back to article BOFH: Can't you just ... NO, I JUST CAN'T

"EVERYONE IS A F**KING EXCEPTION!" the PFY snarls - beating me to the very same exclamation by nanoseconds. "What do you mean everyone is an exception?" the Boss asks. "It's the life of a bloody systems admin, people want you to make exceptions for them!" the PFY shouts. "Passwords, web filters, extra file space. People want us …

COMMENTS

This topic is closed for new posts.

Page:

Thumb Up

Spot on

Working in support I get this every day... I need a cattle prod...

16
0
Thumb Up

Re: Spot on

"I need a cattle prod..."

Seconded!! Alternatively, have they started selling Tasers to mebers of the public yet???

** wanders off to find Taser website.....

0
0
Anonymous Coward

Re: Spot on

> Working in support I get this every day... I need a cattle prod..

When the phone rings and the amoeboid life-form on the other end begins the conversation with "Hi, just a quick question." I know immediately that the rest of my day is fucked....

10
0
Silver badge
Thumb Up

Re: Spot on

"I need a cattle prod..."

...and a roll of old carpet in the corner of your office?

0
0
Silver badge
Mushroom

Re: Spot on

"have they started selling Tasers to mebers of the public yet???"

No, but you can make one easily from the guts of a disposable flash camera :-)

1
0
Anonymous Coward

Re: Spot on

Oh, forgot about doing that, after occidentally zapping myself as a kid on one. I'm sure I have the bits somewhere...

0
0
Anonymous Coward

Re: Spot on

I have always found the capacitors from a camera flash to be a bit weedy, it depends if you want a quick refresh time of an almighty jolt with very slow refresh.

I go for slow charge and almighty jolt which is why I use a capacitor from an old power supply. Mine is built to recharge from an old motorcycle battery which makes it a bit more bulky.

0
0
Devil

Re: Spot on

I need an elephant prod! Cattle prod just isn't... enough.

1
0

Re: Spot on

>When the phone rings and the amoeboid life-form on the other end begins the conversation with "Hi, just a quick question." I know immediately that the rest of my day is fucked....

Not terribly long ago, our phones got updated, from standard wired phones to IP phones. The test phones we got had a very special fault... the phones have a multicolored LED, to show messages, incoming calls, whatever. However, the engineering phones were missing those LEDs - and furthermore, had a small metal plate covering the hole. Get a call from that annoying guy in marketing? No problem! Just call his phone from another line, and he'll be signaled that he has an incoming line - by pulsing the "LED" - aka, his head.

To the disappointment of IT, the phones we ended up with had an LED on the base, rather than the handset...

0
0
Pirate

RE: No, but...

They do over here in the States. How high you want your zappies to go? I've got a catalog right here hawking units up to 1 megavolt...

0
0
Thumb Up

F***ing brilliant

This is so true it's practically the exact conversation I have every other day (except without the cattle prod and carpet roll sadly). The moment you start letting the lusers dictate stuff like this is the moment you lose control over your systems.

11
0
Silver badge
Coffee/keyboard

Re: F***ing brilliant

Where do you get your quicklime?

1
0
Thumb Down

Re: F***ing brilliant

Shocking, isn't it, that the needs of the people who do stuff and earn money should take precedence over the desire of sysadmins to have a nice easy life with uniform rules.

Can you imagine what it would be like if doctors and lawyers had to tailor their advice and actions to the needs of their clients instead of using the same pill / letter for everyone.

TL;DR: Supporting people is your job. Stop fucking whinging and start fucking supporting.

10
70
Anonymous Coward

Re: F***ing brilliant @Ian Johnston

Yes, because if doctors simply succumbed to the whim of every patient, nobody would be addicted to any medication or suffer from any side effects or ...

Procedures are in place for a king reason. Password complexity helps keep hackers out etc. We don't do it for fun you know.

Yes we support people, but that is because those people need our support.

Tw@

28
1
Alert

Re: F***ing brilliant @Ian Johnston

"Yes we support people, but that is because those people need our support."

An error there:

"Yes we support people, but that is because those people need our support due to not understanding things such as humour or not reading them to the end"

Point proven above.

I do agree with the article... it is exceptions which lead to unexpected consequences as the system was designed before the exception was requested and usually for good reason.

Everyone thinks they are important enough to need an exception, but are they important enough to take the blame when things go wrong as a result of going against the procedures?

7
0
Bronze badge

Re: F***ing brilliant

Missing the point much?

This isn't about support staff not wanting to actually provide support.

It's about support staff providing support, within the boundaries of company policies and legal requirements, and without compromising the security or functionality of the very systems they want to use.

User asks me for a password change, or access to a file share, reasonable requests they get done.

"Can you let me individually encrypt a file on a file share, because we only want 4 of the 10 people who can access the share to see it?"

The answer is no.

Encrypted files can't be backed up by the backup system because it can't read them which causes the entire backup job to halt. Does the user understand that backing up all the companies files is more important than him encrypting one file? Of course not he wants us to "just make an exception this once".

Agreeing to this "simple" request for one user compromises a service provided for everyone else.

Giving the user what they want because it makes their life easier, is all well and good. But not when it causes other problems.

Personally I'm usually quite happy to find an alternative solution for the user. But I often find in many cases the user refuses to accept the alternative simply because they don't understand why they can't have it their own way.

19
0

This post has been deleted by its author

Anonymous Coward

Re: F***ing brilliant

"Supporting people is your job. Stop fucking whinging and start fucking supporting"

- Dealing with encyption is hard. Support us by removing the need to encrypt data being taken off the premises.

- Having remote access to the company systems is so useful that everyone should have it by default. Please support us by making this happen.

- Password complexity and reuse limits are onerous. Please let us use whatever passwords we like.

- Virus scanners slow our computers down. Please remove them from our systems.

- I want to be able to install my own software on my work PC. Please make me an admin.

I tell you what. Please stake your career on the fact that the requests you make to circumvent company policy will not cause anyone any problems. In the event of these problems I'm expecting you to state clearly that these changes were your idea, that any resulting security catastrophes should be laid at your feet, and that the support staff were obliged to support you and rightly had no power to veto your decisions. I'd like this in writing, please, and signed by your line manager.

TL;DR: I'm not willing to sacrifice my job for your temporary convenience. Stop fucking whinging and start taking some fucking responsibility.

23
1
Flame

Re: F***ing brilliant @Ian Johnston

Try saying that when you're on the receiving end of a Sarbanes Oxley access review and some fucknugget "made an exception" - the auditors couldn't give a toss, procedure wasn't followed and they're going to hammer the nearest approximately responsible person for it. In this context the word "just" is instantly greeted by the word "NO!" as loudly as you can shout it.

Rules are there for a reason in the IT domain, where access and accounts are concerned it's usually because it's a legal requirement. We aren't beancounters, we don't file paperwork in triplicate for the fun of it.

13
0

Re: F***ing brilliant

And when the lazy fuck who couldn't use a different password than his username has his account hacked, and the payroll database gets thrashed... what then?

The NO EXCEPTIONS rule is to stop 'little concessions' from blowing up and wrrecking the day for everyone else!

FYI; in my organisation we have 6000 employees, 200 locations, 8000 PCs and 350+ different applications. Letting someone 'update Java on their PC so that they can access their online bank' is likely to break quite a few of them. The 'classic' Hotbar IE addon broke one, (not my fault that we use IE. ) We have a ginormous fileshare with areas locked down by groups. Before we got THAT thing sorted, we often had to restore because a clumsy user stumbled upon something he shouldn't(such as the Delete key), now they only manage to ruin the day for the grest of their group.

3
0
Bronze badge

Re: F***ing brilliant

Oh and additionally, yes there are occasions where support staff may refuse a request to do something because they don't want to do the work involved, but this isn't due to laziness (at least not always!) it's actually because we know there is a way for the user to do it themselves which requires 10 times less work than if we did it the way they wanted.

Refusing to do the work in that case is a good decision for the company, not laziness.

Which is more productive for the company?

10 hours of IT support time setting up some new system or process

or

1 hour of a users time learning how to use something that already exists and using it to get the result they need?

Of course most users don't understand the above because they are unaware of how much time is involved in what they've asked for, they only care about how much of their time is involved.

5
0
Bronze badge

Re: F***ing brilliant

For quicklime just watch old episodes of Time Team where they show you all sorts of useful stuff like baking limestone to make quicklime, stratification of soil layers to generate an appropriate age of your artifact (a skull for instance) and all sorts of other trivia

1
0
Silver badge

Re: F***ing brilliant

@Ian Johnston

1) Doctors don't like it if their patients go to them and tell them how to do their job. Try going to your GP and asking for "XYZ medication because I have ABC syndrome, I know because I googled it." You'll probably find some special acronyms written in your patient file, such as PRATFO (Patient Reassured And Told To Fuck Off). Doctors spend five years at medical school leartning the intricacies of the human body and how it can go wrong. Have a little respect for them.

2) The same for lawyers (although maybe with less of the respect for a portion of them)

5) The same goes for experienced IT staff, this artcile is about how they have to enforce policies that are put in place for good reason, not for the benefit of 'people who do stuff and earn money'. It seems likely that in your job, you do too little 'stuff' and earn too much money for doing it, because you seem to be lacking in the intelligence to understand what this article was about. You don't work in sales or recruitment do you?

4) tl;dr? If you can't be bothered to read the article, then why bother to come and comment on it?

5) It seems to have escaped your attention that BOFH articles are humorous, not serious. Maybe it is because you have your pompous head stuck too far up your arse.

17
0
Flame

Re: F***ing brilliant

I'd say the reason the answer is no a lot of the time is because the user is trying to do something moronic.

Half the requests I get in I have have to think "what the hell? why? what are are they actually trying to achieve?"

heres how to do it properly.... - see? quicker, easier and within the rules.

I have to be half solutions architect and half mind reader - which dosent leabe much space for the actual job of supporting the system

3
0

the user is trying to do something moronic

PEBKAC.

4
0
Silver badge

Password complexity

Unfortunately in the real world, if they can't use "123456" or something short and crude, they write it down on a post-it pad and attach it to their monitor.

4
0
Bronze badge
Childcatcher

Re: F***ing brilliant

Stop ..whinging and start taking some ...responsibility.

This is exactly the approach that organizations should take to security. Policy should be set by leadership who assume the risk of those same policies. The folks in charge of implementation should not also be in charge of policy. The first question that should be asked of anyone making a request for an exception are, "Are you authorized and willing to accept the risk?" Sometimes it helps to educate those making the decisions, though, using easily-understandable terms... and diagrams... and PowerPoint slides...

2
0
Bronze badge
Headmaster

Re: tl;dr

To be fair to the troll I think he was using "tl;dr" to mean "in other words".

1
0
Silver badge

Re: F***ing brilliant @Ian Johnston

> because if doctors simply succumbed to the whim of every patient

They do that's the problem

It would be easier to just give this women with a cold an antibiotic, it won't do any good but it will get rid of her

10years later - antibiotics are useless because everyone handed them out like sweeties

10
0
Silver badge

Re: F***ing brilliant

I've been there, worked for a company where the sysadmin had everything nailed down. I couldn't fault the procedures or restrictions because I'd have done something similar if I'd been in charge. However, his defaults were totally unintuitive to me and I kept bumping into things because I'd learned something slightly different. The development team did usually manage to talk him into granting admin access to their machines though, because otherwise he'd have been buried under a stream of requests for specific bits of software that were necessary for the job. The 'standard build' isn't always helpful.

1
0
Ru
Holmes

Re: Password complexity

I suspect that given a suitably secure office, the old postit-on-monitor approach to security is not nearly as bad as having a lousy password on a device that may be easily stolen or accessed from anywhere on the internet. Cleaning staff are usually the flaw in that approach, however.

I'm a fan of 2-factor stuff, myself... TOTP dongles and smartcard access can reduce the impact of a multitude of sins.

2
0
Thumb Up

Re: F***ing brilliant @Ian Johnston

That's why you have a little document that informs them that they will now accept all risk for the potential damage of their exception.

Making someone sign their name on the dotted line for liability is a fantastic enlightening tool, you soon find they piss off back to their little cubical .

Technical IT Risk and Governance !

4
1

Re: F***ing brilliant @Ian Johnston

Mmmm, or possibly how many FTEs do you want to make redundant from your department to free up headcount for the extra support staff we'll need if we build in all this extra complexity in the infrastructure?

Cheap/secure/flexible : you can have one, with luck we may approach two, but all three is absolutely impossible.

2
0

This post has been deleted by its author

This post has been deleted by its author

Bronze badge
FAIL

Re: F***ing brilliant

Wrong analogy there Ian.

Rules and procedures in IT are in no way comparable to medicine.

Never been through an IT audit have you?

Go troll elsewhere.

0
0
Black Helicopters

Re: F***ing brilliant

Might be quick lime is reserved those with a legitimate use for it. Farmers, construction workers and such I guess. But any kind of heavy duty caustic drain cleaner would do the trick in a pinch...

0
0
Devil

Re: F***ing brilliant

Hell yea. Let's taylor the laws, regulations and pharmaceuticals on a client by client basis.

0
1

Re: F***ing brilliant

I smell an end-user daring to poke its head over the parapet.....

0
0
Vic
Silver badge

Re: F***ing brilliant

> The NO EXCEPTIONS rule is to stop 'little concessions' from blowing up

I don't have a "NO EXCEPTIONS" rule. I have an "I'll need written authorisation for that" rule.

I occasionally get a frustrated CxO coming to have a shout at me. I'll explain the reason I need authorisation, then leave it to him whether or not the exception happens.

It's amazing how much less likely things are to get authorised when you insist on someone "important" putting it in writing that they are taking responsibility for the action...

Vic.

0
0
Bronze badge

Re: Stop fucking whinging and start fucking supporting.

GO FUCK YOURSELF!!!!

When you start making exceptions for each and every (l)user in your organization, the exception rule tree could look like some goddamn clusterfuck of a decision tree. example:

IF $LUSER = 'ARSEHOLE-BOSS' THEN

IF $DEADLINE = 'YESTERDAY' THEN

IF $PRIORITY-LEVEL = 'FLAMING_RED_ HOT' THEN JUMP THROUGH_HOOPS_OF_FIRE ELSE

PUT_ON_BACK_BURNER

PERFORM_DAILY_DUTIES

IGNORE_EXECUTIVE_BULLSHIT

ENDIF

ELSE IF $DEADLINE = 'TOMORROW' THEN

GO_TO_PUB

KNOCK_DOWN_A _TALL_ONE

GO_HOME

ENDIF

ELSE

IF $LUSER = 'YOUR-BOSS' THEN

IF $PRIORITY-LEVEL = 'NOW' THEN JUMP THROUGH_HOOPS_OF_FIRE ELSE

GO_TO_PUB

KNOCK_DOWN_A _TALL_ONE

GO_HOME

ENDIF

ELSE IF $LUSER = 'ARSEHOLE' THEN

GO_TO_PUB

KNOCK_DOWN_A _TALL_ONE

GO_HOME

ENDIF

Do you get my point????

1
0
Devil

Oook!

Just desserts, correctly cooked as well.

2
0
Thumb Down

Nah.....

It was more fun when the threat wasn't simply to threaten to make the boss disappear..

1
0
Thumb Up

Hah!

Not the funniest BOFH, but it's pretty bloody accurate.

17
0
Bronze badge

Re: but it's pretty bloody accurate.

And, don't many of us fucking KNOW IT!!!!

I know, I know, I am in a bad mood - its Monday, and supposedly a holiday (in the US {fka "Armistice Day", now "Veterans Day"), and I have to work it. Shit!

0
0

Nice one, Simon

And a fond "welcome back" to the voltage, carpet, spade and lime!

3
0
Silver badge

I love implementing management dictums on security and access

- you know the ones that match their expectations of how the company works - and then breaking them two hours later for the very manager who insisted on the shit in the first place.

The trouble with computers is they do what you say, and if you're a manager, make you look like a twat.

Especially like the bit about the shit version of excel on the iPad - as the first iPad in an organisation is normally an exception signed of by the account manager so they can use it to do what it cant do.

2
0
Silver badge

BOFH - Just do it!

Would you like to know about the consequences caused by that change before or after I make it?

2
0
Anonymous Coward

Just this once?

I wonder if it's just this once that BOFH appears weekly?

0
0
Gold badge

Re: Just this once?

Yup. It's an exception ..

3
0

Page:

This topic is closed for new posts.

Forums