- Feature Articles
- CodeSOD
- Error'd
- Forums
-
Other Articles
- Random Article
- Other Series
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Not a real WTF. The obvious solution is to test the knife on the consultants who deleted the backups, while screaming "is_admin? no!"
Also, the quality of the comments on this site has really gone downhill.
Admin
Almost but not quite, for me it's ...
Firefox = DR Chrome = Knifes IE = Code SOD
Admin
Nicely Done TDWTF, the joke should've been on whoever would read the comments and try to make sense of them when users would comment on three different stories based on the browswer they use, leave it to coders to ruin it for them.
Admin
Not coders, it's us software consultants who are contracted to ensure the s/w they design is functional on a wide range of broswers (today's game: how many different spelloes can we come up with for "brwosers"?).
Admin
Simple randomisation, browser choice is irrelevant.
Admin
Admin
Good call. Interestingly, though, whatever I use to read it, a different story appears in each different browser.
Admin
Of course M(s). Alice. Heard she has an innate ability to kick trolls and other mutants.
Admin
It's April 1st. I am guessing that's why.
Admin
Admin
Admin
OSHA doesn't come to your workplace and push the window washers off the scaffolding in order to test the safety harness. BIG WTF here.
Admin
The WTF is deleting production data and its backups. These idiots apparently would run a fire drill with 10 gallons of gasoline and a match.
Admin
In my defense, I'm no "software consultant who is contracted to ensure the s/w they design is functional on a wide range of browsers"
or a decent typer...
Admin
TRWTF was me, looking for WTFs in jquery.min.js ;)
Admin
I do. It's like setting fire to a building and before that making sure to empty all the extinguishers and putting a nail in every tire at your local fire department.
There are some things you just don't do for fun or profit. I don't understand how the auditors can live with themselves. Let's just hope that they get taught a lesson some day and see the error in their ways.
Admin
I have a 'nice' picture of a guys busted testicles after falling into a not-so-well-adjusted seat harness. Probably worthy of rotten.com. Just sayin'.
Admin
Well, if you note, the param that will tell the SetSession script to set the session as admin or not is just a hidden field in the form... that means, if you open a javascript console and change the value of that input, BAM, you're admin.
Admin
What would have happened if the IT guy wasn't on the ball enough to have off-site backups? The company would have been totally screwed.
But what I don't understand is how they were given access to delete all the data in the first place. They were simply given a root password and told to go nuts?
Admin
I'm pretty sure testing consultants for worst-case scenarios aren't actually supposed to cause those scenarios - just simulate them.
Admin
When you view this site in Opera, it prints out the ASP.NET source code for this site.
Admin
Disappointed, sudo. Please hand over your geek badge.
Admin
There is a rather large difference between running a "test" worst-case scenario and actually causing harm to a company. In the first part you simulate the causes of the action by shutting down servers properly or disconnecting them from the network, locking files and saying they were "destroyed". In this case the data recovery guys actually caused some real unrecoverable damage. I am sure they did recover from off-site backup but judging by the size of the company I would be surprised if they got it all back...
Admin
Admin
The WTF is that they tested against the plan. Deleting your production data on purpose shouldn't be even considered a "test." What if the plan failed? (and they actually expected it to!) How do you recover from that?
Admin
The real WTF is people have forgotten what date it is.
Admin
I don't understand the frist story of the three...
Admin
I don't see strangeness here. We practice many tests on cadavers. How else can they be tested?
Admin
Then you're not looking hard enough. An auditing company went, looked at their recovery plan, and deleted every portion of the recovery plan. They didn't actually audit anything, they just figured out how to make the recovery plan fail. An audit involves checking things like which databases aren't in the recovery plan. An audit involves simulating the absence of databases, say by taking them offline. Not deleting them.
Admin
Unless I'm mistaken, your comment is the true WTF here.
Admin
Of course if he were really on the ball, a copy of the off-site backups would have accompanied him to the pub.
Admin
Maybe it's the drugs...
Admin
"At least we got to test our offsite backups that day. I left the company before I found out how the lawsuit ended."
If leaving in the near term was in the cards anyway, would it have been more fun or less fun to make a principled resignation right after stating that those were the backups?
Admin
That's real simple, the real WTF was that they gave the consultants access to do all this stuff. They may as well have had them detonate a neutron bomb in the data center. The point of the exercise to me would be how quick do we get up and running from a temporary data center. Not restoring in the same DC from offsite backups. Assuming redundant failover in the DC, the next logical step is the offsite DC.
(Mind you it doesn't say where anything was restored to.)
Admin
There are a couple of WTFs here. The first is you never intentionally require the use of offsite data without first ordering it to be returned so it is available. It would have been better take the boxes down and put a sticky on them saying "this hardware is dead" without actually deleting anything. Remember that when the drill is over, you still have a company to run. The second is that this was done during business hours. Doesn't this mean that the non-IT people were dead in the water? That was one seriously expensive drill.
Admin
Admin
April fools?
Admin
TRWTF is giving a "disaster drill" company a blank check to do anything they apparently wanted.
Admin
april 1st! 3 stories... what shuold i comment?
Admin
Admin
Admin
Admin
I think the point was that these auditors were only supposed to simulate a major disaster, not actually cause one.
Admin
Trying to trick us into commenting on three different articles was a brillant idea, even if it didn't last very long.
... and just when I was thinking Alex doesn't love us anymore.
(Oh and if your browser is Lynx, you get twelve pictures of Irish Girl naked!!!!!)
Admin
April fool?
Admin
The real wtf is that the auditors didn't also find the offsite backup site, sneak in and slag the drives. I mean, you should be prepared for anything, right?
They also failed to kidnap the company's IT department, or start any fires in the building.
Admin
RIP Stephen King
...and Sarah Palin.
Admin
So you see no problem with them making their point by literally destroying key data and disrupting the business? Why did they stop there? Why not burn down the building and shoot the employees in the head while you are at it?
A good audit can simulate all of these scenarios without actually doing them. Causing damage to a production environment costs companies money. Even if you are trying to prove a point. A good conference meeting could have accomplished the same objectives without killing the business.
Admin
Murder/suicide, huh? No one ever listens until it's too late.
Admin
So you see no problem with them making their point by literally destroying key data and disrupting the business? Why did they stop there? Why not burn down the building and shoot the employees in the head while you are at it?
A good audit can simulate all of these scenarios without actually doing them. Causing damage to a production environment costs companies money. Even if you are trying to prove a point. A good conference meeting could have accomplished the same objectives without killing the business.
I seriously hope you never try to demonstrate how easy it is to get away with murder.