199
deleted
(sh.itjust.works)
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
Looking for support?
Looking for a community?
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
I would absolutely send him an email to the effect of
with a list of known major vulnerabilities attached if possible.
That way at least if this comes back to bite the company on the ass, he can't say "Well he never told me this was a problem!"
this is the correct response.
get it in writing that they accept the risk that comes with not upgrading so it can't come back on you. all you can do is CYA and make recommendations - if management does not agree with your recommendations make sure you have it documented that you informed whoever is making the decision of the risk.
if you think your employer will somehow still try to hold you accountable for this, save the aforementioned correspondence using something your employer does not manage i.e. a personal device. you could also let other people than this specific individual know about this so it isn't just your word vs his.
Exactly. After that he can basically let it go. Unless he has some stake in the company or ite survival, he's done his job. It's his bosses problem, the one responsible.
And keep a copy off site
I disagree. That's a consultant-style answer. OP is an idiot newb three months into his first job with zero responsibility, and not in any position to "serve notice" or have any meaningful "professional opinion".