We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Godfather of Ai
Options
Comments
-
jimjames said:
Depends where you are I guess but updates are definitely applied to live servers and can cause immediate outages.onomatopoeia99 said:Section62 said:Good advice to have accounts with multiple banks though - not necessarily because of the risk of 'super' AI - but more mundane things like someone in IT support applying an untested upgrade or a cleaner pulling a plug, could temporarily limit access to your money if you only have one bank account.They always deploy updates untested to live servers as well, change management definitey isn't a thing..
https://en.wikipedia.org/wiki/2024_CrowdStrike-related_IT_outagesI'm well aware of that incident. So many failures by Crowdstrike, so much poor testing and implementation and given their product includes a driver that runs at ring 0 that's both astonishing and inexcusable. I manage a product that has updates that are pushed to the end-users of our clients, so an extra step removed from us, and knowing what Crowdstrike did gives me the absolute heebeejeebies.So, we exhaustively test updates before they go live. We give our clients the opportunity to beta-test updates if they wish to confirm compatibilty with their own systems before it makes its way to their users. We give our clients the opportunity to opt in or out of automatic updates. We provide both automatic and manual rollback mechanisms (for a situations where an update fails so badly the automatic rollback cannot work - we've never needed to use this but it's there). We stagger rollouts of updates.Something we do that it appears the affected businesses using Crowdstrike didn't is we don't let anything on our servers automatically update itself - we review and test updates on a separate server prior to deployment on the live servers (it's not clear from the wikipedia article if Crowdstrike offers the ability to do this to its clients). We also don't use Windows in internet facing infrastructure as a policy decision, though the product I manage targets it at the client end.We are a tiny company, not like the behemoths that were affected but if we can do that I'm at a loss as to why they, with their massive IT departments and corporate policies that generally make it impossible to actually change anything, can't do it too.I'm not going to start on the programming error that caused it other than to say whoever made it should probably stick to Visual Basic macros in Excel where they can't do any real harm, not kernel drivers.Proud member of the wokerati, though I don't eat tofu.Home is where my books are.Solar PV 5.2kWp system, SE facing, >1% shading, installed March 2019.Mortgage free July 20230 -
onomatopoeia99 said:
...jimjames said:
Depends where you are I guess but updates are definitely applied to live servers and can cause immediate outages.onomatopoeia99 said:Section62 said:Good advice to have accounts with multiple banks though - not necessarily because of the risk of 'super' AI - but more mundane things like someone in IT support applying an untested upgrade or a cleaner pulling a plug, could temporarily limit access to your money if you only have one bank account.They always deploy updates untested to live servers as well, change management definitey isn't a thing..
https://en.wikipedia.org/wiki/2024_CrowdStrike-related_IT_outagesWe are a tiny company, not like the behemoths that were affected but if we can do that I'm at a loss as to why they, with their massive IT departments and corporate policies that generally make it impossible to actually change anything, can't do it too....Which was really the point of my post. Even those (and possible especially those) who imagine "it can't happen to us" are vulnerable to something happening which they didn't think about or didn't expect*. At a user level we can give ourselves some level of DR (or maybe disaster avoidance) by not falling into the trap of giving blind faith that one organisation or system is immune from failure: i.e. have multiple current accounts and different pots of savings which give flexibility in the event someone (including ourselves) does something silly which blocks access to a main source of funds.Hopefully that isn't a controversial view on this forum.*This is where the metaphoric "cleaner" and metaphoric "plug" come into the equation. Sure, 'this system'(whatever it is) doesn't have a physical plug (and bear in mind nothing was said about it being an electrical BS1363 plug), and maybe it is in a locked room the 'cleaner' doesn't have access to. But that doesn't mean a person who doesn't understand the implications of what they are about to do won't find a way of getting past the protections the clever person put in place to stop a disaster happening.Those who know about the subject might be familiar with a case where a real cleaner was said to have "wiped out 25 years of research" by allegedly turning off a circuit breaker, despite the best efforts of staff to physically prevent the freezer being 'unplugged' -Who'd have thought a cleaner would have the nous to locate the circuit breaker and flip it off?
0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.8K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards