Page 140 of 140 FirstFirst ... 4090130138139140
Results 1,391 to 1,392 of 1392

Thread: IT Geek Speak ... IT Professionals and the like

  1. #1391
    RiderCoach 8000 Posts! WoodstockJeff's Avatar
    Join Date
    Jan 2007
    Location
    Woodstock, IL
    Posts
    8,661
    Blog Entries
    1
    Last week, one of our data sources stopped functioning for unknown reasons. We opened a trouble ticket, and were immediately told that the issue was with a server migration that was in process, and it would stabilize "in a few weeks".

    Well, this wasn't a good outcome considering that the data was "mission critical" to one of the customers, so we experimented and devised a way to get the data, albeit by requesting it multiple times until a working server was found.

    Less than 12 hours after we put the "fix" in place, the last of the working servers was taken off-line.

    After a marathon programming session, we discovered the real cause - the data was being sent, but it was in invalid XML documents. Because the XML failed validation, the transfer program had no source of data. The XML contained non-UTF characters embedded in an allegedly UTF-8 XML document.

    We added code to our application to strip out the non-UTF data and make the XML valid again, and canceled the trouble ticket with a message saying, "We found what you broke. We've worked around it."

    "Oh, did you find that non-UTF characters were being inserted? We have programmers working on fixing that."

    "And you couldn't tell us this 5 days ago, when you sent us off down a rabbit hole to a fix that almost worked, until you broke something else?"

    Still no answer to that question.

    Root cause is they switched from a database that stripped all non-ASCII character from the data to one that had lots of marketing-added symbols that were non-ASCII and non-UTF (actually using a Windows codeset), and didn't realize that the data was different. Then they doubled-down by not stopping the migration until they fixed the problem, AND "neglected" to inform anyone of the problem...

    And they chastise us for not doing things in the proper "Enterprise" model, like they do...
    Jeff

    "The future is so much easier to predict when you have a handle on how you arrived at now.... Works with traffic just as well as the rest of life. "

    "Modern Liberalism: The embodiment of an irrational fear of letting other people run their own lives."

    '13 XT250
    '10 ZG-1400 (operational again)

  2. #1392
    RiderCoach 8000 Posts! WoodstockJeff's Avatar
    Join Date
    Jan 2007
    Location
    Woodstock, IL
    Posts
    8,661
    Blog Entries
    1
    Another year (or so), and multiple rounds of stupidity.

    Today, I get an email advising me that I have to take training in how to recognize phishing attempts. I returned the email to the IT department of the community college with multiple highlights, pointing out the "phishing attempt warning signs" that their message had, including "go to this server on some other domain, and enter your college login credentials", failure of multiple forms of message origin authentication, and origin from a system known for a high percentage of compromised accounts.

    We'll see tomorrow whether or not I still have to take the training.

    And the PenTest antics of yesteryear continue, although the person in charge of running them now knows (mostly) what will break their tester. And since we have a copy of the tester, we have been tweaking things between their tests. Not in ways that are specific to breaking the tester, but ways that fix what the tester is trying to find. We're done to zero defects found in our testing, but...

    Their latest issue was that if you included a test for SQL and LDAP injection, you got different page content back than if you didn't have the test. Of course, every successful submission will return unique information; the injection was completely ignored (LDAP isn't even installed). "Oh, we'll have to ignore those results."

    I'm waiting for them to ask about why they keep getting logged out when testing things that we feel SHOULD log them out.
    Jeff

    "The future is so much easier to predict when you have a handle on how you arrived at now.... Works with traffic just as well as the rest of life. "

    "Modern Liberalism: The embodiment of an irrational fear of letting other people run their own lives."

    '13 XT250
    '10 ZG-1400 (operational again)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •