March 19 2019

The price of security has reached insanity

On Tuesday I needed to shut down some servers used by my work. I figured this would be answer a few security questions, request, confirm, and done.

Three hours.

Three hours of my life are gone to shutting these servers down.

Why did it take so long? Well, to make sure you want this done you have to shut down every service connected to the servers in a certain order. You have to confirm at each step… you have to make sure the order is correct or the next step won’t work. It got so complicated and messy I even had the tech support person on the phone confused at one point.

And every time I asked why this was so damned complicated I was told, “Well, it’s for your security.”

No, it’s not. You may think that, but it’s not.

There is no way on earth that when this setup was designed you did it thinking this will stop someone from dong nefarious things. If they got the root command and really wanted to take you down, they would go through all of this without batting an eye. You did this so a) a designer had a job b) keep people from shutting things down.

The idea that I have to spend three hours of my work day on a task so I can close out our account is absurd at best, and downright cruel at worst.

And if I call in and your engineers tell me that even they don’t have a kill switch? Yeah… right.

share tweet share