Who, me? If it's Monday, then it must be time for another excursion to the sacred confessional of Who, Me? where Register readers confess their deepest sins or those of their deepest co-workers.
Today's story refers to the acquaintance of a reader. Having put a hand in The Big Bag of the Registry or pseudonyms, we will call the evil "Ron".
Ron was hired on a paid basis performing IT functions for the stock business of an early investment bank "It was," said our reader, "when Risk was still just a board game."
He worked in a small team of five people, responsible for developing and supporting a liquidity platform and critical capital allocation for the business that had to be in operation every time the trade occurred.
"Downtime was not an option since its inability to report a precise position to the regulator meant covering massive (expensive) capital reserves and, in the worst case, they were told to stop trading."
As background, the regulatory and compliance environment meant that there had to be a closed period declared at the time of publication of the annual report. No changes were allowed "for a malicious or malicious developer (!) To cause an interruption that depletes stocks."
While this made auditors happy, certain stakeholders in the stock business were not so satisfied that their requests for changes could end up stalled during this period. And Ron's team "was" agile "in the sense that they sat three desks away from commercial users and performed functions on a blackboard halfway between them and their customers."
So how do you keep that portfolio of updates running without annoying auditors or did the managers find out?
"A plan was drawn."
The application in question was a large Visual Basic client that was squatting on a user's local disk. It also connected to an Oracle backend. When a user activated the application, it showed a cheerful welcome screen before allowing a user to enter.
Ron's team silently replaced that welcome screen with an identical-looking replica that simply consulted the Oracle database to see if a new version of the client was available. If there was, he quietly hung a .bak in the installed version and extracted the new code from the compilation server.
A user may experience a brief pause, but is unaware of what happened when the new client was executed.
Any errors were similarly recorded silently, and Ron's team notified him. In addition, Ron "had automated an email address that would respond to a specific syntax of the message body, decrease the version and a verifier timed in the client would notify registered users that a problem had occurred and should be restarted. welcome / backup & revert would happen again and the client would log in again, none more wise ".
We presented this scenario to some anonymous types in the financial industry, and everyone was a little alarmed. While the odd patch is an integral part of life, a general update that could alter the data in the closed period is a no.
And, of course, the process continued through Witchings (the last hour of stock trading) and mergers, with bosses who are unaware of the wheezing invented by the development team to keep users happy.
It took three years before Ron made his confession, lubricated by guilt and the strange drink or two. Of course, a long time ago he moved to another bank.
"There never was a single problem, and business and IT never faltered."
Of course, there was a whole financial crisis in the last decade, but we are sure that Ron's antics were completely disconnected.
Have you ever made some rules beyond the breaking point and jumped a little from the clutches of auditors to make life a little less hellish for users? You have? Send us a Who, Me? and tell us all about it. ®
Beyond the data frontier