Let’s quickly recap the past three news roundups:

  1. Flash’s effect on web user experience
  2. Adding every requirement as a feature in a computer*
  3. A terrible UI that cost $900 million

At first glance it appears that poorly thought-through user experience is my sole fascination. But when the Suez Canal blockage story from March kept my full attention for nearly 10 days, I realized that my real fascination is the unintended consequences of poorly thought-through user experiences. Sometimes the poor user experience is relatively minor enough that a new protocol can be developed (in the case of Flash) or an anxiety-inducing technology gets made (in the case of the Expanscape).

But when all risks of the current user experience aren’t considered, then there are real financial consequences - just like in the case of the Suez Canal where one ship, the Ever Given, blocked 10% of global trade. The fact so much traffic comes through the canal makes it a very important single point of failure. (In case anyone wasn’t paying attention to global shipping news a few weeks ago, a large container ship piloted itself into the side of the canal. The ship is so famous to now have its own Wikipedia page, where it’s been reported that the now-unstuck ship has been fined $916 million - $300 of which is for “loss of reputation”.) So maybe my thesis needs to be amended to: the unintended consequences of poorly thought-through user experiences due to single points of failure. (It’s a mouthful, but it feels right.)

There’s the story of Mizuho Bank, whose ATMs started eating customer cards after some routine data migration work caused country-wide system malfunctions. Single point of failure: The IT team’s risk management process.

There’s the story of Ubiquiti, whose data breach in January was a lot more...relatable after a whistleblower complaint. Single point of failure: Password managers. (They’re not as secure when you leave the front door open.)

The anonymous whistleblower alleges that the statement was written in such a way to imply that the vulnerability was on the third party and that Ubiquiti was impacted by that. Among other things, the whistleblower alleges that the hacker(s) were able to target the system by acquiring privileged credentials from a Ubiquiti employee’s LastPass account.

And then there’s the story of Netflix, who is trying to sever the only remaining way I leech off of my parents. Single point of failure: family.

Citi equity analyst Jason Bazinet said that password sharing costs U.S. streaming companies $25 billion annually in lost revenue, and Netflix owns about 25% of that loss.

Perhaps the final example doesn't seem as critical as the first two, but it's not your Netflix access at stake.

Single points of failure are fascinating to me because, as it gets easy to be complacent about dealing with these vulnerabilities as their value increases and no catastrophes arise. I hope to use this space to keep reacting to, and perhaps even being proactive about, technical and operational single point of failure stories that I found.


Quick hits:

*As an addendum to my story, Nature Magazine published a study that shows that “people are more likely to consider solutions that add features than solutions that remove them, even when removing features is more efficient”.

[Advertisement] Utilize BuildMaster to release your software with confidence, at the pace your business demands. Download today!