Slashdot Mirror
Developer Accidentally Deletes Production Database On Their First Day On The Job (qz.com)
An anonymous reader quotes Quartz:
"How screwed am I?" asked a recent user on Reddit, before sharing a mortifying story. On the first day as a junior software developer at a first salaried job out of college, his or her copy-and-paste error inadvertently erased all data from the company's production database. Posting under the heartbreaking handle cscareerthrowaway567, the user wrote, "The CTO told me to leave and never come back. He also informed me that apparently legal would need to get involved due to severity of the data loss. I basically offered and pleaded to let me help in someway to redeem my self and i was told that I 'completely fucked everything up.'"
The company's backups weren't working, according to the post, so the company is in big trouble now. Though Qz adds that "the court of public opinion is on the new guy's side. In a poll on the tech site the Register, less than 1% of 5,400 respondents thought the new developer should be fired. Forty-five percent thought the CTO should go."
The company's backups weren't working, according to the post, so the company is in big trouble now. Though Qz adds that "the court of public opinion is on the new guy's side. In a poll on the tech site the Register, less than 1% of 5,400 respondents thought the new developer should be fired. Forty-five percent thought the CTO should go."
How the fuck does a new hire have that kind of access? that's not even enough time for on-boarding. The CTO should definitely get the shitcan, as should anyone in HR involved in that debacle.
"Oh my God. This is terrible. This is the end of my Presidency. I'm fucked."; ~ Donald J. Trump
Okay, the guy fucked up ROYALLY.
It happens. And he SHOULD get in a bit of trouble for it. That's how you learn "don't do that". I don't think they deserve to lose their job though.
The CTO and all the people in charge of the backups need to be on the street YESTERDAY though. That the dev COULD do something like this is a major fuckup on their part. They simply didn't have their production system locked down properly.
The fact that their backup system was non-functional is double-plus unforgiveable. The dev is merely the highlight for their massive cluster-fuck of a setup.
Chas - The one, the only.
THANK GOD!!!
...supposedly erased an entire tape's worth of recordings (the only copy) at the Nashville studio he interned at.
I have a feeling this is a dup of the bullshit story /. tried to feed us a couple of years ago, which after some investigation turned out to be 100% pure made-up bullshit. (No, I don't feel like searching /. history, but I'm sure it will turn up later in the comments.)
Anyhow, as we all commented in the previous story: If this was possible, then the company deserves to go under.
just like the "supposed" rm -rf / last year ...
And if anyone is given access on their first day to production data, eh the CTO should be whacked first.
It would seem that the junior programmer is in line for a big payout, you see firing him, using profanity and implying legal action is not permitted. The poor guy doesn't even have to hire a lawyer in some states (like California) that have a Department of Industrial Relations (Labor Board) which he's _required_ to use instead of a lawyer (unless they eventually grant him permission to pursue with a lawyer). The way the Law will view it is that the company is totally responsible for the consequences of giving him too much responsibility.
Now you can argue the Law back and forth for all the good it will do you, this is nothing novel and this has happened many many times before.
Pretty much any comment that might be posted in this thread was already posted in the original Reddit thread over a week ago. Nothing insightful or interesting will come from this being posted here now.
He was given a worksheet with information regarding how to clone a test database onto his workstation. He ran a script when printed out the test DB's URL and login information but he just copied the info off the worksheet instead. The info on the worksheet was the production database with an account containing full write access. He overwrote the production database with the test data he was attempting to clone.
Whoever gave a new hire a worksheet with a URL for the production server and login with full access should be the one fired. This new kid showed the company that their new hire setup is completely insecure and that their backup infrastructure doesn't work. It's not this kids fault.
-SaNo
http://the-happy-manager.com/articles/characteristic-of-leadership/
A young executive had made some bad decisions that cost the company several million dollars. He was summoned to Watson’s office, fully expecting to be dismissed. As he entered the office, the young executive said, “I suppose after that set of mistakes you will want to fire me.” Watson was said to have replied, “Not at all, young man, we have just spent a couple of million dollars educating you.”
Mebbe read the article?
for wrongful dismissal. The fact that this F'd company's CTO left their *entire operation* vulnerable to such a simple and possible blunder means he should be fired, not the new hire. Someone tell that asshat, it's 2017... there is absolutely NO excuse for what happened being even remotely possible. And the fact that the new hire was following *verbatim* instructions in the setup doc and caused the issue is beyond laughable... I would fire the CTO for extreme incompetence. Whatta douchebag.
If a company looks at a non-working backups as a minor inconvenience, I think the CTO's ass should be on the firing line before this poor guy's. Yes, wat he did is inexcusable and in some cases, firing might be justifiable (as in, a junior developer on his first day in his/her job doing what on a production database case) but if someone assigned him/her to perform anything on the company-critical data, that person should be the one getting fired, not this guy's. I am a 20+ year experienced sysadmin and not too long time ago, when I started at a new position, I was not able to touch any system other than few development machines for 2+ months of my start date and I know/knew my shit. This company management shows their incompetency in more ways than one. Yet they are making this person the scapegoat. Good riddance to them, as their days are numbered.
__________
The more I know people, the more I love animals
I've been in production management for 15 years... The first 5 years as a Sr. datacenter engineer. The next 7 years as a staff engineer and the past few years as a cloud architect. One thing that has NEVER changed is that developers are NOT allowed to touch production... and I mean not allowed to even log into any host at all...They don't even have a damn clue where the machines physically sit.
Allowing a junior developer fresh out of college to log into production with privilege that makes even a minor change is already in violation of industry protocols. I wouldn't blame the guy too hard. He's fresh out of college remember? The first person to blame is operations management who doesn't have a clear separation of duties protocol. Even if ops management allows him to log in, the next person to blame is the lead datacenter engineer who allows his account to issue intrusive commands.
If company leadership asks me to handle this fall out... I will fire those two guys first. Then the Jr. developer will get only a warning but that would be his only warning.
I'm surprised that the firm has not been named - while I would think that any company that had this happen to them would want to keep this confidential, I would think that somebody would talk about it separately. I suspect that the "company" is some podunk startup in which the CTO is the CEO, CFO, head of development and probably the HR head and they've just hired a developer without thinking about access restrictions (or verifying that backups are actually happening).
Some more information would help clarify these questions and maybe better explain how such a situation could happen.
Mimetics Inc. Twitter
He wasn't mucking about with prod, per se. He was following the instructions he was given for creating a sandbox copy of prod, and those instructions at one point had an example login he was supposed to replace, and that example login was a valid admin login for prod. He used the example login, admitedly by mistake, and ran the scripts that were supposed to scrub the database and give him an empty sandbox copy of the prod db structure to play with. Those scripts, however, because of that bad example login, ended up running on the real prod with actual admin access. Small mistake on his part. Huge mistake on the documentation's part.
Despite the number of catastrophic failures of the system, they fired him. Likely so the CTO could go and claim it was malice or vandalism on the part of the new hire, instead of owning that they had documentation that included admin prod access as their example.
What I find is interesting, is that despite what this company has done to him, he has never once named them. This is an example in loyalty, professionalism and discretion that is rare today. I would hire him in a heartbeat. I want that kind of professionalism.
Having production databases that can be reached from developers workstations is always a bad idea. They were lucky, in a way, that the developer deleted the data and didn't just alter it slightly.
Firewalls, people, they're not just there to block wordpress exploit scanners. Danger can come from insiders, and that includes hostile employees as well as clueless morons.
lucm, indeed.
Seriously, a day 1 dev has direct production access? Hell, any dev has direct production access? No QA, no release management, no integration or functional test suite if they're doing some sort of continuous deployment?
It's a pain in the ass, but if they've got any sort of actual real database, they'll have had a real database admin, running it with archive logs they can use to restore their data? ... plus their backups are gone?
What sort of fly-by-night operation is this?
I say if he succeeded in putting that company out of business, then he should get a medal for sacrificing himself to destroy the company.
My belief is when he saw on his first day, the badly written docs they handed him, with a printed (!) account/password having RW access, he instinctively threw himself on that grenade by destroying their production database. Only the most cowardly IT worker would have done otherwise.
Thank you, selfless IT worker from saving us from the horror of whatever product they were trying to produce.
now I'm too full
You don't want to work at a company where the backups don't work and where a new hire can accidentally delete all their data. Don't beg to stay, instead be happy that you found out quickly how incompetent that company actually is.
That's funny. When I started reading Slashdot back in 1999 or so, it was called a website. Someone probably slapped on the "social media" label a few years ago to get some VC money.
Having production databases that can be reached from developers workstations is always a bad idea.
Welcome to DevOps ;)
Live today, because you never know what tomorrow brings
Welcome to startups. It's very good experience straight out of school to know just how screwed up startups are and to avoid them for the rest of the career.
You do realize that 99.999999999999% of "social media" is week-old posts...so why come to any "social media" sites at all? Why not cut out the middle man and experience reality directly? You know? Like humanity used to do....?
...we were a small company making the transition from a proprietary (TI/990 - DX/10 OS) system to a Prime UNIX system and I was the guy A) learning UNIX and B) writing shell scripts to replicate basic DX/10 stuff. One of my first scripts was to delete a user. Beyond the basic password deleting stuff, I thought it would be cool to delete the user's home directory also. You know, delete user "gerry" and also delete user's home dir "/usr/gerry". Guess what my brilliant script writing failed to anticipate? Yep, someone entering an empty user name. So, the script - running under SUID perms proceeded to delete "/usr/*", including "/usr/data". Oops! Fortunately, my backup script was better written and the customer only lost a few hors' worth of work, but....Whew! That's also how we learn!
When we bring someone on, they do NOT get root/admin to critical servers their first day. They have to be off probation first, which is 6 months where I work. Even then, credentials for things are not on a document. That is just asking for them to get lost or stolen. They are given on a wallet sized card, written specially for that person, and they are instructed to keep them safe until memorized.
The reason is, of course, to prevent fuckups, as well as to make sure we trust them fully. The idea of giving someone full access to critical stuff on day one is stupid. Shit it sometimes takes more than a day for them to get access to e-mail and all that just because of all the other things they need to do.
This is 100% on the company. Have working backups, CHECK YOUR BACKUPS, and don't give a new hire a sheet with access to your critical data.
I mean, come on:
- No working backup
- Excessive access for the new person
- CTO is incompetent and cannot admit to mistake
This is an accident waiting to happen. And the new person has zero responsibility for it. Might be better off to be out of that fucked up company though.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
We've had very different experiences. The startups I've been at have been packed with smart, competent, diligent coworkers. I've had much worse luck with large corporations where employment was effective for-life and it was so easy to blameshift that no one ever got fired for anything.
Dewey, what part of this looks like authorities should be involved?
Having production databases that can be reached from developers workstations is always a bad idea. They were lucky, in a way, that the developer deleted the data and didn't just alter it slightly.
You'd also have to pray they did not alter it any further.
This is what the anonymous poster actually said:
The CTO told me to leave and never come back. He also informed me that apparently legal would need to get involved due to severity of the data loss. I basically offered and pleaded to let me help in someway to redeem my self and i was told that i "completely fucked everything up".
It's not clear that the CTO was threatening legal action against the developer. For all we know, it could simply mean that the company would have to issue some kind of statement to shareholders or to customers based on some contractual commitment.
There's nothing in the entire story that clearly indicates that the CTO or HR acted improperly. Is it normal to have production credentials in documentation handed out to junior developers? Of course not. But the developer was supposed to configure a local instance using the output of a specific configuration tool, but opted instead to copy-paste from somewhere else a connection string that must have been obviously not a local instance. Then the developer, after being fired, left with his company-issued laptop, and started sending messages on the company chatroom. Would you want that person on your team?
lucm, indeed.
Corporate cheapskatism fucking them in ass: newbies handle key data and no backup system in place.
Sue/fire the CEO, not the grad.
Table-ized A.I.
Hey I had a security guy come into our data room to do a drive inventory and while waiting for me his curiosity got the best of him and he popped open a drive on 70 TB raid.
The CTO and all the managers/leads that created the opportunity for this to happen are the true failures. And to think, they are all still there, so that place is still really messed up.
Seems to me this is not a single point of failure, it is multiple points of failure acting in unison. There was a lot of passing the buck and ducking all responsibility going on. Not to mention several individuals not doing their jobs.
A final thought, I sure would not want to work in a corrosive, petty and vindictive environment like that. I know it does not help now, but drive on. Not working there may turn out to be a, not totally bad thing for his sanity and future in the long run.
The real test is not how well one handles success, but in how one responds to failure.
RAID (especially those with parity) can be terrifying. Just think of it: you have a group of disks probably acquired at the same time and probably coming from the same vendor (or even same production batch) serving the same workload in the same environment. That implies a fairly similar MTTF for all the disks.
Then one of the disks fail; this causes the other disks in the array to first handle a higher load, then to be brutally impacted by the rebuild process. That's like playing Russian roulette with a gattling gun.
lucm, indeed.
full stop.
We backed up daily, weekly, and then monthly.
Fortunately decided to restore an older copy of a file to work with and found despite the IBM software saying the backup was occurring and was good- it wasn't.
None of the backups were any good. IBM had to come out and figure out what was going on and after that we also retired a file from backup every single day. We had previously used to disk to disk backup but went to tape when the data got too big.
If you do backups- you need to actually restore a file and confirm the file isn't empty.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
Not to mention - the very premise of just copying production database for use in testing is already terrible.
In theory, yes. But honestly, I've seen countless situations where there was no realistic alternatives given the available resources, especially if the volume or distribution of data could have an impact on the system. For instance, testing a new address autocomplete feature for an order form; if you only have a few hundred clients, maybe you can generate some decent test data, but if you have millions of customers it can be very difficult to make sure that the feature will work with the real data set. Same goes for specialized reporting (e.g quantitative analysis features in a trading platform).
There are a few interesting data obfuscation tools out there if data privacy is a concern, but they can be quite labor-intensive to set up. Sometimes an ironclad NDA and a copy of real prod data is the only available solution.
lucm, indeed.
Lot's of blame to spread around.
The code used in production should have been reviewed by someone before execution in production. No exceptions. Especially because it's a new guy on his first day. The code should have been run in a staging environment first. How long was it known that the backup system was broken? This mistake was obviously not the newbies fault.
If my production DB backup was hosed, I would be dropping just about everything else to get it healthy again. A deleted database would mean some lost time since loading up the last backup and doing a PITR from WALs isn't fast, but at least I know I can get production back up no matter what someone does to the active DB.
-- Will program for bandwidth
Freedom of speech and freedom after speech.
Domestic spying is now "Benign Information Gathering"
Yes, but with startups you can have brilliant people, rarely, but almost always there's little coordination as procedures haven't been set up yet. Plus a constant non-ending rush to meet short deadlines, with demos needing to be done often and no time to slow down and take stock of what's going on.
If a junior developer can FUBAR the company, these are the two that fucked up royally. Very obviously processes are crap and gross negligence is running rampart.
Fire these two bozos. Out of a cannon.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Actually reminds me of two fellows I worked for briefly. Both of them were actually too small to have a separate CTO. In the first case I decided to leave as soon as I figured out the legal liability their main customer had incurred due to pirated software. There were actually two packages, and one of them was a database. The second case was a total shoestring operation and one of the first things I discovered was that their so-called daily backup processes were not actually backing up anything.
Now that reminds me of a third case, where they actually did have a CTO, in title if not in competence. While they did fire him, it was too late to save the company... It was one of the few things they'd done right while I was working there, but I decided to leave when one of the actually competent managers was fired, and they disappeared not long after that. (That was actually my last stint in a startup, and after that I just went back to safety in a big company for the rest of my career...)
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
At least know that your backups work.
In the mid-90s I had just started working at some place and the guy I was replacing (he left for a better opportunity) was showing me how everything was set up and as a demonstration he deleted his own account. I guess he felt he didn't need it anymore, but then he says there might be some useful stuff in there and tells me it would be a good exercise for me to learn how to restore from backup.
Not a big deal, it was actually documented and I had done that before at a previous job...but every single tape was bad.
When I told him, his reaction was that I must be doing it wrong, but he was similarly unsuccessful. I think they had been using the same tapes ever since they bought their system and they were all kept in a shoebox in the same small office with all the servers.
After 6 months I left for a better opportunity too.
It is scary how few companies backup their crap. I would be willing to bet that less than 30% of billion dollar companies (that really depend on their computers for day to day operations) could be back in operation in under 24 hours if they lost all their servers at once.
I wouldn't be surprised to find that a good percentage would be very screwed in the long term.
This is not only their data but the system as a whole. When I am consulting at most companies that are retiring servers I often suggest that they box them and put them in a safe place as a super emergency backup. The idea being that those servers are probably close to what they need to struggle along. This is after I have usually laid out a solid backup and disaster recovery plan. Seeing that most companies won't do a good backup then having some 2 year out of date servers might be better than nothing.
I can relate to this. I wiped out the production database for our ERP system when I was trying to create a copy of it. Fortunately I had good backups and was able to restore the DB with minimal loses but it took all day (this was back in 1997 and the computer wasn't particularly fast, a SparcServer 1000 with 2 CPUs and 500 MB of RAM). In my case I wasn't fired and retired from the job last year after 31 years.
The C-level executives are the people in charge of executing the company strategy as established by the board (who are representing the owners). If you remove them, you basically have a headless chicken. If you replace them all at once, then you have months of instability as they have to rebuild their teams and puts their systems in place.
That's why elections are staggered in the USA. Could you imagine the mess if everyone was elected at the same time?
lucm, indeed.
Um, the elections in the USA are all at the same time. Local, city, state, federal, all on the same day. The four year presidential cycle sees 200% of congressman and 67% of the senate cycled too...
You fail at civics.
Having production databases that can be reached from developers workstations is always a bad idea.
I don't disagree but sometimes it's impractical with smaller teams especially if that team consists of only one person and they are also expected to provide support for production systems.
It's just VERY important to make sure you're aware of which system you're on.
The worst I ever did was delete all the inventory in an entire aisle in one of our customer's warehouses. Thank God I didn't delete the entire warehouse. I felt really bad as I called up the warehouse manager and told him about it.
He took it surprisingly well. I was expecting to be harshly chastised but he was very understanding for some reason. Possibly because they do physical inventories all the time and I just gave him a heads up on where his inventory team should focus next. Or maybe it's because I had dealt with him many times before and usually I fixed his problems instead of creating them.
That was about 20 years ago and as best as I can recall I had both production and development windows open at the same time and I adjusted inventory in the production environment instead of the development environment by mistake. I quickly realized what I had done and in a minor panic to correct it I compounded my mistake by more than 10-fold.
Since then I think most places have a change management process which involves more than a developer recklessly altering data in production on the fly without any oversight.
Even at the largest company I've worked for primarily as a developer I had full access to any production system my software ran on and there really wasn't a distinction between developer and sysadmin. Some were stronger in one area than the other, but we all did both.
Eventually they split us up and took away the developer's root privileges from all the machines forcing us to use sudo instead...and we grumbled a bit about that, but we accepted it. It really was the right thing to do.
Eventually they split us up and took away the developer's root privileges from all the machines forcing us to use sudo instead...
sudo bash
Problem solved!
lucm, indeed.
I don't fail at civics. You fail at understanding what "at the same time" means.
Here's a hint.
https://en.wikipedia.org/wiki/...
lucm, indeed.
Some people thrive in that kind of environment. Working under pressure on something that really matters to the company, and with fluid roles and a lack of procedures, you have a lot of freedom as well as an opportunity to make a meaningful and unique contribution to the product as well as to the way the company will do things in the future. I know I perform better in such an environment than in the corporate one, with entrenched interests, highly compartmentalised roles, stifling procedures and generally terrible middle management. Sure, there's downsides to each environment as well as advantages. Personally I found a nice middle ground by working on innovation in larger organisations.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
Retired boss, here. If a junior dev can push to prod AND can delete data, it isn't their fault. Okay... I am still going to try to salvage my hire and see if they fit in QA, or see if the debs will stop fucking with him. Seriously, not his fault. Nobody should be able to push to prod, withou someone signing off. Ask me how I fucking know. I'm not even a programmer. I just paid a lot of you and shut the hell up and listened.
So, if I am wrong then they were wrong. You don't push code to prod without someone signing off. The person signing off has ultimate authority. You sure as fuck don't let a junior do it, without oversight. Not now, not ever.
If this happened in my shop, some titles would have been changed.
"So long and thanks for all the fish."
If you think hiring a professional is expensive, just wait until you hire an amateur.
-=This sig has nothing to do with my comment. Move along now=-
This kid will have no problem getting a new job. What happened was not his fault in any way, shape, or form. The fault lies squarely with the CTO (in no particular order):
1) He allowed a new hire to have superuser, unsupervised access to the production database without an ounce of training.
2) He allowed an unvetted new-hire script to contain actual superuser credentials that could be used to wipe out the production database with a simple copy and paste error.
3) He allowed a new hire to run that script unsupervised.
4) He set a new hire loose on their production database with no mentor looking over his shoulder.
5) He did not require the backups to be verified and/or tested to make sure they work.
I'm sure there are more (feel free to expand on it), but those are the ones I can think of off the top of my head.
Although obviously the new guy fucked up...unless his job was to be solely responsible for the repository...he probably shouldn't be fired. He's pointed out a systemic issue with the system...and punishing him for it isn't reasonable. I don't know all of the details...but on first glance...the people responsible are looking anywhere else for the blame. Typical.
Be more considerate; /. has just recovered its deleted database. It did take some time, obviously.
Ezekiel 23:20
They gave an employee a procedure that deleted their database. The only mistake the employee made was following the procedure and not using his own credentials, instead using the credentials in the procedure. That was a standard human error, no big deal. Humans make mistakes, it's all of our's jobs to reduce the probability of this, with good quality procedures, questioning attitudes etc. To provide an employee with a procedure that contains credentials to the production database is ridiculous, this was going to happen at some point with a procedure as poor as that. To then blame that employee immediately and fire him is knee jerk and immature. To be fair, the guy is probably better off not working for that company anyway.
Not having backups etc, well, that's the companies fault. All the employee has done is to uncover a poor working culture within that company, and expose a bad CTO. This is not the failing of the employee, it's clearly a failing of the company. They deserve what they got.
The person fired can make many positives from this. This is an excellent case study about business culture, procedures, strong catastrophe planning and testing, threat and error management, how to treat fellow humans. Your experience in this can be valuable to other companies, and the good ones will recognise this. Use this to your advantage, let that company fail, it was going to happen at some point, you were simply unlucky...
To give a personal experience, I work in a nuclear power station, in the control room. One shift I made a mistake, I rushed a job. I followed my procedure to the letter, I didn't make any mistakes, but because I chose to complete a certain activity early before an additional check was performed I broke our operating rules (the law effectively). I owned up to it as soon as I was conscious of it, and the investigation started. My authorisation was pulled and I went for drugs testing etc.
The first thing that occurred once management found out was that I received a phone call. It was the Operations Manager calling for me, and he called me to thank me for raising this report and owning up to it. He understood that without this honest reporting, the problem couldn't get fixed, and would happen again in the future. It has probably already occurred in the past too. My authorisation was recovered that same shift, and I carried on. There was no detriment to my career (quite the opposite infact) and life goes on, but now with better procedures...
- Insufficient IT resources (inadequate or no backups)
- Hiring developers to do everything in the company and giving them broad access to everything
These are two industry standard best practices that many companies ignore and they have no one to blame but themselves.
We'll make great pets
Backups weren't working? Who's fault was that? That's who needs a talking to.
This post smells a bit. I'd like to some proof it actually occurred like this or that it occurred at all. The fact we've heard nothing indicates it was a small company - this isn't the sort of thing one keeps quiet. The lack of a functioning backup tends to also point at a small company.
The description is such a slam dunk in favor of the new guy and making out the CTO to be such an idiot...I dunno....I'm just skeptical at this point.
The rancor coming from what amounts to utter hearsay is...well actually, no, it's not surprising these days. Any sort of proof for people to pile on stopped being a requirement long ago - it won't surprise me if this is someone doing a social media experiment.
My 0.02
EK
Fuck you incompetent business, this will go down badly for you in the media: Anyone hiring a junior straight out of college knows not to throw the crown jewels of the company into their lap to play with, and if you don't have working backups then you're double to blame...
Kid: Don't worry, notice how every single comment here will put the blame squarely on your terrible employer. It's just luck getting a first good employer, you will find more. Remember the hill climbing algorithm... your marble just rolled straight into the deepest pit, it's not your fault it's just bad luck, you've got a lot of random rolling to do, keep your head up and you will eventually find some nice reasonable people that appreciate you.
I dont think people like it when you take away their job title and replace it with 'fuckwit' and 'moronic fuck who leaves permissions open'
Exactly, this is why the people who are in higher positions are payed more. What else could justify the higher salary if not the greater responsability. Because usually they don't do low level stuff, the actual work that drives a company.
sudo rm -r -f --no-preserve-root /
If you were his/her boss then you should dig a big deep hole for yourself, jump in and ask the junior very very politely to put the dirt back into the hole. Really. I would be very very ashamed of myself as a CTO if a junior dev would have access to a production database. I'm a very old dev and I still categorically refuse to do ANYTHING on production.
When DevOps exists, DevOps has responsibility for what's in prod.
The guys staffed, trained and assigned to cover emergencies 24x7x365 and answering that call at 4:59pm on Friday should be the only guys who can mess with production code.
But this company had a very erroneous fault control strategy and/or execution. The CTO was definitely not on the ball.
Patents Drive Free Software as Hurricanes Drive Construction Industry
It's not about good or bad, it's priorities and a lack of understanding of what the implications of disturbing a production environment are. They are not going to get that understanding by magic, they only get by looking at how a system is used over time, and if that's not related to what they are supposed to be doing for a living it's hard to put in the time.
Like the above problem it is a management issue. If you want a dev to act like a sysadmin you have to schedule time for it to happen.
"Sometimes an ironclad NDA and a copy of real prod data is the only available solution."
When you're getting executives to sign off on risk and only handing the data to specific named trusted developers, then it's not "just copying production databases into testing". It's a calculated risk by the executives, as informed by their staff.
Most of the time, when a developer complains about not having access to prod, the request disappears when I tell them to get their boss to go to their boss and pitch the case. They usually find a scrubbed set of data or another method to reproduce.
Shoulder surfing operations (with operations hands on keyboard), often solves things too, but everyone hates it. It has a huge benefit though in that operations needs to know what the developer is thinking as much as the developer needs to know whats' going on in production.
none at all..
This is more like they had a spurious cable attached between some random door below deck, and some critical lever in the control room... The point people are trying to make is: this guy is being given the shaft as a direct result of the fallout from idiots putting privileged/critical information into widely accessible documentation.
There is no XUL, only WebExtensions...
When the root cause of a problem presents itself so clearly, it is difficult to understand why the new person was fired. The person in charge of doing the backups should be the one who was fired.
The company is named 'British Airways'?
Let's all relax, this is obviously fakey. Slashdot is now citing reddit posts from self-proclaimed throwaway accounts as news? Yeesh.
The company is responsible for process.. They should be continually having it as a background task (even in the back of their minds) of "how do we keep the wheels on this thing".
Just as important for a startup as it is for a big company (maybe moreso).
Starting point of everything is backups, backups and more backups! They're your lifeblood if you're a company using data for doing real things (hint, they all do).
If a backup isn't tested, it's not a backup. If you've not given your systems team time and resources to test backups, then the problem lies with a lack of understanding (or listening) further up the management chain.
Once you know you can recover, you know you can use your data safely... Then it's the process for letting someone loose in your systems...
If they're not authorised for prod, then they don't get the credentials for prod. And credentials should be stored in a nice encrypted file on a VERY well backed up area. Credentials should NEVER be in plain, or embedded in unencrypted documents.. That''s so much a 'no' that it fails the basic test of "do you understand what the word security means?".
Rough analysis of the situation is that there's a marked problem with process, and large problem with security and information governance, and an insane problem with backup processing. An accident waiting to happen..
The developer made a mistake.. Yep, a big telling off for not engaging the brain and being careful with the credentials is well in order. You need to treat systems carefully.. But us old grizzled systems farts got our caution from somewhere, and it's called experience.. And experience involves coming up through the ranks and seeing stuff go wrong. Even stuff that's almost guaranteed never to go wrong. I'm all for having young blood in a place.. They do bring new approaches, and new ideas.. But us old farts have seen many of the approaches before and can say why they're broken and/or dangerous.. It's just that little gap of new idea where we thing "Hey, that's actually new.." that means things move forward... But with us old farts around, it happens in a controlled and safe manner..
So, I'd say this guy is actually MORE valuable than he was before he made the screwup.. I can be fairly sure that they'll be MUCH less likely to be cavalier in the future, and put an awful lot of thought into safety of systems..
From the way it's set up, I'd actually say they're better off out of that environment anyway with the CTO having that lack of understanding of the root cause of the problem and/or management also not understanding/standing up for the dev and explaining root cause.
Alas, I'm not hiring at the mo, otherwise I'd have a serious chat with them and pick them up.. People getting through extremely bad screwups AND openly admitting they screwed up is a good sign of a person you want on your side.. Screwups happen.. It's the people that HIDE them that are dangerous..
The security measures we put in place in IT systems aren’t just about keeping out malicious users. They’re also about granting access only to those who understand how to use them properly. You don’t give guns and knives to toddlers, and people who do are the ones responsible for the carnage.
That being said, I recall one time that a friend wanted to back up his hard drive before upgrading his OS or something. He had lots of music and photos and stuff, so that made sense. So he asked our sysadmin to help, and the sysadmin used some disk imaging software to do it, to copy from one drive to the other. Unfortunately, he got the drives backwards.
You know, a few weeks ago there was a post on reviewing code before pushing it to production, and some people seemed appalled by the idea that another person...who would invariably be a coder, lest they be unable to understand what they were looking at...would be in the process flow for committing a change. I pointed out that this was actually an industry best practice in enterprise organizations, and an inherent part of any SDLC. In any large environment, people with access to development environments do not have the rights to push changes to production. This concept was not well-received.
And now, I see an awful lot of people saying that this problem above was the CTO's fault, for giving a developer sufficient access to change the production environment. I agree with that point...but it's amusing to me how a lot of us seem to live in a fantasy world where we must have access to everything, but when we screw up it's someone else's fault for giving it to us. We have to choose one of the other; either we are justified in having full autonomy and accept the consequences of our actions...for good and for bad...or we accept safeguards that protect both us and the organization we support.
For your security, this post has been encrypted with ROT-13, twice.
Wrong conclusion. Rather, avoid startups staffed with inexperienced people.
Or at 2am Sunday...
That newbie going the wrong way on a copy operation could even more easily have been a disk error or a ransomware infection. The problems was not having backups. I'm with the Register readers on this one.
anything. You would have to prove malice. This was clearly an accident and something they should have been able to recover from.
Firing? Whatever, I'm assuming this is America we're talking about where I can fire you because I don't like your fucking ankle socks and you have 0 recourse.
Backup protocols should be integral to every database vendor's product. Db creation should not be allowed until a backup system is in place FIRST.
Secondly, Information Systems Audit and Control Association, ISACA standards (or similar) should apply and vendors should work to integrate those standards into their database creation protocols.
In the end, your database represents your organization's livelihood. Why would you not protect it as such?
*** Don't be dull.***
Guys, THIS, and crypto locker, and wanna cry, and fat-finger (human brain virus that causes people to hit return way to fast) is WHY you pay for ENTERPRISE STORAGE that takes snapshots that are efficient, and fast.
There is a difference between logical protection (snapshots on the same array) and physical protection (backup to different devices).
While we are at it, WHERE is the DR copy? If a sprinkler went off in the datacenter or drive/array data loss occurred, where would the production data be?
WHO has money for a CIO/CTO type and can't afford proper Enterprise Storage?
I work in the Enterprise Storage industry. Use a modern enterprise storage array - take snapshots, replicate to another array, take snapshots there, too. Take backups from the snapshots (so as to not affect production). Use a backup SW that support array off-loading so you can make your backup windows (instead of all the host side copying).
Duh. There is a reason these products exist.
-10, Gratuitous XKCD Link That Is Not Actually Relevant To Story
Il n'y a pas de Planet B.
"Great news, everyone! You're all fired!"
Il n'y a pas de Planet B.
What has that to do with DevOps?
Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
well, we only got the backups back online today!!!!
have you seen my sig? there are many others like it but none that are the same
p.And this is what happens. How about dev, test and production accounts or environments? And a QA process in place to make sure code from the devs works properly before promoting it? And scripts prepared (and tested) for every maintenance and operation function. So nobody has to log on as admin and fat-finger anything on the command line.
Have gnu, will travel.
I worked as a DevOp quite often recent years.
As a DevOps I never had access to prod or preprod.
You must have a wiered idea what a DevOp is actually doing.
Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
What even marginally competent IT manager would give an inexperienced person the ability to modify or delete production objects? I feel sorry for this guy, but his management is completely at fault here. We know the story. Nothing will happen to them and one or more will likely get promoted.
Lack of procedure is a major problem. People who want that may not really be experienced, or as much as they think they are... Lack of organization is a major flaw...
I gotta stop trying to type on a tablet.
Anyhow, I'd not want to fire anyone, without more information at hand. Firing people has large costs associated with it.
How to describe this?
As stated, I am retired. I've been retired for over ten years. Back in my day, we trained people and paid for them to continue their education. Don't laugh, that really used to happen.
So, I'd probably try to salvage this as a teaching moment. I'd also be changing someone else to the lead position. If I were to fire anyone, it might be the person who enabled this to happen and probably wouldn't be the junior.
Our shop was kinda laid back. It is unlikely that I'd fire anyone, but someone is going to catch a whole ration of shit. If this is a habit, then someone is getting fired, but if this is a habit then it speaks to a larger problem.
I'd start with the junior dev and work my way up. I'd keep digging until I found the problem in the process. I'd then take time to listen and find out what we need to do to make sure it never happens again. There's gonna be a meeting. Hell, there are going to be several meetings. Chances are, this is going to have a bunch of little teaching moments.
Junior devs, autocorrect hates that word and thinks it should be debs, sure as hell shouldn't be able to push to production. Even if they could, those backups damned well better be timely and functional. The IT staff, I guess you call them ops today, were great at their jobs, thankfully. For reasons, we had a pretty robust backup methodology. I am still flummoxed when I hear stories about not backing up properly.
I haven't done this for a while, so it is time to do it again.
I used a computer because I had to. I actually kinda hated them, for the longest time. I am not a programmer, but I programmed because I had a task that needed to get done. I'm not an admin, but I did that job because it also needed to get done.
Then, I was able to hire capable people. I was able to hire competent developers and IT staff. It was those people who did much of the heavy lifting. I learned a lot from them. I learned what best practices were and why they were that way.
So, as I said, I've not taken the time to do so lately. Here's a tip of the hat, and a nod, to those folks in the admin side and in the developer side. Here's a tip of the hat to the database admins and to the jerks who secured my network. Here is a tip of the hat to the programmers and to the QA. Here's a tip of the hat to those who spent long hours beside me, enabling me and teaching me.
"So long and thanks for all the fish."
I owned the company. We were also pretty relaxed. I'm not sure we'd have used those titles, but I'm pretty sure someone is getting demoted - and it's probably not going to be the junior developer. Hell, I might have taken Mr. Junior Dev out to eat, or given them a small bonus - for having discovered the glaring hole in our process that enabled them to do this and for demonstrating that our backups were worse than useless.
"So long and thanks for all the fish."
> The info on the worksheet was the production database
> with an account containing full write access.
Then whoever wrote the docs should be fired. You should NEVER write docs with actual credentials. Not only should they be fake, they should be DESCRIPTIVE and fake, like YOUR_NAME_HERE and YOUR_PASSWORD.
Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
But too much procedure is also a major problem. I've been in shops where I had to hold a serious of meetings to use open source library A to accomplish a task because an unrelated group already started using open source library B several years ago (even though no one uses B anymore because A is clearly better in every way). "It's important that we standardize everything!" was the logic given. We were in a very competitive industry and competing with shops that weren't spending their days in endless meetings to "build consensus" on every single little detail of every task. Sure, you can't allow total chaos, but it's probably OK for the engineering department to start using Flask even though the marketing department also has some Django deployments.
At one place, I got in several arguments with a manager who insisted I should be using an IDE (when I was already using Emacs). Him: "We'd be more efficient if everyone was using a similar work environment." Me, finally: "OK, I'll be happy to help them all upgrade to Emacs. No, I'm not switching. Stop asking."
Too little procedure is bad. I think it's less bad than having too much, especially when most of it is cargo cult stuff that's only done because "that's the way we do things here" even though no one remembers why.
Dewey, what part of this looks like authorities should be involved?
Don't worry about this guy, he got a job at Verelox the next day!
If you hire someone to clean your house and they break an expensive vase on their first day, do you say they should have had a more senior cleaner shadow them for a while?
Or do you expect them to arrive with the basic skills they claimed to have during the interview?
If I hire someone trained as a professional driver to drive my car and they head at 120mph down the wrong side of the freeway totaling the car and causing untold damage to other cars, you bet your ass they would be fired.
Even that however is not a good analogy, because I'm supposed to have a guy in charge (CTO) of ensuring drivers can actually drive. I'm not going to speculate further on the size of the company because it's not relevant. The CTO is mentioned as firing the guy, and the CTO should be fired right along with him. The guy in charge of backups should be fired also (also mentioned in the story).
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
I can relate to this. While it wasn't my first day, I was working as an admin when my experience is by far more on the dev side. I ran database scripts against the production system, and was later told I was doing it wrong.
Fortunately, they did have backups for most of it, but I singlehandedly took down the production system for a day. Multi-billion dollar system. Despite attempts to clarify what I had done wrong, I could never get instructions on how to do the task "right". I was told how to avoid doing the same thing again, and that sufficed, but was still a PITA manual hack.
If the scenario is as described (which, frankly, seems somewhat unbelievable - why would production DB access credentials be floating around in a document available to a junior dev?), there is at least one senior executive who needs to be fired immediately. Perhaps more than one such executive needs to go as there are at least TWO serious and obvious problems - (1) the DB access credentials being published where a junior dev could even find them and (2) not having a tested and working restoration/return to service plan. If different executives are responsible for these two epic fails, they should all go. Perhaps the CEO should also go (although, that may also be the owner of the company -- in which case of course they would be unlikely to fire themselves!) as she has very bad judgement in hiring and does not exercise appropriate oversight.
Why is there an "insightful" mod and why isn't it "-1"? If I wanted insight, I wouldn't be reading
That's the second time today this happened! Won't somebody think of the databases?!
#DeleteFacebook
Well... maybe. There's this other story on Slashdot today... https://tech.slashdot.org/stor...
I actually read the article. There are many reasons why the CTO is incompetent, but one is that THE USERNAME AND PASSWORD FOR THE PRODUCTION DATABASE WERE IN PLAINTEXT IN A PIECE OF WIDELY DISTRIBUTED DOCUMENTATION. That alone is utterly crazy. For the sake of making this post more positive, here's a few things the company could/should have done here: 1] Don't have credentials in documentation, they should be in a password vault. 2] PCs on the developer network should have ZERO access to a live environment, ever, even if they have the correct credentials 3] Have working backups, test them regularly. Have backups online and offline in multiple locations 4] Have a release manager or similar code-review or sense check *all* changes which could be deployed to live
I've done a couple DevOps roles myself, both for startups, one small, one ~300 people.
There are security controls, logs etc. But DevOps has the power to create and destroy production and the tools to monitor all relevant metrics. Everything necessary for troubleshooting is at their disposal, and in practice that can mean shell access.
Seriously, if you have a different method, post a link to something. We all get blindsided by industry developments, if there's a different way, I'd like to know about it.
e.g., "DevOps should include production support" https://devops.com/supporting-production-applications-devops-way/
I guess thats the price to pay for not having QA dept test code in lower
I won't state the company but a similar accidental deletion of a huge number of records from a database occurred at a company I was working for. This was a DBA who'd been working there for a considerable time, unfortunately when he realized what he'd done he edited the logs to try and hide who was responsible. Naturally he got fired but (at least from the gossip I heard) the principal reason for firing him was the log business - whether he would have been fired for the original mistake was much discussed but nobody really seemed to know the answer. Incidentally - it took nearly 12 hours working completely through the night to figure out exactly what had happened and restore from backups, although there was still some data loss even though we had pretty good back up provisions.
If your IT systems can't recover from catastrophic failures like this then you suck as a CTO If your development practices don't involve integration testing then you suck as a CTO If you allow a new employee with no experience to commit changes to production then you suck as a CTO
About finding the right person to fire, I suspect that this is an unfortunate but complex choreograph of events such that no single person is at fault, and everyone is doing their jobs.
Junior programmer did the right thing about unit testing: wipe the database between tests to ensure consistent result no matter the order the test cases are run. Senior programmer did the right thing and wrote detailed documentation. The management needed a paper trail for production credential, and the documentation is probably the only SOX compliant way the company has, so the management did the right thing and stored production credential in a SOX compliant way. Production backup is not working but someone is actually working on getting it to work, and they are having trouble with replication and consistency; they want data integrity assurances rather than having backups that could have silent data corruptions.
Everyone is doing their jobs in good faith, and probably doing it well. I think the disaster could have been prevented if someone looked beyond their job responsibility and noticed potential problems, but such busybody could readily cause ire in a hierarchical organization. I think the best thing a company can do is to encourage people to be nosy and speak up. The CEO has to make this part of their corporate culture.
I once had a signature.
Maybe. Or maybe the company has a "live in the fast lane" culture where all resources are focused on growth, and the "security" policy is to tell new hires to follow instruction and not mess with production until they know what they're doing. If you think that kind of company doesn't exist, you need to beef up on your Silicon Valley history.
But really all I mean is that firing executives is not a good response to disasters.
lucm, indeed.
"EXPLAIN YOUR ACTIONS!"
"Um... It's my first day?"
"HAHAHAHA, OK, carry on then."
A backup isn't a backup unless you've practised restoring from it. Giving a newcomer privilege to production services straight away is also silly. Is this another one of those hoax "Ansible deleted all my user's websites" stories?
In the old days, large unix machines had serious system administrators and a general mix of users and developers. The root password was closely held and users were given access on the basis of their need. There is no doubt that fully utilizing user group and world security at the os level, and granted accesses to data in databases, is a way by which users and developers can be given appropriate access. Back at the Western Bancorp, we had a production mainframe and a test mainframe. Quite an expensive scenario to manage the creation and migration of new code releases through QA levels. These days an extra test machine costs significantly less, sometimes the cost is negligible. In this circumstance, the company has bigger trouble than just a lost database. I would think this company needed a database manager whose responsibilities included assurance that the data will not be lost. I can only hope this was not a publicly traded company.
Is posting the obligatory like doing the needful?
The Quirkz Handbook of Self-Improvement for People Who Are Already Pretty Okay
This story has all the hallmarks of a hoax. It's semi-plausible on its surface, but how many companies would have leaked production credentials in a config document AND had production machines accessible from a dev network AND had backups without any integrity testing, let alone multiple redundant backups AND had zero incidental copies? That's violating a slew of helpful best practices but none of the potentially harmful ones, like locally mirroring production data for development use. This sounds more like someone's worst fears of their first day presented as fact, but the details don't add up. It involves a strange blend of strict adherence to some policies with rampant noncompliance to others, and incompetence by a lot (nearly all) of the existing employees, managers, and executives. When things fail big, it's because of a series of events in corner cases, not
https://www.eff.org/https-everywhere
I have seen this in much larger shops. They build their systems in a non robust way because they are cheap and just throw people under the buss when it goes bad. Companies try to implement the cool side of continuous dev without paying the dev ops price. It is just the same old same old, lets demand the good parts of a paradigm, but ignore the requirements to make such a system viable ex: continuous development, agile etc.
Having IT work on brittle systems just offsets stress to the devs / techs and makes their jobs suck. I once brought this up to a manager and he said something along the lines "Those guys who work on skyscrapers don't work with harnesses..." they do, and have been for a long long time. It is not the f'ing 1930s.
I laugh at inappropriate times.
NEW HIRE : "Hi, I'm a new hire. Where do I go?"
RECEPTIONIST : "Hi, I'm the Vice President in Charge of Avoiding a Repeat of The Disaster of May 2017. Follow me, and do what I say, and not what I do!"
NEW HIRE : "I just bet there's a war story behind that job title."
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
So, what do you do with the CTO that doesn't involve firing? All other appropriate responses I can think of are illegal.
What happened here is that a junior dev wiped the production database and there was no usable backup. That indicates gross incompetence in more than one area. If the CTO was even slightly competent, this would not have happened.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Not only exactly what you said, but the fact that they have no backups (or they were not working) is also pretty scathing. I've worked with some experienced developers that know our systems for 15 years, and they never ever have any access to production! Never mind they should have DEV and TEST instances as well, probably logging depending on what they are using...
Makes me wonder if their IT was that inept, or if there was some serious financial or other more fundamental technical issues that they needed to go away, and this guy is simply the scapegoat... LIke the CTO was embezzling from the system and needed a reason for all evidence to disappear. Or someone senior with real access screwed up very badly, and again this guy is getting the blame. Seems pretty unreasonable and unrealistic that something like this could even happen. Anyway it all sounds very fishy to me, I'd bet there is something else going on.
To be precise, I need read access to the prod database to do my job. I don't WANT write access.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
If everyone is doing the job they're supposed to do, and a disaster like this happens, fire the person who assigned the job roles.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Clearly, the Developer is at fault. He should never have accepted to work at such a screwed up company; a dumb CTO (who blame shifts), poor security, no offsite backups, bad HR, terrible policies. ... When you start your first job you are expected to know EVERYTHING about what you are getting into on the first day of your first job ... yeah, right!
My serous advice is for this guy to get a lawyer and sue the hell out of the company!!!
I know IT Directors that have transferred from one career to another and not been granted admin access for 6 months - even after extensive background checks. In this case, the one most innocent is the brand new, new hire.
The interwebz is so lucky to have you, who are so wize in the wayz of the webz.
It's one of those persistent management misconceptions: let's have small identical lego blocks that can be swapped around and that all have the same needs. Then they wonder why productivity is so low.
I had this discussion with a PM recently. They were complaining about a project that kept missing deadlines and that had low quality output. I said: you need a rockstar like such or such developer. The PM said; oh no we don't want to have different skill sets across the team, it's too difficult to reassign tasks.
The problem with PM is the same as with HR. People who have jobs with no complex expertise requirement tend to think all jobs are easy and that it's all a matter of man-hour or budget.
lucm, indeed.
DevOps have/should have nothing to do with production.
They usually are the "admins" of the test environments, hence the name: a mixture between operators and developers.
Most DevOps are actually having 2 or 3 roles: developer, tester, admin. If the organization is advanced, they might "prepare" Docker templates etc. for production, but they don't work on production servers. If that was the case you called them admin or operator.
Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
The proximate cause was the new hire who screwed up on his first day.
But the root cause was a lack of control over their shop. This company was a disaster waiting to happen. The newbie was guilty of walking too fast past a house of cards.
As others pointed out, it should not have been possible for him to do that.
What are developers -- novices or old hands -- doing with that kind of access to production data? A company big enough to have someone called a CTO ought to have separation of authority, so those sorts of things can't happen.
He was a rookie who made a mistake with serious consequences. The alleged professionals already on staff made it possible for one mistake to perhaps destroy the company.
I'm guessing it's not a publicly traded company subject to Sarbanes-Oxley.
There's no time like the present. Well, the past used to be.
The smaller shop I worked in had a very hands-on CTO who would manage testing and test automation, in the larger shop we had a QE/QA department which would manage testing and test automation.
In both places, there was no room for pure operations or admins. They're not needed when the sprint ends, tests are signed off and DevOps deploys the code into production. Admins aren't qualified to troubleshoot issues when they're caused by automation errors in the DevOps toolchain.
Some legacy operations work would fall into the hands of DevOps, but part of their job would be to automate it away.
Nuts and bolts infrastructure, racking servers and difficult-to-automate stuff like networking and firewalls are an exception, but the DevOps model works better for cloud providers where all of that can be expressed as code.
The Dev part of DevOps didn't mean that they were developers of the application codebase, but that they were using developer tools and methods to create infrastructure as code. We tried some of the DevOps sitting in on developer scrums and feeding back on code, or Developers sitting in on DevOps scrums it made people feel good and respect eachother's roles a bit more, but very little actual code came out of it.
In what you describe, it sounds like DevOps was contributing automation components to a more traditional Operations team.
In what I've experienced, DevOps would write the puppet manifests and organize the infrastructure such that when executed, it would produce running machines with dev, test, staging or production code and data, complete with monitoring, appropriate backups and tools for measuring performance and health.
Too many issues here to miss. 1) New employee with access to LIVE data. 2) Copy/Pasted code... (implies company provided the code...) 3) Conveniently mentioned backups not working 4) Mention of Legal action. This poor sap was hired to be a scapegoat. They probably had issues meeting production goals or some sort of milestone and it was a convenient happening that a new tech guy broke the whole damn thing. Unfortunately it is hard to prove who knew what but. In my opinion the CTO should be the one who legal action should be taken against. The company should protect the new hire and isolate him from the CTO and immediate supervisors to investigate the job/code/work he was doing and who told him to do what. Also they should investigate who gave him access to LIVE data and Admin level controls of that data. Although I suspect that the this was a crime against the shareholders/investors and the whole management team should be held accountable. Just my $.02
Good post, I try to keep it in mind it one asks me again what DevOps are actually doing.
My DevOps were restricted to providing infrastructure to the developers and testers, not for production.
Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
https://tech.slashdot.org/stor...
As a database expert I have to say, no backup means there is no database, no security and access control (developers should never have access to production) no database, no high availability solution means your database is not critical. So yes everyone else except the junior developer should be fired, if anyone should be fired.
Good to see you posting again. And thanks for posting a cogent response to my feeble attempt at a funny.
Il n'y a pas de Planet B.
You did make me giggle but my verbosity is an innate trait. It's what I do. I did have some sorta personal issues, including a new love interest, but I am alive. I had a sibling pass away, pretty much at the same time someone decided to ruin my motorcycle by smashing into it while I was going the opposite direction. I don't know if you saw the pics, but it was kinda ugly. I survived but I must have thought I was Superman. I don't recall it, but I pretty much tried to punch said car with both hands. The car won.
The idiot that pulled into my lane, to pass someone else, wasn't prosecuted. I am okay with that. Putting them in jail would help nothing. Insurance covered it all and I am actually looking at a new bike. I love my BMWs but a friend has Sportster for sale.
If I can figure out how to get pics of the x-rays, I'll share them. It was just my hands and my right wrist that were screwed.
And then a sibling died. And that is kinda where I went off the rails. I can't say I didn't have a good time, but it was not really something I needed to do. At least I didn't get any new tattoos.
"So long and thanks for all the fish."