- Feature Articles
- CodeSOD
- Error'd
- Forums
-
Other Articles
- Random Article
- Other Series
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
i'm hitting refresh until shiva is the captcha.
Admin
I really don't see the WTF with having your user name match your password.
Sincerely,
Admin
Ha! You've been caught and heads will roll!
I have changed my password to something you will never guess!
Admin
Admin
I worked at a bank where IT support had been out sourced to a firm in India. The machines they administered were still in Europe, but locked down so tight that it required a phone call to India to get anything vaguely sysadmin'ish done.
One day I came into work, sat down and tried to log in, only to find my password had expired. I asked around, and discovered that to reset it would require an email to IT support, a minimum support charge of 50GBP, and a two day turnaround. In other words, I could do no work for two days.
Thankfully, one of the support staff had forgotten to log out from a machine they had been using while carrying out some on site work. A colleague had the presence of mind to leave the machine be so that on occasions when things like passwords expired, it could be accomplished without needing IT support.
(Cut to twelve months later, and the bank no longer existed, absorbed into another bank during the credit crunch).
Admin
That's amazing. I've got the same combination on my luggage.
Admin
Admin
Shiva is a strange name for a German.
TRWTF is risking your job by logging into production as someone else without their knowledge. Any workplace strict enough to allow such tight controls would absolutely be strict enough to fire someone for doing this.
TRRWTF is telling someone that you have just hacked someones production account. (yes, even if they had an easy to guess password).
TRRRWTF is that no-one has mentioned hunter2 yet.
Admin
I worked at a Healthcare company where everyone knew the username and password for all the production servers and databases, and there was no audit system either. Security by stupidity.
Admin
Oh, if only that were true. In many places I've worked, the security standard is "Guard the front door with tanks and artillery, then leave the window open and ignore all references to it so your staff don't waste time with all those door checkpoints. If anyone points out the open window, complain that they're nitpicking and not a team player."
Admin
What did this mean? I can't understand it.
Admin
Admin
Once every other promotion (of code from dev to production), they let Shiva do his signing off thing in order to let him think the process is always followed and he's doing something useful. The rest of the time they just log in as him and do it themselves.
Admin
See, this is why you don't hire Hindu gods as admins.
Admin
Even though I'm an editor, I've learned to start sentences with "But". sigh
I too have an eye for the grammatical. It was the only part of English class I could stand. I can, however, just RTFAs without screaming out in pain for a duplicated word or botched punctuation.
The writing could be better for sure, but I think complaining should be left for lines that literally make no sense.
Admin
So I wonder how Shiva prevents people from signing-on in the environment prior to signing-in on the clipboard. Do you think he really locks user accounts until they write their names on a piece of paper? Maybe it's lonely in Shiva-land and he just wants people to visit him?
I can certainly appreciate Shiva's wanting to keep source control clean, but it seems there's something missing. Actually, this kind of anal-retentiveness indicates Shiva's total lack of understanding of how version control is supposed to work.
Couldn't it be a little of both?Admin
Not German, but perhaps reference to the god:
http://en.wikipedia.org/wiki/Shiva
Admin
FTFTFY
Admin
Admin
It's probably avihS.
Admin
I was in a startup where i started as both lead developer and Windows/Linux/FreeBSD sysadmin. Eventually they needed to hire a sysadmin to free me up 100% for dev duties. The sysadmin hated passwords. He set up NIS for our small-ish network. I checked it with ypcat, and he had set up a root-equiv/UID 0 account with no password at all. After i bitched to my boss/CEO (startup remember?) boss came back with something like "It's secure because no one will ever think we'd do something like that"
Somehow the "no one will think we're that incredibly stupid" defense didn't work for me. That and hoping no hacker has the elite tools known as ypcat.
CAPTCHA: transverbero too f'ing long.
Admin
I worked for a large company and the home directory rights were 775 and everyone was in the same group. When I mentioned that this was a security issue, I was told that an application required things to be that way and that there was a company policy against hacking so it wasn't a real security issue. I changed the rights on my home directory; the application kept on working fine.
Admin
s/Townbank/Citibank/g s/Shiva/Ravi/g
Admin
Clearly what was needed here was a process to control the creation of all new processes, so that something as ridiculous and workstopping as this would never be allowed to exist!
Admin
I assumed the devs didn't have accounts with the rights to commit.
Admin
If you had a shred of writesmanship, you would capitalize process throughout this article.
Admin
I've seen that one used a few times.
Admin
Admin
Admin
No, never start your sentences with 'And'.
Admin
Oh, no! What have I done?
Admin
VMS security still kicks but compared to Windows. I am still waiting for Windows to tell me how many login failures since my last login. With VMS, if the protaganist had not guessed the password correctly the first time, then Shiva would have known on his next login. It would of course trace back to his own desk which would really piss him off! Of course Shiva may have still noticed that his last successful login was from a time when he was away from his desk if he had really been paying attention!
P.S. Purposely started a sentence with "But". Can you feel the fingernails on the chalkboard?
Admin
Admin
In a further development, Shiva has been downsized and replaced with...
[image]Admin
And why not?
Admin
Admin
+1 This should be the start of a new running joke.
Admin
Oh, the irony! In response to an article about organizations demanding that people follow a rule that serves no useful purpose just because "it's the rule", a poster ridicules someone for failing to follow a rule that serves no useful purpose just because "it's the rule".
Admin
Because a bunch of youngsters learning English would write fragments that started with a conjunction and then left out the other clause, teachers insisted that they not start sentences that way even though it is quite grammatical to do so.
Also, if you make the sentences long enough, that backwards form can be confusing, since you don't necessarily have all of the context until you reach the end.
Admin
I thought it was about the Jewish practice of shiva, not the Hindu deity.
In retrospect, either one fits. Sysadmins who think they are gods, or a mourning process.
Admin
Please Shiva, no.
Admin
Or is another word with which you should not begin sentences.
Admin
Grammar rules that I routinely ignore:
Never use a preposition to end a sentence with. (As Winston Churchill said, "That is a rule up with which I shall not put.")
Be sure to not split your infinitives. (I strive to boldly split infinitives that no man has split before.)
About sentence fragments.
And never begin a sentence with a conjunction.
Admin
I'm not sure if you're being deliberately ironic, or if you failed to realize that both sentences of your reply begin with conjunctions, thus breaking the rule that you are defending.
Admin
Heh, complicated does not equal good (repost, hit reply not quote)
Admin
The moral of the story: never break a rule until you understand why it is there.
Admin
Admin
Some people might call it funny. I just call it "rape of the English language". (Note that there's some question over whether the period goes inside or outside of the quote: My Rule states that if the content inside the quotes is a complete sentence, then the period goes inside. Otherwise, it goes outside. Everyone should follow My Rule.)
Admin
My problem here is that the story conflates two situations:
The bulk of the story describes a procedure whose costs clearly outweigh any benefits it could ever have. That's a problem.
But the into to the story reads as a typical developer rant against ANY procedure one might be required to follow, suggesting that a developer should never be told to follow a procedure the reasons for which he or she doesn't personally understand.
So what are you to do as an organization with legitimate problems that require a process? For example, perhaps you have a promotion policy that requries the use of a source control system and certain documentation. Undocumented exceptions would quickly erode the value of this system, and it may well be that your long term costs would be much higher without it. It may even be that you couldn't meet your legal obligations without it.
Yet short-term costs will always be lower without it, and we all know that when a project is behind the principals will argue that there's not time to do things right. There will always be a demand for these exceptions regardless of the long-term costs. So what are you to do?
Do you spend the time to draw out example scenarios that are long-term enough the developer is going to dismiss them anyway, regardless of their validity? Do you waste time explaining the purpose and connecting the dots over and over again? Do you fire perfectly good development talent because they can't or won't grasp the underlying reasons for the process? Do you just let them ignore the policies and hope for the best (all too common, actually)?
Or maybe, if you want your organization to function over any length of time, you tell them "it's not in your project's scope to change the process or tell me how much you like it; it is the process."
Admin
TRWTF is that this story must be 25 years old; VAXen were still the new thing in the mid 1980's but not much beyond. Still, if you want old stories...
So could VMS over DECnet.As EngleBart said, VMS records login times, and can show who is online. I once noticed an account logged on when its owner was away, and from a VT100 in a different office to his. When I called our Sandwich Student into my office and told him where and when he had logged in as Roger, he was shocked that I knew, and confessed immediately. Had I told his college, he'd probably have been kicked out and failed his degree. However those were more innocent times, and his actual punishment was to become a System Administrator - he'd proved at least some ability, and with full access to SYSTEM he'd have no more incentive to break in. He did a good job of it too. (And yes, we blocked Roger's account and made him change his weak password when he came back.)
TRRWTF is that nowadays the student would probably have got a police record, and his future career would have been ruined. Still, can't be too careful with all those terrorists about can we?