Thursday, April 14, 2016

BIG mistake

This sobering headline was on Drudge this morning:

Ouch. Big. Major. OUCH.

According to the article:
A man appears to have deleted his entire company with one mistaken piece of code.

By accidentally telling his computer to delete everything in his servers, hosting provider Marco Marsala has seemingly removed all trace of his company and the websites that he looks after for his customers.

Mr Marsala wrote on a forum for server experts that he was now stuck after having accidentally run destructive code on his own computers. But far from advising them how to fix it, most experts informed him that he had just accidentally deleted the data of his company and its clients, and in so doing had probably destroyed his entire company with just one line of code.

The problem command was "rm -rf": a basic piece of code that will delete everything it is told to. The “rm” tells the computer to remove; the r deletes everything within a given directory; and the f stands for “force”, telling the computer to ignore the usual warnings that come when deleting files.

Together, the code deleted everything on the computer, including Mr Masarla’s customers websites, he wrote. That piece of code is so famously destructive that it has become a joke within some computing circles.

Normally, that code would wipe out all of the specific parts of the computer that it was pointed at. But because of an error in the way it was written, the code didn’t actually specify anywhere – and so removed everything on the computer.
I can't even imagine. It's bad enough to lose data on a computer -- but to erase a whole company?

Speaking of which, time to back up both the blog and my laptop....



  2. I see how that could happen :wink:

  3. I once had a boss (IT department head) who was showing off his "mad computing skills" at a remote location from our company. He typed in a command on his laptop and when it took longer than he expected to complete, he asked me what the specific command would do (what a dummy!). When I told him it would delete everything in the directory he was in, he aborted the command. Too late! He had deleted 2/3 of the files back at the company! $100 million in sales a year company! It took nearly a week to get the backup files and duplicate everything that had been done since the backup (only 15 hours earlier). Too bad the company was owned by an "old school" gentleman who thought women weren't good enough to have high rank in his company!

  4. Backing up is good. I've learned the hard way what happens when you don't do it often enough, too.

  5. It can be amazingly simple to do if you're not careful about validating input ...

    For instance, let's say that there are two variables, "bckdir" and "custdir", that are meant to hold backups. You then create a path from those two variables, but your script is sometimes not working, so you think that it would be a great idea to make sure the information is fully pathed.

    So you do this:


    And because you only let your customers keep
    one backup, you do this first:

    /bin/rm -rf "${mydir}"

    But you aren't validating your input, and one of the configuration files that specifies the values for one of your customers is missing.

    So when "bckdir" and "custdir" are empty, the path value becomes this:


    Which is the same as "/", which is the top-level of the system.

    Install it, forget about it, and after a while all of your files are gone because you thought your quick full-path fix was a great idea.

    While you thought you were backing up your system, you were actually trashing it as well as where you were storing your backups ...

    That's how it can happen.

  6. Worse case is that Mr. Marsala put 1,535 companies out of business last night. Heck that's nothing. The US government does that by 10AM every day.
    Montana Guy

    1. You, my well prepared friend, have a gift.

      Will Rogers couldn't have said it any better.

      A. McSp

    2. Time for some "code insurance."
      It wouldn't get your stuff back, but it would sure come in handy if your were to be sued by 1,535 suddenly out of business companies that had you cold as the admitted culprit.
      Bad bad day at the office, dear.

      A. McSp

  7. Ummm... this was a hoax. Didn't happen.