Robust application



  • Our corporate system is just being upgraded (that's the one that handles sales, order tracking, stock, all the trivial stuff...). This is an upgrade of the current application, from the current supplier, not a change to a totally different system.

    This email just went out to everybody in the company:

    Please note that a conversion of our company data has just been started.

    It is very important that no-one accesses <bad_application>. Even opening the <bad_application> main screen but not logging in WILL cause the conversion to fail and it will have to be restarted.<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p>

    Any program that accesses <bad_application> such as Excel, Access and other bespoke programs must not be used until further notice.

    I don't know which is the worst WTF, that the system is so flaky, that it can't read its own previous database, or that the IT department can't work out how to lock out the users.



  •  @SenTree said:

    I don't know which is the worst WTF, that the system is so flaky, that it can't read its own previous database, or that the IT department can't work out how to lock out the users.
    the IT department is a head above the rest in terms of WTF



  • @belgariontheking said:

     @SenTree said:

    I don't know which is the worst WTF, that the system is so flaky, that it can't read its own previous database, or that the IT department can't work out how to lock out the users.
    the IT department is a head above the rest in terms of WTF

    This is a universal truth.

     I've escaped and actually write code, not powerpoint.

     



  • @belgariontheking said:

     @SenTree said:

    I don't know which is the worst WTF, that the system is so flaky, that it can't read its own previous database, or that the IT department can't work out how to lock out the users.
    the IT department is a head above the rest in terms of WTF

    I thought so. This is the guy (there's only the one) who refused to provide a remote login for the one developer who wanted to work from home, 'because it's impossible to make it secure'. I have no admin experience, but I'm sure I could make a fairly good job of that after RTFM ! I guess it helps that his daddy is one of the company directors. Oh well, I can always amuse myself by requesting a Linux box (that being something else he'll never get his head round) ...



  • @SenTree said:

    @belgariontheking said:

     @SenTree said:

    I don't know which is the worst WTF, that the system is so flaky, that it can't read its own previous database, or that the IT department can't work out how to lock out the users.
    the IT department is a head above the rest in terms of WTF

    I thought so. This is the guy (there's only the one) who refused to provide a remote login for the one developer who wanted to work from home, 'because it's impossible to make it secure'. I have no admin experience, but I'm sure I could make a fairly good job of that after RTFM ! I guess it helps that his daddy is one of the company directors. Oh well, I can always amuse myself by requesting a Linux box (that being something else he'll never get his head round) ...

     

    Heres the deal... Theres no "TRUE" way to make a remote desktop secure. You can follow procedure BUT on your home computer you can browse any website you want which can install a virus which can track your key strokes. They don't have to crack encryption, they just have to see what you type. Because at work you have a good anti-virus (at least good enough) and anti-spyware and ant-malware and firewall and inability to browse to certain "bad" websites (the ones that will make your company run out of Xs) you are much less likely to have a virus. Also at work there is an IT department just incase they see anything suspicious going on with your machine.

    At home you got none of that. Maybe a free anti-virus or windows firewall. In the end if the want to get ultra paranoid the best choice is laptops with VPN access. They control the laptops and can check what sites you browse and install w/e they want on em.



  • @dlikhten said:

    You can follow procedure BUT on your home computer you can browse any website you want which can install a virus which can track your key strokes.
     

    What the hell are you talking about?? Are you referring to all the people running unpatched IE 5 installs on Windows 98? Seriously, when was the last time this happened to someone who didn't deserve it?

    @dlikhten said:

    Also at work there is an IT department just incase they see anything suspicious going on with your machine.

    Do you think the IT departments sit around all day looking for keyloggers? 

    @dlikhten said:

    At home you got none of that.

    Speak for yourself. 

    @dlikhten said:

    Maybe a free anti-virus or windows firewall.

    Which is all most people would need...

    @dlikhten said:

    In the end if the want to get ultra paranoid the best choice is laptops with VPN access. They control the laptops and can check what sites you browse and install w/e they want on em.

    This doesn't even begin to make sense.

     

    Did you smoke extra crack this morning?



  • @MasterPlanSoftware said:

    Did you smoke extra crack this morning?

    Actually, I think it was Crack Xtra™, infused with ginseng and taurine to keep you energized all day!

     

    I was going to berate him for this nonsense but you seem to have done quite an acceptable job. 



  • @dlikhten said:

    Because at work you have a good anti-virus ... you are much less likely to have a virus.
     

    That isn't quite accurate.  In the general case with the "average" computer user, then yes I agree.  But for the "technically proficient", no so much.  (Hard part is convincing the IT dept that you can be trusted).  I've had a total of 1 virus on my home computer in the last 8 years.  And at least 5 outbreaks at work.



  • @dlikhten said:

    Heres the deal... Theres no "TRUE" way to make a remote desktop secure. You can follow procedure BUT on your home computer you can browse any website you want which can install a virus which can track your key strokes. They don't have to crack encryption, they just have to see what you type. Because at work you have a good anti-virus (at least good enough) and anti-spyware and ant-malware and firewall and inability to browse to certain "bad" websites (the ones that will make your company run out of Xs) you are much less likely to have a virus. Also at work there is an IT department just incase they see anything suspicious going on with your machine.

    At home you got none of that. Maybe a free anti-virus or windows firewall. In the end if the want to get ultra paranoid the best choice is laptops with VPN access. They control the laptops and can check what sites you browse and install w/e they want on em.

     

    Yeah, we started with locked down corporate laptops, but they're a nightmare to manage.  What we've moved onto is an SSL VPN with one time passwords sent to the users mobile phone.  Sure it's not perfect, but it's under a grand to install and means malware from the remote machine has no way onto the corporate network, and even if somebody has a keylogger it's not going to grant them access to the network. 

    The only risk is of data theft from the network, but we're not overly worried about that here.  Any user could e-mail out pretty much whatever they felt like anyway.

    I'll admit it's a bit weird when you start from the assumption that you *want* employees to be able to work from a virus infested machine, but once you've gotten over the initial shock it's proving to be a very useful tool for our staff.



  • @morbiuswilters said:

    I was going to berate him for this nonsense but you seem to have done quite an acceptable job

    Crap I forgot my tag! Thanks for the reminder!



  • @MasterPlanSoftware said:

    @dlikhten said:

    You can follow procedure BUT on your home computer you can browse any website you want which can install a virus which can track your key strokes.
     

    What the hell are you talking about?? Are you referring to all the people running unpatched IE 5 installs on Windows 98? Seriously, when was the last time this happened to someone who didn't deserve it?

    No, I am referring to the fact that people who work often have kids who install some crap their friend downloaded from bit torrent which might contain a key logger. You don't need to break the VPN encryption of the remote desktop communication protocols and encryptions, just log the keys.

    @MasterPlanSoftware said:

    @dlikhten said:

    Also at work there is an IT department just incase they see anything suspicious going on with your machine.

    Do you think the IT departments sit around all day looking for keyloggers? 

    No, but it makes the company "feel" more secure to management/sysadmins.

    @MasterPlanSoftware said:


    @dlikhten said:

    At home you got none of that.

    Speak for yourself. 

    What I meant is: At home you don't have the same level of protection you have at work. At least not MOST people. Sure YOU might have a great setup, but not all programmers are good (as we know from this site) and the bad ones don't always know what they are doing administering even their own machine.

    @MasterPlanSoftware said:


    @dlikhten said:

    Maybe a free anti-virus or windows firewall.

    Which is all most people would need...

    I agree. However the free versions often don't have all the features like firewall and anti-spyware. I use windows defender and spybot against spyware. Works rather nicely

    @MasterPlanSoftware said:

    @dlikhten said:

    In the end if the want to get ultra paranoid the best choice is laptops with VPN access. They control the laptops and can check what sites you browse and install w/e they want on em.

    This doesn't even begin to make sense.

    If the company is paranoid about hackers using remote connection to infiltrate the company, offer laptops as you know exactly what is on the laptop and who uses it.

    @MasterPlanSoftware said:


    Did you smoke extra crack this morning?

     

    I don't smoke crack. I inject it directly into my eyeballs.



  • @myxiplx said:

    Yeah, we started with locked down corporate laptops, but they're a nightmare to manage.  What we've moved onto is an SSL VPN with one time passwords sent to the users mobile phone.  Sure it's not perfect, but it's under a grand to install and means malware from the remote machine has no way onto the corporate network, and even if somebody has a keylogger it's not going to grant them access to the network. 

    The only risk is of data theft from the network, but we're not overly worried about that here.  Any user could e-mail out pretty much whatever they felt like anyway.

    I'll admit it's a bit weird when you start from the assumption that you *want* employees to be able to work from a virus infested machine, but once you've gotten over the initial shock it's proving to be a very useful tool for our staff.

     

    1) Paranoia is expencive to maintain, and is often a maintenence nightmare.

    2) The benefits often outweigh the risks which you can minimize anyways. Companies can require that anyone logging into VPN has certain free or provided by company anti-virus/firewall/spyware software installed.



  • @dlikhten said:

    No, I am referring to the fact that people who work often have kids who install some crap their friend downloaded from bit torrent which might contain a key logger. You don't need to break the VPN encryption of the remote desktop communication protocols and encryptions, just log the keys.
     

    Then obviously the WEBSITE ISN'T THE ONE INSTALLING THE KEYLOGGER then. 

    @dlikhten said:

    No, but it makes the company "feel" more secure to management/sysadmins.

    You still make no sense. 

    @dlikhten said:

    At home you don't have the same level of protection you have at work.

    Right. I have more.

    @dlikhten said:

    but not all programmers are good (as we know from this site) and the bad ones don't always know what they are doing administering even their own machine.

    Ok, so there are stupid people in the world. Whats your point again? Stupidity will always result in a lack of security.

    @dlikhten said:

    free versions often don't have all the features like firewall and anti-spyware.

    Then stop being a cheapskate and go buy a copy. This is like pouring what you have around the house into your gas tank and complaining the car doesn't run as well as on gasoline...

    @dlikhten said:

    I use windows defender and spybot against spyware. Works rather nicely

    If you need anything more than just Windows Defender, you have issues that I cannot begin to get into.

    @dlikhten said:

    If the company is paranoid about hackers using remote connection to infiltrate the company, offer laptops as you know exactly what is on the laptop and who uses it.

    That doesn't provide any additional security. Not even a slight amount. That is just an argument someone uses to get their company to give them a laptop.

    @dlikhten said:

    I don't smoke crack. I inject it directly into my eyeballs.

    Well either way, please don't give security advice to people.



  • @dlikhten said:

    1) Paranoia is expencive to maintain, and is often a maintenence nightmare.
     

    I will assume you actually mean 'security' and no it is not expensive or difficult to maintain if you know what you are doing.

    @dlikhten said:

    Companies can require that anyone logging into VPN has certain free or provided by company anti-virus/firewall/spyware software installed.

    The fact that you keep mentioning 'free anti-virus' scares me.



  • @MasterPlanSoftware said:

    I will assume you actually mean 'security' and no it is not expensive or difficult to maintain if you know what you are doing.

    No, I mean paranoia. Security is necessary and not too expencive if you know what you are doing, no question there. If you want to get paranoid AND/OR not know what you are doing, thats when the expenses pile up and you get counter-productive policies. As it seems to be the case with the guy who I made the original reply to.

    @MasterPlanSoftware said:

    The fact that you keep mentioning 'free anti-virus' scares me.

     

    There are free editions of Avast anti virus and AVG for personal use. You don't get any tech support from em, just updates, and an inferior UI, but the main anti-virus functionality works exactly as it would with the paid version.

     



  • @MasterPlanSoftware said:

    Then obviously the WEBSITE ISN'T THE ONE INSTALLING THE KEYLOGGER then. 

    Who cares HOW it got on the home computer, it just did. The important point is YOU DONT WANT THAT CRAP COMPROMISING YOUR COMPANY JUST CAZ SOME EMPLOYEE'S KID INSTALLED SOMETHING.

    @MasterPlanSoftware said:

    @dlikhten said:

    At home you don't have the same level of protection you have at work.

    Right. I have more.

    Right... YOU have more. Not everyone else.

    @MasterPlanSoftware said:


    @dlikhten said:

    but not all programmers are good (as we know from this site) and the bad ones don't always know what they are doing administering even their own machine.

    Ok, so there are stupid people in the world. Whats your point again? Stupidity will always result in a lack of security.

    So you want a stupid employee compromising your multi-million dollar company because of the porn he surfs at home and lack of AV software?

    @MasterPlanSoftware said:


    @dlikhten said:

    free versions often don't have all the features like firewall and anti-spyware.

    Then stop being a cheapskate and go buy a copy. This is like pouring what you have around the house into your gas tank and complaining the car doesn't run as well as on gasoline...

    No.

    @MasterPlanSoftware said:


    @dlikhten said:

    I use windows defender and spybot against spyware. Works rather nicely

    If you need anything more than just Windows Defender, you have issues that I cannot begin to get into.

    Thats just more MasterPlanSoftware FUD.

    @MasterPlanSoftware said:


    @dlikhten said:

    If the company is paranoid about hackers using remote connection to infiltrate the company, offer laptops as you know exactly what is on the laptop and who uses it.

    That doesn't provide any additional security. Not even a slight amount. That is just an argument someone uses to get their company to give them a laptop.

    I would rather not get a company laptop. In any case you are mostly right on this point. Moving on.

     



  • @dlikhten said:

    You don't get any tech support from em, just updates, and an inferior UI
     

    Right, which would disqualify it from any kind of corporate use, which is what we are discussing here...



  • @dlikhten said:

    Who cares HOW it got on the home computer, it just did. The important point is YOU DONT WANT THAT CRAP COMPROMISING YOUR COMPANY JUST CAZ SOME EMPLOYEE'S KID INSTALLED SOMETHING.
     

    But your original statement that I objected to was about WEBSITEs being able to install keyloggers. I don't think you are even paying attention here are you?

    @dlikhten said:

    Right... YOU have more. Not everyone else.

    Right, but again, you have no point here. There are clearly cheap and easy ways to defend your household against internet attacks. If you fail to do so it is no one's fault but your own.
    @dlikhten said:

    So you want a stupid employee compromising your multi-million dollar company because of the porn he surfs at home and lack of AV software?

    How does one have to do with the other? I don't think you have any clue what you are talking about here.

    @dlikhten said:

    No.

    Ok, with an answer like that, at least no one will mistakenly take you serious about anything security related. Mission accomplished there I guess.

    @dlikhten said:

    Thats just more MasterPlanSoftware FUD.

    Right. Except I can back it up. I practice exactly what I preach there, and have many users that I administer the same way. Never had a problem.

    The fact that you click on every flashy ad on every porn or warez site you visit necessitates your extra anti-spyware applications. I cannot even remember the last time I was even offered spyware.



  • @dlikhten said:

    There are free editions of Avast anti virus and AVG for personal use. You don't get any tech support from em, just updates, and an inferior UI, but the main anti-virus functionality works exactly as it would with the paid version.

     

    Ah, because the updates aren't about a day slower (sometimes) and [url=http://www.av-comparatives.org/seiten/ergebnisse_2007_11.php]AVG doesn't totally suck ass[/url]


    I'd recommend NOD32 for personal use (very fast & light footprint; great heuristic detection; almost no false positives, I've actually witnessed the first one in 4 years yesterday). Kaspery is good too, but a little bit heavier. For business you could also use Sophos, but I don't think they have very good consumer products.


    Also, your keylogging argument is no good. Good VPN's use a 2-tier-authentification system. Ie the mobile phone system mentioned earlier. A hospital I've worked with uses some sort of buzzer which gets a (every 5 minutes changing) keycode. It's actually a seperate service next to GSM provided by the biggest telco of my country (KPN). Cmiiw, on the first part, I'm pretty sure KPN is the largest.



  • @MasterPlanSoftware said:

    The fact that you click on every flashy ad on every porn or warez site you visit necessitates your extra anti-spyware applications. I cannot even remember the last time I was even offered spyware.


    I do, but I classify Google Toolbar & co. as spyware.



  • @morbiuswilters said:

    I was going to berate him for this nonsense but you seem to have done quite an acceptable job. 

     

    Seconded. I seem to have inadvertently started a flamefest, but most of you appear to have enjoyed it. I didn't mean to chuck a grenade and then run, but our corporate internet began running veeeerrrrrrryyyyyy slowly, so I gave up until I could log on from home. It was as if - wait a minute, surely not - the entire corporate database was being dumped offsite for manually-assisted conversion.

    BTW, the home-working scenario involved only one mature and responsible developer, with no kids, solid firewall and anti-virus, and no propensity for surfing pr0n sites or file sharing. The connection was to be only to a secure version control server. The server is Vault, which I believe was specifically designed for this scenario, that was one of the reasons we selected it ! This was known to the IT monkey. Oh dear, I hope that doesn't start another war.



  •  @MasterPlanSoftware said:

    @dlikhten said:

    Who cares HOW it got on the home computer, it just did. The important point is YOU DONT WANT THAT CRAP COMPROMISING YOUR COMPANY JUST CAZ SOME EMPLOYEE'S KID INSTALLED SOMETHING.
     

    But your original statement that I objected to was about WEBSITEs being able to install keyloggers. I don't think you are even paying attention here are you?

    My argument is not about where you get the keylogger from, its that you did get it.

     @MasterPlanSoftware said:


    @dlikhten said:

    Right... YOU have more. Not everyone else.

    Right, but again, you have no point here. There are clearly cheap and easy ways to defend your household against internet attacks. If you fail to do so it is no one's fault but your own.

    As an administrator I would not care about the employees getting their identities stolen by some random spyware/virus they picked up while using unsecure computers at home. I just would not want to compromize my company's systems. This is not an argument of how to protect yourself from spyware.

    @MasterPlanSoftware said:

    @dlikhten said:

    So you want a stupid employee compromising your multi-million dollar company because of the porn he surfs at home and lack of AV software?

    How does one have to do with the other? I don't think you have any clue what you are talking about here.

    You don't want an employee in your company compromising your company's security by being stupid at home. So you need to protect the company from him. As long as there is adaquate protection for all I care the user at home can do whatever hey want and I wont think twice about it.

    @MasterPlanSoftware said:


    @dlikhten said:

    Thats just more MasterPlanSoftware FUD.

    Right. Except I can back it up. I practice exactly what I preach there, and have many users that I administer the same way. Never had a problem.

    The fact that you click on every flashy ad on every porn or warez site you visit necessitates your extra anti-spyware applications. I cannot even remember the last time I was even offered spyware.

    Offered spyware? The goal is to get it on your system without you knowing. In any case windows defender has done a wonderful job so far that I rarely have a use for spybot nowdays. Before I knew about windows defender I used spybot. Starting to sound like the Mac philosophy "Mac can't possibly have viruses". Also I got adblocking so no adds on my porn sites :)

    Never said you should have a problem. I was just responding to a post indicating that they felt too paranoid about using Remote Desktop. They did not take the steps to propperly set it up, true, but hacking encryption is not the only rout a hacker might take. True it is very unlikely that someone will be looking for your corporate login so they sent software onto bittorrent with keylogging knowing that your kid would download it and run it on the computer you use to log into work, but hey its a possibility. Never said we must be paranoid about it.

     

    Every time I read your replies to my posts it sounds like I just undermined everything you worked on in the last 10 years and you must defend your honor by stopping my truth from getting to the masses. I am not stating my word is truth, nor am I trying to attack you. I can take criticism, fine I was wrong on a point or two, but jez you make me out to be some retarded jerk because I have bad spelling and don't care to edit my posts on this f-ed up text editor (yes I can copy-pasta from vim... mmm pasta). 

     



  • @MasterPlanSoftware said:

    @dlikhten said:

    1) Paranoia is expencive to maintain, and is often a maintenence nightmare.
     

    I will assume you actually mean 'security' and no it is not expensive or difficult to maintain if you know what you are doing.

     

    I think that's the point he's trying to make.  Not everyone knows what they're doing, and their IT department is erring on the side of caution because of that.  Like this site clearly illustrates, there's a lot of people out there who DON'T know what they're doing.



  • @SenTree said:

    BTW, the home-working scenario involved only one mature and responsible developer, with no kids, solid firewall and anti-virus, and no propensity for surfing pr0n sites or file sharing. The connection was to be only to a secure version control server. The server is Vault, which I believe was specifically designed for this scenario, that was one of the reasons we selected it ! This was known to the IT monkey. Oh dear, I hope that doesn't start another war.

     

    Yea, your IT needs to read a book or 2.



  • @dlikhten said:

    Every time I read your replies to my posts it sounds like I just undermined everything you worked on in the last 10 years and you must defend your honor by stopping my truth from getting to the masses. I am not stating my word is truth, nor am I trying to attack you. I can take criticism, fine I was wrong on a point or two, but jez you make me out to be some retarded jerk because I have bad spelling and don't care to edit my posts on this f-ed up text editor (yes I can copy-pasta from vim... mmm pasta). 
     

    It has nothing to do with anything personal. But you state things as fact that are wrong or misleading. We have intelligent people and clueless people who read this stuff. A clueless person might take your statements and think they would be well advised to follow them.

    The point is that you shouldn't be giving security advice, since you appear (through your posts and your own admissions) to not have any clue about actually implementing real security.

    As far as the proof reading, you just make yourself look like an idiot. Don't blame the editor for your diarrhea of the fingertips, and being so lazy that you cannot even do a quick read of your own post.

    I often wonder why you even bother to post. If your posts aren't even important enough for you to read once before posting, then why would you insist on posting so we all have to read it??

    And yet, I have to admit, sometimes you make insightful, well written posts. And that just makes me wonder even more why you make yourself look like an illiterate fool the rest of the time.



  • We had to break compatibility like this in one of our applications.  The main reason was that we had to start moving toward a transactional, heavily-audited data model, as opposed to the typical 2-dimensional "present state" database that most business apps tend to use.  Oh, and it was also the final stage of the transition from a 2-tier to a 3-tier architecture.  It was a choice between a good design or a backward-compatible one, and being an IT-controlled infrastructure, we weren't burdened with the Microsoft-esque problems of millions of people still depending on the old version, so it just wasn't that much of an issue.  Also, the new version allowed us to make several assumptions that were necessary to keep the implementation sane, but the old version made no such guarantees, so a lot of things had to be validated and filled in.  Bottom line, it just wasn't practical to maintain back-compat if it wasn't absolutely necessary, which it wasn't.

    Of course, we didn't burden the users with this nonsense either.  We spent two weeks designing and testing and re-testing a migration process, waited until the end of the week, made a backup, migrated using the backup, and cut over Monday morning.  The old database was kept online the entire time, so nobody's service was interrupted.  The migration was done on a different server, so it didn't even cause a slowdown.

    And just to be extra safe, we even kept the old system running for a week in a read-only mode, in case of some catastrophic failure of the new one (which didn't happen).

    It *is* pretty pathetic that an IT department would not only allow such downtime, but depend on the [I]users[/I] to keep it "down". 



  • @dlikhten said:

    Yea, your IT needs to read a book or 2.
     

    That would be useful, but his eyes glaze over when presented with technical stuff ! He's also responsible for interfacing to some of my systems. I've had to add several pages of 'worked examples' to a six-page spec. because he couldn't grasp a simple formula or the concept of floating-point numbers.

    Strangely enough, he looks a little like the guy on the front of the Dummies books.



  • @SenTree said:

    Strangely enough, he looks a little like the guy on the front of the Dummies books.

     

    Ha!

    I had a lady from support who I think had a phobia of development docs. We often gave her docs of how things work. Detailed docs. We spent many hours making sure certain critical fixes were WELL documented since support had a major need for them...

    And every day she would repeat the same list of questions, which were always answered in the original doc, which she always refused to read. We could not point her to the doc caz she would not read it so we wound up just forwarding old emails.



  • @MasterPlanSoftware said:

    And yet, I have to admit, sometimes you make insightful, well written posts.


    <no-sarcasm> Aww that just warmed my heart! </no-sarcasm>

    @MasterPlanSoftware said:

    And that just makes me wonder even more why you make yourself look like an illiterate fool the rest of the time.

     

    Not intentional.

    My english side of the brain turns off randomly at random parts of the day. It depends on how much sleep my daughter made me skip out on, and how much brain-time is devoted to problem solving, I have a poorly implemented time-sharing algorithm switching between keeping logical models in my head and trying to express anything that I am thinking about. In other words, the deeper I am in though the less comprihenseable I am untill I solve the problem.

    See I am running a test suite now so I can think about posting. At other times I can proofread but it will make good sense in my mind.

    I do proofread, but REALLY wish firefox spellchecker worked on this damn editor since I can't spell, and you can quote anyone who read anything I wrote on that.



  • @Aaron said:

    We had to break compatibility like this in one of our applications.
    I can understand this might be necessary, it was more the intrusive rollout that triggered my OP. I think it might be a major version step including Vista compatibility.

    @Aaron said:

    Of course, we didn't burden the users with this nonsense either.  We spent two weeks designing and testing and re-testing a migration process, waited until the end of the week, made a backup, migrated using the backup, and cut over Monday morning.  The old database was kept online the entire time, so nobody's service was interrupted.  The migration was done on a different server, so it didn't even cause a slowdown.
    Exactly. As for a different server:

    Now then children, a new server costs $x, the wage bill for the entire staff doing nothing for a day is $y, if y >> x what is the typical management strategy ?

    @Aaron said:

    And just to be extra safe, we even kept the old system running for a week in a read-only mode, in case of some catastrophic failure of the new one (which didn't happen).
    But, but, that would require a spare server! Funnily enough, I think there's a copy of the previous system still on-line, not updated for several years. That was from a different supplier, it just did the job, everyone was happy. Some data (like, how to actually manufacture some of our older products) was never migrated to the new system, so we have to refer to it for maintenance jobs.

    @Aaron said:

    It *is* pretty pathetic that an IT department would not only allow such downtime, but depend on the users to keep it "down".
    A lesser version of this happens several times a month. If we're lucky, it's just 'please log out of <bad_application> for a few minutes', which doesn't affect the engineers too much since we don't use the system continuously. I suspect this is just because he hasn't worked out how to fix the problem without rebooting the server. On a bad day, it's 'save everything and log out of everything', which used to be really annoying when the corporate database server, the Vault server, the engineering project files, and just about everything else, were on the same f*cking server ! (See server cost, above). We're not a very big company, as you might have guessed, but I don't think our management went on the cost-benefit analysis course. We also have not-quite-enough licenses for the typical load, and far too few for the likely peak, because it would cost too much for the next block - again, disregarding how much time is wasted waiting for someone to log out.

    I could go on - and on - and on, but I think I've vented enough for one day. 


     

     



  • @Aaron said:

    It *is* pretty pathetic that an IT department would not only allow such downtime, but depend on the users to keep it "down". 

     

    I keep going back to the article about "do not run this script" and of course a guy thought what would happen if I ran it. Well he deleted everything from production database thats what.

     

    I just hope the OP's IT department got a better result.



  •  How could you actually expect that warning to work? That's akin to putting a large red button in front of Peter Griffin and hanging a sign above it that reads "DO NOT PUSH."



  •  Temptation



  •  @dlikhten said:

    Every time I read your replies to my posts it sounds like I just undermined everything you worked on in the last 10 years and you must defend your honor by stopping my truth from getting to the masses. I am not stating my word is truth, nor am I trying to attack you. I can take criticism, fine I was wrong on a point or two, but jez you make me out to be some retarded jerk because I have bad spelling and don't care to edit my posts on this f-ed up text editor (yes I can copy-pasta from vim... mmm pasta)

    It's his job, he's MasterAsshatPlan. His kung fu is greater, and he must prove this by destroying all proponents of lesser kung fus.

    Or he's just a software developer who gets his rocks off by starting flamewars. 



  • @dlikhten said:

    I keep going back to the article about "do not run this script" and of course a guy thought what would happen if I ran it. Well he deleted everything from production database thats what.
    Many of us thought it - but the login attempt would most likely leave very large footprints and lead to some unpleasantness.

    @dlikhten said:

    I just hope the OP's IT department got a better result.
    We'll find out on Monday.

    @Arenzael said:

    How could you actually expect that warning to work? That's akin to putting a large red button in front of Peter Griffin and hanging a sign above it that reads "DO NOT PUSH."
    Fortunately, the nearest we have to Peter Griffin is the IT guy himself. Unfortunately, we don't have anybody like Lois !

     

     

     



  • @Arenzael said:

    by starting flamewars. 
     

    There is no flamewar here, and despite your efforts there wont be one.

    Move along troll.



  • @MasterPlanSoftware said:

    It has nothing to do with anything personal.

    Right. And it's totally not flame baiting when you insult him in threads he hasn't even posted in.

    @MasterPlanSoftware said:

    Are you referring to all the people running unpatched IE 5 installs on Windows 98?

    Wow, you never see spyware and there hasn't been a virus since Windows 98. How do I connect to whatever Internet you're using? You do realize that no one criticized Microsoft, right? You don't have to jump to the defense of your fair maiden.



  • @Cap'n Steve said:

    Typical last minute trolling...
     

    You really need to quit this crap now. The rest of your trolling posse has moved on and grown up. Why don't you join them?



  • @Arenzael said:

    It's his job, he's MasterAsshatPlan. His kung fu is greater, and he must prove this by destroying all proponents of lesser kung fus.

    Or he's just a software developer who gets his rocks off by starting flamewars.

    Cancer troll is malignant!

     

    I know you're probably Lysis or one of his fan club, but we've dealt with your kind before. 



  • Let's play Sidebar Madwords! If you want to play on other threads, simply change 'dlikhten' to the name of your choice.

     

    dlikhten: [Reasonable statement] because of [list of bad reasons applicable only to pessimistic, specific situation]

    MasterPlanSoftware: [list of reasons] are stupid because [list of good rebuttals]. [Reasonable statement] refuted because [list of overly optimistic reasons that only work in a perfect world]. [Humorous insult]!

    dlikhten: [list of good rebuttals] are 1. wrong because of [misinformed reason] 2. you're an exception, but [unsubstantiated generalisation] 3. oh no, I actually meant [stream of nonsense] 4. [Software product] is powerful enough for anybody / is incapable and there is no alternative. Either way, you're still wrong.

    MasterPlanSoftware: [Point by point refutation, showing good critical thinking skills, but still with an absurd faith in people's capability to be rational]. Obviously you don't know what you're talking about.

    dlikhten: [Condescending rebuttal that misses the point or contradicts himself]. How can you dismiss [software product], it stopped me catching herpes! Also, [insult].

    MasterPlanSoftware: [Actual rebuttal]. [Previous insult] yourself!

    dlikhten: No, you're wrong! And like I said, [software product] can create world peace!

    MasterPlanSoftware: No, you are! Also, you're stupid.

    dlikhten: If my posts become illegible, MasterAsshatPlan will never win this argument! [nonsense]

    [repeat any of the above 5 or 10 times]

    MasterPlanSoftware: [Vain attempt to inform opponent of their flaws].

    Lysis: MasterAsshatPlan SUCKS! I'm smart! Ho ho!



  • @Otterdam said:

    Let's play Sidebar Madwords! If you want to play on other threads, simply change 'dlikhten' to the name of your choice.

     

    dlikhten: [Reasonable statement] because of [list of bad reasons applicable only to pessimistic, specific situation]

    MasterPlanSoftware: [list of reasons] are stupid because [list of good rebuttals]. [Reasonable statement] refuted because [list of overly optimistic reasons that only work in a perfect world]. [Humorous insult]!

    dlikhten: [list of good rebuttals] are 1. wrong because of [misinformed reason] 2. you're an exception, but [unsubstantiated generalisation] 3. oh no, I actually meant [stream of nonsense] 4. [Software product] is powerful enough for anybody / is incapable and there is no alternative. Either way, you're still wrong.

    MasterPlanSoftware: [Point by point refutation, showing good critical thinking skills, but still with an absurd faith in people's capability to be rational]. Obviously you don't know what you're talking about.

    dlikhten: [Condescending rebuttal that misses the point or contradicts himself]. How can you dismiss [software product], it stopped me catching herpes! Also, [insult].

    MasterPlanSoftware: [Actual rebuttal]. [Previous insult] yourself!

    dlikhten: No, you're wrong! And like I said, [software product] can create world peace!

    MasterPlanSoftware: No, you are! Also, you're stupid.

    dlikhten: If my posts become illegible, MasterAsshatPlan will never win this argument! [nonsense]

    [repeat any of the above 5 or 10 times]

    MasterPlanSoftware: [Vain attempt to inform opponent of their flaws].

    Lysis: MasterAsshatPlan SUCKS! I'm smart! Ho ho!

     


  • @Otterdam said:

    Let's play Sidebar Madwords! If you want to play on other threads, simply change 'dlikhten' to the name of your choice.
     

    Heh. Good one.

    What I find really amazing is I had a little brush with dlikhten but both of us handled it between ourselves. And yet still every sidebar regular troll here is going to attack anyway and try to fan the flames into something it isn't.

     

    Kind of ridiculous and pathetic, but oh well.



  • @MasterPlanSoftware said:

    @Cap'n Steve said:

    Typical last minute trolling...
     

    You really need to quit this crap now. The rest of your trolling posse has moved on and grown up. Why don't you join them?

    I posted about 8 hours after you, then you posted about 8 hours after me, yet only one of us is posting at the last minute? I'm not being sarcastic, I seriously would like an explanation of your system for deciding when a thread is "over".

    If you do one good deed in your life, please, [i]please[/i] learn the definition of the word troll. My posts regarding you are much more polite than 90% of your posts on any topic, yet you insist on completely ignoring the actual content and just posting the same response over and over again. Tell me to grow up as much as you want, but please just communicate like a human being.

    I know you're a smart guy, so I'm sure you realize that none of the people (ok, I'll give you Lysis, but he's pretty tame) you label as a troll are anywhere near trolling. I'm also sure you realize that by calling them trolls and constantly bringing them up in unrelated threads, you're just a flamebaiting, borderline spammer. You need to take some of your own advice.



  • @Cap'n Steve said:

    yet only one of us is posting at the last minute?
     

    Yes. You are trolling at the last minute. You do it every time. You have made no contributions to this thread, but at the last minute you attack me and try and start a flamewar.

     

    Let it go, move on. No one was ever talking to you to begin with.


Log in to reply