Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

IT Turf Wars: the Most Common Feuds In Tech

CmdrTaco posted more than 3 years ago | from the light-sabers-here-too dept.

IT 217

snydeq writes "InfoWorld's Dan Tynan reports on the most common feuds in tech: turf wars in the IT department. 'IT pros do battle every day — with cyber attackers, stubborn hardware, buggy software, clueless users, and the endless demands of other departments within their organization. But few can compare to the conflicts raging within IT itself.' Dev vs. ops, staff vs. management — taking flak from fellow IT pros has become all too common in today's highly territorial IT organizations."

Sorry! There are no comments related to the filter you selected.

vim (5, Funny)

bbqsrc (1441981) | more than 3 years ago | (#35199822)

it's the best.

Re:vim (2)

WrongSizeGlass (838941) | more than 3 years ago | (#35199932)

North Korea is the best Korea!

Re:vim (1)

vlm (69642) | more than 3 years ago | (#35200026)

vlm, agreed

Re:vim (3, Funny)

Requiem18th (742389) | more than 3 years ago | (#35200314)

m is absolutely the bestD
A
wq

Re:vim (1)

nickrw (1958032) | more than 3 years ago | (#35200716)

Oh no, compatibility mode! Undo! Undo!

Re:vim (2)

skywatcher2501 (1608209) | more than 3 years ago | (#35200070)

word.

Re:vim (1)

Anonymous Coward | more than 3 years ago | (#35200264)

That was my reaction. Then I realised you might actually be recommending MS Word. Please tell me you're not.

Re:vim (1)

binarylarry (1338699) | more than 3 years ago | (#35200214)

Well that settles that.

The cycle to hell. (4, Interesting)

nosfucious (157958) | more than 3 years ago | (#35200458)

Sigh.

Daily life around here.

Marketing wants what marketing wants. To hell if it has a positive cost/benefit ratio. "Nice and shiny and uses lots of Flash ... and runs on my iPhone ... drool"

Devs dev what marketing wants. Dev only wants to dev in production. As Administrator/root/qsecofr (or ALLOBJ).

IT Management, but especially Finance Magement skimp of every possible detail until they end up spending more time AND money patching it until it would have been cheaper to do it the way joint Ops/Securty said it would.

Ops/Security is handed a dogs breakfast of non-working, insecure code that produces amiguous, and often wrong results. Last to find out or provide input. But it's our fault when it doesn't work, or opens all security doors, or breaches laws in several countries. (The last ones to touch it must have broken it).

Classic way NOT to do it.

Re:The cycle to hell. (1)

Moryath (553296) | more than 3 years ago | (#35200568)

Marketing wants what marketing wants. To hell if it has a positive cost/benefit ratio. "Nice and shiny and uses lots of Flash ... and runs on my iPhone ... drool"

I'm reminded of a branching decision diagram I once saw labeled "thought process of a marketing person." It basically was a "is it shiny" question box with an endless loop if "Yes."

Ops/Security is handed a dogs breakfast of non-working, insecure code that produces amiguous, and often wrong results. Last to find out or provide input. But it's our fault when it doesn't work, or opens all security doors, or breaches laws in several countries. (The last ones to touch it must have broken it).

No kidding. It's not just this way in programming security either - I've got friends who work in hospital security who have a devil of a time with people leaving their passwords and usernames on sticky-notes everywhere. Building security has problems with assholes defeating the building's fire alarm so they can sneak out to a fire escape (or worse yet, a ground-floor alley) and smoke and get back in.

We really would be better off as a species if we could issue summary sterilizations for the "but what's the big deal" crowd so that they'd stop breeding stupid into the next generation.

Re:The cycle to hell. (3, Insightful)

Culture20 (968837) | more than 3 years ago | (#35200820)

Building security has problems with assholes defeating the building's fire alarm so they can sneak out to a fire escape (or worse yet, a ground-floor alley) and smoke and get back in.

If an addiction is causing people to break company policy (or worse, the law), then maybe it's time to fire their butts (pun intended).

Re:The cycle to hell. (5, Insightful)

jvonk (315830) | more than 3 years ago | (#35201088)

I've got friends who work in hospital security who have a devil of a time with people leaving their passwords and usernames on sticky-notes everywhere. Building security has problems with assholes defeating the building's fire alarm so they can sneak out to a fire escape (or worse yet, a ground-floor alley) and smoke and get back in.

You had me up until this point. While your cited cases might be reasonable, there is also the all-to-frequent case where "security" regulations induce this behavior.

What does hospital security expect users to do when users are required to rotate passwords every two weeks, have a 12 character long mix of upper/lowercase alpha's and numerics, and then also be subject to a 7 password history non-reuse restriction? Security is cognizant that the result of these provisions will be that users write down their passwords on stickies, so how is this more secure than allowing people to pick a less complex password and retain it longer?

The answer is that this presumes that everyone is playing the same game, with the goal to be the best possible security equilibrium state balanced against inconvenience/usability. Running counter to this is security's CYA factor: they experience no penalty for the insane password restrictions that reduce overall security, because if there is a security breach from the post-it passwords they can dump all the blame on the hapless user for violating the published security protocol that prohibits such actions. So, security has a payoff table that disrupts the equilibrium resulting in the paradoxical, reduced security steady state that is observed in these cases (ie. security is externalizing the costs of implementing the high-grade security practices).

PS. As for defeating the fire alarms, maybe they shouldn't have turned the entire hospital into a "tobacco-free campus", with the nearest "approved" smoking area located six blocks away. This is basic psychology. Normal people like to abide by the rules/laws even if they find them onerous, but there is a limit to their willingness to comply. This is essentially what happened to the entire US during the Prohibition. Again, as I said, your cited cases might be reasonable, but I have seen many that were not.

Re:The cycle to hell. (4, Insightful)

DrgnDancer (137700) | more than 3 years ago | (#35201040)

No offense (I'm an ops/security guy and I was nodding the whole time till I thought about it), but this is exactly what the article is talking about. Of course Marketing wants it shiny and iPhone enabled. It's marketing, it's supposed to catch the eye and cause people to pay attention. Of course management wants to save money.. Money saved here is money that can used elsewhere or go into someone's pocket (often management's of course, but in theory anyone's). Of course Dev wants to have access to the live servers, there's info they want/need on there and very rarely it actually is useful to make changes on the fly when the situation is serious enough (It shouldn't ever be, but we don't live in a perfect world). Of course you want reliable, stable secure code that changes as little as possible.

The solution isn't "Make all these other guys understand that I'm right". It's to try to minimize the siloing so that everyone has a say in process from the ground up. So the dev guy can tell the marketing guy, "Hey you can't have iPhone *and* Flash. Do we want to find a shiny that doesn't use Flash, or accept that iPhones don't see our shiny?" Marketing can say to Ops "Ok that shiny I wanted was insecure, I get that, is there a secure way to do something similar?" Ops can say to Dev "I set you up a limited access account on the live servers to collect the usage data you need, please don't let it stack up." And Management can say to everyone "This is how much we really have to spend and the results if we break budget."

That way everyone can be an adult. There'll still be conflicts of course, but if everyone knows that each group is legitimately trying to facilitate everyone else, they can become points of discussion and resolution instead of small scale wars that every side is trying to "win".

Re:vim (0)

Anonymous Coward | more than 3 years ago | (#35200524)

We all know this, but there are _still_ some emacs users still alive. They should die off in the next 10 years or so.

Alive... (1)

mugurel (1424497) | more than 3 years ago | (#35200692)

and kicking! I just wrote some code to do tracker desktop search from within emacs (using dbus and dired).

Re:vim (1)

Sique (173459) | more than 3 years ago | (#35201186)

I have emacs open right now, and I usually write my short stories in emacs. And to instill fear and loathing into you, I actually do have children.

sysops being (2)

nimbius (983462) | more than 3 years ago | (#35199870)

the layer between which management absolves its direct interaction with developers, and through which a SOX policy completely devoid of any comprehension of the developer or her work is enforced.

Dont forget the choreographed dance/fight numbers. (4, Funny)

Kenja (541830) | more than 3 years ago | (#35199902)

Or is that just a California thing?

To quote Lincoln Spector and sung to the tune of the Jets song from West Side Story.

When you use DOS you use DOS all the way
From your first data loss 'til you format drive A:.
When you use DOS, why your confidence grows;
For your keys there's commands, for your mouse there's Windows.
It's DOS that's sublime; it's used by all go-getters.
At file-namin' time, we're never locked in fetters--
We choose eight letters.


When you use DOS, old hardware you can swap.
You can buy something new, next month prices will drop.
When you use DOS, why, you're never a stooge,
If your 640's low, well, there's always a cludge.
DOS users: On clones we can run, with brand-names we're the choosers.
The Macs'll buy none, cause all the Apple users
Are mouse abusers.


We're using DOS, yeah! and we're gonna fix
Every last system that's not something eighty-six--
Not something eighty, very weighty, six.

Re:Dont forget the choreographed dance/fight numbe (-1)

Anonymous Coward | more than 3 years ago | (#35200100)

OK, here's the thing: The Grammys totally fucked The Bieb over: Justin Beiber's legions of followers are shaking their heads in dis-Belieb after jazz artist Esperanza Spalding beat the teen idol as the Grammy Awards' best new artist.

Re:Dont forget the choreographed dance/fight numbe (1)

raymansean (1115689) | more than 3 years ago | (#35200888)

What a sad day it is, I read DOS as denial of service through most of the first verse. The sad thing is I grew up on DOS, ok MS-DS.

What about staplers? (0)

Anonymous Coward | more than 3 years ago | (#35199916)

As Office Space [amazon.com] so convincingly depicted it, loss of a precious stapler to another employee can have severe ramifications for the future of the business.

Forget Feuds, this is WAR! (3, Funny)

Archangel Michael (180766) | more than 3 years ago | (#35199918)

Luckly we have the equivalent of Sun Tzu's Art of War for the IT crowd.

B.O.F.H [wikipedia.org]

Re:Forget Feuds, this is WAR! (1)

BrokenHalo (565198) | more than 3 years ago | (#35200522)

The BOFH usually ends up getting his ass kicked in one way or another. It can be very tempting to abuse power - and I have to confess to having been a little capricious myself at times back in the days when I was an operator on a certain mainframe site, when asshat branch managers routinely dumped shit in my general direction while I was trying to get my job done.

But my point is that the BOFH or sysadmin has to retain a certain level of integrity. If you leave your job (even if you are "asked" to leave) you don't go dropping timebombs on your ex-employer if you ever want to get hired again. There is sometimes an expectation that the sysadmin can't be trusted, but the reality is that most are perfectly capable of appreciating the simple reality that it is in their own best interests to not shit in their own nests.

Re:Forget Feuds, this is WAR! (1)

MrLint (519792) | more than 3 years ago | (#35200886)

The thing about timebombs is that you may not really have part in it. Anytime someone demands what would be a bad decision get implemented, a timebomb is created. You can warn people all you want. Its screaming down a well. If something happens to said bad decision in some time period after you leave, you are blamed. The fact that the empty desk that wasn't back-filled didn't take over the minor task you were doing in order to keep BadIdea(tm) running, still becomes your fault.

Butting Heads (0)

Anonymous Coward | more than 3 years ago | (#35199920)

Your problem shows up in production only? That's too bad.
That's a really nice software release life cycle you've got there. It would be a shame if anything were to happen to it.

BOFH (1)

i.r.id10t (595143) | more than 3 years ago | (#35199924)

Obviously they've never read any of the BOFH tales...

Re:BOFH (1)

Threni (635302) | more than 3 years ago | (#35200182)

Maybe they have, but just didn't find them very funny. They're like Dilbert, or TheRegister etc - how shall I put this..."not universally enjoyed"?

Re:BOFH (1)

h4rm0ny (722443) | more than 3 years ago | (#35200880)

Yeah - I read a couple and I just couldn't find the wit. I really like Dilbert and find The Register entertaining. But those stories basically seem to consist of an unrealistically ignorant user being messed around by a humourless jerk. If I had someone like that working for me, I'd fire them on the spot.

Re:BOFH (0)

Anonymous Coward | more than 3 years ago | (#35200970)

...and then they would burn your house down.

Noki, aren't they Japanese? (-1)

Anonymous Coward | more than 3 years ago | (#35199938)

Microsoft got a huge boost by the deal it did with buying Nokia. This will ensure the platform has legs and will probably ensure the slow death of HP/Palm WebOS which announced three new products this week.

While the WebOS looks like sauted road kill, let's not forget the Nokia-Intel joint venture: the MeeGo OS, a Linux-based piece of shit initiative that seems stillborn. Nokia mentioned that it will continue to experiment with MeeGo, but the Nokia CEO, Stephen Elop, did not seem too inspired by any sort of possibility that it will go anywhere. He was just being nice.

In fact, you have to wonder what Intel needs to do to get some respect in the mobile arena. When you think of mobile chipmakers, the last name to come to mind is Intel.

Whatever the case, Microsoft pulled a rabbit out of a hat with the Nokia deal, and over the next few months, this will be over-analyzed until we're sick of it.

I personally have written about Nokia strategies and think this decision is the most risky one it could make. Windows Phone 7 isn't going anywhere. It has no buzz, and Microsoft seems jinxed on some level. After all, Microsoft essentially invented the smartphone over a decade ago, long before the iPhone. Where did it get them?

Microsoft was single-handedly responsible for perception that the smartphone was a dog of an idea. The smartphone languished under Microsoft tutelage. Then the iPhone came along, and Microsoft was dumbfounded and slow to react. Years had to go by before a kind of iPhone-like Windows Phone 7 appeared too little and too late.

The irony, of course, is that Windows Phone 7 is not a bad OS and modern. In fact, a lot of what Microsoft has done on the mobile platforms has been quite good. Which brings us back to the notion that the company is "jinxed." Years of bragging, bad marketing. and lazy PR has resulted in major perception problems that Microsoft seems unaware of.

This was all epitomized by the Vista fiasco.

I was amused by the Nokia roll-out of its partnership with Microsoft where CEO Elop kept telling the media how the company will now change modes and get things done faster. Faster? With Microsoft? How would that work?

Nokia said it will continue with MeeGo in the background. None of the media at the press event managed to ask if Nokia is completely ruling out Android. My guess is no. And my guess is no only because the sluggish pace it will find coming from Microsoft.

In the mobile segment, things are flying. I see no evidence that Microsoft can keep up the torrid pace of real innovation. The company has gum on its feet.

I actually recall talking to Steve Ballmer during the roll-out of Windows 98 and asked him if the company was thinking of bringing out a complete and new upgrade to the OS every year like car companies do with their vehicle models. There was Windows 95 and then 98. It seemed headed that way.

He said they were considering it.

Well, since the two year gap between 98 and 2000, the gap has widened as the company cannot keep up a faster pace. You can get away with slowing down progress with a desktop computer and a game console, but not with these phones. Hopefully, Nokia has a plan B when the Windows Phone platform falls behind the rest of the pack.

"Long live the Fighters!" (1)

Average_Joe_Sixpack (534373) | more than 3 years ago | (#35199952)

shutdown -s -f -m \\theman

Re:"Long live the Fighters!" (2)

toastar (573882) | more than 3 years ago | (#35200130)

God I remember back in high school when i discovered the Net Send command.

Re:"Long live the Fighters!" (3, Funny)

Terrasque (796014) | more than 3 years ago | (#35201208)

I always found it fun when OTHERS found net send, decided to "have some fun", and as a result I showed them the consequences of mixing 1. batch scripting, 2. net send, and 3. infinite loops. And not one of them knew how to turn the service off... One of them even started to cry..

Good times :)

Network vs. Servers (1)

AntEater (16627) | more than 3 years ago | (#35199960)

The network guys are never wrong. Nope. Doesn't happen. Must be something wrong with your servers. Can't be the 2k line ACLs we've put on each vlan to protect the windows machines. Nope. You don't need any ICMP protocols anyways. Why?? What do you need it for? There are no problems with the network. Don't believe me, look at my stats....

Re:Network vs. Servers (2)

Lumpy (12016) | more than 3 years ago | (#35200136)

That's why I love patching a crossover cable from one switch to another on them and let it sit there.

making it red like their critical cables and with a "DO NOT REMOVE" label attached on each end is a great way to screw with them. Bonus points if you make it long and snake it through trays so it's not obvious.

Re:Network vs. Servers (5, Funny)

nedlohs (1335013) | more than 3 years ago | (#35201204)

Paint one half of the cable blue and the other half white, and hide the switch point in a mass of cables somewhere.

Re:Network vs. Servers (1)

ArhcAngel (247594) | more than 3 years ago | (#35200244)

AMEN BROTHER! PREACH IT

I worked for a rather large bank that was still using token ring in the building I worked (This was about 8 years ago). One of the PCs on the call center floor lost its network connectivity. I realized her leased address had expired and it didn't get renewed. We'd had problems with the ring hubs losing their IP Tables in the past so I called the sysadmins and spent 3 hours on the phone with a guy who insisted I didn't know what I was talking about. During this time several other PCs had gone dark. I finally jumped through all the hoops he insisted I try and he finally said..."hrmm...it must be the IP Tables on the router. I'm not allowed to do anything to those. Let me go get my boss."

Define "the network". (3, Informative)

khasim (1285) | more than 3 years ago | (#35200316)

Must be something wrong with your servers.

Remember that the network switches / hubs / routers are part of "the network".

So when there REALLY is a problem on the network, the network admins usually hear about it because EVERYONE is having problems with ALL of their apps.

If one workstation or one server is having a problem (but the others are working) then it probably isn't a problem with "the network".

It may be that the network is not configured the way you'd like it to be for whatever you're trying to do ... but remember that the network admins have to keep the network configured to support all the OTHER items that were on it before yours.

At least be able to tell them what you want to do protocol-wise.

Re:Define "the network". (2, Insightful)

Anonymous Coward | more than 3 years ago | (#35200516)

A-fucking-men.

I didn't completely understand why the networking team always seemed so irritable when they would get called until I started doing that job at another company.

Anything where one user can't get to one website, one file share or their PC won't boot up is always suggested to be network related. After the other people claim to check the file server(s), VMWare(if it's a VDI client), etc., they come to me and it's up to me to prove that it's not the network. Invariably, I end up owning the issue and come to find that they locked out their AD account, they rearranged their desk and plugged into the wrong wall jack, their PC has a bad NIC (rare) or some other non-network related problem.

On the firewall/proxy side, am I the only one who HATES gotomeeting.com?

Re:Define "the network". (1)

Talderas (1212466) | more than 3 years ago | (#35200764)

Must be something wrong with your servers.

Remember that the network switches / hubs / routers are part of "the network".

So when there REALLY is a problem on the network, the network admins usually hear about it because EVERYONE is having problems with ALL of their apps.

If one workstation or one server is having a problem (but the others are working) then it probably isn't a problem with "the network".

And the one time it is the "network" for 1 user it's usually a disconnected cable from the user's machine.

Re:Network vs. Servers (1)

sfprairie (626602) | more than 3 years ago | (#35200856)

Yah... those ACL's are on there because Security insisted. Yet to see security think performance matters.

Re:Network vs. Servers (1)

Xian97 (714198) | more than 3 years ago | (#35201112)

I see the opposite occurring in my environment. The Server admins will roll out a new application or process without giving any consideration to the amount of bandwidth it will consume or what toll it will take on the network, and of course not informing anyone in the network group of any changes. All of a sudden we start getting lots of calls for slow network performance and found that the bandwidth and latency shot up 300% from what it was averaging before. Once we analyze the traffic we see all the new flows going to and from the server.

In your scenario, 2K line ACLs would be a problem since every packet would have to go through that line by line until it found a permit or deny. If they need that level of protection, then a firewall would be a better solution.

Retarded Senior Developers VS Good Developers (0, Flamebait)

Anonymous Coward | more than 3 years ago | (#35199972)

It seems like any time I try to write software correctly there is inevitably some retard who gets in my way.

Sometimes it's a senior (in years only) developer who created a "standard" before I got there. Other times it's a shitty outsourcing company in India that decided they would rather write a buggy version of asp.net (using asp.net no less) than let .net developers do things correctly.

When these lousy yet powerful developers get involved (and they always find a way), projects slow down and become buggier. At some point my manager asks why the projects take so long, and the senior developers attack is complete.

Where can I escape retarded senior developers???

Re:Retarded Senior Developers VS Good Developers (1)

mfh (56) | more than 3 years ago | (#35200164)

Where can I escape retarded senior developers???

You can't. They are everywhere. However, you can escape them if you become an entrepreneur and write your own shit, then anyone you hire has to be up to standards or you fire them. This is how good companies replace bad ones.

Re:Retarded Senior Developers VS Good Developers (1)

mangu (126918) | more than 3 years ago | (#35200744)

let .net developers do things correctly.

You mean, like migrating apps away from .net?

Re:Retarded Senior Developers VS Good Developers (0)

Anonymous Coward | more than 3 years ago | (#35200898)

Well you can start with not being a whiny n00b bitch.

When you grow up you'll look back on your 20's and say "Man, I thought I knew everything yet had no idea what I was doing."

Re:Retarded Senior Developers VS Good Developers (2)

lwriemen (763666) | more than 3 years ago | (#35200932)

they would rather write a buggy version of asp.net (using asp.net no less) than let .net developers do things correctly.

Where can I escape retarded senior developers???

Escape them? It sounds like you are on your way to becoming one.

Re:Retarded Senior Developers VS Good Developers (1)

Steauengeglase (512315) | more than 3 years ago | (#35200972)

Sometimes it's a senior (in years only) developer who created a "standard" before I got there.

I'm guessing you never bothered to ask why that "standard" was there to begin with and 2 to 4 months down the line will find out that there is some limitation that was completely outside of everyone's control and you've just run head first into it. Of course by then you'll have started a re-write and will learn to just blame it on the old timer's lack of documentation and if it was documented, it wasn't documented "right".

The biggest challenges in this field (2)

frog_strat (852055) | more than 3 years ago | (#35199984)

are not technical, they are interpersonal. Cognitive intelligence is enough to get one started in this field, but gradually developing knowledge our one's own mind, how to work with others, develop a commitment to encouragement, and gaining a think skin are a must. A lot of IT jobs are a disaster. But you can still find peace in the middle of it if you develop the strength.

Re:The biggest challenges in this field (0)

Anonymous Coward | more than 3 years ago | (#35201322)

Great comment! Smart admins are nowhere near as valuable as wise admins!

The best thing I saw... (2)

mfh (56) | more than 3 years ago | (#35200014)

Years ago I quit my job web developing because a customer of my former employer was shady, and promising that the websites could do credit card sales, built in... at no additional charge. So when I quit my job over this kind of blatant lying, I was blacklisted by the former employer. A couple months later, their prized customer stiffed them in $15k worth of fees.

I phoned my former employer when I heard the news and gave her a bit of the "I told you so," except I was kind about it, and polite. It was apparent from her responses she felt sorry for blacklisting me, and sorry for not listening.

Sometimes the flak is warranted. Management: listen to your people or don't fucking hire them to begin with.

Re:The best thing I saw... (1)

royallthefourth (1564389) | more than 3 years ago | (#35200076)

So when I quit my job over this kind of blatant lying, I was blacklisted by the former employer.

Your former employer was Joe McCarthy??
But seriously, could you clarify? I don't quite understand.

Re:The best thing I saw... (0)

Anonymous Coward | more than 3 years ago | (#35200208)

what do you mean by 'blacklist'? were they badmouthing you when would-be employers called to verify employment history?

Re:The best thing I saw... (1)

mfh (56) | more than 3 years ago | (#35200406)

The former employer complained about me leaving suddenly at a social event, to a number of people I know, while they were rubbing elbows. Some of the folks who were present mentioned it to me. Later on the same people phoned me and told me about that same customer stiffing my former employer.

Re:The best thing I saw... (2)

Stregano (1285764) | more than 3 years ago | (#35200834)

Well sometimes one manager leaves and a new one comes in. It happened to me. I am 28, and this guy was 29, and he never listened to what anybody told him. I think proper communication is key. This guy would not talk to his employees about a problem. He would flat-out give them a citation (or write-up) without any warning. Look, if we mess up and know we mess up, that is one thing, but if we have no idea we mess up, maybe the manager should talk to us instead of just throwing write-ups around

BAs who design applications (0)

Anonymous Coward | more than 3 years ago | (#35200050)

BA who design applications v. BA who analyze problems. I constantly get documents from BAs that don't contain any requirements nor the business rules that govern the application. Instead, they give me screen designs and the flow of the application. No idea of what could go wrong or what is considered bad input.

Re:BAs who design applications (1)

BrokenHalo (565198) | more than 3 years ago | (#35200640)

BAs? I thought a BA was a Bearded Anthropologist, but I don't see how that connects...

DBA vs. SysAdmin (3, Funny)

devnullkac (223246) | more than 3 years ago | (#35200080)

DBAs always seem to want root for some reason or other... with apologies to A Few Good Men:
  SysAdmin: You want the authority?
  DBA: I think I'm entitled.
  SysAdmin: You want the authority?!
  DBA: I want the root!
  SysAdmin: You can't handle the root!

Re:DBA vs. SysAdmin (1)

PPH (736903) | more than 3 years ago | (#35200238)

This is a result of poorly designed DBM systems (and other products) that have to be installed and configured as root.

I have used and built quite a few well thought out systems that can be run and administrated entirely from a standard user account (usually named {product}root). At most, some required the sysadmin to make a single entry into /etc/inetd.conf or give the product admin (DBA) sudo permission to run a start/stop/refresh script as root.

Re:DBA vs. SysAdmin (1)

I8TheWorm (645702) | more than 3 years ago | (#35200398)

It's not that the systems are poorly designed (filesystem access, and hell, Oracle DB has its own filesystem), it's poorly designed DBAs who think that because the system needs it, they need it too.

Re:DBA vs. SysAdmin (1)

mysidia (191772) | more than 3 years ago | (#35200670)

This is a result of poorly designed DBM systems (and other products) that have to be installed and configured as root.

That's one reason, but DBAs also need root to correctly tune servers to be database servers and troubleshoot issues with DB servers that involve use of root-requiring software tools such as Dtrace or systemtap.

The DBAs with specialized expert knowledge of database systems need root to reign in on the lesser-informed general system admins who do not understand the unique and particular performance considerations for DBM applications and the DBM involved. The general sysadmin's job is not to know about database server applications or which specialized tunings the DBA may choose for their application (which do require root to implement).

In particular, the DBA needs to reign in on sysadmins just throwing up new database volumes as RAID5 with no special alignment of partition sectors, instead of something sane like properly aligned partitions using RAID10; and the DBA needs to be able to check things like proper memory/disk/paging behavior configurations.

Most of the considerations a DBA or _good_ storage admin are expected to understand, but are way out of the league of even a good general sysadmin.

Re:DBA vs. SysAdmin (2)

Talderas (1212466) | more than 3 years ago | (#35200798)

DBAs needing root isn't necessary as long as you have proper corroboration, communication, and trust between system admins and DBAs.

Re:DBA vs. SysAdmin (0)

Anonymous Coward | more than 3 years ago | (#35201140)

As an Oracle DBA I've just *gotta* say, that I do not want root and have turned down the offer from (let us say) lazy SAs.

The only time I ever require root is during initial software installation, and the SA is welcome, nay required, to run the 'root.sh' so that they can't claim ignorance when something they do causes unforeseen consequences.

If I do not have the authority to bugger the system, then no one can accuse me of doing so (which sadly has happened -- the accusation, refuted with "I do not have root privilege"). Though I *have* had to hand step-by-step guidelines to various SAs over the years so that they do the job right the first time. This does not apply to all SAs, but you can't usually tell until it is too late.

Turf wars... Pfft... (4, Insightful)

Lumpy (12016) | more than 3 years ago | (#35200106)

Got a great idea and want to get it past security without trouble? that's simple... simply get buy-in from a senior executive. get him to adopt it as his pet project and get it working on the Dev servers. now when he announces it Security cant do anything but say yes and do your bidding because they do not dare tell the Senior VP of marketing that they wont let his project run. Do I make enemies withing security? yup. Every one of them hated me because my default approach to them was an end run. And it was simply because the security guys were incapable of thought outside of the "lock it all down" OMG OMG! DANGER DANGER! WE got a iphone/ipod app launched for use in the company and made every one of the security guys froth at the mouth and fall on the floor convulsing when I end ran them to a VP who loved it and wanted every sales person to have it. They lost their mind at allowing 190 non company locked up iphones and ipods connected to the holy internal wifi.

Just wait when my ipad system for sales forecasting get's greenlighted and they have to allow 200+ ipads on it as well...

Re:Turf wars... Pfft... (3, Insightful)

Anonymous Coward | more than 3 years ago | (#35200200)

Have you tried no being a dick yet?

Re:Turf wars... Pfft... (0)

Anonymous Coward | more than 3 years ago | (#35200292)

Heh, must be nice to work for a tiny company that doesn't need to comply with things like SOX and PCI.

Also, if you did that to ME, I'd have a friend hack the company and make damn certain it was your end-running that responsible for the attack surface that was used.

Re:Turf wars... Pfft... (2, Informative)

Anonymous Coward | more than 3 years ago | (#35200380)

In this regard the iPad/iPhone is equivalent to kids driving around with motorized scooters on the freeway. It's exciting and easy to use. But completely incorrect tool for the job. iPads are consumer products without any security features worth mentioning.

Re:Turf wars... Pfft... (4, Interesting)

Just Some Guy (3352) | more than 3 years ago | (#35200392)

I admit: my first reaction is that if I worked security at your company, I'd want to kick your ass. I mean, I like you, but they probably have a very valid point about not wanting untrusted apps popping up all over the place.

But my second reaction was that you're right. There's no valid reason why you can't have unsecured guests on the holy internal wifi. We have an open WLAN here at the office, but it's firewalled away from anything we actually care about, with exceptions on a case-by-case basis. You don't get open access to the database server just because you're connecting to our corporate wifi. If your security guys can't handle that, then, well, sucks to be them. Good for you for finding away to make people actually do their jobs.

Too many assumptions there. (1)

khasim (1285) | more than 3 years ago | (#35200484)

Designing a wireless / wired network to support unsecured guests is a LOT different than designing one to support only secured guests.

AND it requires that all the PREVIOUS systems not have problems with the design.

The network admin has to support ALL the systems. Not just your pet.

What happens when the corporate database IS accessible from the corporate wifi because other apps need that access and those apps are run by people on wifi?

Re:Too many assumptions there. (2)

Just Some Guy (3352) | more than 3 years ago | (#35200696)

Designing a wireless / wired network to support unsecured guests is a LOT different than designing one to support only secured guests.

And the cool thing is that you don't have to pick just one. It's perfectly possible and reasonable to have open and secured networks. That how I - the network admin - built the system at my company. I'm quite well aware of the conflict between security and usability, but at the end of the day, my boss pays me to find a way for him to use the software he wants. I don't have the privilege of saying "that's insecure! You can't use that on my network!" because he can always trump with "get your stuff and leave".

So if I got orders from my boss telling me to open the network for Lumpy's pet app, I'd be pretty pissed off at Lumpy. In my case, that'd be because I'd hope that Lumpy would come to me in person so that I could help him without involving management. In his company's case, it sounds like it'd be because his network admin has a misguided concept of "their network".

Wasn't that the point of the GP? (1)

khasim (1285) | more than 3 years ago | (#35200790)

And the cool thing is that you don't have to pick just one. It's perfectly possible and reasonable to have open and secured networks.

Maybe I read it wrong, but wasn't the GP's post about having unsecured guests onto the internal, secured wifi?

Having unsecured guests on an unsecured, external wifi network is easy.

Allowing someone in parking log to access your internal network from his unsecured machine ... that's a problem.

Just ask Target about it.

Re:Turf wars... Pfft... (3, Insightful)

_Sprocket_ (42527) | more than 3 years ago | (#35200590)

Got a great idea and want to get it past security without trouble? that's simple... simply get buy-in from a senior executive.

One of the best environments I ever worked security for allowed for senior managers to take personal responsibility for these kinds of decisions. The business unit would announce their Big Idea. InfoSec would look at it, analyze risks / security issues, and (often missing from many InfoSec groups) work out ways to allow the same functionality while mitigating any discovered risks, and ultimately document those risks. If the business unit didn't want to follow InfoSec's recommendations, they could take their Big Idea to their boss and make the business case for it so that their boss can take personal responsibility for the decision. InfoSec would provide the risk assessment. Senior management would then decide if the business case overcame the risk and everyone would press on accordingly. The process did wonders for enforcing open communication. Management wanted good information before they put their own butts on the line. Business units couldn't get away with just grousing or avoiding InfoSec and InfoSec couldn't get away with arbitrarily dismissing any new ideas. I should point out that this system is seeped in conflict. And that's good. Conflict is fundamental to security and, in many ways, any pursuit that has many options guided by creative thinking - something that all good IT environments should be encouraging. The key is to ensure that conflict can drive a constructive process. Too many IT environments pretend conflict doesn't exist and has no proper outlet for it.

Re:Turf wars... Pfft... (1)

c (8461) | more than 3 years ago | (#35201100)

> One of the best environments I ever worked security for allowed
> for senior managers to take personal responsibility for these
> kinds of decisions.

Yeah, I once had a dream like that too, except the senior managers were also unicorns who shit candy.

Re:Turf wars... Pfft... (2)

mysidia (191772) | more than 3 years ago | (#35200770)

Got a great idea and want to get it past security without trouble? that's simple... simply get buy-in from a senior executive. get him to adopt it as his pet project and get it working on the Dev servers. now when he announces it Security cant do anything but say yes and do your bidding because they do not dare tell the Senior VP of marketing that they wont let his project run.

They should go to the VP of marketing and ask him about delaying the implementation of the project to try to address some security issues, and inform him that the devs didn't give corporate security a heads up to even start considering the security ramifications.

Then a few weeks later, they can deliver a shiny report to the VP quantifying the risk that this new effort brings to the company, explain what the risks are, and propose mitigations to the risk (some of which involve removing things from the project, locking it down, or spending a lot more money), as well as the risks and costs for going forward with no changes.

After the VP weighs his options, he may cancel the project, due to the cost created by not involving security planning at Stage 1.

Do I make enemies withing security? yup. Every one of them hated me because my default approach to them was an end run. And it was simply because the security guys were incapable of thought outside of the "lock it all down" OMG OMG! DANGER DANGER! WE got a iphone/ipod app launched for use in the company and made every one of the security guys froth at the mouth and fall on the floor convulsing when I end ran them to a VP who loved it and wanted every sales person to have it. They lost their mind at allowing 190 non company locked up iphones and ipods connected to the holy internal wifi. Just wait when my ipad system for sales forecasting get's greenlighted and they have to allow 200+ ipads on it as well...

Just wait 'til Security has to have an auditor in with a pen test that involves sneaking in an iPhone with malware installed, and gives the company an F rating on a SOX audit, with demands that the "open wifi policy" cease, and 10-million$$ fines for the company.

Re:Turf wars... Pfft... (1)

merchant_x (165931) | more than 3 years ago | (#35200784)

That is the problem when you are working in a gatekeeper position or have deal with people in that role.

No one notices the gatekeeper until they screw up. The default answer to any request must be no, because if they say yes and something bad happens it is their fault. No one remembers that they have been keeping the bad stuff out up until this point. Only that they let this one bad thing through so they must be bad at their job and should be replaced.

Re:Turf wars... Pfft... (1)

Stregano (1285764) | more than 3 years ago | (#35200942)

It sounds like anytime you want something, you run to upper management. I guess you will be a manager firing people in no time with that kind of attitude. Good job. You are successfully not seen as much of an IT person, but a corporate person that pushes people around under him/beside him by getting in with upper management. I would not consider your story as much of an IT story as much as a corporate "push your weight around" story. Sure, it happened in the IT department, but it could possibly happen in any department.

Re:Turf wars... Pfft... (1)

haydensdaddy (1719524) | more than 3 years ago | (#35201118)

Just think how that would have gone if you had done steps 1 (buy-in) and 2 (dev servers) and replaced step 3 (be a dick) with (approach security with said buy-in and offer to collaborate on making the security work in a conducive manner). Senior VP would know you know how to manage a project and get things done and security would know that you're someone who cares about their requirements and is willing to work with them, making future engagements that much easier. Now that you've established your reputation as you have, good luck working with them on that ipad system now that the gloves are off.

Sadly.. (1)

grasshoppa (657393) | more than 3 years ago | (#35200202)

I have found not one, but two jobs where the entrenched administration chose Novell and refused to budge. I normally am pretty calm about using any tech, if it works then it works.

Novell, however, is a bloated piece of crap that no user should be forced to use. However, if it were the only game in town, then you're stuck with what you've got. It's not, however. It's not even the best at what it does. The only reason it's still in use is because there is a certain class of 'admin' out there that refuses to learn something new and update their skill set. So they instead drag the rest of their organization down with them in to the nightmare that is Novell software.

Re:Sadly.. (1)

GNU(slash)Nickname (761984) | more than 3 years ago | (#35200806)

Novell, however, is a bloated piece of crap that no user should be forced to use.

You do realize that Novell is a company, not a product, right?

Re:Sadly.. (1)

grasshoppa (657393) | more than 3 years ago | (#35201166)

Yes, and I have to deal with most of their product suite. So, for the sake of brevity, I chose to highlight the company and not the individual products.

Clearly, I expected too much from some folks.

Maybe the problem is themselves? (1)

joeflies (529536) | more than 3 years ago | (#35200258)

It's easy to point at other vendors, engineers, deployments, designs, et al and say that it went wrong because of them. But how much of that is an excuse made by midrange or flat outright incompetent personnel? Not everyone can be brilliant on the bell curve, and for everyone else, well, it's easier to blame others when the plan blows up.

Pfft...ops (0)

Anonymous Coward | more than 3 years ago | (#35200340)

This is not a troll comment. This is the truth at my company. I am a software engineer, and every time I try to get the ops team to do anything for me it's like pulling teeth. I have had numerous fights with them because when I need to get access somewhere, I want it right that second, not 2 days later. The ops are never around during business hours, and every time I ask them to do work, they give me the dirtiest look because I'm interrupting their break.com video watching. System admins are a joke at my office.

IT Department vs Software Developers (0)

SonofSmog (1961084) | more than 3 years ago | (#35200372)

If the IT department guys knew what they were doing they would be programmers. I don't care what they do I just don't want to help do their jobs for them. Oh yeah, and if you upgrade a server to a new OS because you have a wild hair up your ass, it's your responsibility to migrate the apps.

Re:IT Department vs Software Developers (0)

Anonymous Coward | more than 3 years ago | (#35200490)

Biggest battles I have ever run into. I develop software, workflows etc. I need to be able to mess with and test new system and network configurations in order to determine the best way to do things. Every single IT department I've started working with freaks out and won't allow the experimentation to occur and will go bitch higher up. In all my past experience that has resulted in me having new IT folks to work with, either through re assignment or removal.

Helping the business bottom line and core products is what moves a company ahead, not fighting over retaining power over pure overhead costs. IT departments don't recognize that the business is first, not personal fiefdoms.

Re:IT Department vs Software Developers (2)

terrahertz (911030) | more than 3 years ago | (#35200600)

I could just as easily say "if programmers could think on their feet and fix problems that cost the bottom line thousands of dollars per minute of downtime they would be IT guys." But then I'd sound just as short-sighted as you do.

Re:IT Department vs Software Developers (0)

Anonymous Coward | more than 3 years ago | (#35200874)

I could just as easily say "if programmers could think on their feet and fix problems that cost the bottom line thousands of dollars per minute of downtime they would be IT guys." But then I'd sound just as short-sighted as you do.

Yeah, because the programmers would be idiots to accept a higher-stress, lower-paying job that can be done by people dumber than them. But, if they were idiots, they wouldn't be programmers.

Re:IT Department vs Software Developers (0)

Anonymous Coward | more than 3 years ago | (#35201348)

Why would anyone voluntarily switch from a higher-paying programmer job to a lower paying job that a trained monkey could do? You give yourself way too much credit.

Re:IT Department vs Software Developers (0)

Anonymous Coward | more than 3 years ago | (#35200614)

If programmers new what they were doing I wouldn't be stuck running old-assed unsecurable OS's that we only keep around because stupid programmers can't be arsed to update their bloated crappy application software to run on current systems.

Hey programmer, try running your app without a machine to run it on.

Re:IT Department vs Software Developers (1)

Applekid (993327) | more than 3 years ago | (#35200838)

If programmers new what they were doing I wouldn't be stuck running old-assed unsecurable OS's that we only keep around because stupid programmers can't be arsed to update their bloated crappy application software to run on current systems.

Hey programmer, try running your app without a machine to run it on.

A lot of times it's the push from management, not the lack of motivation. App XYZ was written 9000 years ago (in computer time, so, translated into maybe 15 earth years?) and the developers were tricked into using some snazzy system calls or library components that promised they'd change the way they work "forever", but, really, support was dropped 3 years later leaving an app that, best case, needs an entire tier rewritten (worst case: the whole dang thing). It takes time and money, but the business won't spend any money because XYZ, as far as their concerned, still works just fine. Believe me: there's nothing I want more than to rewrite these little timebombs into something more supportable.

Part of this is why I just roll my eyes when the architecture team starts pushing this brand new framework of product or library that will somehow magically solve all our problems. It's just a whole lot of "play now, pay later."

Re:IT Department vs Software Developers (1)

SonofSmog (1961084) | more than 3 years ago | (#35201008)

And I was under the impression that we had to migrate our apps every couple of years because the IT staff spends half it's time in Microsoft brainwashing seminars that tout how much easier to administrate, and more secure their latest XYZ is even though they made that claim just a few years ago with OS ZYX.

Re:IT Department vs Software Developers (0)

Anonymous Coward | more than 3 years ago | (#35200668)

If the IT department guys knew what they were doing they would be programmers. I don't care what they do I just don't want to help do their jobs for them. Oh yeah, and if you upgrade a server to a new OS because you have a wild hair up your ass, it's your responsibility to migrate the apps.

Guys like you are really funny when lowly IT people like me point out errors in their code.
Some of us can program and choose to do something else. Admittedly I am lucky enough to be in a small shop with an unusually wide range of responsibilities. Along with the boring support stuff there is hardware, security, system and database administration, coding, web servers, ArcGIS servers, talking to customers, writing documentation etc.
I see way more things that interest me now than would if I was programming full time.

But that's just me, and I have met plenty of people who think like you do. :)

Re:IT Department vs Software Developers (2)

SonofSmog (1961084) | more than 3 years ago | (#35201084)

Well all of us programmers don't have backgrounds in engineering or sit around in a cube programming widgets. Some of us come from small shops where we have to do complete life-cycle development, database administration, package and installation, and everything else at one time or another so, we're pretty familiar with the roles that a dedicated IT department should be responsible for. In fact I wouldn't hire any developer that doesn't know have at least intermediate level knowledge of server OS's and networking. So you can color me unimpressed if the network admin says his job is as difficult as mine, when I consider something like IT support and network administration a stepping stone.

Re:IT Department vs Software Developers (0)

Anonymous Coward | more than 3 years ago | (#35200736)

If developers knew what they were doing they would know what ports their applications use.

Developers (1)

C_Kode (102755) | more than 3 years ago | (#35200410)

Any developer that writes an app that requires admin rights on the desktop should be beaten and stabbed. (yes, you should be able to disable auto-updating)

Re:Developers (1)

trollertron3000 (1940942) | more than 3 years ago | (#35201268)

What about ones that write admin tools?

Gotcha.

I joke though, it's bad form and usually just poor planning.

You can't do it, we must do it. (1)

DarthVain (724186) | more than 3 years ago | (#35200428)

I see this all the time in government. Various IT departments will make it impossible or difficult for others to do work, but limiting access to various things, restricting software, no allowing for permissions, and refusing to take responsibility for a role or function that might enable any of those things.

ME: I would like to do X. I need to have access to Y in order to do X, may I have access please?
IT Dept: A) No you cannot do it, but we would happy to do it for an exorbitant sum, but we don't have capacity now, so you will have to wait 6months. B) We are not responsible for granting that access but please speak with RandomITDept (who will immediately say its not their responsibility, and refer you back), however we would happy to do it for an exorbitant sum, but we don't have capacity now, so you will have to wait 6months.

I understand the rational for limited access to certain things, but the sole purpose for most of this seems to be to secure work and thus positions for their particular IT department as well as the power base for those managers so that their staffing and budgets are justified.

Sysadmin Saying (1)

ideonexus (1257332) | more than 3 years ago | (#35200624)

The head of our systems branch used to always say, without irony, "The applications branch can't run without systems, but without the applications branch, systems run just fine."

To which the head of apps branch would mumble, "Yeah, and without customers Apps branch would run just fine."

Re:Sysadmin Saying (1)

nikeair514 (1862148) | more than 3 years ago | (#35200968)

And without the network, none of it would run :)

Assumptions? (0)

Anonymous Coward | more than 3 years ago | (#35200686)

I love how the article assumes organization within IT. Ops vs. Devs? We're lucky if management knows what to manage.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?