it. It's good to have connections to people with whom you have shared experiences but no real ongoing professional relationship (these are called "friends"). It's also good for networking, since we're all in the same industry. In some ways it just feels like a continuation of the Jabber rooms we all shared when we worked together, but it's also something more.

trumbitta2
1 replies
12h22m

I think admins don't need to log into an account to see private messages. Was like that at two of my previous jobs.

bombcar
0 replies
7h5m

It’s usually an additional step as admin to access messages, but “login as” can be easier/simpler.

Learned that Office 365 now has a “login as” for email which is convenient for setting out of office, deleting calendar invites, or email snooping.

teeray
0 replies
9h47m

Their accounts would periodically go green when he logged in as them.

The new dystopia will be when an LLM steps in to reply like them.

earthnail
0 replies
14h24m

Wow, that is creepy.

kristopolous
32 replies
14h17m

The lockout always struck me as dumb and I didn't do it as a manager.

If I trusted them for the 3 years they worked for me, I can trust them for another week or two.

Tie up loose ends, take your time. We're all adults here.

I understand that under the worst circumstances bad things can happen but that's always the case.

at-fates-hands
31 replies
14h10m

I worked at a large web dev company and for years they had this attitude.

Then one designer put in his two weeks and spent the majority of the time downloading all the site files for all of the sites the company had built over the two years he was there. We're talking hundreds of static sites where he took the all the design docs and static HTML/CSS/JS files one would need to recreate them somewhere else.

Instead of going after the guy legally, they passed and then instituted the same policy. You put in your two weeks? Nah, you're out the moment you hit send on that email. Manager alerts security, who then come over to your desk. You get your jacket and whatever you walked in with and get walked out. The one designer totally ruined the company from ever letting someone stay for their two weeks.

wil421
7 replies
10h15m

Get a DLP system in place for god sakes. I’ve even seen off shore people work from VMs only where they can’t download or store any file locally, much less dump everything to a USB stick.

emj
3 replies
9h50m

Top search result is from Gartner: alarm bells ringing. Data loss prevention seems to be enterprise speak for doing as much intrusive monitoring you can do, in as neutral speak as possible.

1984 is so appealing for so many people, it seems like it is just a book about the tendencies that power can take when it is not guided by sane principles. I have always been employed in a high trust capacity since I was a young adult, there is not a technically feasible system in the world that could prevent me from wrecking havoc in a company. Social ones though, they are extremely effective.

dsr_
1 replies
6h31m

Every so often a client asks if we are using a DLP, and if not, why not.

All the DLPs rely on, effectively, regular expression searches of traffic.

This is fine if what you need to protect are SSNs, phone numbers, credit card numbers... but if your data is not easily recognized that way, they don't work.

If you ask the DLP vendors about their threat model -- and the salespeople generally don't know what a threat model is -- it's always a set of stories about a salesperson who clicks the download-as-CSV button on a CRM system, a DB reporting specialist who generates a report full of raw passwords and credit card numbers, and an off-shore programmer who sends AWS credentials via email.

Hopefully you can spot the non-DLP prevention mechanisms for all of these...

oblio
0 replies
2h18m

Hopefully you can spot the non-DLP prevention mechanisms for all of these...

What is it?

wil421
0 replies
4h40m

What does any of this have to do with theft? In most lawful places, if you dump source code and documents to take with you it’s not going to end well.

https://www.cnbc.com/amp/2020/08/04/anthony-levandowski-gets...

outworlder
0 replies
5h42m

I’ve even seen off shore people work from VMs only where they can’t download or store any file locally, much less dump everything to a USB stick.

Sure, they can't do any of that, and development becomes miserable. You don't have to go full VM and remote desktop to prevent those things.

mysteria
0 replies
5h20m

If you really want protection you don't want a DLP, you want a (limited) air-gap.

Basically the machine is not allowed to access the internet and USB drives do not work. Only specific locked down applications like the email app, web browser, and so forth have internet access. Downloads are allowed but uploads are not.

A permissions interface is available for say legitimate transfers of data to a flash drive or a web upload, in that case the user will have to add a valid reason and the specific files into the form. Once that's checked and approved by a higher-up the files are temporarily placed in a special folder that permits transfer out. The same thing goes for external emails that aren't on a whitelist, they'll need approval before they get sent.

dheera
0 replies
4h32m

If you're running a VM you're storing the whole state of the VM on the host machine, there's nothing technically stopping you from copying all the data, and worse, there's no way to even know that it happened.

What VMs are helpful for is cross-contamination and spyware attacks from other clients a contractor is working for.

kristopolous
6 replies
14h8m

Anyone could have done that at any time. The two weeks isn't magic.

It could have been unannounced and they just stop showing up.

You either trust your people or you don't. If you don't, get rid of them and lock them out. If you do and you still have to let them go then don't worry about it.

People are far too inhuman in professional relationships and I strongly dislike that tendency. You likely spend as much time with your colleagues as your spouse, make it a real connection.

supriyo-biswas
2 replies
14h2m

But once they receive the bad news, their motivation for revenge increases, which is why similar policies exist in many workplaces. Trust isn’t a univariate, piecewise defined function like you suggest.

kristopolous
0 replies
13h57m

Right, if you're being a dick then sure. I'm advocating for not being one in the first place. That's the challenge.

If you can't meet that use keycards instead of keys, voip instead of real phones, lock file cabinets, I mean go all the way.

Corporate America loves pretending. Pretending you're part of the family and then treating you like you're trying to rob the place at the drop of a hat.

That's the messed up thing. Be consistent and don't be fake. People can deal with you for being overly formal and paranoid but probably not for being a phony backstabber, that's how you grow haters.

The hardest thing for a brand to shake off is a bad reputation, whether they justly deserved it or not. You don't want haters in the Internet age.

Aeolun
0 replies
6h5m

I think people in general are a lot better about being fired if it doesn’t happen at the drop of a hat. Unfortunately in the US it seems like you can go from gainfully employed to jobless in the space of an unfortunate 10 minutes. That’d piss me off too.

ketzo
2 replies
13h52m

I think it’s a scale thing, honestly.

Yes, most reasonable adults remain reasonable even after fired

But once you hire a thousand, ten thousand, a hundred thousand people… statistically there are gonna be some wackos you didn’t filter out!

It’s tough. I agree that treating each other like humans is the best policy.

kristopolous
1 replies
13h47m

Of course it increases. That's why you have permissions and guard rails on the employees in the first place. Those should be sufficient.

Also if you want to work with the people you like again but need to actually downsize because of external pressure, good luck trying to get them to come work for you at your next venture after some fucked up bridge burning ceremony.

bombcar
0 replies
7h1m

You also have the situation where the boss usually KNOWS who might do things that he shouldn’t - but you can’t have policies that only apply to some, so they get applied to all (there are still unofficial ways around this, of course, like letting someone know unofficially before they’re officially laid off).

serial_dev
4 replies
12h17m

We're talking hundreds of static sites where he took the all the design docs and static HTML/CSS/JS files one would need to recreate them somewhere else.

You make it sound like he poached your clients or extorted your company. As they didn't go after him legally, I assume that didn't happen.

I assume all the files are on a thumb drive in his drawer, unopened, just in case he wants to remember how "that cool animation" was implemented. And when that moment comes, he will not find the thumb drive, anyway.

And all that security charade will accomplish is that people who care enough about their work, will make a copy the day before they quit. Congratulations, your policy achieved nothing, except get rid of their two weeks notice and everyone feel a bit worse working for you.

Macha
1 replies
4h21m

One thing I noticed is we got in the last few years a lot stories of the form "Adobe donates Photoshop 1.0 source code to Computer History Museum, saved because early programmer kept it on a floppy disc in his house". Or games especially we get a lot of this.

It feels like if an employee did this with modern projects, they would at the very least be summarily fired, if not have legal action taken against them.

nilamo
0 replies
2h26m

These days, we use centralized source control, instead of emailing zip files and patches back and forth. Having all the source on a random piece of media was a lot more normal back then.

drewcoo
0 replies
7h0m

Designers also need to show portfolios. Hard when your work is all behind some corporate firewall.

away271828
0 replies
5h49m

I don't know the details but so long as its not some top secret IP, taking copies of various work you've personally done seems pretty reasonable. Good idea to do it periodically as you go along though.

darkwater
4 replies
12h25m

You put in your two weeks? Nah, you're out the moment you hit send on that email. Manager alerts security, who then come over to your desk. You get your jacket and whatever you walked in with and get walked out.

This will work for the first 5-10-20 people, then word of mouth goes out about this policy and your evil designer is downloading everything the day before sending their resignation mail.

fullspectrumdev
3 replies
11h3m

Or “your sales guy is making a little backup of the leads from the CRM before handing in notice”.

Though with sales orgs I think this is almost an expected practice - sales people are often hired on the tactit, never officially acknowledged basis that they will bring their leads list.

notbeuller
2 replies
9h10m

Years ago I got a job through a recruiter, left company A for B. She called me after a few months and asked me for the Compsny A internal directory - which I declined to provide and she got kind of nasty about it. Maybe ten years later I was at company C and my manager mentioned hiring a recruiter - same person. I mentioned our previous interaction (not out of spite, just a naive narrative) and they stopped working with her immediately. My point being - your behavior has a long tail, so don’t be trying to take advantage.

bombcar
1 replies
6h59m

People asking for company directories amuses me so much, especially when most company email patterns are completely guessable.

htrp
0 replies
5h10m

it's more the name and the org chart?

maybe the phone number too

weregiraffe
0 replies
8h24m

But what would prevent someone from "downloading files" BEFORE they send the notice?

rob74
0 replies
12h51m

...so now people who want to do that just copy everything before sending the email?

rightbyte
0 replies
13h21m

You put in your two weeks? Nah, you're out the moment you hit send on that email. Manager alerts security, who then come over to your desk. You get your jacket and whatever you walked in with and get walked out.

The only thing that that accomplishes is that people don't put any notice.

fullspectrumdev
0 replies
11h5m

So what stops people making their “backup of files” before hitting send on the email?

ajb
0 replies
6h27m

In the UK, and most European countries, locking someone out during their notice period is really rare. Big companies exist and are not destroyed by disgruntled employees.

If someone is fired for cause then they go immediately, but if they are given notice then they are usually trusted with access, and it rarely goes wrong.

Stealing IP is rare because it's hard to benefit from it. If stolen IP is offered to another company, usually they report it to the owner to cover their backs legally. Funders are not going to want to invest in a company that is based on stolen IP, where their investment can become worthless overnight.

So I think these stories about how 'we have to treat employees like they are potential criminals' (not accusing parent of that, but you hear them) are bugos. Treating people like human beings is both right and economically efficient.

TeMPOraL
0 replies
12h34m

The one designer totally ruined the company from ever letting someone stay for their two weeks.

No, it's the over-reaction by whoever instituted that policy that ruined the company. They should've cut their losses and ignore the outlier, perhaps make it tad more difficult to copy off data en masse without being noticed, and/or do many other things addressing this risk without ruining the workplace for everyone else.

This is the organizational equivalent of autoimmune disease. Works at every scale. On national/international scale, this is what terrorist organizations are exploiting - do an X amount of damage that may even be counterproductive to their goal, and watch the victim do 1000X damage to itself by overreaction.

silisili
18 replies
14h28m

It's one thing I miss from the work from office lifestyle - the more human connections. People stopping by your desk to chat about life, the joking - I'd never laughed so hard in my life. Closer connections in general, and being sad when people left, but happy when they were for greener pastures.

WFH feels so sterile and impersonal in comparison.

I've been WFH since 2015 or so, so this isn't a RTO endorsement, just reminiscing.

jedberg
8 replies
13h59m

I miss that too. Some of my best friends are former co-workers. Especially from when I was younger and we spent nearly every waking hour together either at work or at a bar after work.

I don't miss it enough to want to go back to an office though!

ryandrake
7 replies
13h46m

The way I see it I go to work to exchange my skills for money. Often that involves working with others, but I’m not there to socialize and make friends. I have friends.

So given that outlook, WFH seems just kind of more “pure.” It’s distilled work, unencumbered by phony pseudo-friendships and awkward water cooler chit chat about sportsball. When we start a zoom meeting I can just launch right into the agenda without having to do that offtopic pre-meeting banter ritual. To me it’s work without waste. I feel like with WFH I get more done per hour and that means more time for me to do what I enjoy: things that aren’t work.

xorcist
4 replies
10h4m

So when you've earned your f-u money you stop showing up for work?

That's not what we see in practice. Most people with a sudden windfall (stocks, lottery winnings etc.) keeps showing up for work. Because how else would you stay socially meaningful in our society? Nobody really wants to sit at a beach sipping drinks the rest of their life, accomplishing nothing.

There is clearly a social aspect of work, at least for the majority that we can call socially functional. And it's at least as important as getting paid. Work is also a social role, and it hurts many people if they are left out of it. It's not easy.

ryandrake
1 replies
8h47m

So when you've earned your f-u money you stop showing up for work?

Yes. Absolutely 100% I am looking forward to it and counting down the days.

harryquach
0 replies
5h20m

Absolutely, there are plenty of ways to be social, on my terms, with the people I choose. If I didn’t have to trade my time for money there are plenty of ways I can fill my days without corporate bullshit.

mlrtime
0 replies
7h14m

This is one reason why playing the lottery [even if once] has some positive value.

It forces people into a thought experiment on what they would do if they didn't have to work.

2024throwaway
0 replies
5h2m

Nobody really wants to sit at a beach sipping drinks the rest of their life, accomplishing nothing.

Speak for yourself.

wolletd
1 replies
11h48m

I also have friends, but I rarely see them on workdays. Having other people around me on those days feels good, I don't like being alone for several days. I totally can do and have done that, but I prefer to not be alone.

Additionally, my colleagues and I share big parts of our life: every damn workday. None of my friends are capable of talking as long and nuanced about things happening at my workplace. They don't really want to hear emotional rants about bullshit projects because they have no way to relate to those feelings.

But I want to rant about bullshit projects and thankfully, I have colleagues that like hearing such rants from time to time, as they totally can relate. When I am mad about some shit, start talking about it and they ask "oh, was that XY who said that?" and it totally was XY, that is comforting.

I have friends, yes, and I don't need to meet my colleagues after work. But I still have healthy social relationships to them.

iteria
0 replies
9h13m

Man, i have different friends than you. I have listened to a friend rant for 3 hours about a BS project at a company I haven't worked at. Another friend rant over weeks and I wasn't even in the same industry.

I talk to my friends during the day. I'm lucky that we're all remote, but honestly even my in office family members can chat sometimes at work.

When I was in the office, I rarely connected with coworkers. I was often the youngest and/or just not in the same life stage. I could exchange pleasantries and that was about it. I have a grand total of 2 friends from work after over a decade of work across several companies. My social life is still vibrant outside of that.

I don't even understand where people think you can't connect to peolle WTH. I just had an hour long chat with a coworker about nothing at all. Sometimes people just need to chat about nonsense and VC people. Peoppe seem to be afraid of that, but I don't see why. We can work and talk. We did it in the office.

mynameisbob22
3 replies
8h34m

Until the pandemic, we would regularly eat lunch together somewhere. For years, this was a standard routine in my life. It was a perfect way to get a feeling what others were doing, what the problems were, how the general mood in the team was, what was going on in their lives. I invited everyone to my wedding during lunch. I told them I was becoming a father during lunch. 2 people told us they were leaving during lunch.

In the beginning of the pandemic, we even switched to cooking at the office kitchen. Now there are only 2 people left on the floor, and eating lunch has stopped completely. Most of my colleagues I only see 1 or 2 times a year (Christmas party and work stuff that requires physical attention).

I noticed that it is much harder now for people to integrate when they are new. There is no real forum left for beginners to ask dumb questions they would rather not see in some chat log.

insane_dreamer
1 replies
6h45m

There is no real forum left for beginners to ask dumb questions they would rather not see in some chat log.

this is a key point; employees who have been together a long time can easily switch over to maintaining that same level of connection while WFH (I've experienced that). But it's very hard for a "new guy" to integrate if s/he has never interacted, or only occasionally, with their coworkers in person.

harryquach
0 replies
5h17m

There is nuance to this as well. The company size and culture make a dramatic impact. I recently joined a small company which is fully remote. Everyone has been helpful and supportive as I have been onboarding.

drewcoo
0 replies
6h50m

Most of what I read about people missing offices makes me think "gee, I'm glad I don't share an office with that person."

But I do miss lunches. Even the loud, obnoxious people are much more tolerable in that context.

ZaoLahma
3 replies
13h56m

This really highly depends on the people that you work with.

At a previous employment (a 100% WFH position) I had most of my colleagues in India, roughly 4 time zones away from my own so we almost never met in person, and we'd have personal chit chat sessions while working.

Then I've worked with people who weren't present even when you were sitting right next to them. They'd come into the office, say "morning", put on their noise cancelling head phones and be gone for the rest of the day (modern open space office life in a nut shell).

The_Colonel
1 replies
10h29m

That's of course true, but then there's a large group of (I assume) introverts with whom it's kinda difficult to get close with, but once you do, you can have a great relationship with them. It's an order of magnitude harder problem to break ice remotely with such people.

entropicdrifter
0 replies
2h49m

Speaking as one of those introverts, it's actually much easier for me to get to know people over video calls than it is in person, at least if there's an actual task at hand.

In-person I tend to be a little more no-nonsense, whereas over video calls I'm sitting comfortably at home with a cat in my lap, already relaxed and much less uptight as an emotional starting point.

Aeolun
0 replies
6h2m

I mean, I love working without headphones in a room with 4 people in. I detest it in a room with 100.

romanovcode
0 replies
11h58m

As someone who has enough social interactions and friendships outside of work I am very happy with this attitude. My co-workers are not my friends and I'd like to keep it that way.

Indeed nowadays I have seen many articles publishing that it is even more prominent idea with Zoomers entering workforce and have a clear boundary between co-workers and personal outside-work friends. The companies actually do not like this because this means that those people have literally 0 loyalty to the company and only care for the money. Which is shocking, I know. \s

neilv
8 replies
13h52m

I've seen a company during WFH let a laid off employee (who asked) keep their access for an hour, to post a goodbye message.

It's not good practice for all situations -- you need some trust, despite the stressful situation, when people tend to show character and weaknesses -- but in this case, it worked out.

The departing employee posted a message of encouragement to the remaining people.

Kind words and contact info were exchanged, etc.

eru
4 replies
13h50m

You can get nearly the same result with less trust: let the employee draft a goodbye message and have the boss (or so) forward that to the other employees.

neilv
1 replies
13h38m

Good idea. Though I think the fact that they trusted the departing person, and the departing person delivered -- if it plays out that way -- is much more positive message than effectively implying that the company didn't trust the person.

The company letting a manager relay a message, with any censoring, is certainly better than the person having no way to get their contact info to people, and they might also say something nice for morale.

eru
0 replies
13h29m

You are right that the other way sends a stronger signal.

My suggestion was meant as something that's feasible even for a company that already got burned by vengeful leavers; and also something that an individual manager has an easier chance of pulling off, without having to change all of corporate policy.

dpig_
1 replies
13h37m

A man moves from East Germany to Siberia, where he knows his letters will be censored. He establishes a code with his friends: anything written in blue ink is honest and true; anything written in red ink is false and only there to get the truth past the censors. A month goes by and the man’s friends receive a letter written in blue ink: “Everything is wonderful here. Stores are full of good food. Movie theaters show good films from the West. Apartments are large and luxurious. The only thing you cannot buy is red ink." [1]

[1] https://www.guernicamag.com/tomas-hachard-the-red-ink/

eru
0 replies
13h28m

That's a very old joke, thought I think I usually heard it as a Yiddish joke.

scarface_74
2 replies
13h34m

Surprisingly enough, as toxic as Amazon is, after I got Amazoned and made my choice to “leave Amazon and get a nice severance” instead of “try to work through the PIP and still get fired and only get a third of the severance amount”, they let me stay for a week to finish up a customer project. I worked in Professional Services.

I told them that I really wanted to finish the work for a customer (large state organization) because I liked the customer. They let me stay for a week.

Of course that was bullshit, I took the time to have back channel communications with the customer to see if they would hire me as an independent consultant after I left and to start interviewing.

I’m sure they would have. But I gor a full time offer less than two weeks later.

neilv
1 replies
12h55m

Sorry about getting Amazoned. They don't have a reputation as a place inspiring loyalty. But, at least in non-Amazon contexts, I absolutely know people who would say they wanted to finish up some work, and they'd mean exactly that.

scarface_74
0 replies
7h17m

Nah it was fine. I had a job offer two weeks after I left doing the same thing.

I knew after the first year that I didn’t plan on stay at Amazon for more than four years and I planned accordingly.

I was nine months and two vesting periods short. But the severance more than made up for one.

The longer version of the story.

https://news.ycombinator.com/item?id=38474212

timeagain
7 replies
15h25m

IMO their slack avatar/posts go gray within minutes of them being sacked.

jedberg
3 replies
15h6m

At Amazon, when someone was laid off their Slack still worked for the 60 day WARN period. It was actually a problem because you would Slack them and get mad that they didn't reply. The only way to know for sure was to ask their manager, but you didn't want to do that because if they weren't laid off you didn't want to throw them under the bus!

petesergeant
2 replies
14h31m

their Slack still worked for the 60 day WARN period

So weird companies can’t just pay that out as severance

jedberg
1 replies
14h8m

That's effectively how it ends up, except with a slight advantage to the company. They cut you off and tell you that you don't have to work anymore, but in the off chance you get a job within 60 days, they don't have to keep paying you. They can also preserve their cashflow by not paying you up front.

But since you technically have to be "on the books", if something like Slack is tied to your status in the company directory, it's easier to just leave it.

vineyardmike
0 replies
13h24m

Just an FYI - you can still get paid the WARN severance even if you take another job, just don't "quit" during warn. Your employment contract may or may not say you can't do side work, but (1) what, will they fire you? (2) it probably just says that you can't do work that interferes with your current employment, which is not a problem.

The WARN period exists to give you the money, but also keep you on for insurance and 401k vesting purposes (and similar). Getting cut off immediately, and suddenly losing insurance would be much much more disruptive, even with COBRA.

Hamuko
1 replies
15h14m

Yeah, whenever I want to find out if someone still works at the company, I just search them on Slack. If it has "(deactivated)" after their name, they're no longer employed here.

supportengineer
0 replies
14h42m

There must be a Slack API that could be used for this, and written to git periodically as the other post said.

sharkweek
0 replies
14h39m

My org had a big cut last year but nobody would tell us how many people were laid off for some reason.

I happened to remember the total number of people who were in our org’s giant slack channel before the layoffs and thus was able to do some hardcore detective work subtracting the new number of people in the channel from the previous amount to get the answer…

namdnay
6 replies
14h49m

This may be the only time I ever say this, but thank god for LinkedIn. At least you know you can always catch up with someone who has left

jedberg
5 replies
14h45m

Assuming they have LinkedIn and you bothered to connect while they still worked with you. :)

TeMPOraL
2 replies
12h3m

Between jobs is the only time you touch LinkedIn, lest HR sees some activity on your profile and buckets you into a "actively job-searching" risk group.

namdnay
0 replies
5h35m

lest HR sees some activity on your profile and buckets you into a "actively job-searching" risk group

well.... yes? HR considering you "at risk" is a pretty good thing :)

fullspectrumdev
0 replies
10h45m

Conversely: being in that “risk group” can, in many situations, be extremely useful when it comes to negotiating raises.

May depend on your job market, but it’s a pretty normal tactic for a lot of people I know.

xboxnolifes
0 replies
13h17m

First part is a personally solvable, and as for the second part: you can still add them if you know their name.

01HNNWZ0MV43FF
0 replies
14h40m

idk I added a lot of people after I quit my last place

washadjeffmad
3 replies
10h51m

We tried at first, but we were so overwhelmed by the rate of deaths from the earliest moments of the pandemic that the org couldn't keep reporting them. It was a demoralizing effort for HR to try to put something, even a few words together for everyone, and it's left a lasting pallor where vibrant personal touches once were. People continue to vanish, and there's still no notice that, or how, they've moved on.

Our General Counsel and I met for the last time during the early months of the pandemic. Like most people during the shutdown, he hadn't seen anyone outside his immediate family or had a chance to tell a good story in a few months, which would have eventually killed him, anyway, and I got an earful as he unloaded all the work he was wrapping up. After, as lawyers excel at, he wrote a great letter to our CIO about it that led to probably my favorite exchange between us.

Six months later, someone called me to say they were headed to Legal because someone had died, and I was struck by an immediate sense of dread. I searched our website for any word, then our directory, and then for local obits and found nothing. Even the grapevine was silent, so I called his admin who pretty casually told me our GC had died six weeks prior.

Almost a year to the day later, the mechanisms caught up, and the org put out a "Remembering $generalCounselor". By then, we'd missed his funeral, his family had relocated, and many felt awkward trying to send condolences so late. Watching other's surprise, shame, and sadness wasn't reassuring, even if it told me I wasn't the only one.

We're not small, but we're personal, and each death has left a little void that we collectively haven't acknowledged or addressed. We still don't have a way to handle the losses and haven't talked about it. Having old saved contacts pop up after their extensions are reassigned is inevitably like a call from the grave. I try to keep in touch to keep track, but little by little, the connections are fading, and the memory and history of us with them.

michaelcampbell
2 replies
6h27m

rate of deaths from the earliest moments of the pandemic that the org couldn't keep reporting them

Truly sorry for your collective loss, but where/what industry did you work in where this was a significant number?

washadjeffmad
0 replies
5h21m

Public sector in one of the earliest hotbeds, with a large vulnerable population across several demographics.

Think, a city, and it swept through us like it did the hospitals and nursing homes.

kridsdale1
0 replies
5h34m

Healthcare would be one place where a very large number of workers died.

tonnydourado
2 replies
6h11m

you saw them walking out the door with a box of their stuff

That's cool, I've never seen anyone that worked in a 90's movie before!

Seriously, though, is that a thing? Was it ever?

drchickensalad
0 replies
6h10m

...yes? That's why it's in movies

Aeolun
0 replies
6h8m

I mean, I have a bunch of personal stuff in the office. On my last day in the office I’ll bring it all home because I need it until that time.

I can imagine myself bringing it all in a handy box if I were suddenly fired (which is impossible in my country of residence, but it’s about the idea)

jiehong
2 replies
15h17m

In the company I knew, it’s usual for people to send an email telling others “hey, it’s my last day, thanks for all the memories. Here is my contact info if you want to.”

Others colleagues would also usually organise a virtual envelope with money inside to wish you farewell.

brnt
1 replies
13h52m

We had biweekly team videocalls, so I just announced my last week in my last call.

I find it hard to imagine you have no such contact at all, or that you would say nothing in those meets. You are planning work every now and then, aren't you?

away271828
0 replies
5h44m

You are planning work every now and then, aren't you?

In the past, I've tried to give key people on longer-term projects I'm working on a heads-up. But I trusted them and it was longer-term. At the end of the day, I'm not going to let the word out before I'm ready if I'm worried it has the potential to bite me financially, e.g. because of vesting.

bsimpson
2 replies
13h53m

During layoffs session last year, the company I work for immediately removed people from the corporate directory, and then went to the guy who had made the unofficial facebook and made him hide them in his tool too. They still technically worked there during the WARN period, so they didn't have epitaphs either. That went over about at well as you'd expect.

This time around, the laid off people show up as on vacation. If you see a team of people all on PTO until the end of May, you can presume that team is donezo.

scarface_74
0 replies
13h28m

I worked at AWS in the Professional Services department and people got cutoff in the middle of customer conference calls during the first round of layoffs and then found out about their layoffs.

saagarjha
0 replies
12h32m

The infuriating part is when they spin this as some sort of employee privacy move, as if the employee (now ex-employee? But not really, because of WARN) has no input in that decision.

ThrowawayR2
2 replies
15h8m

I regret to have had a recent opportunity to notice that MS Teams shows an empty status icon for deleted/disabled accounts. Their documentation describes it as "status unknown": https://learn.microsoft.com/en-us/microsoftteams/presence-ad...

picadores
0 replies
12h40m

The user was disappeared

01HNNWZ0MV43FF
0 replies
14h38m

My family's chat server still shows "Offline" for the account of a deceased relative. Like yeah... they're pretty well offline.

javcasas
1 replies
12h45m

I got fired from the office on a Friday evening when more than half the company already logged off.

What is the wonderful closure you get?

Anyway, welcome to the corporate world. It pretends to be personal, but it's business.

jedberg
0 replies
12h12m

I'm sorry you had a bad experience, but most people get laid off Friday morning (it's the most common time).

Anyway, welcome to the corporate world.

I've been in the corporate world for 27 years, and been through many layoffs (usually as a survivor, sometimes as a victim). The ones during WFH have all been worse.

burnerburnson
1 replies
7h3m

I don't understand the secrecy about firing somehow. If I were an employer, I'd want my remaining employees to know that what the fired person did was unacceptable.

bombcar
0 replies
6h57m

Companies very rarely do not want to open themselves to liability so they usually go for the blandest possible description, even laying off and paying unemployment for someone who should be fired for cause.

wil421
0 replies
10h21m

Office layoffs are weird too. A friend worked for Oculus. One day they went to lunch and the manager muttered something quietly about the whole team being laid off then ran off. A team of like 10-15 people had to stand outside and wait for security to bring out their stuff. Sounds pretty awkward.

Another large company I worked for sent out random meeting with the CIO, if you got the meeting you were laid off. At least the CIO did it himself.

whywhywhywhy
0 replies
9h38m

Was it ever really real anyway if you're just little faces or icons on a video call while you worked together.

smugglerFlynn
0 replies
10m

There are no more people in that process, just “resources” that you “let go”. Welcome to 2024.

saagarjha
0 replies
12h36m

After going through my first layoff (not affected personally, I just saw people who were), I just started posting my personal contact information preemptively. I've seen others start to do the same. It's kind of depressing but I think it really helps to be able to reach out after the termination is done.

purrcat259
0 replies
15h15m

Yeah I actually asked for a few weeks ago when we experienced 10% cuts and I was told they won't share one because of privacy reasons...

But we were seeing the list of deactivated slack accounts crop up slowly anyway.

orangevelcro
0 replies
6h42m

Also the language everyone uses to tip toe around saying people got laid off. Some employees 'were affected' or were 'part of the RIF' or whatever other acronym is currently popular.

lazyasciiart
0 replies
2h20m

There’s also Blind, but only if you’re on it before the layoff: you need access to your company email account to create an account.

htrp
0 replies
5h39m

linkedin ?

hiremelocally
0 replies
14h42m

This is just a natural consequence of WFH. Communications are work tasks are so isolated and transactional, there's no reason termination would be any different.

elgenie
0 replies
14h26m

The attributes that would let one reliably eyeball a person who got fired doing their walk of shame also made for a soul-sucking workplace.

That "back in the day" algorithm required an office that emphasized butt-in-seat, lacked flexible working hours, and lacked both personal offices and multiple exit points.

chiefalchemist
0 replies
6h28m

When someone new comes on board, I make it a point to send a LinkedIn connection. While I'm no fan of LinkedIn per se, it's neutral enough that nearly all of those connections are accepted. If necessary, it then becomes a non-company channel for having safe (ish) discussions about the company.

at-fates-hands
0 replies
14h16m

I work at a large corporation. Most of the people have transitioned to WFH now.

At least five times I can say I had no idea someone had been laid off or sacked until weeks later. I just assumed they were on PTO or something, and then in the middle of a meeting, I'd say something like, "Yeah, where's James been, I haven't seen him online for a few weeks now." Then the manager would chime in and say they got laid off or let go several weeks ago and they were waiting to announce it to everybody.

Twice my director had a meeting with the team and forgot to include myself and two other devs to announce someone had been let go - which is scary AF when we're all on Teams wondering why they just randomly left us off the meeting, which then made us all paranoid AF for a few weeks.

The whole process with laying people off or people getting sacked has just been handled in such a ham handed way, it doesn't inspire confidence at all, and people are constantly looking over their shoulder when a team loses people and have to pick up the slack immediately.

_the_inflator
0 replies
15h16m

The email sentiment is both true and somewhat strange.

Simply shut down, just like a service or API that got deprecated. It is a weird experience, if you happen to know these leaving people only by email.

ZaoLahma
0 replies
14h43m

In a large enough company, the experience will be exactly the same even if you do go to the office. It might take weeks or months before you have a reason to reach out and finally realize that you haven't seen someone around for quite a while. And "large enough" is surprisingly small.

For close colleagues leaving, WFH makes absolutely no difference though. Those you keep track of regardless.

Mountain_Skies
0 replies
4h28m

On the first project where I was team lead one of my team members was laid off and nobody told me. I worked with her on Thursday, took a PTO on Friday, and on Monday around noon noticed she hadn't been in at all. I asked the guy who sat in the space next to her, and he told me she had been laid off on Friday. I had no idea there had been any layoffs as there wasn't an email sent out like in earlier rounds. Turned out she was the only person laid off. Really weird way of handling things.

Angostura
0 replies
6h15m

At least it’s made LinkedIn useful for something

7thaccount
0 replies
8h12m

I had an old boss with a Powershell script that auto-ran each morning and did a diff with the employee list in Outlook or something (can't remember what)to see who got terminated or left. I think it was the only sure fire way to know.

Unfrozen0688
25 replies
14h29m

Not a WFH thing. This is a USA thing!!

Edit: OP said "Layoffs in the WFH era are weird" Yes they are, but people here don't suddenly go offline quite as weird is what I was trying to get at.

Here in Sweden if you are FTE there is usually a 1-3 month layoff period (upppsägningstid) where you work and get paid still. At the end of the period you leave.

People usually email the team and even the entire company with "hey im leaving here is my info"

Now people CAN get fired day of, but that has to be VERY grounded.

Again, Not a WFH thing. This is a USA thing!! I notice this time and time again where people complain about IT or WFH, but it's just that you're in the USA, land of the exploited.

lmz
12 replies
14h22m

But if the company is worried about access can't it just pay the employee the 1-3 months without allowing them to work, even in Sweden?

permalac
3 replies
14h7m

I work with identities. I've worked in Spain, France and uk.

99% of lay off are agreed and there is no need for account termination, my current company let's you have your account open 30 days after your last day, so you can move data out to your next company.

worthless-trash
2 replies
13h31m

Sorry, move data out ?

Can you expand on exactly what this means, as I imagine most companies would not want their data moved out to another company.

saagarjha
1 replies
12h30m

Presumably things like "your credentials to the account that we deposit RSUs into" or "your picture of the beer they served in the cafeteria one time that you liked".

notpushkin
0 replies
11h46m

Pictures of beer aren't usually moved into your next employment place though, as GP implies, but rather to your own devices.

MadsRC
3 replies
14h2m

Yup, same in Denmark. It’s called “fritstilling” - basically they pay you severance equally to the amount of months you should have gotten advanced notice (3-many months).

But there has to be a very good reason. Such as theft, or actual security worries.

bsimpson
2 replies
13h48m

I believe this is called "garden leave" in the Commonwealth countries.

com
0 replies
11h32m

“Gardening leave” is the polite fiction - much to do in your personal garden, so you are being given exceptional paid time off to deal with it.

I have genuinely spent a lot of time once sorting out the vegetable beds during a period of gardening leave. It was VERY therapeutic!

Maxion
0 replies
11h57m

Gardening leave is usually a term for a paid non-compete. I.e. you're not allowed to work in the same industry for 6 months, and you're paid salary for those months.

Unfrozen0688
1 replies
14h12m

I am unsure actually as I am not an employer. I am sure it is possible but probably for sensitive jobs like military or something.

Some links if you want to google translate https://www.unionen.se/rad-och-stod/uppsagningstider-om-din-...

There is "duty of loyalty" where you can get sued for leaks etc https://www.unionen.se/rad-och-stod/om-lojalitetsplikt-och-l...

emj
0 replies
9h37m

Of course we fire people in Sweden pay them and revoke their access, this is very uncommon I have only seen it once myself. Would like to note that, simply speaking, the rules change the more responsibility you have.

tomwojcik
0 replies
14h1m

Yes, it's normal in IT in Europe to fire someone, revoke their access and still pay them for 1-3 months. On the other hand many IT professionals work b2b so some of the normal employment policies do not apply. On b2b contract the other side usually is obliged to pay for 1 month.

4hg4ufxhy
0 replies
14h9m

Yes, at least in Finland the penalty for not adhering to the notice periods is full pay during that time. But I never heard of it happening.

globalise83
2 replies
13h3m

Yes, but in cases where a disgruntled employee can do real damage, companies can and do simply ask employees to go on gardening leave with immediate effect, while paying them the rest of their notice period.

pnw
0 replies
4h28m

Sweden doesn't need employees to do damage, they outsourced that to eastern Europe.

https://www.theguardian.com/technology/2017/aug/01/sweden-sc...

Maxion
0 replies
11h58m

Not really in the nordics (europe?)

ponector
1 replies
12h53m

On the other hand, when we talk about low it salaries it is never a USA thing, but an Europe thing.

karolist
0 replies
12h47m

Not Switzerland, still Europe, still can't fire on the spot during layoffs like in the US. I know it's an exception though.

cornel_io
1 replies
13h33m

When Europeans quit their jobs, they're often required to stay on for 1-3 months, as well, and many if not most employers actually hold employees to that when they get new jobs. In the US you can leave same day, and it's considered rude but meh; 2 weeks is almost always fine unless you're super senior.

We also make 2-3x what you do for exactly the same work, sometimes up to 5-10x in tech.

There are tradeoffs, but in my experience European workers are more likely to wish that they could come to the US to work than vice versa. When contracting in Europe I've had clauses written into my contracts on multiple occasions that forbid me from disclosing my rate even to the people managing my work, because I was making more in one month than they (as senior project leads) did in a year...

Symbiote
0 replies
13h5m

The employee in Europe usually has a shorter notice period (if they wish to leave) than the employer.

Americans make more in highly skilled jobs, and less in low or unskilled jobs.

Beyond that I can't generalise, Europe is 44 countries. The Americans I meet were obviously keen to move here.

the_mitsuhiko
0 replies
9h25m

Here in Sweden if you are FTE there is usually a 1-3 month layoff period (upppsägningstid) where you work and get paid still. At the end of the period you leave.

That might be very local. There is a long layoff period in Austria too but I don't think any company will let you back into the office. You just get paid without access at home.

romanovcode
0 replies
11h52m

Here in Sweden if you are FTE there is usually a 1-3 month layoff period (upppsägningstid) where you work and get paid still. At the end of the period you leave.

This is only part of the story. They can just pay you the 1-3 months and mark your firing as "effective immediately". Absolutely legal in Sweden, EU and US, and indeed even better for the person fired - 3 months of pay for no work.

rconti
0 replies
4h43m

This is not a particularly helpful comment. I work at a California-based company, though we have employees all over the world. In our layoffs, typically employees stick around for weeks, months, even 6 months sometimes.

How are we supposed to know? Sometimes people put cryptic slack status icons or messages. Sometimes they slack the team or close contacts or something. But in a company with thousands of people, unless an employee sends a email to the entire company, how are you supposed to know? The layoffs happened months ago, why would it occur to me that the person I am working with today will be gone tomorrow, unless they start every conversation with "hey, so I got laid off..."

Nobody really wants to relive that trauma over and over again. It's frankly MORE confusing the longer coworkers stick around after the 'event'.

eru
0 replies
13h45m

When I quit my work at Goldman Sachs (a very American company), they made me work the whole three months of my notice period.

(Just as one example. The American economy is a big and diverse place. Though in the interest of full disclosure, I was working for Goldman in Singapore, but they were just following global corporate policy; and our labour laws in Singapore defer more to contracts than the US one. Eg no WARN act here.)

dang
0 replies
2h3m

(We detached this subthread from https://news.ycombinator.com/item?id=39311754)

simonw
17 replies
15h30m

If you're going to run something like this, I thoroughly recommend using Git for it.

You can have your cron do something like this:

    curl https://internal.corp/employees.txt > employees.txt
    git add employees.txt
    git commit -m "Automated: $(date -u)" || exit 0
The || exit 0 should ensure no errors even if there is nothing to commit

Now you have a commit history of every change made to that source of information - just run "git log" to view it.

I run this kind of thing on scheduled GitHub Actions all the time, see https://simonwillison.net/2020/Oct/9/git-scraping/

GauntletWizard
10 replies
15h10m

I've been seriously considering using Git for all sorts of oft-changing-but-rarely-majorly data. Lists of books in my bookshelves.

The other problem is that I sorta want transactional-database features on top of these things. Git does this well. I also want fast indexing on parts. Git does not do this well. I am considering writing a "standard" for the dumping of sqlite to git, so that I can just delegate this out; Any transaction can be expressed as a git commit, and I can run both at once for both the durability and the reasonable indexing; The sqlite database can be re-created and reindexed whenever, and it also sorta works for backups...

Definitely just spinning my wheels, though. We'll see where databases take us next.

rofrol
3 replies
14h45m
GauntletWizard
2 replies
13h33m

Dolt is really close and yet just doesn't feel right; I don't want to "commit" between transactions, I want every transaction to be a commit.

timsehn
1 replies
4h52m
GauntletWizard
0 replies
3h14m

That's awesome. I will have to try that out.

ElectricalUnion
3 replies
13h35m

Would fossil fit this bill?

Somewhat git-compatible, based on sqlite3.

Zambyte
1 replies
4h3m

What does "somewhat git-compatible" mean? Can it sometimes use existing git repos, or is the mental model close enough to pick up without learning much?

ElectricalUnion
0 replies
3h34m

is the mental model close enough to pick up without learning much?

I would say git core concepts are pretty similar to fossil concepts, but actual plumbing implementation details are pretty distinct.

The major difference that I remember from a day-to-day "git porcelain" perspective is that rebases and other types of history rewriting are very discouraged.

For a Rosetta stone of somewhat comparable commands: https://fossil-scm.org/home/doc/trunk/www/gitusers.md

Can it sometimes use existing git repos

You can, but it's kinda a lot of really slow busywork. And you lose some of the not-file-dvcs features of Fossil, but it is possible.

This page explains how: https://www.fossil-scm.org/home/doc/trunk/www/mirrortogithub...

JonChesterfield
0 replies
8h11m

Specifically the fossil repo is a sqlite database.

I have a cron script stashing whatever is currently in an obsidian vault into a fossil repo. There's a fossil addremove command that makes that very easy. Thus distributed backups of said vault.

rrrrrrrrrrrryan
0 replies
12h31m

oft-changing-but-rarely-majorly data

I think you're referring to SCDs, and there are plenty of well-defined ways to track these within relational databases:

https://en.wikipedia.org/wiki/Slowly_changing_dimension

Why git?

jarofgreen
0 replies
12h58m

In your git & sqlite setup, I'm not sure which way round you are thinking - which is the SSOT (Single Source Of Truth) and which is the handy cache.

I've been working on a tool that treats the git repo as the SSOT then lets you dump out all kinds of formats for data work including a sqlite DB. I haven't had as much time as I would like on it but it's at https://pypi.org/project/DataTig/

svat
1 replies
15h13m

I do something similar but instead of `|| exit 0` I use `--allow-empty` on the `git commit`. I don't mind the empty commits this creates, as they let me know that there was a successful automated run that happened to be empty, rather than having failed to run for whatever reason.

michaelcampbell
0 replies
6h25m

Thanks for this, much more "intent revealing" than my (up to today) standard practice of `... || true` to keep my `set -e` from killing my script for this "error-but-not-really"

jacquesm
0 replies
15h26m

That's clever, thank you! I will definitely use this.

itronitron
0 replies
14h54m

A colleague of mine would do a sort of temporal-network analysis of this data to see which people either enjoyed working with (or for) each other or which did not, based on how people would switch groups over time.

hiAndrewQuinn
0 replies
14h59m

I used your exact technique to start generating a diffable archive for the Finnish easy language news broadcast. It's been a huge help in gathering high quality comprehensible input for me, thanks!

https://github.com/hiAndrewQuinn/selkouutiset-scrape/

MarkSweep
0 replies
15h16m

Maybe add a ‘| sort’ in there for determinism. But yeah, git is an underrated database for this type of small scale data.

simonw
15 replies
15h34m

Love this bit:

"Incidentally, if someone gets mad about you running this sort of thing, you probably don't want to work there anyway. On the other hand, if you're able to build such tools without IT or similar getting "threatened" by it, then you might be somewhere that actually enjoys creating interesting and useful stuff. Treasure such places. They don't tend to last."

Symbiote
11 replies
14h20m

I wonder if this counts as personal data. It's a copy of everyone's name, job title and employment dates.

I can certainly see many European businesses would be wary of an employee keeping this list.

athoscouto
6 replies
8h39m

Are you referring to GDPR? Does it apply to employees too, or only customers?

M2Ys4U
3 replies
8h34m

GDPR applies to everyone in the EU/EEA/UK.

They don't need to be a citizen, they don't need to have any sort of contractual arrangement with the data processor. If they're alive and identifiable, the GDPR applies.

walthamstow
2 replies
7h40m

So interesting that you say alive. There's always a some obscure bit of GDPR I've never heard of. Does a dead person not have PII?

thfuran
0 replies
6h28m

They can't be harmed by mishandling of PII.

M2Ys4U
0 replies
6h1m

Recital 27 of the GDPR states:

This Regulation does not apply to the personal data of deceased persons. Member States may provide for rules regarding the processing of personal data of deceased persons.

It's not part of the operative text of the regulation, but it provides for a clarification on what a "natural person" is, and the principal prohibition in the regulation is the processing of data about an identified or identifiable natural person.

I would also assume, but I'm not 100% sure, that there's some case law from the CJEU around whether or not the definition of "natural person" includes dead people, which is why it's not in the main body of the text.

tirpen
0 replies
8h32m

GDPR definitely applies to employees as well. It applies to all handling of personal data.

One of the most important rules in GDPR is the requirement for companies to have an up to date list of all places where personal data is being stored, the reason it's stored there and what it's used for and the retention policy.

So an employee creating their own lists of previous employees could potentially get the company in trouble if it was discovered during some external audit if it wasn't listed.

Symbiote
0 replies
6h11m

Depending on the business, employee data can be more of a concern than customers.

A business probably handles sensitive private data on employees (e.g. medical conditions, family records). Employees know this, and could report an ex-employer out of spite, especially if they're aware of poor data security.

htrp
0 replies
4h28m

uids are definitely not pii

brailsafe
0 replies
13h54m

If I read it correctly, they just dumped and diffed their uid, not all of that information.

Traubenfuchs
0 replies
12h26m

In central Europe, we have the complete company organigram in namely, so it can't be that bad.

M2Ys4U
0 replies
8h31m

This is definitely processing personal data.

What Rachel is describing is absolutely illegal under the GDPR.

refulgentis
0 replies
4h35m

I don't love it at all.

It's over-the-top posturing for posturing's sake.

A way to confirm this is to look for HN comments who posture the same. After the Overton window widening, they forget to hold back, and will openly say what we know: it's an abuse of the system that turns an outmoded address book into a gossip rag, to the surprise of the actual people involved.

Citations:

"First I just cared about which accounts got deactivated. Then I started tracking title changes, last name changes (people getting married), department sizes, company head count over time etc."

"LDAP's full of secrets. And to think that you can get nearly all of it with anonymous access. Team or department mergers before they were announced? Yep, I've caught those. Secret mailing lists for internal projects? Check who's a member and you can ferret out what's going on. Bonus if the list mail address gives some of it away."

"Lots of weird things depend on the LDAP tree being broadly accessible. It's just that it leaks more information than most people think."

"Monitor when and what HR is doing. Detect when users are logging in and out of LDAP."

malfist
0 replies
6h19m

Amazon fired a guy that shared an LDAP query to find folks affected by a round of layoffs....after the layoff happened. So it's not like he was leaking information.

jijijijij
0 replies
8h2m

Incidentally, if someone gets mad about you running this sort of thing, you probably don't want to work there anyway.

If you do want to work there, though, maybe check the legal situation first...

I am almost certain, this counts as unauthorized processing of personal information. Just because you have access doesn't mean it's fair game to do whatever you like with it. Especially archiving, keeping a history or linking (external) data is not the intended use for such an interface. If you take the information home with you, e.g. on your work laptop, that may be a whole nother can of worms. May even count as business secrets you're exfiltrating.

At least in Europe, abusing such an interface likely would be illegal, certainly if you keep a copy/diff. Your employer may have to act against you, or become liable. Or they may use this misconduct later to conveniently terminate your contract (lol, especially, if you use your insights as leverage).

I presume the larger the network, the more likely this will get you in trouble. Conversely, collecting the data has little use otherwise.

How about you organize with your colleagues to voluntarily share employment information to gain collective leverage?

evmar
15 replies
14h22m

I made epitaphs! AMA

umbauk
5 replies
13h16m

Is it still going?

Were you ever made change it by HR?

I left 5 years ago. Loved that thing!

saagarjha
2 replies
12h42m

It was there when I left several months ago, so I assume so. Or maybe I shouldn't, they started shuttering a lot of these kinds of things after layoffs.

larsrc
1 replies
12h4m

It's still there, just used it to see if I had guessed right on Rachel's workings (I hadn't). Thanks for making a very useful tool!

saagarjha
0 replies
11h3m

Just in case you meant otherwise Epitaphs is not my tool, but I agree it is very useful :)

evmar
1 replies
5h44m

It was still going at the time I left (~2y). Most of the work of keeping it alive had been done by others for the last decade, so I hope someone else is still carrying the torch.

We had the occasional HR interaction but to my recollection never anything nasty.

boulos
0 replies
5h32m

I'm still (poorly) maintaining it!

laurentlb
2 replies
10h43m

The blog post mentions "Someone else who knew you had to add it", but this is not exact (or no longer exact). An employee can send an email to a special address with the content, and it will show up when they leave the company.

That's what I did. That said, I can't double-check to see if it worked. :)

Thanks for the tool, Evan!

kajecounterhack
0 replies
2h48m

Laurent FYI it didn't work (FYI we interacted over the cider font size thing). I couldn't find you anywhere even though I know your ldap.

evmar
0 replies
5h47m

You are both right. Originally you could not email, and like the OP I kind of liked the ceremony of entrusting someone with a message to send from beyond the grave. But someone contributed the code to make the email work, likely after the OP's time.

znpy
1 replies
11h48m

In what company, if I may ask?

vicek22
0 replies
1h47m

It seems like Google from all the people who responded in this thread :)

JoachimSchipper
1 replies
13h55m

Why did you make epithaps? Any interesting organizational or technical challenges you encountered on the way?

evmar
0 replies
5h41m

Initially it was a combination of just for the fun of it (it's a small script, as OP described). Secondarily there was the feeling of "everyone is going to go work at [major competitor]" and I was curious whether I could collect the data to show it. (I never ended up looking into this, but maybe HR did.)

As a dumb script it was not designed to be especially flexible. One thing I remember needing to fix was that by its nature it was archiving old data and preserving it, which meant that it was accidentally deadnaming trans people. My recollection is this was a small code fix, but an interesting lesson in social consequences of oblivious software.

kajecounterhack
0 replies
14h15m

Thanks for making epitaphs <3

bsimpson
0 replies
13h43m

I don't know what to ask you in a public forum, but it's nice to see your name pop up!

throwawaaarrgh
5 replies
14h54m

There's a very common problem with systems that use SSO, where the 3rd parties that accept SSO logins cache the login information, sometimes indefinitely. A user can leave the company but their login placeholder account stays in the 3rd party, and active login sessions are maintained basically indefinitely. So you can leave the company and lose your AD account, but still access the 3rd party. As Rachel says it's kind of a hard problem to solve (but not that hard).

fbdab103
3 replies
14h1m

In most cases wouldn't that session info be tied to physical hardware to which the employee no longer has access? Sure, tick all of your boxes, but I would think that losing the company laptop/phone/VPN would be a pretty significant barrier to maintaining access to other systems.

n_plus_1_acc
1 replies
13h22m

Not with BYOD

fbdab103
0 replies
8m

I refuse to BYOD, so I am not familiar with the nuances, but wouldn't the corporate controlling entity wipe/reset/deauthenticate the corporate partition of the device?

throwawaaarrgh
0 replies
6h52m

Not worth 3rd party vendors with basic SSO. They have no idea when the user leaves the company because there's nothing updating the vendor's sessions.

grinich
0 replies
14h37m

The answer to this is SCIM, which allows an app to sync the user state with the identity/directory system.

IT admins call this "User Lifecycle Management" and it's typically a required feature for enterprise-scale customers.

(I work at WorkOS and we help developers with this: https://workos.com/directory-sync)

l0b0
5 replies
16h23m

Now to figure out how the frig to implement this at $work.

enasterosophes
4 replies
16h17m

Since we're a puppet shop, the user account definitions are largely (albeit not exclusively) kept in hiera (i.e. yaml), tracked in Git.

We haven't used this for the purpose of writing epitaphs, but we could. In fact, since such changes need to go through code review, someone could theoretically author their own removal and add an epitaph of their choice in the commit message; after they leave, the change can be approved and merged in their absence.

bigiain
3 replies
15h57m

Heh. Now I want to sneak in a CI automation or a pre commit hook or something - to post _my_ version of my obituary when I've left.

jacquesm
2 replies
15h24m

'Reflections on trusting trust' :)

bigiain
1 replies
15h5m

Ahhh thanks!

Of _course_ the right place to do this is hidden in the compiler.

;-)

jacquesm
0 replies
9h40m

I wonder how long it would take them to figure it out. Bonus point if it is a two stage, where the compiler contains the real logic but some innocent tool looks like it is the culprit. And of course per the original you modify the compiler in such a way that an attempt to recompile it will reinstall the gimmick. And maybe redirect the distribution downloader to the point that it uses a locally cached devtools copy that ... you get the idea...

thrdbndndn
4 replies
13h21m

uid (unix account name)

Is this a joke or for real?

enasterosophes
1 replies
13h7m

Why wouldn't it be for real?

Given the context of the post, the uid info is likely populated from a central source. I log into one box anywhere in their infrastructure and see who has what uids, it is evidence about who is permitted to that part of the infrastructure at that time.

thrdbndndn
0 replies
9h21m

Sorry, for some reason, I thought the author meant UID stands for "unix account name".

It's totally my fault for misunderstanding.

saagarjha
0 replies
12h39m

Rachel doesn't joke much in her posts.

Denvercoder9
0 replies
8h57m

Most likely real. In LDAP, the "uid" attribute is commonly used to store the Unix account name. The numeric Unix uid/gid are stored in the "uidNumber"/"gidNumber" attributes.

mickeyp
4 replies
15h36m

LDAP's full of secrets. It's a great way to keep tabs on what's going on in a company. And to think that you can get nearly all of it with anonymous access.

Team or department mergers before they were announced? Yep, I've caught those. Secret mailing lists for internal projects? Check who's a member and you can ferret out what's going on. Bonus if the list mail address gives some of it away.

`ldapsearch' is good if you know your way around LDAP. Apache LDAP Studio is a great UI tool if you just want to explore.

Everyone should know enough about LDAP to build a login service that binds against it for internal apps. You can exploit the groups the sys admins maintain to control permissions in your app. It's very powerful and an easy way to get up an running in no time.

throwawaaarrgh
2 replies
14h52m

I'm still flabbergasted when a company lets me index their entire AD tree as a random (or, holy crap, anonymous) user. Very nice of them, but still.

It's also often the only way to get information that doesn't exist in an Intranet page, like, literally what teams are there in IT, where are their offices, who's somebody's manager, and of course, what distribution lists am I not on that some other user is on that's causing one of us to have issues accessing some internal company portal.

mickeyp
1 replies
12h7m

It has to be public (or at least not too locked down) or things like Address Book in outlook would stop working. Lots of weird things depend on the LDAP tree being broadly accessible. It's just that it leaks more information than most people think.

xorcist
0 replies
9h53m

Still, it's a tool made for another era. It would be sufficient to let it return one search result at a time, or complete specified group aliases, in order to work for groupware clients. Applications mostly needs to authenticate a specific user.

The ability to walk the tree is something else. Just like we don't allow zone transfers for dns anymore, there should have been similar best practice changes to ldap if people just gave it some love.

SheinhardtWigCo
0 replies
11h5m

Everyone should know enough about LDAP to build a login service that binds against it for internal apps. You can exploit the groups the sys admins maintain to control permissions in your app. It's very powerful and an easy way to get up an running in no time.

Sure, if you want to be the next SolarWinds.

gpvos
4 replies
10h2m

Is it common in the USA that employees just disappear without getting the chance to say goodbye to their colleagues? At most places I worked, people tended to send a goodbye email to everyone@company and got a chance to say personal goodbyes, even when there was a negative reason for them to leave.

dudul
2 replies
8h27m

Yes it is common when the employee is being terminated. It may depend on the industry, but it's always been like that at the 10+ companies I worked at.

Honestly, I much prefer it to the long notice (sometimes 3 months!) you get in say some European countries. Just rip the band aid and move on. Most likely you'll have a way to connect with former coworkers easily on LI and such.

gpvos
1 replies
8h8m

A week or so seems fine to me. Gives you a chance to wrap things up and transfer stuff.

dudul
0 replies
7h50m

Or roam the hallway, do nothing but bitch and all.

If I'm terminated I'm not gonna care about wrapping things up, I'm out of there.

glimshe
0 replies
9h59m

It isn't the usual way for an employee to depart a company. It is common in layoff situations, though.

Note: don't ever depart with public criticism, you have little to gain and potentially a lot to lose with the burned bridges.

unobatbayar
3 replies
12h13m

Do you guys feel sad when your colleague leaves the company?

suddenclarity
0 replies
8h33m

You'd have to define "sad" but naturally there's a sense of emptiness immediately after a friend disappears from your life. Someone you've learned to know and share jokes and interests with. Not every colleague is a friend though.

romanovcode
0 replies
11h55m

I feel sad if this means I have more work and responsibilities for same amount of pay. Otherwise - no.

mlrtime
0 replies
7h1m

Depends, but not really.

It's like saying sorry for someone getting divorced.... in all likely hood you should be happy for them and congratulating them on ending a toxic relationship.

omgbear
3 replies
6h25m

A former company I was at was really weirdly tight-lipped about people leaving.

I'm sure totally unrelatedly, we got dinged a bunch on our SOC2 reports improper "off-boarding" and not removing access from terminated folks since no one knew to remove them.

Once we added quarterly SOC2 controls to make sure only employees had accounts it was always a shock to see who had to be removed.

I know the intent was to improve morale, but it had the opposite effect.

azemetre
1 replies
6h17m

That definitely sounds bad. I wonder what sort of justification they had to not tell people who left?

Not having closure is one of the most common grievances people have about relationships, friends, lovers, siblings, or colleagues that disappear.

It seems purposely malicious.

omgbear
0 replies
6h6m

Agreed the lack of closure was frustrating.

Stemming the tide maybe? Don't want people to leave when they see a respected or well tenured person leave / get laid off?

All happened after an acquisition, so I'm not sure if this was business as usual for the other company or in response to increased attrition.

We ended up with an alumni slack like others here have mentioned.

starkparker
0 replies
6h4m

I've had companies use privacy concerns as an excuse, which was hilarious. They couldn't tell us who left because they wanted to respect the laid-off people's privacy so the entire company spent the day compiling a list of all the deactivated Slack accounts. Great job!

heads
3 replies
14h14m

So negative! Where I work this tool is called “new-hires”. It uses a restricted read-only API key to our third-party people tool. It was given to me by our People Director. Sometimes there are lines beginning with - but the tool is named for the lines beginning with +.

new-hires is built on top of the “people” python module / cli in our monorepo. That tool is so much more useful than just a way of diffing the org chart. Who is in what team, where are they, are they working today, is it time to celebrate their anniversary, etc. It also follows what I coin the “ZFS litmus test” for good CLI tools by providing -pH for parseable, headerless output.

Treasure such places indeed.

elromulous
2 replies
13h16m

Where is this? Sounds like a great place!

heads
1 replies
8h4m

Speechmatics.com in London and Cambridge, UK. We build audio and language models that perform the most accurate speech recognition available.

https://www.speechmatics.com/company/careers/roles

sevagh
0 replies
2h47m

Your site looks great. Clean description of the draw of your product!

tonnydourado
2 replies
7h8m

I'm not sure I get this.

If it's in my team/department, I'll know about it one way or another. If not ... Why would I care? People come and go, and if we're friends outside of work, we'll have other channels.

Besides that, most companies I worked at don't even maintain the LDAP/whatever properly. I've seen contacts from people that left/were fired stay around for years.

baud147258
0 replies
5h47m

If not ... Why would I care?

What if they're someone you're working with on and off. Or if you're waiting on some tasks from them?

OJFord
0 replies
6h50m

On an individual level: maybe you don't work closely but know the name, might be interested to know ahead of suddenly realising you haven't seen/heard from them for weeks/months; or maybe you used to but they moved to a different group, you're not in touch but vaguely interested if they've left.

On a more macro level: you might be interested in an apparent layoff/significant restructuring.

Someone used to (/maybe does) run this as an email service ('orgdiff') at Arm. I wouldn't have gone out of my way to do it myself, but it was something to skim with a Monday morning coffee.

lulznews
2 replies
14h32m

Hacking is fun but how is this useful?

brailsafe
0 replies
13h48m

A modicum of increased transparency/visibility.

ElectricalUnion
0 replies
13h29m

Being able to bind and query useful/interesting information on LDAP is always useful.

Havoc
2 replies
13h2m

Don’t think my employer would take too kindly to attempts to download bulk employee lists

Banditoz
1 replies
12h48m

Can they monitor for such a thing? Does say, Azure AD show whenever someone downloads data? Does Outlook make a similar call to figure out the name dropdowns?

Havoc
0 replies
8h30m

Perhaps for small orgs. We’ve got thousands upon thousands of people so little chance of grabbing the entire AD or leveraging some outlook dropdown.

Is be surprised if any competently run large org allows that anyway. Just takes one rogue dude trying to make a quick buck by selling the info to spammers and you’re dealing with that for the next decade

72f988bf
2 replies
15h3m

Scanning, dumping, and diffing of active directory also helps seeing when people got promoted. ("Software Engineer" -> "Software Engineer II" -> "Senior Software Engineer" etc). Useful for figuring out stats on "promotion velocity" in one org vs other.

Wouldn't work at "a certain company" if such company now made all their levels secret by default of course.

saagarjha
0 replies
12h40m

There is no need to show levels if the company has solved equity already, right?

3abiton
0 replies
15h2m

Learned a new term today, promition velocity.

mkl95
1 replies
15h12m

There's data and there's also the behavioral / psychological stuff which is the bigger tell in my experience. Things like delivering half assed work despite having a good track record, and not caring about problems that need to be solved in the mid term.

brailsafe
0 replies
13h49m

Hmm, how is this related to the article exactly? Bigger tell... of what?

eddiezane
1 replies
14h23m

Back when I was at DigitalOcean they were laying off/firing people from the company but not announcing any departures. You'd just go to message someone and their Slack account was deactivated. This was over the course of several weeks. I built a Slack bot to post when accounts got deactivated and learned of some new departures well before those impacted actually did.

https://github.com/eddiezane/no-ghosties

popcalc
0 replies
12h29m

It seems DO uses the same methodology for their customer support.

dghughes
1 replies
9h20m

Adam Savage's recent video said large companies don't like to lay off big blocks of employees so they just do it in small batches over the year. They fire the last person who made any mistake.

https://youtu.be/CzjftlUQs4g?t=403

brlewis
0 replies
6h15m

That doesn't fit my experience. Google's stock price increased after a large block of layoffs. And they were making every effort to put as many as possible in a single block. For example, my department was "impacted by the layoffs" but given 9 months to keep working and possibly transfer out. If they didn't want to announce a large number at once they easily could have waited.

xmodem
0 replies
8h25m

At one role our GitHub access was mediated by a CI job that would export users and groups from Google Workspaces and apply them to GitHub. The script would helpfully print a list of actions taken, and we had a general policy of CI logs being world-readable - and this job was no exception.

It was a useful way to keep tabs on any skulduggery that was going on.

Unrelated, but Confluence has very powerful support for email alerts on changes. These include notifications of deletions, and the email includes the diff of the deleted content. One thing I do at any org that uses confluence heavily is set up notification rules on some interesting spaces and check in from time to time.

wwilim
0 replies
10h55m

Unix hacker approach to corporate drama, I like it.

tonymet
0 replies
2h15m

Just be aware that your company will be logging this behavior and it will seem suspicious. They can make a good case for termination with this evidence.

tandle
0 replies
4h4m

Speaking from the other side (the side that does the termination), as long as your IT team is actually good a simple ldap diff isn't going to be enough.

Why? Because a good termination process is sensitive to there needing to be a communication about a termination that can happen well after the actual process of eliminating their access and telling them it's their last day.

So a better termination process is something like:

1. Employee goes to a physical space (preferred) where they don't have their work equipment or talk to their manager and/or HR using something that isn't work controlled (phone call, etc.).

2. A manual or scripted process executes that forces sign outs of all work things (computer, slack, google, whatever). Credentials get reset and not disabled. Perhaps someone can try to look for password reset metadata or other things that might indicate a departure, but it's a lot harder than looking for disabled uids.

3. After the person leaves or has finished their conversation remotely, the team that works with this person gets a broader communication from someone to tell them about the departure. If the company is small enough, maybe there's a broader communication to more people.

4. The rest of the termination process gets fired off that does disable accounts, etc.

Why don't all IT departments do this? Well for a lot of reasons:

1. They don't care, don't have incentives, or haven't been told by HR, etc. to care about handling the termination process in a more sensitive way.

2. For any sufficiently complex company, the number of edges cases of systems where you can't force a logout or handle a password reset increase over time. It takes a lot of testing to make sure a process works because vendors have bugs all the time or unintended behavior.

3. The risk of poorly communicated terminations increase as the number of people that either perform or can troubleshoot the automated process to terminate increase. As others commented, you don't want some ticketing system that is readable by a wide amount of people to see termination requests, so now how do you communicate a termination without too many people knowing about it?

Strangely enough, I think trying to achieve the most sensitive but automated process is good because it forces the company to communicate and acknowledge a departure before the full termination process fires off, but maybe I'm in the minority.

shermantanktop
0 replies
14h9m

I’ve done this multiple times, and have two instances running right now which have been active for years. One is simple and watches a smaller org:

ldapsearch … > new; diff old new > updates; mail … < updates

(On phone, pseudo code, definitely wrong)

The other is perhaps more interesting. I built a tool for a tool for a population of specialists in a large company. The tool requires ldap data synced in, and I capture the diffs. That sampling approach provides surprising insights into what’s active/hot/declining, even when the total size of the company would making tracking every employee change quite difficult.

sciencesama
0 replies
4h6m

Is there a script to check the users from the windows graph !!??

rpigab
0 replies
13h43m

This is a very fun thing to do, unfortunately where I work (France), the HR team send out weekly/monthly emails with somes HR updates, and at the end the list of everyone who is hired (this includes conctractors), and everyone who leaves (resigned or fired), so it would not add any information to run LDAP searches and dumps/diffs.

It's always kinda stressful to open this email and find out if one colleague you liked has decided to leave, but most times, this colleague informed you before the email arrives.

randycupertino
0 replies
15h13m

I once worked at a large bureaucratic org that tried to keep it secret when people left (if quit or were fired) because they thought departures were bad for morale. So it was just a big secret. Are they here any more, are they on PTO, are they out sick, who knows! Can't talk about it. It caused way more gossip and bad morale than it would have just to be straightforward letting us know that so and so was gone.

phendrenad2
0 replies
1h27m

I postulate that if your company uses LDAP, and you are here on HN, you're going to be laid off within the next 12 months. The existence of LDAP at a company implies that the company is likely highly um "mature" and isn't amenable to the kinds of hackers who have actual interest in the programming field.

pharmakom
0 replies
7h34m

I once discovered that a very large org had AD configured in such a way that you could see “last seen at” timestamp for everyone profile in the company.

It would have been trivial to track everyone’s hours using this, which would likely have been unpopular.

nickm12
0 replies
2h29m

This is funny... I thought I was the only one who did this. I work in an org of over 1000 people and have found doing a programmatic dump of the org chart gives me insights I would never get from reading our status update. Often it is the only way I learn about colleagues who have left (and returned!) because not everyone sends goodbye messages or even has the opportunity to.

mmsc
0 replies
15h17m

I made a tool to track ldap like that [0]. LDAP is a treasure chest of info and great for stalking. for some reason i find it fascinating to see people leaving, and if possible, see how long they worked there for. seeing friends get fired via LDAP before they even knew about it was certainly interesting, too.

I noted in the readme..

    Know what's going on in your LDAP directory on-demand with Slack webhook integration.
    See new hires, leavers, and promotions as they appear in LDAP.
    Monitor when and what HR is doing.
    Detect unauthorized changes in LDAP.
    Monitor for accidentally leaked data.
    Detect when users are logging in and out of LDAP.

There's also LDAPmonitor[1] which is designed for Microsoft and Active Directory which does effectively the same thing.

[0]https://github.com/MegaManSec/LDAP-Monitoring-Watchdog

[1]https://github.com/p0dalirius/LDAPmonitor

mfkp
0 replies
14h37m

Ha, I did this about 10-15 years ago at a prior company. The turnover was so high (especially in the sales staff) that there would be at least a handful of people mysteriously disappearing each week.

I automated a small newsletter called "The Weekly Diff" for a few close trusted coworkers and sent it out each Friday with a list of who's new and who was missing from the company directory. And I kept a scraped database including phone numbers in case anyone wanted to reach out to anyone after they'd been removed.

Sometimes you make the best out of a failing company culture. Kept a lot of friends that way just by reaching out with some words of support :)

marviel
0 replies
5h6m

Incidentally, if someone gets mad about you running this sort of thing, you probably don't want to work there anyway. On the other hand, if you're able to build such tools without IT or similar getting "threatened" by it, then you might be somewhere that actually enjoys creating interesting and useful stuff. Treasure such places. They don't tend to last.

too true

loneranger_11x
0 replies
15h21m

"Treasure such places. They don't tend to last."

True true true. Especially if people are building quirky cool stuff in smaller orgs, its simultaneously a great place to work and has a higher extinction probability.

lapcat
0 replies
9h2m

Fun fact: back when I was a contractor for Apple many years ago (while Steve Jobs was CEO), I learned through their directory service that Steve Wozniack was still an employee and reported to then-CFO Peter Oppenheimer.

kylestlb
0 replies
3h48m

doesn't every HRIS have this? workday, et al... all have some sort of "Leave Reason" field which can be reported on & aggregated

khalilravanna
0 replies
6h53m

There was an automated tool like this someone built at Twitter. At first it was cool just to see who the most tenured people were. Then the layoffs happened and it became essential due to the absolute 0 communication happening thanks to the Cool New Management. I remember we used the count of people in one of the default Slack channels to keep track of how many people got the axe. Woof.

joshstrange
0 replies
2h39m

At my last company they had no system for letting us know if someone had been let go. At one point they laid off the VP of sales and it came up almost by accident in an all-company meeting (not a massive company, <100 but >50) and people were surprised he had been let go.

I was young, with nothing to lose (or rather just no self-preservation), and so I spoke up that the policy of saying nothing was silly and potentially very dangerous. If that VP, who I saw around regularly, had emailed me for a list of our clients I would have sent it to him, if he had been waiting at a door telling me he had forgot his keycard I would have let him in, etc. You could argue "You should have always asked up the chain before doing that or refused to let him in on your keycard", but then I'd just shake my head at you. When a VP tells you to do something it's not a great career move to throw up roadblocks, even if it's company policy, in my experience.

Going forward the company agreed to send out bland, generic "X is no longer with the company" for "legal" reasons (as in they couldn't say "was fired", "left of their own accord", etc). Which was better for sure. I never thought to scrape our company directory, that's a clever way to do that for sure.

jjkaczor
0 replies
7h30m

Hahahahaha... So, I um have a very similar script that I manage for 'KTMJ' - it's not to find deactivated users, but to synchronize certain ldap attributes to another system. This organization is large enough (300k+ users) that typically, between the time that the script queries ldap, prepares the synchronization file, then actually performs the synchronization import which validates if each user still exists, there are already several hundred accounts that have been deactivated during that window and reported in an 'error' log file. (The actual synchronization and 'error' log file are outside of my direct control)

Why did I laugh maniacally?

Due to 'budget constraints' my contract is being terminated (they have just been through several rounds of layoffs, I was expecting this), my account will be one of the ones deactivated on the next monthly cycle - prior to that, I will have to handover the processing and expected 'deactivated' users 'error' logging behaviour to my replacements...

irrational
0 replies
7h5m

My company has 80,000+ employees. I have a feeling I'd be inundated with the churn.

hardware2win
0 replies
11h29m

Irc, cron, ldap, spying on other employees stuff

Yea, admins.

fredley
0 replies
11h14m

I'm a WFH worker. My company is fully remote. They are really great at managing departures and make sure everyone's aware and has a chance to say goodbye.

However I can't shake this feeling that the mindset that got us from treating servers like pets to treating them like cattle is creeping into workforce planning, and the WFH movement is making it that much easier.

Why plan capacity when you can scale resources up and down on-demand on a whim? With the emotional and morale implications of letting people go hugely reduced it becomes easier to think like that.

ezekiel68
0 replies
8h2m

The last two sentences of the article were worth the whole read.

drtz
0 replies
4h37m

I've been using POSIX systems regularly for 25 years. Why have I never seen the comm command used before?

doix
0 replies
14h23m

It's amazing how many people came to the same idea independently. At my old gig I created "the sackinator" (getting sacked = getting fired). It was a cronjob that dumped the entire AD directory nightly and then a script to diff the output of any two days.

Since the data was dumped, you could always go back and do more analysis. First I just cared about which accounts got deactivated. Then I started tracking title changes, last name changes (people getting married), department sizes, company head count over time etc.

Incidentally, if someone gets mad about you running this sort of thing, you probably don't want to work there anyway. On the other hand, if you're able to build such tools without IT or similar getting "threatened" by it, then you might be somewhere that actually enjoys creating interesting and useful stuff. Treasure such places. They don't tend to last.

Couldn't agree more.

cyclops1982
0 replies
10h40m

For those wondering, by default, any user with an AAD account can query /all/ users via the MS graph API.

The trick showed in the article can easily be done on AAD as well.

codeulike
0 replies
11h43m

Note that in Europe or UK downloading bulk employee lists would likely mean you are now handling 'personal data' and so various GDPR rules kick in

brunooliv
0 replies
14h15m

I find this super weird and almost borderline invasion of privacy? I mean, a job is your professional life and you’re there to work, not go directly make friends or stalk people… I mean sure I’ve made a few people whom I’d call friends in previous jobs and current one too and I’d like to believe that we’d have enough confidence in the friendship to tell each other about quitting. But seeing that potential info about anyone feels very weird…

biosboiii
0 replies
14h23m

Did this for a supermarket delivery company, they had an API that exposed their exact stock level for products, scraped the data every 30ish seconds, diffed and repeated :D There were some interesting orders for sure (cigarettes + soap + 1 beer)

ben_w
0 replies
12h18m

if you're able to build such tools without IT or similar getting "threatened" by it, then you might be somewhere that actually enjoys creating interesting and useful stuff. Treasure such places. They don't tend to last.

Advice I wish I'd been given before graduating, second only to "get everything in writing".

alpb
0 replies
15h39m

The “epitaph” app that was mentioned is an internal Google web site. I always found it to be fascinating.

al_borland
0 replies
15h47m

We used to use Sametime and I’d periodically search for “Deleted - “, which would show me everyone who was deleted over the past few months, before they fell out of the system.

adrianmonk
0 replies
4h19m

I built this by accident once!

We had this internal web application. It had its own separate username/password table. I was asked to make it so you could login with your regular password instead.

It wasn't hard to solve the password part. I could make the web app consult the main system to verify your password at login. But... I couldn't eliminate the web app's user table entirely. It was too fundamental.

So I built a thing that ran periodically, got a list of users from both places, diffed the lists, and then did the required create/update/delete operations on the web app's user table. Thus the web app's user table mirrored the main login system.

I rolled this thing out and babysat it, keeping an eye on its log file. Naturally my code logged operations done on the user table. And I was like, "Hey, this is telling me who is joining and leaving the company!"

It even gave me a little additional info. The web app had certain roles and permissions, and these needed to correspond to organizational structure, which I got from the main login system. So if a user's web app roles changed, it was a clue they may have switched teams or got promoted.

I felt like I needed to be a bit careful with this info. Not that I wasn't allowed to have it, but I don't think IT expected anyone to have a tool that would make it that easy to notice changes as they happen. Potentially, I could have known someone was fired before their manager told them or something like that.

TLDR: Tried to streamline operations, accidentally developed a signals intelligence capability.

SoftTalker
0 replies
4h24m

Incidentally, if someone gets mad about you running this sort of thing, you probably don't want to work there anyway.

Well that depends I guess. A lot of companies/orgs have privacy policies that prohibit accessing services out of "curiosity." I.e. if you're working at a university it's OK to access student information if you're doing it for a specific work-authorized purpose but you can't go casually looking at people's information just to satisfy some personal interest.

RajT88
0 replies
15h52m

I do this for various reasons at my work.

To function in day to day tasks you need to be able to read stuff in AD. I have solved interesting problems this way like: How do I get access to X thing when the security groups are not documented? Find someone with access and recurse their MemberOf and diff your own.

I also have used it to find people leaving.

MichaelMoser123
0 replies
12h23m

I wrote a script that is looking at the git log of a git repository, it tries to sum up how many commits per author/number of lines changed etc, when the author was active. This also gives some indication on the 'turnover rate' or whatever. (I know lines changed and number of commits is a very bad indication, but it is some indication)

https://github.com/MoserMichael/gittools/blob/main/git-whois...

Lance_ET_Compte
0 replies
4h42m

I did this before. I ran a cron job once a day that counted the number of active entries in a particular file. It was neat to see the number bump up after an acquisition or drop after a layoff. It was neat to see the overall growth of the company I worked for.

I eventually decided that someone _might_ decide that, although freely available, in aggregate, this material could be _sensitive_. I stopped doing it. I deleted years of interesting data...

KingOfCoders
0 replies
12h58m

In Germany it's also a very good idea to monitor the "Handelsregister" (register of all companies) and see who currently is really the CEO, who can sign things etc. This shows early ripples in the force (e.g. founders on their way out, willfully or forced).

GIVEDADDYABYTE
0 replies
5h36m

I tried to make one of these systems at my first job, but my manager expressly forbade me after hearing about it.

Later that company would go on to lay off 15% of software engineers in a day. The support team created tickets in the public issue tracker to decommission employee accounts, so a lot of people found out that way before anyone reached out for a meeting.

Foobar8568
0 replies
12h57m

With Excel and Power Query, you have your own analysis tool...There is a direct connector to dump the full LDAP.

0x500x79
0 replies
3h21m

I worked at a company that had an internal website that showed all people, departments, teams, and had a filter you could use for new employees or employees that left. It was sort of a double edged sword: you had enough information to start asking questions about what it meant if a team member or coworker was on the list. What was more interesting is that it almost became ritual for some people to logon first thing in the morning and check the list, every morning.