|
|
|
|
|
|
by chrisandchris
242 days ago
|
|
|
I would say of all companies that have great SRE, I would not have expected Google to be one of them were this process was so brutaly flawed: - Storing the safes password - which is required for the password manager to start - ... in this very same password manager?
- Failing at trying to insert the card in multiple ways into the card reader (it's like USB, you're using it the wrong way around). I would have tried that before (while?) drilling the safe.
- Having no clue (no documentation) how to restart the service, despite it having passwords in it? If passwords are lost, all encrypted stuff is lost, forever. If there's one thing I think is central to document personal or corporate), it is how to get accesss to passwords _fast and reliable_ whenever there's a disaster recovery. |
|
|
You're underestimating the amount of goodwill-run, unstaffed projects that any big corporation accrues over time, which accidentally become load bearing without anyone realizing until something goes wrong. Such unstaffed projects are usually very stable (from not having pressure to add features or earn profit) and therefore "just work" for years until something unusual, like an accidental DDoS, happens. In that time, the original author(s) and everyone with context have left the company. This is a very hard process/human problem to solve at FAANG scale.