It was more than an announcement. They cutoff access to gitlab and broke automated workflows. It shows that they don't know their customer base that well if they were willing to do that. Surely they knew they'd break automated workflows?
So, either they don't care that they broke those workflows when they made this change, or they didn't know that the workflow breakage would be bad. Both are shitty and implies a lack of understanding of their core user base. So, sending customer reps out like they are now screams to me that gitlab really only cares about presentation.
My questions come from the fact that you, and others from Gitlab, are coming out of the woodwork in groups in response to public negativity and trying to play it cool, eg "wanna".
At least to me, it feels hollow, just like your response right now. It makes me think that Gitlab knew that there was going to be a backlash, and only sent your team out to mitigate damages. "There is no such thing as bad publicity" sort of deal.
If Amazon did the same thing you were doing right now, everyone would be up in arms.
I used to work at Bank of America as a level 2 app analyst back when they first started building Quartz. At the time, it was advertised internally as a system to be used for reporting, and so it had lots of built-in functionality to connect to databases, etc. Pretty neat.
That said.
The method of encoding production database credentials was rot-13. No joke. In the Quartz interface, you could double click on a starred-out set of credentials, and it would run rot-13 on it and display the password. This was for FX, rates, credit card, mortgage, etc etc etc. Having access to this cloud system gave effective access into all of Bank of America and Merrill Lynch.
They probably save a lot of their money by using very, very bad practices.
Still only the second worst security fail I've seen.
A few years back I was mugged in Chicago at a busy intersection very close to a train station. Being the FOIA nerd I am, I submitted a FOIA request for the footage of the spot I was mugged at. It came back saying that no footage exists. Probing the investigator, I was told that the camera rotates randomly, and wasn't pointed in my direction. It's very difficult for me to think of Chicago's surveillance with any sort of charity, when they can't even do a single major intersection.
Fun fact: Chicago's city hall has a retention period of zero days on its cameras. Go figure.
Google fi user here: when they throttle in areas with weak cell signal, the throttling is aggressive and internet practically doesn't work. It's very frustrating. "Throttling" isn't the right word.. maybe "crippling" is better.
So, imagine you have a massive celestial body floating out in space, with a large gravitational field. Its gravitational field is always propagating. Now, take that celestial body, and make it completely and instantaneously disappear. There's now a gravitational differential between the now-gone body, and its previously propagated gravity field. You should be able to detect that if you're close, say through tidal differences.
Very similar happens with black holes colliding, except the gravity differential comes from the two black holes oscillating near each other, close to the speed of light.
Edit: this obviously isn't exactly how this works, since it makes a lot of assumptions, such as the ability to instantaneously remove something. So, don't think of this as how "things actually work", but as a model to help build your intuition.
Ah sorry. That does sounds relaxing, even in jest.
I'm trying to get out of for-profit tech and into the non-profit space to do data/FOIA/investigative work. It's still "tech work" at the end of the day, but without the deep dread of making rich dudes richer.
This isn't my experience with just a single job. This is my experience in the perspective of a sysadmin/SRE/devops "track". Maybe it's different for programmers, but the overall spirit of my post happens at most of the places I've worked at.
You're suggesting that Facebook is 100% accurate in determining whether a name is real, or a pseudonym.
Imagine this: someone is on Facebook and wants to hide their identity for some reason. Best examples I can think of right now is teachers who don't want their profiles accessible to their students (because high schoolers can be little shits). Or someone trying to create a new life after domestic abuse. It makes full sense that they wouldn't want to give their full name so that they can't be found. Facebook isn't good enough in real name detection to get it right 100%. How could they?
With this sort of dump, a domestic abuser can much, much more easily find the person they abused, when that person was previously under a pseudonym.
This is just a small example. It gets much more complicated when considering how many millions of phone number:Facebook IDs were released.
So, either they don't care that they broke those workflows when they made this change, or they didn't know that the workflow breakage would be bad. Both are shitty and implies a lack of understanding of their core user base. So, sending customer reps out like they are now screams to me that gitlab really only cares about presentation.