This "but people are stupid and uninformed" mentality has really got to stop. If you find yourself making an argument that hinges on everyone but you or some large population being idiots then you're wrong. Not only because people aren't stupid but doubly because you're specifically talking about a population of highly educated people who start as developers and get interested in infra.
Sysadmins/DevOps/SREs aren't hopeless, they just have different incentives and responsibilities. Default secure with the option to let down your guard when the need is there is always always the right choice. You wouldn't have your firewall default allow with a blocklist. You wouldn't grant everyone sudo access and then maintain a list of commands they can't execute. Such a thing is impossible to maintain.
For me specifically I manage too many servers to bother with this. It's going to be deployed to everything without exception and if you need more performance we'll rack more hardware. The cost of more CPUs is less than the risk that something will slip through the cracks. I don't care that your pet service doesn't execute any untrusted code, I'm not carving out exceptions when I have 20 teams constantly asking for stuff.
Sometimes this happens —- the vast majority of organizations have tighter budgets than FAANG, especially if they are not for profit. How helpful do you think this observation could be to someone in their position ?
Sysadmins/DevOps/SREs aren't hopeless, they just have different incentives and responsibilities. Default secure with the option to let down your guard when the need is there is always always the right choice. You wouldn't have your firewall default allow with a blocklist. You wouldn't grant everyone sudo access and then maintain a list of commands they can't execute. Such a thing is impossible to maintain.
For me specifically I manage too many servers to bother with this. It's going to be deployed to everything without exception and if you need more performance we'll rack more hardware. The cost of more CPUs is less than the risk that something will slip through the cracks. I don't care that your pet service doesn't execute any untrusted code, I'm not carving out exceptions when I have 20 teams constantly asking for stuff.