Post

1 Star2 Stars3 Stars4 Stars5 Stars

By Shmuel Gershon
As most words, “quality” has a lot of different meanings to different people.
I guess “Customer Satisfaction” has a lot of different meanings too.
A couple of months ago I tried to access a site (now I don’t even remember which it was) and was greeted by the note below:
Let’s read that again: “The attack was not successful and our safeguards prevented intrusion“. Ah, nice. But Mr BudgetHostingWeb, can you explain how, if the intrusion was prevented, how the hell did the “server’s hard drives failed during this process“?
Maybe the hard disk sensed that an attack was being attempted, and then committed suicidal, in some sort of self-aware sense that “it’s better to die than have those hackers get the secret data stored in me!”
(Side note: If you ever had to deal with web hosting service’s backup, you know it is a nightmare. A service I used once had “hard drives problems” too and their last backup was a month old — even if they had claimed to do daily backups. No, I didn’t sue, and I think I wasn’t even surprised (Quality is Dead, right?), but I did change to a different host later.)
So now we have customers who lost all the data of his website.
If they had good backups, they’ll be able to upload it with the FTP Upgrade package — and if they hadn’t, well, will have to start from scratch.
And this is being communicated to him in such a lousy way… Note that the alert in the page is not targeting the site visitors (which do not upload files by FTP), it is targeting the web page owners. Why would an alert to the page owner be glued to the home page of a customer? Maybe because they didn’t send the communication in any other way?
(Maybe the hard drive with the customer information failed too, who knows?)
And the alert says “the attack was not successful“, which is what makes one (me) angry.
Mr BudgetHostingWeb, your customers are unhappy, they had a major data loss, and have to fix it themselves instead of doing business. Please re-write the message to something like “The attackers succeed to cause failures in some of our hard drives, and unfortunately we don’t kept backups of your data. As far as we can discern, no information was stolen, but we are deeply sorry for this inconvenience.”
Because shaking yourself free of responsibility isn’t exactly the best experience you can provide your users.
Let’s sympathize with one of their customer, which is a great practice for software testers:
I did a search on Google to try to find sites that were part of the problem. Even thought a lot of time passed since the incident, Google found three (two of them do not have the text in their sites anymore, Google is outdated too, so it leaves us with only one customer specimen, Free Range Whippets):
Whippets are lovely pretty dogs, and the first link on the screenshot above sports the following notice:

We regret that our host server was recently the victim of a serious hacking attack.
The attack was not successful and the safeguards prevented intrusion however the server’s hard drives failed during this process.
All services have now been restored. Unfortunately, our site was one of those affected, and we need to upload ALL the files again.
Some links and photos will not work or appear until we re-upload.
We hope to be fully back online soon but finding after six years of loading photos, they don’t go back up overnight.
Please visit us again and click all the links!
Thank you, Lori & The Whippets

6 years of work, gone! Is that what the safeguards were supposed to do?
The hacker attack wasn’t successful, but Lori still has got broken links in the whippets’ images :(.

Source: http://testing.gershon.info/200906/bott-smile-youre-data-is-gone/

Category: Bug of this Time, Test Insight

Você também pode querer ler

Comments are off for this post.