Slashdot Mirror
Developer Accidentally Deletes Production Database On Their First Day On The Job (qz.com)
An anonymous reader quotes Quartz:
"How screwed am I?" asked a recent user on Reddit, before sharing a mortifying story. On the first day as a junior software developer at a first salaried job out of college, his or her copy-and-paste error inadvertently erased all data from the company's production database. Posting under the heartbreaking handle cscareerthrowaway567, the user wrote, "The CTO told me to leave and never come back. He also informed me that apparently legal would need to get involved due to severity of the data loss. I basically offered and pleaded to let me help in someway to redeem my self and i was told that I 'completely fucked everything up.'"
The company's backups weren't working, according to the post, so the company is in big trouble now. Though Qz adds that "the court of public opinion is on the new guy's side. In a poll on the tech site the Register, less than 1% of 5,400 respondents thought the new developer should be fired. Forty-five percent thought the CTO should go."
The company's backups weren't working, according to the post, so the company is in big trouble now. Though Qz adds that "the court of public opinion is on the new guy's side. In a poll on the tech site the Register, less than 1% of 5,400 respondents thought the new developer should be fired. Forty-five percent thought the CTO should go."
How the fuck does a new hire have that kind of access? that's not even enough time for on-boarding. The CTO should definitely get the shitcan, as should anyone in HR involved in that debacle.
"Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
Well... Maybe a brand new developer shouldn't be mucking about with the Production Database in the first place?
But what about daily backups? Maybe twice daily? Was the the database replicated over load balanced servers? No? Can't have been all that big a web site / app...
If you want news from today, you have to come back tomorrow.
Okay, the guy fucked up ROYALLY.
It happens. And he SHOULD get in a bit of trouble for it. That's how you learn "don't do that". I don't think they deserve to lose their job though.
The CTO and all the people in charge of the backups need to be on the street YESTERDAY though. That the dev COULD do something like this is a major fuckup on their part. They simply didn't have their production system locked down properly.
The fact that their backup system was non-functional is double-plus unforgiveable. The dev is merely the highlight for their massive cluster-fuck of a setup.
Chas - The one, the only.
THANK GOD!!!
Apparently Slashdot's content is now week-old forum posts from other social media websites. So the question is.. why should I come to this social media website any more?
...supposedly erased an entire tape's worth of recordings (the only copy) at the Nashville studio he interned at.
I have a feeling this is a dup of the bullshit story /. tried to feed us a couple of years ago, which after some investigation turned out to be 100% pure made-up bullshit. (No, I don't feel like searching /. history, but I'm sure it will turn up later in the comments.)
Anyhow, as we all commented in the previous story: If this was possible, then the company deserves to go under.
just like the "supposed" rm -rf / last year ...
And if anyone is given access on their first day to production data, eh the CTO should be whacked first.
It would seem that the junior programmer is in line for a big payout, you see firing him, using profanity and implying legal action is not permitted. The poor guy doesn't even have to hire a lawyer in some states (like California) that have a Department of Industrial Relations (Labor Board) which he's _required_ to use instead of a lawyer (unless they eventually grant him permission to pursue with a lawyer). The way the Law will view it is that the company is totally responsible for the consequences of giving him too much responsibility.
Now you can argue the Law back and forth for all the good it will do you, this is nothing novel and this has happened many many times before.
Pretty much any comment that might be posted in this thread was already posted in the original Reddit thread over a week ago. Nothing insightful or interesting will come from this being posted here now.
How does this developer's mistake affect anyone except the developer and the business? Why should I care that some developer make a severe mistake like that? This is not newsworthy, and nobody should care that this occurred. I suspect I'll be modded down for saying this, but surely there's something else more important to discuss than this. The moderators can't wait to censor my post, but it needs to be addressed. And yes, by definition, it is censorship. My position will be silenced because users don't want to address this important question. Those who do answer will certainly reply with ad hominem logical fallacies and personal attacks. But being modded down to -1 and attacked simply proves that I'm right and nobody has any real substance with which to dispute my point. Can anyone explain why I should care about this developer or how the mistake affects anyone else? I'm certain the answer is no, but I'll ask anyway.
http://the-happy-manager.com/articles/characteristic-of-leadership/
A young executive had made some bad decisions that cost the company several million dollars. He was summoned to Watson’s office, fully expecting to be dismissed. As he entered the office, the young executive said, “I suppose after that set of mistakes you will want to fire me.” Watson was said to have replied, “Not at all, young man, we have just spent a couple of million dollars educating you.”
for wrongful dismissal. The fact that this F'd company's CTO left their *entire operation* vulnerable to such a simple and possible blunder means he should be fired, not the new hire. Someone tell that asshat, it's 2017... there is absolutely NO excuse for what happened being even remotely possible. And the fact that the new hire was following *verbatim* instructions in the setup doc and caused the issue is beyond laughable... I would fire the CTO for extreme incompetence. Whatta douchebag.
Sure it is dumb but don't they have backups? Don't they have different passwords for dev/qual/prod? Probably many more things that could and should have been in place to prevent it... Sounds like the CTO should also be fired to me.
If a company looks at a non-working backups as a minor inconvenience, I think the CTO's ass should be on the firing line before this poor guy's. Yes, wat he did is inexcusable and in some cases, firing might be justifiable (as in, a junior developer on his first day in his/her job doing what on a production database case) but if someone assigned him/her to perform anything on the company-critical data, that person should be the one getting fired, not this guy's. I am a 20+ year experienced sysadmin and not too long time ago, when I started at a new position, I was not able to touch any system other than few development machines for 2+ months of my start date and I know/knew my shit. This company management shows their incompetency in more ways than one. Yet they are making this person the scapegoat. Good riddance to them, as their days are numbered.
__________
The more I know people, the more I love animals
I've been in production management for 15 years... The first 5 years as a Sr. datacenter engineer. The next 7 years as a staff engineer and the past few years as a cloud architect. One thing that has NEVER changed is that developers are NOT allowed to touch production... and I mean not allowed to even log into any host at all...They don't even have a damn clue where the machines physically sit.
Allowing a junior developer fresh out of college to log into production with privilege that makes even a minor change is already in violation of industry protocols. I wouldn't blame the guy too hard. He's fresh out of college remember? The first person to blame is operations management who doesn't have a clear separation of duties protocol. Even if ops management allows him to log in, the next person to blame is the lead datacenter engineer who allows his account to issue intrusive commands.
If company leadership asks me to handle this fall out... I will fire those two guys first. Then the Jr. developer will get only a warning but that would be his only warning.
I'm surprised that the firm has not been named - while I would think that any company that had this happen to them would want to keep this confidential, I would think that somebody would talk about it separately. I suspect that the "company" is some podunk startup in which the CTO is the CEO, CFO, head of development and probably the HR head and they've just hired a developer without thinking about access restrictions (or verifying that backups are actually happening).
Some more information would help clarify these questions and maybe better explain how such a situation could happen.
Mimetics Inc. Twitter
I for one come Slashdort for the old news you insensitive clod.
Reads more like an Onion article, or just an anonymous apocryphal tale
Typically HR types think because someone that has a job-title or degree, will actually be able to perform at the same level as someone with 10+ experience.
If you let in someone off the street and gives him the keys to the kingdom, you are responsible for the consequences.
Backups are not backups unless they are tested by restoring, until then its just a good intention.
Software developers can work on a copy of the production software, which was the case here, but the original DB was not protected by a read-only bit for the newbie.
The CTO was responsible for this cock up, he should be replaced, the rookie would likely never make the same mistake again, and should stay on. As the story went, their system was a house of cards held together with bailing wire and duck-tape.
Seriously, a day 1 dev has direct production access? Hell, any dev has direct production access? No QA, no release management, no integration or functional test suite if they're doing some sort of continuous deployment?
It's a pain in the ass, but if they've got any sort of actual real database, they'll have had a real database admin, running it with archive logs they can use to restore their data? ... plus their backups are gone?
What sort of fly-by-night operation is this?
I say if he succeeded in putting that company out of business, then he should get a medal for sacrificing himself to destroy the company.
My belief is when he saw on his first day, the badly written docs they handed him, with a printed (!) account/password having RW access, he instinctively threw himself on that grenade by destroying their production database. Only the most cowardly IT worker would have done otherwise.
Thank you, selfless IT worker from saving us from the horror of whatever product they were trying to produce.
now I'm too full
The new user has 1% of the blame, the company 99% of the blame. If they weren't backing up their data and protecting it from easy destruction they need to be responsible. I have no problem with them firing the new guy out of incompetence, but legal action is ridiculous and pointless, as any judge will throw it out immediately. Who ever controls the database and CTO should be kicked out immediately for allowing such sophomoric conditions to exist.
Seriously....... I betcha whats really going on here is the CTO or someone else important made a copy of that data first. Then they could leave and start their own competing company with a whole database full of potential customers. But they gotta kill the original company first of course by killing their copy of the database. And of course they'd need a patsy for that. A gullible newhire fresh out of college takes the fall........that certainly sounds plausible to me.
Any business that leaves a first-day-on-the job rookie unsupervised with that kind of access deserves to be shut down immediately, as an issue of public safety. Don't even think of what their data security must have looked like. O, the good old days, of taking the laptops with copies of company data home with you.
You don't want to work at a company where the backups don't work and where a new hire can accidentally delete all their data. Don't beg to stay, instead be happy that you found out quickly how incompetent that company actually is.
1) Why didn't the new hire get set up automatically? (sanity issue, get everybody the same environment so the sysadmins can know the environment everybody works with).
2) Why was the new hire given account information that had write access to the production database? (critical security vulnerability: social engeneering)
3) Why were the backups not working? (critical stability issue)
4) Where's the backup production server? (critical stability issue)
That company deserves to fold.
It wasn't my really first day but sort of it was. I was sent to their new unit out of town and they had a DEC machine which I had never used. I created lots of temp file and decided to delete all files from my account. I accidentally gave command to delete root dir (frankly don't remember what command I gave, but it was equivalent of deleting root dir) and then left the terminal. When I came back 1 hour later, the command was still going on. I called another guy and was told that I destroyed the mainframe hard disk which had all scientific data which was never backed up. All scientific data usually gets analyzed over 6-8 months and people take printout at the end. So nearly 20 scientist lost all of their 6-8 months of experimental data! I blamed whole thing on them for giving me account with admin privilege.
...we were a small company making the transition from a proprietary (TI/990 - DX/10 OS) system to a Prime UNIX system and I was the guy A) learning UNIX and B) writing shell scripts to replicate basic DX/10 stuff. One of my first scripts was to delete a user. Beyond the basic password deleting stuff, I thought it would be cool to delete the user's home directory also. You know, delete user "gerry" and also delete user's home dir "/usr/gerry". Guess what my brilliant script writing failed to anticipate? Yep, someone entering an empty user name. So, the script - running under SUID perms proceeded to delete "/usr/*", including "/usr/data". Oops! Fortunately, my backup script was better written and the customer only lost a few hors' worth of work, but....Whew! That's also how we learn!
When we bring someone on, they do NOT get root/admin to critical servers their first day. They have to be off probation first, which is 6 months where I work. Even then, credentials for things are not on a document. That is just asking for them to get lost or stolen. They are given on a wallet sized card, written specially for that person, and they are instructed to keep them safe until memorized.
The reason is, of course, to prevent fuckups, as well as to make sure we trust them fully. The idea of giving someone full access to critical stuff on day one is stupid. Shit it sometimes takes more than a day for them to get access to e-mail and all that just because of all the other things they need to do.
This is 100% on the company. Have working backups, CHECK YOUR BACKUPS, and don't give a new hire a sheet with access to your critical data.
Don't have the budget to hire experienced professionals? This is what happens.
The CTO should be blackballed from the industry. He should be doing something closer to his skill level, like ditch digging. At any rate, he should be kept far, far away from anything that might affect other people.
I mean, come on:
- No working backup
- Excessive access for the new person
- CTO is incompetent and cannot admit to mistake
This is an accident waiting to happen. And the new person has zero responsibility for it. Might be better off to be out of that fucked up company though.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Sounds like a put-up job to me. Give the new hire root privs on the first day? Right. No backups? Right.
Get the kid out of there. Obviously the jinx is strong with this one. Keep him and your company will die horribly in short order.
Second, find who benefits from this disaster and who had the power to create it. Fire them and start the lawsuits. You are dead otherwise.
The New guy is actually in a pretty reasonable position OTHER THAN being unemployed.
He was only at the company for such a short period of time that nobody is going to ask questions about a gap in his employment record because of being fired.
In the distant future he gets to have a really powerful story to tell his colleagues. Once he is a Senior tech somewhere.
Corporate cheapskatism fucking them in ass: newbies handle key data and no backup system in place.
Sue/fire the CEO, not the grad.
Table-ized A.I.
Hey I had a security guy come into our data room to do a drive inventory and while waiting for me his curiosity got the best of him and he popped open a drive on 70 TB raid.
The CTO and all the managers/leads that created the opportunity for this to happen are the true failures. And to think, they are all still there, so that place is still really messed up.
Seems to me this is not a single point of failure, it is multiple points of failure acting in unison. There was a lot of passing the buck and ducking all responsibility going on. Not to mention several individuals not doing their jobs.
A final thought, I sure would not want to work in a corrosive, petty and vindictive environment like that. I know it does not help now, but drive on. Not working there may turn out to be a, not totally bad thing for his sanity and future in the long run.
The real test is not how well one handles success, but in how one responds to failure.
I would respond in the same way if someone deleted all my porns.
Horror and pity story is fake
But these days he'll still get a participation trophy.
RAID (especially those with parity) can be terrifying. Just think of it: you have a group of disks probably acquired at the same time and probably coming from the same vendor (or even same production batch) serving the same workload in the same environment. That implies a fairly similar MTTF for all the disks.
Then one of the disks fail; this causes the other disks in the array to first handle a higher load, then to be brutally impacted by the rebuild process. That's like playing Russian roulette with a gattling gun.
lucm, indeed.
full stop.
We backed up daily, weekly, and then monthly.
Fortunately decided to restore an older copy of a file to work with and found despite the IBM software saying the backup was occurring and was good- it wasn't.
None of the backups were any good. IBM had to come out and figure out what was going on and after that we also retired a file from backup every single day. We had previously used to disk to disk backup but went to tape when the data got too big.
If you do backups- you need to actually restore a file and confirm the file isn't empty.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
Lot's of blame to spread around.
The code used in production should have been reviewed by someone before execution in production. No exceptions. Especially because it's a new guy on his first day. The code should have been run in a staging environment first. How long was it known that the backup system was broken? This mistake was obviously not the newbies fault.
If my production DB backup was hosed, I would be dropping just about everything else to get it healthy again. A deleted database would mean some lost time since loading up the last backup and doing a PITR from WALs isn't fast, but at least I know I can get production back up no matter what someone does to the active DB.
-- Will program for bandwidth
If something didn't work then it would have been very time consuming to roll back and also very difficult to debug.
This also makes me think a bit on why developers, even newbies, would have access to the production servers. If something broke between the transition between the development system and production then they'd want it fixed right away. This would be easier to do if the developers had access to the production servers. This would be avoided if the production and development systems were identical but like in that project I mentioned it might be that budget constraints prevented them from doing so.
Now you have some idea why containers (http://www.drdobbs.com/architecture-and-design/containers-for-development/240168801?pgno=1) are such a big deal. One can do development (https://azure.microsoft.com/en-us/blog/containers-docker-windows-and-trends/) without touching the production servers, but it does allow for a more seamless transaction when needed.
Interesting. I 'cloned' a Git repository and nothing bad happened, and with proper permissions no commit would have been destructive.
disaster planning always leaves out something. The disaster. It's when you don't check if your backups work that this mistake becomes such a huge fuckup. And that wasn't this new guy's fault. Sure it's a huge cockup, but less of a one than the system that doesn't have any way to verify the backups worked. Any of them asked to leave and never return?
If a junior developer can FUBAR the company, these are the two that fucked up royally. Very obviously processes are crap and gross negligence is running rampart.
Fire these two bozos. Out of a cannon.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Actually reminds me of two fellows I worked for briefly. Both of them were actually too small to have a separate CTO. In the first case I decided to leave as soon as I figured out the legal liability their main customer had incurred due to pirated software. There were actually two packages, and one of them was a database. The second case was a total shoestring operation and one of the first things I discovered was that their so-called daily backup processes were not actually backing up anything.
Now that reminds me of a third case, where they actually did have a CTO, in title if not in competence. While they did fire him, it was too late to save the company... It was one of the few things they'd done right while I was working there, but I decided to leave when one of the actually competent managers was fired, and they disappeared not long after that. (That was actually my last stint in a startup, and after that I just went back to safety in a big company for the rest of my career...)
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
At least know that your backups work.
In the mid-90s I had just started working at some place and the guy I was replacing (he left for a better opportunity) was showing me how everything was set up and as a demonstration he deleted his own account. I guess he felt he didn't need it anymore, but then he says there might be some useful stuff in there and tells me it would be a good exercise for me to learn how to restore from backup.
Not a big deal, it was actually documented and I had done that before at a previous job...but every single tape was bad.
When I told him, his reaction was that I must be doing it wrong, but he was similarly unsuccessful. I think they had been using the same tapes ever since they bought their system and they were all kept in a shoebox in the same small office with all the servers.
After 6 months I left for a better opportunity too.
The company can work for months without any Cxx level staff. Maybe years. It will just be less efficient (if, and this IS an assumption not justified by any data, they are doing some sort of positive job). But without the workers they won't last a week.
So please explain how losing all the C* staff is reckless.
It's part of "throw them out in deep water and let them sink"-strategy that proves the most cost-effective.
What are the chances that their "backups" were simply a replication of the database? An empty database replicates very quickly.
One of people in my team has a fancy degree from a fancy university and is totally arrogant and looks down on everyone. He did something very similar to this. What an idiot.
It goes to show that just because someone went to college and has a degree, it doesn't mean they are not stupid. Also, anyone can make a mistake. Also, don't be an asshole.
If someone deleted all the data and you want it back simply rollback database to any point prior to incident. No need to panic or even restore from backups.
It sounds too easy for anyone to do what (s)he did. I do not believe it for a second.
It is scary how few companies backup their crap. I would be willing to bet that less than 30% of billion dollar companies (that really depend on their computers for day to day operations) could be back in operation in under 24 hours if they lost all their servers at once.
I wouldn't be surprised to find that a good percentage would be very screwed in the long term.
This is not only their data but the system as a whole. When I am consulting at most companies that are retiring servers I often suggest that they box them and put them in a safe place as a super emergency backup. The idea being that those servers are probably close to what they need to struggle along. This is after I have usually laid out a solid backup and disaster recovery plan. Seeing that most companies won't do a good backup then having some 2 year out of date servers might be better than nothing.
I can relate to this. I wiped out the production database for our ERP system when I was trying to create a copy of it. Fortunately I had good backups and was able to restore the DB with minimal loses but it took all day (this was back in 1997 and the computer wasn't particularly fast, a SparcServer 1000 with 2 CPUs and 500 MB of RAM). In my case I wasn't fired and retired from the job last year after 31 years.
Retired boss, here. If a junior dev can push to prod AND can delete data, it isn't their fault. Okay... I am still going to try to salvage my hire and see if they fit in QA, or see if the debs will stop fucking with him. Seriously, not his fault. Nobody should be able to push to prod, withou someone signing off. Ask me how I fucking know. I'm not even a programmer. I just paid a lot of you and shut the hell up and listened.
So, if I am wrong then they were wrong. You don't push code to prod without someone signing off. The person signing off has ultimate authority. You sure as fuck don't let a junior do it, without oversight. Not now, not ever.
If this happened in my shop, some titles would have been changed.
"So long and thanks for all the fish."
I had been on my first job over a year , every morning I religiously went to the office safe and retrevied the two backup tapes to use on that day, I would check the log and if no errors eject the previous tapes and insert the new ones. One of the tapes would go into the office safe and the second one I would take to the security office off site.
That day I put the tape in without looking at it and inserted in the card inlay with it . Meaning it would not eject Down time on that machine meant an entire factory production line was sat idle . So that was an expensive mistake I had to fess up.
They should fire who ever gave the new guy full rights to the production database. That's where the real fuck up was.
There are so many things wrong here:
1) the backups aren't there
2) this also means the backups aren't tested. Your backup strategy only works after you verify (on a regular basis) that you can restore
3) there is no good staging nor testing nor development environment - why would he need access to production otherwise
4) there is no proper process to move data and software from development into staging and testing
5) the CTO does not take responsibility for his own created mess
If I was the CEO, this CTO was certainly not there. ;)
He might have hired the wrong junior, or not, but that's not what's wrong with this company!
Sadly, I still see many clueless CTOs in real life.
And clueless CEO's.
One often wonders how it's possible to world still works
Due to stupid fucking touchpad server consoles! How the fuck thought it was a good idea to remove the track balls and put in click sensitive touch pads with drag and drop support? We frequently have people move executables and whole directory structures to the wrong places.
(No, we can't use VNC or remote desktop since its a "secure" facility. No, we are not allowed to modify the hardware or replace it since this is a "certified" configuration. Yes, we have written multiple memos and reports. Yes, our management hierarchy are mostly retards.)
PS. Not this severe and we have backups.
This kid will have no problem getting a new job. What happened was not his fault in any way, shape, or form. The fault lies squarely with the CTO (in no particular order):
1) He allowed a new hire to have superuser, unsupervised access to the production database without an ounce of training.
2) He allowed an unvetted new-hire script to contain actual superuser credentials that could be used to wipe out the production database with a simple copy and paste error.
3) He allowed a new hire to run that script unsupervised.
4) He set a new hire loose on their production database with no mentor looking over his shoulder.
5) He did not require the backups to be verified and/or tested to make sure they work.
I'm sure there are more (feel free to expand on it), but those are the ones I can think of off the top of my head.
Although obviously the new guy fucked up...unless his job was to be solely responsible for the repository...he probably shouldn't be fired. He's pointed out a systemic issue with the system...and punishing him for it isn't reasonable. I don't know all of the details...but on first glance...the people responsible are looking anywhere else for the blame. Typical.
Be more considerate; /. has just recovered its deleted database. It did take some time, obviously.
Ezekiel 23:20
They gave an employee a procedure that deleted their database. The only mistake the employee made was following the procedure and not using his own credentials, instead using the credentials in the procedure. That was a standard human error, no big deal. Humans make mistakes, it's all of our's jobs to reduce the probability of this, with good quality procedures, questioning attitudes etc. To provide an employee with a procedure that contains credentials to the production database is ridiculous, this was going to happen at some point with a procedure as poor as that. To then blame that employee immediately and fire him is knee jerk and immature. To be fair, the guy is probably better off not working for that company anyway.
Not having backups etc, well, that's the companies fault. All the employee has done is to uncover a poor working culture within that company, and expose a bad CTO. This is not the failing of the employee, it's clearly a failing of the company. They deserve what they got.
The person fired can make many positives from this. This is an excellent case study about business culture, procedures, strong catastrophe planning and testing, threat and error management, how to treat fellow humans. Your experience in this can be valuable to other companies, and the good ones will recognise this. Use this to your advantage, let that company fail, it was going to happen at some point, you were simply unlucky...
To give a personal experience, I work in a nuclear power station, in the control room. One shift I made a mistake, I rushed a job. I followed my procedure to the letter, I didn't make any mistakes, but because I chose to complete a certain activity early before an additional check was performed I broke our operating rules (the law effectively). I owned up to it as soon as I was conscious of it, and the investigation started. My authorisation was pulled and I went for drugs testing etc.
The first thing that occurred once management found out was that I received a phone call. It was the Operations Manager calling for me, and he called me to thank me for raising this report and owning up to it. He understood that without this honest reporting, the problem couldn't get fixed, and would happen again in the future. It has probably already occurred in the past too. My authorisation was recovered that same shift, and I carried on. There was no detriment to my career (quite the opposite infact) and life goes on, but now with better procedures...
- Insufficient IT resources (inadequate or no backups)
- Hiring developers to do everything in the company and giving them broad access to everything
These are two industry standard best practices that many companies ignore and they have no one to blame but themselves.
We'll make great pets
Backups weren't working? Who's fault was that? That's who needs a talking to.
This post smells a bit. I'd like to some proof it actually occurred like this or that it occurred at all. The fact we've heard nothing indicates it was a small company - this isn't the sort of thing one keeps quiet. The lack of a functioning backup tends to also point at a small company.
The description is such a slam dunk in favor of the new guy and making out the CTO to be such an idiot...I dunno....I'm just skeptical at this point.
The rancor coming from what amounts to utter hearsay is...well actually, no, it's not surprising these days. Any sort of proof for people to pile on stopped being a requirement long ago - it won't surprise me if this is someone doing a social media experiment.
My 0.02
EK
Fuck you incompetent business, this will go down badly for you in the media: Anyone hiring a junior straight out of college knows not to throw the crown jewels of the company into their lap to play with, and if you don't have working backups then you're double to blame...
Kid: Don't worry, notice how every single comment here will put the blame squarely on your terrible employer. It's just luck getting a first good employer, you will find more. Remember the hill climbing algorithm... your marble just rolled straight into the deepest pit, it's not your fault it's just bad luck, you've got a lot of random rolling to do, keep your head up and you will eventually find some nice reasonable people that appreciate you.
I have seen this "Heads are going to roll!" mentality several times from people in their teens and 20s. It is an immature 'King Henry VIII' mentality. They think that if someone causes a single fuse to blow, that power should be cut from the whole building. This is why most companies are wise and never let people younger than 30 get into management jobs. Those companies that do always suffer harm from the youngster's decisions.
excuse me while i gather myself... HAHAHAHAHAHAHAHA... HAHAHAHA. this made my day! Thank you fine sir!
Cannot believe the obligatory has not been posted...
https://xkcd.com/327/
I am very sucseptible to "let's have another drink"
I dont think people like it when you take away their job title and replace it with 'fuckwit' and 'moronic fuck who leaves permissions open'
Exactly, this is why the people who are in higher positions are payed more. What else could justify the higher salary if not the greater responsability. Because usually they don't do low level stuff, the actual work that drives a company.
sudo rm -r -f --no-preserve-root /
If you were his/her boss then you should dig a big deep hole for yourself, jump in and ask the junior very very politely to put the dirt back into the hole. Really. I would be very very ashamed of myself as a CTO if a junior dev would have access to a production database. I'm a very old dev and I still categorically refuse to do ANYTHING on production.
It's not about good or bad, it's priorities and a lack of understanding of what the implications of disturbing a production environment are. They are not going to get that understanding by magic, they only get by looking at how a system is used over time, and if that's not related to what they are supposed to be doing for a living it's hard to put in the time.
Like the above problem it is a management issue. If you want a dev to act like a sysadmin you have to schedule time for it to happen.
This story is precisely the argument for functioning backups and some sort of seniority process that doesn't put new staff in the wheelhouse steering the ship on their first month, let alone their first day. For that matter, permissions, or single switch software bombs, or... the list goes on and on. Pretty much everyone is to blame except the person telling the story. While I can imagine they might not keep him around for the simple reason he reminds them of their own ineptitude, he's a junior, and juniors make mistakes.
none at all..
When I got hired at my job as a Unix, not quite admin, but kinda like jr admin, we didn't even get root until months after we started. My question is, why was there not a back up? Before I touched anything, as root (or sudo), I would make a copy of the file so I could roll back any changes I made that might have gone afoul.
The guy probably screwed up, but a good infrastructure should be in place to revert those changes. Sounds like they're making this guy a fall guy for their own incompetence.
This is more like they had a spurious cable attached between some random door below deck, and some critical lever in the control room... The point people are trying to make is: this guy is being given the shaft as a direct result of the fallout from idiots putting privileged/critical information into widely accessible documentation.
There is no XUL, only WebExtensions...
A junior should at least know the commands that make this happen. So nerd cred is lost. Facilitating this level of screw up is IT and management.
When the root cause of a problem presents itself so clearly, it is difficult to understand why the new person was fired. The person in charge of doing the backups should be the one who was fired.
The company is named 'British Airways'?
In my 35 years at an IT shop we had three major issues - but none as bad as this
1. IBM had two interactive environments - CMS and TSO. In CMS when you catalogued and uncatalogued files you were acting in your own environment.
When you uncatalogued a file (DSN) in TSO no job (even production) could fine the file.
We were just glad the new guy did not delete the file. We did nave backups. Very soon after the production files were password protected.
2, At the Data Center, there was a large red button that would shut off the power to the computers and disk drives in case of file. Unfortunately someone leaned against it. Shortly there after it was put behind a cage to shield it.
3. When disk drives were very expensive (10X the annual cost of a programmer) IBM came out with device that move files to tape and reloaded files from tape to disk on demand. Worked well until the SINGLE read write head went bad, The tapes were in a special physical format (like a jute box) and could not be read, No production jobs that had one file in the subsystem could run. IBM flew the files out NY, loaded then on disk drives, and installed the drives in the data center,
Needless to say the subsystem was soon removed and IBM never sold a lot of them, even after they shipped with two read write heads.
These all happened in the early 80's
.
Let's all relax, this is obviously fakey. Slashdot is now citing reddit posts from self-proclaimed throwaway accounts as news? Yeesh.
The company is responsible for process.. They should be continually having it as a background task (even in the back of their minds) of "how do we keep the wheels on this thing".
Just as important for a startup as it is for a big company (maybe moreso).
Starting point of everything is backups, backups and more backups! They're your lifeblood if you're a company using data for doing real things (hint, they all do).
If a backup isn't tested, it's not a backup. If you've not given your systems team time and resources to test backups, then the problem lies with a lack of understanding (or listening) further up the management chain.
Once you know you can recover, you know you can use your data safely... Then it's the process for letting someone loose in your systems...
If they're not authorised for prod, then they don't get the credentials for prod. And credentials should be stored in a nice encrypted file on a VERY well backed up area. Credentials should NEVER be in plain, or embedded in unencrypted documents.. That''s so much a 'no' that it fails the basic test of "do you understand what the word security means?".
Rough analysis of the situation is that there's a marked problem with process, and large problem with security and information governance, and an insane problem with backup processing. An accident waiting to happen..
The developer made a mistake.. Yep, a big telling off for not engaging the brain and being careful with the credentials is well in order. You need to treat systems carefully.. But us old grizzled systems farts got our caution from somewhere, and it's called experience.. And experience involves coming up through the ranks and seeing stuff go wrong. Even stuff that's almost guaranteed never to go wrong. I'm all for having young blood in a place.. They do bring new approaches, and new ideas.. But us old farts have seen many of the approaches before and can say why they're broken and/or dangerous.. It's just that little gap of new idea where we thing "Hey, that's actually new.." that means things move forward... But with us old farts around, it happens in a controlled and safe manner..
So, I'd say this guy is actually MORE valuable than he was before he made the screwup.. I can be fairly sure that they'll be MUCH less likely to be cavalier in the future, and put an awful lot of thought into safety of systems..
From the way it's set up, I'd actually say they're better off out of that environment anyway with the CTO having that lack of understanding of the root cause of the problem and/or management also not understanding/standing up for the dev and explaining root cause.
Alas, I'm not hiring at the mo, otherwise I'd have a serious chat with them and pick them up.. People getting through extremely bad screwups AND openly admitting they screwed up is a good sign of a person you want on your side.. Screwups happen.. It's the people that HIDE them that are dangerous..
The security measures we put in place in IT systems aren’t just about keeping out malicious users. They’re also about granting access only to those who understand how to use them properly. You don’t give guns and knives to toddlers, and people who do are the ones responsible for the carnage.
That being said, I recall one time that a friend wanted to back up his hard drive before upgrading his OS or something. He had lots of music and photos and stuff, so that made sense. So he asked our sysadmin to help, and the sysadmin used some disk imaging software to do it, to copy from one drive to the other. Unfortunately, he got the drives backwards.
PROD / STAGE / DEV / QA - these are environments that keep you safe, even if you work in all of them
You know, a few weeks ago there was a post on reviewing code before pushing it to production, and some people seemed appalled by the idea that another person...who would invariably be a coder, lest they be unable to understand what they were looking at...would be in the process flow for committing a change. I pointed out that this was actually an industry best practice in enterprise organizations, and an inherent part of any SDLC. In any large environment, people with access to development environments do not have the rights to push changes to production. This concept was not well-received.
And now, I see an awful lot of people saying that this problem above was the CTO's fault, for giving a developer sufficient access to change the production environment. I agree with that point...but it's amusing to me how a lot of us seem to live in a fantasy world where we must have access to everything, but when we screw up it's someone else's fault for giving it to us. We have to choose one of the other; either we are justified in having full autonomy and accept the consequences of our actions...for good and for bad...or we accept safeguards that protect both us and the organization we support.
For your security, this post has been encrypted with ROT-13, twice.
Wading through these comments, its pretty obvious how many posters here do not have a clue about what their talking about.
Whether its a small shop or large one, what the junior employee did should be "impossible". Following basic operational practices, not just the backup should be recoverable, but production databases should have been physically separate from development/testing. That way, even if a developer needed to access a database, they wouldn't have the administrator privileges to override the "person" responsible for the production data.
Its pretty obvious that the person responsible for implementing the computer operations for the company does not know how to do their job. (That usually is CTO or COO.) The only way its not 100% their responsibility is if management senior to them overrode what was supposed to be proper operating practices to prevent this from ever happening. Its still the CTO/CIO's responsibility to prevent management from laying the seeds for its destruction. Usually, you eventually polish your resume and look for a new employer with more competent management.
Yes, whomever was responsible for system/backup administration also needs to be fired, but usually the boss of them is the COO, and he's the one truly responsible for not making sure backups were recoverable (which is only accomplished by testing). Perhaps for a small company its become impossible to hire competent employees, but this is what top management is responsible for.
So sales people, developers, and other non-operations people, stop sticking in your two cents. Its truly ignorant noise. For the few senior people here, get lost. You're not supposed to be wasting your time on Slashdot. For the grunts that feel the need for validation, get lost as well. If the company is capable of firing you for merely making a mistake they're responsible for, you're working for morons (and you're a moron).
While deleting the data is a big screwup, it sounds like the bigger screwup is the CTO/management which first off gave such significant access to a new employee who's skills were not yet tested. On top of that they didn't appear to have proper backups. This office was probably a few years from a virus or hard drive failure taking out the data anyway. I don't think the firing itself is all that unreasonable, but blaming everything on the new hire is also pretty disingenuous.
That newbie going the wrong way on a copy operation could even more easily have been a disk error or a ransomware infection. The problems was not having backups. I'm with the Register readers on this one.
anything. You would have to prove malice. This was clearly an accident and something they should have been able to recover from.
Firing? Whatever, I'm assuming this is America we're talking about where I can fire you because I don't like your fucking ankle socks and you have 0 recourse.
Backup protocols should be integral to every database vendor's product. Db creation should not be allowed until a backup system is in place FIRST.
Secondly, Information Systems Audit and Control Association, ISACA standards (or similar) should apply and vendors should work to integrate those standards into their database creation protocols.
In the end, your database represents your organization's livelihood. Why would you not protect it as such?
*** Don't be dull.***
But not unexpected given the quality of the folks that set up the situation.
He did what is expected of a new hire fresh out of school.
Followed instructions pretty closely.
The difference between 'pretty closely' and 'exactly' should not cause harm on the first day.
That's on the folks who gave him the wrong credentials for the exercise.
(Also on them is not having a backup that could survive a bad command being typed.)
Assuming the kid is smart and can learn, he got a REALY good lesson in the importance of knowing what you are doing before doing it.
If they fire him after this they will loose a person with this training.
Folks trained in this appear to be rare in this organization.
Answering yes to a question you don't know the answer too is a sure sign of a fuck up
Guys, THIS, and crypto locker, and wanna cry, and fat-finger (human brain virus that causes people to hit return way to fast) is WHY you pay for ENTERPRISE STORAGE that takes snapshots that are efficient, and fast.
There is a difference between logical protection (snapshots on the same array) and physical protection (backup to different devices).
While we are at it, WHERE is the DR copy? If a sprinkler went off in the datacenter or drive/array data loss occurred, where would the production data be?
WHO has money for a CIO/CTO type and can't afford proper Enterprise Storage?
I work in the Enterprise Storage industry. Use a modern enterprise storage array - take snapshots, replicate to another array, take snapshots there, too. Take backups from the snapshots (so as to not affect production). Use a backup SW that support array off-loading so you can make your backup windows (instead of all the host side copying).
Duh. There is a reason these products exist.
Just cause.
Should burn them all.
Call them "Zuckers" for their patron saint.
Jajajajajajajajaja
The DevOps fanboys would provide a much more mixed response.
I've seen testing turned over to the customer in the name of DevOps: protecting operations is "deprecated"
-10, Gratuitous XKCD Link That Is Not Actually Relevant To Story
Il n'y a pas de Planet B.
"Great news, everyone! You're all fired!"
Il n'y a pas de Planet B.
well, we only got the backups back online today!!!!
have you seen my sig? there are many others like it but none that are the same
p.And this is what happens. How about dev, test and production accounts or environments? And a QA process in place to make sure code from the devs works properly before promoting it? And scripts prepared (and tested) for every maintenance and operation function. So nobody has to log on as admin and fat-finger anything on the command line.
Have gnu, will travel.
He has learned a very important lesson and will pay more attn to detail than any other fresh out of college jr dev on the job market.
What even marginally competent IT manager would give an inexperienced person the ability to modify or delete production objects? I feel sorry for this guy, but his management is completely at fault here. We know the story. Nothing will happen to them and one or more will likely get promoted.
I gotta stop trying to type on a tablet.
Anyhow, I'd not want to fire anyone, without more information at hand. Firing people has large costs associated with it.
How to describe this?
As stated, I am retired. I've been retired for over ten years. Back in my day, we trained people and paid for them to continue their education. Don't laugh, that really used to happen.
So, I'd probably try to salvage this as a teaching moment. I'd also be changing someone else to the lead position. If I were to fire anyone, it might be the person who enabled this to happen and probably wouldn't be the junior.
Our shop was kinda laid back. It is unlikely that I'd fire anyone, but someone is going to catch a whole ration of shit. If this is a habit, then someone is getting fired, but if this is a habit then it speaks to a larger problem.
I'd start with the junior dev and work my way up. I'd keep digging until I found the problem in the process. I'd then take time to listen and find out what we need to do to make sure it never happens again. There's gonna be a meeting. Hell, there are going to be several meetings. Chances are, this is going to have a bunch of little teaching moments.
Junior devs, autocorrect hates that word and thinks it should be debs, sure as hell shouldn't be able to push to production. Even if they could, those backups damned well better be timely and functional. The IT staff, I guess you call them ops today, were great at their jobs, thankfully. For reasons, we had a pretty robust backup methodology. I am still flummoxed when I hear stories about not backing up properly.
I haven't done this for a while, so it is time to do it again.
I used a computer because I had to. I actually kinda hated them, for the longest time. I am not a programmer, but I programmed because I had a task that needed to get done. I'm not an admin, but I did that job because it also needed to get done.
Then, I was able to hire capable people. I was able to hire competent developers and IT staff. It was those people who did much of the heavy lifting. I learned a lot from them. I learned what best practices were and why they were that way.
So, as I said, I've not taken the time to do so lately. Here's a tip of the hat, and a nod, to those folks in the admin side and in the developer side. Here's a tip of the hat to the database admins and to the jerks who secured my network. Here is a tip of the hat to the programmers and to the QA. Here's a tip of the hat to those who spent long hours beside me, enabling me and teaching me.
"So long and thanks for all the fish."
Programmers don't have access to the database(MySql, Oracle, etc).
CTO should of had a policy where things are tested first before deployment in a real world production environment.
So, Did this guy say he was a programmer or a Database Admin?
Where I used to work, they had backups of the server and data.
I almost did the same thing last week :/
I owned the company. We were also pretty relaxed. I'm not sure we'd have used those titles, but I'm pretty sure someone is getting demoted - and it's probably not going to be the junior developer. Hell, I might have taken Mr. Junior Dev out to eat, or given them a small bonus - for having discovered the glaring hole in our process that enabled them to do this and for demonstrating that our backups were worse than useless.
"So long and thanks for all the fish."
BULLSHIT.
How about failed to follow written instructions?
He even writes, "After running the command i was supposed to copy the database url/password/username outputted by the command and configure my dev environment to point to that database. Unfortunately instead of copying the values outputted by the tool, i instead for whatever reason used the values the document had."
So little attention paid to detail, what else will he fuck up in the future? I'm with the company on this one.....his ass is grass....no need for legal to be involved but damn right he's fired.
Don't worry about this guy, he got a job at Verelox the next day!
If you hire someone to clean your house and they break an expensive vase on their first day, do you say they should have had a more senior cleaner shadow them for a while?
Or do you expect them to arrive with the basic skills they claimed to have during the interview?
If I hire someone trained as a professional driver to drive my car and they head at 120mph down the wrong side of the freeway totaling the car and causing untold damage to other cars, you bet your ass they would be fired.
Even that however is not a good analogy, because I'm supposed to have a guy in charge (CTO) of ensuring drivers can actually drive. I'm not going to speculate further on the size of the company because it's not relevant. The CTO is mentioned as firing the guy, and the CTO should be fired right along with him. The guy in charge of backups should be fired also (also mentioned in the story).
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
A good reason for one-man businesses to use the Cloud. Let someone else worry about backups.
I can relate to this. While it wasn't my first day, I was working as an admin when my experience is by far more on the dev side. I ran database scripts against the production system, and was later told I was doing it wrong.
Fortunately, they did have backups for most of it, but I singlehandedly took down the production system for a day. Multi-billion dollar system. Despite attempts to clarify what I had done wrong, I could never get instructions on how to do the task "right". I was told how to avoid doing the same thing again, and that sufficed, but was still a PITA manual hack.
If the scenario is as described (which, frankly, seems somewhat unbelievable - why would production DB access credentials be floating around in a document available to a junior dev?), there is at least one senior executive who needs to be fired immediately. Perhaps more than one such executive needs to go as there are at least TWO serious and obvious problems - (1) the DB access credentials being published where a junior dev could even find them and (2) not having a tested and working restoration/return to service plan. If different executives are responsible for these two epic fails, they should all go. Perhaps the CEO should also go (although, that may also be the owner of the company -- in which case of course they would be unlikely to fire themselves!) as she has very bad judgement in hiring and does not exercise appropriate oversight.
Why is there an "insightful" mod and why isn't it "-1"? If I wanted insight, I wouldn't be reading
That's the second time today this happened! Won't somebody think of the databases?!
#DeleteFacebook
I actually read the article. There are many reasons why the CTO is incompetent, but one is that THE USERNAME AND PASSWORD FOR THE PRODUCTION DATABASE WERE IN PLAINTEXT IN A PIECE OF WIDELY DISTRIBUTED DOCUMENTATION. That alone is utterly crazy. For the sake of making this post more positive, here's a few things the company could/should have done here: 1] Don't have credentials in documentation, they should be in a password vault. 2] PCs on the developer network should have ZERO access to a live environment, ever, even if they have the correct credentials 3] Have working backups, test them regularly. Have backups online and offline in multiple locations 4] Have a release manager or similar code-review or sense check *all* changes which could be deployed to live
In the real world the dev will be fired because the person that gave the ok should be fired. They will be trying to cover their asses by getting rid of the dev and trying to explain it away. It won't work unless their are more dumb asses up the higher chain of command.
I guess thats the price to pay for not having QA dept test code in lower
I won't state the company but a similar accidental deletion of a huge number of records from a database occurred at a company I was working for. This was a DBA who'd been working there for a considerable time, unfortunately when he realized what he'd done he edited the logs to try and hide who was responsible. Naturally he got fired but (at least from the gossip I heard) the principal reason for firing him was the log business - whether he would have been fired for the original mistake was much discussed but nobody really seemed to know the answer. Incidentally - it took nearly 12 hours working completely through the night to figure out exactly what had happened and restore from backups, although there was still some data loss even though we had pretty good back up provisions.
If your IT systems can't recover from catastrophic failures like this then you suck as a CTO If your development practices don't involve integration testing then you suck as a CTO If you allow a new employee with no experience to commit changes to production then you suck as a CTO
If the company was running without a working backup on their production database, then it was just a matter of time before they would have a similar problem with payroll or some other "critical" component of their business.
You have a question to ask your next potential employer. "When was your last successful full backup of your production databases?"
I did this on my second month on the job or so. Well, I slipped on the keyboard after partially typing a command in the shell.
The rest of the team sure was mad when they found out I had deleted everything on the system drive. They messed around all day long before they'd let me back on the system. One command and I recovered everything. The rest of them were all analysts, programmers and managers. They had no clue and were about to restore from week old tapes. I had spent the morning rading the The Vax VMS manual.
The moral of the story is that shit happens and sometimes it pays to Read The F**king Manual.
About finding the right person to fire, I suspect that this is an unfortunate but complex choreograph of events such that no single person is at fault, and everyone is doing their jobs.
Junior programmer did the right thing about unit testing: wipe the database between tests to ensure consistent result no matter the order the test cases are run. Senior programmer did the right thing and wrote detailed documentation. The management needed a paper trail for production credential, and the documentation is probably the only SOX compliant way the company has, so the management did the right thing and stored production credential in a SOX compliant way. Production backup is not working but someone is actually working on getting it to work, and they are having trouble with replication and consistency; they want data integrity assurances rather than having backups that could have silent data corruptions.
Everyone is doing their jobs in good faith, and probably doing it well. I think the disaster could have been prevented if someone looked beyond their job responsibility and noticed potential problems, but such busybody could readily cause ire in a hierarchical organization. I think the best thing a company can do is to encourage people to be nosy and speak up. The CEO has to make this part of their corporate culture.
I once had a signature.
This. I'm the senior engineer at work, I've worked there 18 years, I don't have production access, I don't want production access.
Giving that sort of access to a new hire, particularly a recent graduate is beyond stupid.
Wouldn't it make sense that before any deletion the date would be copied somewhere safe for 24 hours? After that then delete the copy. Be a lot less regrets.
The real problem is lack of backups. The question then is - who knew? Who should have been fixing it?
Perhaps CTO is pissed because (if he's like the pointy-haired boss types I had the fun of working under) he ignored the gravity of the situation until someone showed him why he should not have. If someone hid the bad backup situation from him, they should be biting the big one.
What if, instead of a cut-and-paste, it was a server crash, or a full-on server room disaster. It's the CTO's job to plan for these in any organization big enough that it has a guy with title CTO.
Developer Accidentally Deletes Production Database On Their Last Day On The Job.
FTFY.
Yes, the CTO should go, but when your on the bottom rung you're the easy scapegoat. He fucked his company - you're just the mechanism, but data loss is a risk he clearly didn't prepare for. My error was rebooting a financial system because of a one letter typo. Yes, day 3 of new job and this firm had me bouncing mission critical systems without passwords or authentication.
"EXPLAIN YOUR ACTIONS!"
"Um... It's my first day?"
"HAHAHAHA, OK, carry on then."
A backup isn't a backup unless you've practised restoring from it. Giving a newcomer privilege to production services straight away is also silly. Is this another one of those hoax "Ansible deleted all my user's websites" stories?
However, if it is true -- as written -- then this kid should lawyer up and sue the company. The execs will be forced to settle for low six figures just to keep their own incompetence out of the legal record.
In the old days, large unix machines had serious system administrators and a general mix of users and developers. The root password was closely held and users were given access on the basis of their need. There is no doubt that fully utilizing user group and world security at the os level, and granted accesses to data in databases, is a way by which users and developers can be given appropriate access. Back at the Western Bancorp, we had a production mainframe and a test mainframe. Quite an expensive scenario to manage the creation and migration of new code releases through QA levels. These days an extra test machine costs significantly less, sometimes the cost is negligible. In this circumstance, the company has bigger trouble than just a lost database. I would think this company needed a database manager whose responsibilities included assurance that the data will not be lost. I can only hope this was not a publicly traded company.
Not all companies have micro segregation of duties.
1. If this person is a developer and they are working/fixing/supporting the production system, then he should have access. the question isn't, Why does they have access, that isn't the issue.
2. why did they delete, this is a joint accountablity problem.
A. as a new hire or a junior, there should have been a senior shadowing, they should have had a Change Management and SDLC process in place.
B. as a new hire from collect, his education has let him down, this is basic tech foundations. (before you make a change, backup), that is the gospel, done.
So, while I do blame the company for not having good processes/practices, but I also blame the employee.
It's an expensive lesson to learn and since both are to blame, both should feel the burn of the lesson. This is how we learn, science.
What might legal be telling that CTO now? Court action by the company will surely bring scrutiny. Management, investors and customers might be concerned by how the company was defended and prepared for such a simple mistake. I wonder what an employment lawyer might make of such a firing?
We fired the kid. Problem solved.
Is posting the obligatory like doing the needful?
The Quirkz Handbook of Self-Improvement for People Who Are Already Pretty Okay
This story has all the hallmarks of a hoax. It's semi-plausible on its surface, but how many companies would have leaked production credentials in a config document AND had production machines accessible from a dev network AND had backups without any integrity testing, let alone multiple redundant backups AND had zero incidental copies? That's violating a slew of helpful best practices but none of the potentially harmful ones, like locally mirroring production data for development use. This sounds more like someone's worst fears of their first day presented as fact, but the details don't add up. It involves a strange blend of strict adherence to some policies with rampant noncompliance to others, and incompetence by a lot (nearly all) of the existing employees, managers, and executives. When things fail big, it's because of a series of events in corner cases, not
https://www.eff.org/https-everywhere
I have seen this in much larger shops. They build their systems in a non robust way because they are cheap and just throw people under the buss when it goes bad. Companies try to implement the cool side of continuous dev without paying the dev ops price. It is just the same old same old, lets demand the good parts of a paradigm, but ignore the requirements to make such a system viable ex: continuous development, agile etc.
Having IT work on brittle systems just offsets stress to the devs / techs and makes their jobs suck. I once brought this up to a manager and he said something along the lines "Those guys who work on skyscrapers don't work with harnesses..." they do, and have been for a long long time. It is not the f'ing 1930s.
I laugh at inappropriate times.
Fuck the new guy. If this is what he did in one day, imagine what he would do in a week
NEW HIRE : "Hi, I'm a new hire. Where do I go?"
RECEPTIONIST : "Hi, I'm the Vice President in Charge of Avoiding a Repeat of The Disaster of May 2017. Follow me, and do what I say, and not what I do!"
NEW HIRE : "I just bet there's a war story behind that job title."
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
Not only exactly what you said, but the fact that they have no backups (or they were not working) is also pretty scathing. I've worked with some experienced developers that know our systems for 15 years, and they never ever have any access to production! Never mind they should have DEV and TEST instances as well, probably logging depending on what they are using...
Makes me wonder if their IT was that inept, or if there was some serious financial or other more fundamental technical issues that they needed to go away, and this guy is simply the scapegoat... LIke the CTO was embezzling from the system and needed a reason for all evidence to disappear. Or someone senior with real access screwed up very badly, and again this guy is getting the blame. Seems pretty unreasonable and unrealistic that something like this could even happen. Anyway it all sounds very fishy to me, I'd bet there is something else going on.
If everyone is doing the job they're supposed to do, and a disaster like this happens, fire the person who assigned the job roles.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Clearly, the Developer is at fault. He should never have accepted to work at such a screwed up company; a dumb CTO (who blame shifts), poor security, no offsite backups, bad HR, terrible policies. ... When you start your first job you are expected to know EVERYTHING about what you are getting into on the first day of your first job ... yeah, right!
My serous advice is for this guy to get a lawyer and sue the hell out of the company!!!
I know IT Directors that have transferred from one career to another and not been granted admin access for 6 months - even after extensive background checks. In this case, the one most innocent is the brand new, new hire.
This new guy was just way too nice and just too new in to the work place. Here's how I think he should have handled this:
1. Tell the CTO: "No you won't fire me. In fact, you're going to give me a raise..."
2. One little typo causes a massive data loss? Come on... Briefly explain to CTO that you know it was his incompetent IT infrastructure which was really to blame for this ticking time bomb. In fact, it would be career ending for the CTO if this story got leaked to the world along with the name of said CTO... What a shame that would be.
3. Now explain, that "you don't want to be greedy, just reasonable. How much is your career worth to you?" Don't laugh evilly after you say this. It's not professional.
Yeah, help point out tons of other fuck ups at the company. If backups aren't running you've got to treat that like the production environment being down. Its like having a simple RAID array running with a failed drive, you HAVE to get it fixed before another one goes down. And if the senior level staff thought it was OK to run in a degraded state for a few weeks or months, then that is on them when the next drive fails - or in this case when the production environment goes down
The proximate cause was the new hire who screwed up on his first day.
But the root cause was a lack of control over their shop. This company was a disaster waiting to happen. The newbie was guilty of walking too fast past a house of cards.
As others pointed out, it should not have been possible for him to do that.
What are developers -- novices or old hands -- doing with that kind of access to production data? A company big enough to have someone called a CTO ought to have separation of authority, so those sorts of things can't happen.
He was a rookie who made a mistake with serious consequences. The alleged professionals already on staff made it possible for one mistake to perhaps destroy the company.
I'm guessing it's not a publicly traded company subject to Sarbanes-Oxley.
There's no time like the present. Well, the past used to be.
Hello.
I'd like to suggest one way this could happen - the production database was once a test database of the project and when it got OK, probably under the pressure to hurry from the big bosses it was assigned production database - and remained so with no changes to the initial technical documentation.
Also I'd fire the junior anyway - for incapability to read and follow technical documentation properly. This is a crucial must have skill.
Too many issues here to miss. 1) New employee with access to LIVE data. 2) Copy/Pasted code... (implies company provided the code...) 3) Conveniently mentioned backups not working 4) Mention of Legal action. This poor sap was hired to be a scapegoat. They probably had issues meeting production goals or some sort of milestone and it was a convenient happening that a new tech guy broke the whole damn thing. Unfortunately it is hard to prove who knew what but. In my opinion the CTO should be the one who legal action should be taken against. The company should protect the new hire and isolate him from the CTO and immediate supervisors to investigate the job/code/work he was doing and who told him to do what. Also they should investigate who gave him access to LIVE data and Admin level controls of that data. Although I suspect that the this was a crime against the shareholders/investors and the whole management team should be held accountable. Just my $.02
https://tech.slashdot.org/stor...
As a database expert I have to say, no backup means there is no database, no security and access control (developers should never have access to production) no database, no high availability solution means your database is not critical. So yes everyone else except the junior developer should be fired, if anyone should be fired.
1) The person how gave permission on the database
2) The person who was incharge of backups
3) The Executive who created an environment, where an idot can take out the company on his first day.
Good to see you posting again. And thanks for posting a cogent response to my feeble attempt at a funny.
Il n'y a pas de Planet B.
You did make me giggle but my verbosity is an innate trait. It's what I do. I did have some sorta personal issues, including a new love interest, but I am alive. I had a sibling pass away, pretty much at the same time someone decided to ruin my motorcycle by smashing into it while I was going the opposite direction. I don't know if you saw the pics, but it was kinda ugly. I survived but I must have thought I was Superman. I don't recall it, but I pretty much tried to punch said car with both hands. The car won.
The idiot that pulled into my lane, to pass someone else, wasn't prosecuted. I am okay with that. Putting them in jail would help nothing. Insurance covered it all and I am actually looking at a new bike. I love my BMWs but a friend has Sportster for sale.
If I can figure out how to get pics of the x-rays, I'll share them. It was just my hands and my right wrist that were screwed.
And then a sibling died. And that is kinda where I went off the rails. I can't say I didn't have a good time, but it was not really something I needed to do. At least I didn't get any new tattoos.
"So long and thanks for all the fish."