Posts by GeekyOldFart

Ah, such good times.

One very annoying colleague got his entire cubicle filled with packing peanuts and encased in pallet-wrap. We stopped short of slapping a faked-up shipping label to "Anywhere but here" on it, thinking that was a little too snarky.

And then there was the ongoing institutional prank, like when a developer checked in some code that bombed the nightly he came in the following morning to be greeted at his desk with a life-sized cardboard cutout of a barely-dressed Kate Moss, her decency only preserved by the sign she was holding. We had modified the sign to read "I broke the build" and he had to keep it in his cube until somebody else messed up and he could pass it on.

"...Checks were inadequate, controls avoided..."

Don't we all know how that happens...

Security controls, change control checkpoints, business controls, folks almost always find workarounds without even realising that they are doing it.

The more critical the control, the more essential it is that the process is designed in such a way that compliance is the path of least resistance. Because if it isn't, even in the most idiot-proof process the universe will eventually build a good enough idiot to break it.

These folks really grind my gears.

It's not just the idiots with their nonsense diagnoses, they are also poisoning the well for when folks like us need to call a support line. They are conditioning helldesks everywhere to just lump our (somewhat) more credible analyses in with that lot. Like trying to find a story that's not written by AI on youtube.

Some of us are still old enough to remember...

... when if you got into a system you'd have a good nosey around, do no damage then claim your bragging rights by leaving the sysadmin an email from themselves saying "Gotcha. Here's how to patch the hole you left open."

Some guys preferred to do something "amusing," particularly if the opposition had previously got at them or if that "nosey around" showed they "had it coming." But even that was things like mirroring all the screens or making every printer randomly produce questionable ASCII art instead of the requested print job.

May be a contrary opinion, but...

Aside from the sheer scope of the outage, I think I actually have to give them some props here.

I defy any rational techie to even think about denying that mitigating the React bug, on a service that ubiquitous, is a code red, all hands on deck priority. It's serious, disclosed and in active use by threat actors. The moment your admins think they have a patching strategy, the pressure to deploy it yesterday, if not sooner, is immense. You're going to do testing, of course, but under that kind of pressure you're going to do the big tests, the obvious ones, but the risk of missing edge cases is real, and - in practical terms at least - largely unavoidable. I think it's highly likely that the process was accelerated to the point that it satisfied their change control requirements by a hair at most.

And this time they got bit. It happens, any of us that claim not to have been there is probably* either fibbing or new to the industry.

OK, so the change has now blown up in their faces. Again, we've all been there. Now they are in the balancing act between continuing to work on fixing it and pulling the eject handle and backing out the change. The folks on the sharp end are aware how long it will take to do the rollback, they can only speculate (intelligently perhaps, but still only speculate) how long the fix will take. Given how long it went from first awareness of the problem to service restoration I'd say they got that balance about right.

* ok, if you CAN honestly say it's never happened to you after you've been around the data centre for a decade or two I'm not going to call you a liar, just suggest you might want to buy a lottery ticket or two, given your luck.

Data Sovereignty is the key risk here.

If the hyperscalers routinely apply US law to their data privacy practices and are not prepared to guarantee non-transfer of data that is legally protected under UK law outside the jurisdiction of that law then, honestly, they should not be permitted to operate IN the UK. Practically, of course, that will never happen. We need them and their infrastructure and the only practical place to get it is from the existing US-dominated providers. And these mega-corps will not give a damn about "regulations," they will only care about laws that have actual teeth.

When GDPR was introduced, the big data companies paid attention because violations carried enforceable fines of a significant percentage of their annual revenue. Something similar is needed for enforcing respect for the UKs data privacy rules and preventing the application of laws like the Patriot Act that have no applicability in the UK to UK citizens data.

Just another failure...

...for the internet to route around.

Three languages

And I'm not talking about programming languages, where most of us are fluent in half a dozen or so.

1: Regulatorian: This is the language of politicians and lawyers. It sets the mandates on banks, hospitals, schools etc. It contains nuances and terms of art that sometimes make a word mean something totally different to what you would infer if you heard it in general conversation.

2: Beancounterese: Spoken by accountantrs, salesmen and middle manglement. It sounds very similar to regulatorian but is sufficiently different in some of its meanings that it's as big a gulf as between old scots and english.

3: Geekian: The language of hard science, mathematics, real-world realities and the only one to use when specifying what a programmer needs to code. Because they will code what you tell them to, and it will work the way this language describes it.

The same word can mean different things in these three languages.

We have to be fluent in all three to accurately interpret requirements and predict what the emerging software will look like, to take error logs and demonstrate to (sometimes hostile) manglement what corrective action is needed and where it needs to be applied.

Ridiculous.

I buy a newspaper, but I tear out the classifieds and shred them unread. - Have I infringed copyright? Of course not.

To counter the argument "but you've already paid for it there, the website is free and the ads pay for it!" let's do the same with a free community paper I take home from the stack in the coffee shop. There, like the website, they make their only income from the ads. Just as before I detach the ad section and shred it unread. Still not copyright infringement.

The advertisers pay for the websites to serve their content. There is no requirement on me to render it unless I choose to.

Make backups actually BE backups

On local media and capable of a bare-metal restore to exactly how the system was when you backed it up. OS, apps, documents, settings - ALL of it. Drive died? Swap it, boot from a USB stick and restore your backup. That SHOULD be it, done. None of this crap about backing up only your documents, forcing you to recover first the vanilla OS, then reinstall all your other apps one by one, redo all your personal customised bits (see the long list of registry tweaks elsewhere in the comments, as an example) and then, finally, you can restore your backed up files and start to use them again...

Hell, have an option in your backup software to make your backup media bootable into PXE with a built-in option to "restore this backup"

If you can have file-level granularity on what you want to restore, that's honestly just gravy. If it can't save your arse when the magic smoke gets out, it's not really a backup.

MS backup hasn't done full system image backups for ages and it sucks.

Remember the stacks of shiny coppery platters you loaded into VAX systems?

And the collective wince of the operators when the loud BANG echoed through the server room accompanied by oxide-coated swarf from the head crash?

Your advertisers pay you to serve the content.

While I reserve the right not to render it. OR store your cookies anywhere outside /dev/null.

In other words, F off. And take your ads with you.

Remember, Citizen, the Computer is your friend...

First thing they (try to) teach any military officer...

Never give an order that you know won't be obeyed.

That manager was me

That's how it's done. Nobody gets fired for an honest mistake, until they make the same one the third time, demonstrating that they are incapable of learning from it.

Put the zen face on...

The more panicky the phone call, text chat or email, the nastier you know this particular user to be, the more you wrap yourself in zen-like calm before heading out to confront 'em.

Only listen with half an ear to their spew of "having tried everything" unless you pick up on something specific they say they've done.

Once they wind down or run out of breath, a pleasant smile and "OK, let me have a look and I'll see what I can do."

Then fix it. Whatever it is.

They look a lot worse to any witnesses when all their ire runs off you like water off a duck's back.

And, as a bonus, it winds them up beautifully when all their sound and fury clearly signifies nothing.

Given the superiority of the GM system, it's a no-brainer for them to continue to use it. After all, "If it ain't broke..."

The arguments for expanding that system's use to other areas are also valid, given that it's a system in actuality, not vapourware. Implementation at other trusts should be hugely simplified (and cheaper) as a result.

There are the inevitable questions about whether the system would scale nationally, but it doesn't have to, at least not immediately. Even if each regional trust is running as a standalone environment, it would still benefit the residents of that area. Initially the system only has to scale to a regional trust, and it's already proven in one of the three most populous regions in England.

National integration as an end-state is obviously the goal, but wouldn't it make more sense to invest the effort and Taxpayer's money in creating an integration platform that operates as a distributed architecture, allowing all these (now-similar) regional nodes to interoperate? No great central repository of data (avoiding the whole single point of compromise risk) but distributed data, with each node being able to request data from a patient's "home" node if they are treated there, and to request a permanent transfer when somebody relocates and registers with a GP in their new area. That would almost certainly end up as a much simpler, cheaper, both more effective and less disruptive path to the goal of national health record availability than the big bang of trying to create and implement something entirely new.

At the place I work, even though we use 2FA across the board, when we reset passwords we will only provide the reset password to the users manager or to their manager. If both are unavailable, the user is SOL until one of them returns, because providing a password directly to the impacted user is strictly verboten. This is to provide an extra level of protection against precisely this kind of social engineering.

"Ok it will be reset within a few minutes and your manager will contact you with your new temporary password..." - It not only breaks the social engineering, but it exposes when one of our Helldesk guys got caught and we play back the call looking for anything they missed. Not to hammer the guy, but to learn the enemy's tactics.

A notable exception

At one point I was asked to make some minor tweaks to some code written by one of these untrained types. I griped, hard, about being assigned the task, I knew what I was going to get - spaghettified, uncommented, the kind of mess that's been related in all the other comments here.

To my surprise this was not the case. The comments in the code were comprehensive and clear enough that the source truly was entirely self-documenting. Even where I found myself raising an eyebrow and thinking "I wouldn't have done it like that," what the original author had done, and why, was perfectly clear. Making the required tweaks was an absolute doddle as a result.

A few months later, I actually met the original author and complimented him on it. His response?

"Oh, I know I'm not a good programmer so I lay out the entire design as comments first, then just write the functional bits to match what the comments say it should do, one piece at a time."

"Keep doing that." I replied. "It works."

I can neither confirm nor deny...

...the presence or absence of vituperative error message in my code when something that should never happen occurs, usually due to the input data being so F-ed it deserved its own onlyfans account.

And based on the current behaviour of the administration, they'll lose the case, the courts will order them to rescind the tariffs and they'll ignore the court order, wipe their collective arse on the Constitution again and nothing will change.

The only upside to this is that civil litigation can't land you in jail but contempt of court can.

Like I kept on saying the first time around,

The "stable genius" is the other end of the horse.

One of the first of many tshirts purchased from ThinkGeek was the one saying "No, I will not fix your computer."

As a sysadmin at a major hospital I was responsible for the care and feeding of a PDP-11 that ran a horrendous flat-file database of text documents (histopathology and cytopathology reports) that needed a regular archiving procedure run to avoid it filling up. That archiving process had a maximum document size smaller than the primary database for some insane reason so occasionally on the larger documents it would puke and stall the entire batch. The largest documents to be found on that system were autopsy reports. When the archive job stalled, I had to identify the document responsible and manually break it into two linked documents, with the requirement that I didn't break it up in such a way that reading either half standalone could give apparently incorrect info. This was why they wanted a techie from a bioscience background, which was why I got the job.

Every document that stalled the process I had to actually read and understand before choosing where to split it.

Twice, I encountered the report on the death of somebody I knew in this process.

Nobody likes to hear "We told you so"

But we did tell you so.

"We" in this case being sysadmins, net admins, in-house developers and all the other folks who actually understood these risks way better than the suits in the executive suite.

We warned about it when IT operations were outsourced the first time around. Upper manglement ignored the warnings because it saved money, forgetting the adage that you can only have two of fast, cheap or good. And when you outsource it, you don't get to pick which two any more. A lot of enterprises got burned. I, personally, made a fair stack of cash contracting on projects to bring operations back in house at a few places.

We warned about it again when the idea about saving money by outsourcing the storage infrastructure to the cloud came along. We got exactly the same pushback from exactly the same folks. It was cheaper so they were going to do it. All our arguments about putting our company's crown jewels in somebody else's control fell on deaf ears.

Along came the rapacious feature creep of software "subscriptions" and SAAS, where you weren't even running your applications locally, and we warned about that too.

So yeah. We told you so. And we don't even get to enjoy the schadenfreude, because we're working our behinds off trying to mitigate these risks and fix the mess - those of us that didn't just shrug our way into retirement or weren't laid off as part of the "savings."

So horribly familiar...

I can't count the number of places I've been when test restores weren't done.

I admit I've even been guilty of it myself once. I had quite a nice little network at my home office, all of it built from previous-generation hardware purchased cheap from various employers. Along the way I'd also managed to acquire a license for a decent network backup suite and a small broken-but-repairable 5-slot DLT robot.(repairing that thing was pure geeky heaven and generated a significant amount of smug when successful, but that's another story) and a couple of boxes of unused tapes that the company just wanted gone - Full backup of my entire network on the first Sunday of each month and incrementals every Sunday night thereafter. Just needed to remember to swap the tapes out each month.

I did partial test restores to one machine per month, just enough to make sure my backups were ok... Then I acquired another server, set it up, got it into the backup system... and had a brainfart and didn't add it to the script that kicked off after each full backup and selected the next machine on its list, restored the backed-up /etc to /backup-verify/etc and emailed me if the directory contents differed.

Of course, we all know which machine decided to commit spectacular suicide and its backup then proved to be garbage.