Scotland's Police Lose Data Because of Programmer's Error 108
Anne Thwacks writes Assistant Chief Constable Wayne Mawson told the [Scottish Police Authority] committee that a total of 20,086 records had been lost because a computer programmer pressed the wrong button between May and July last year. He added: "....they had been properly put on the system by the officers as a result of stopping and searching people, but we lost the outcome of it as a computer programming error. We have been working really hard to recover that data. I have personally overseen the sending out of several thousand emails to officers and follow-up audits. We have been working hard with HMICS to oversee everything that we do, to make sure it is done properly and I am pleased to say that the vast majority of that data, those results, are now back on the system."
What if? (Score:2, Insightful)
What if there was people powerful enough (politicians, ...) to clean their record? No, no, cannot be, complot theory. They surely don't have any functional backup. I am a believer my overlord.
Re:What if? (Score:5, Insightful)
Re: (Score:3)
Because they can afford *good* lawyers.
Re: (Score:2)
Re: (Score:2)
This has very little to do with people's police records becoming clean - it's about the police misleading the public (and our politicans) about the number of stop-and-searches being carried out ("they had been properly put on the system by the officers as a result of stopping and searching people, but we lost the outcome of it as a computer programming error"). Scotland - uniquely in the UK - continues to carry out "consensual searches" (searches with the "consent" of the victim) even when the person being
Re:What if? (Score:5, Funny)
And those guys want easier access to private data (Score:1)
Bureaucracy in action: " I have personally overseen the sending out of several thousand emails". If there were less people at overseeing emails and more in IT the whole mess would not have happened. Perhaps they should even try reading about backups next time.
Re:And those guys want easier access to private da (Score:4, Insightful)
What's even more sad is that he has most definitely not "personally overseen the sending out of several thousand emails". At best, he has sent some memo around that said something like this: "Send out emails now! That's an order! Yours sincerely, your boss. P.S.: Fuck you!"
Re: Programmer error, really? (Score:2)
Re: Programmer error, really? (Score:4, Funny)
Re: (Score:2)
I find "programmer error" credible, which should tell you how much confidence I've got in their IT. If they don't have a backup for transaction data, and they are too cheap to provide a test environment, and don't restrict the programmers' access to the production database, programmer error is completely believable.
Computer programmer (Score:1)
Shouldn't that be typist or data clerk?
Re: (Score:1)
It's just glorified data entry. If they can type, they can program-- and the faster the better. [thedailywtf.com]
Re: (Score:3)
I'm not sure. A typist generally won't hold down a button for several months as this person allegedly did.
A brainfuck [wikipedia.org] programmer who needs to access a big chunk of memory, on the other hand...
Convenient error, perchance? (Score:5, Interesting)
Speaking as someone who's been following this story as it developed, it seems to me that the data that has been 'lost' is data the high heid yins of Scotland's police were very eager to lose. They'd been acting beyond their remit - and probably beyond the law - and they knew it.
So I suspect someone with scrambled egg on their hat took that programmer into a quiet room and said 'you will make an unfortunate error this afternoon, or we'll be sending the boys round'. I'm pretty sure the government suspect the same.
Heads will, I suspect, roll - and I don't think they will be the heads of programmers.
Heads will roll? (Score:4, Insightful)
Re:Heads will roll? (Score:4, Insightful)
If any one person, under orders, acting on their own initiative or simply making a mistake, is capable of irrevocably wiping important records like these, then there is something seriously wrong with your organisation. Someone is responsible for managing IT and keeping information/records at the police, start with them.
Re: (Score:2)
I knew a guy who was believed when he said the dog ate his homework, because he went into details as to how hard it was to get the dog to eat it.
Re: (Score:2)
So I suspect someone with scrambled egg on their hat took that programmer into a quiet room and said 'you will make an unfortunate error this afternoon, or we'll be sending the boys round'. I'm pretty sure the government suspect the same.
Heads will, I suspect, roll - and I don't think they will be the heads of programmers.
They will be of programmers. It'll be a programmer that logged in, and a programmer that hit the keys.
The programmer should have demanded a signed sheet of paper ordering the "error". If they threaten to fire him for that, he points out that if he's fired, then he'll talk. They'll either kill the programmer (pretty rare, despite what the movies indicate) or work out some paperwork in a mutually-destructive-pact. Not the police, but when I've ever been asked to do something questionable, I've always man
Re: (Score:2)
Is that like a muckety muck?
Slightly more seriously, how is "heid" pronounced (besides with a Scottish accent)? Like "hide"? "Heed"? I'm assuming "yin" is pronounced the same as it would be in "yin-yang"?
In any case, my thanks for the new bit of slang....
Re:Convenient error, perchance? (Score:4, Informative)
Is that like a muckety muck?
Slightly more seriously, how is "heid" pronounced (besides with a Scottish accent)? Like "hide"? "Heed"? I'm assuming "yin" is pronounced the same as it would be in "yin-yang"?
In any case, my thanks for the new bit of slang....
Heid is pronounced "heed"
Yin, well, "Yin"
Head yin - Big Boss, The Head of the Outfit. The Head One.
Re: (Score:2)
Heads will, I suspect, roll - and I don't think they will be the heads of programmers.
And if they do, it will be the new guy in the mailroom, or the third shift janitor.
Re: (Score:2)
Depending on which is not a fluent English speaker.
Software testing ... what a novel concept (Score:5, Insightful)
I just wonder how much longer before software testing will get the respect it deserves.
Re: (Score:3)
Software testing doesn't protect against a user pressing the wrong button, which then works as expected. I agree it's a management error, but the failure in such cases is a lack of user testing.
Systems should be designed to follow the interactions that are more likely to be made by users, not the other way around - forcing users to follow the path that a developer thought would make sense. Unfortunately, user-centered design is still a foreign concept to a good chunk of developer houses.
Re: (Score:1)
Re: (Score:1)
I go toe to toe with my boss on a weekly basis about how hard it should be to delete records from the medical record system we developed. Our support lines get swamped with lowly receptionists who need to remove notes they've made on a patient's phone log (an important part of the chart) and they just don't want to bother the manager or the doctor who are actually authorized to remove notes from the chart, they're just so, so very busy, you know.
Re: (Score:1)
Re: (Score:1)
The error here is that the programmer was given a login to a database and that login had been granted "DELETE" permissions. On vital systems, the standard software should basically never be granted "DELETE" permissions, only CREATE, SELECT and UPDATE. Deleting a record should involve setting its status to "deleted" nothing else. There is only one reason (except the obvious ability to use referential integrity when doing business operations) to delete something from a table, and that is to free up space. Sin
Re: (Score:2)
Management failed.
Yep, if the coder followed procedures, not his fault, if there were no procedures also not his fault. Inadequate testing regime, again, not his fault. Anyone in the business of coding for more than an hour knows serious coding errors like this happen all the time in development. If these expected errors manage to navigate the layers of testers and admins between check-in and production then someone else screwed-up, either that or there's a hole in the test/delivery procedures.
Don't have layers of testers
Re: (Score:2)
o Worked for large co; found several "Sev 1" bugs on a product was was proposed to be released soon. I was put on inventorying computers; product became one of the larges failures in company's history due to -- bugs.
o Same co, later: needed to make a code drop to another business. My job: To make sure that the code worked as expected, and could compile. (they got a "special" version of the code.) I told the PM that we shouldn't have the code on a given storage server -- it (the code) co
Re: (Score:2)
I had my contract with a bank end shortly after I was told to promote a certain program (in Perl) from QA to Production, and did so without checking whether the program in Production was at all similar to what was checked in. It turned out that it had been changed on the production machine without checking it in or putting it in Test or QA, and that my not checking for that was a Bad Thing according to the manager. I was relieved to have that contract end.
Re: (Score:2)
This (like many others) is actually management error. Management failed to oversee programmers. Management failed implement test. Management failed.
And Management lost potentially incriminating records which contradicted what Management had stated publicly. Management destroyed evidence of unlawful behaviour carried out by Management, and it can no longer be used against Management. And the worst that will happen as a result of this is there will be a mildly embarrassing story in the BBC followed by an increase in the IT budget, ostensibly to prevent further "mistakes".
Management succeeded . Brilliantly.
Re: (Score:2)
Management failed to prevent "programmers" from having access to production systems. Developers will break things all the time in the course of development, which is why you don't have them working on your actual production system.
Unless they meant a system administrator or a data entry clerk with access to delete existing records was a "programmer", which is just as likely given the usual level of government understanding of IT.
Re: (Score:2)
At least this article admits to a level of "programmer error". However --- like most "computer error" news articles, this one misses a key point: This (like many others) is actually management error. Management failed to oversee programmers. Management failed implement test. Management failed.
Assuming story on its face is true the blame for failure to recover goes to IT hierarchy responsible for managing the database. No data programming error should have the capability of causing unrecoverable data loss. It isn't so much you guard against someone or something typing DELETE FROM ... as much as retaining ability to restore database to a transitionally consistent state immediately prior to execution. There is no excuse for failure to retain a chain of log backups.
Re: (Score:2)
Even some thing as simple as "database cleanup" can be a problem when not properly tested. In once instance I was testing a server/database migration/upgrade. In the Test Plan, I called out that permission issues could not be tested (security wouldn't allow it) and failure to test could result in data l
Ah yes... (Score:2)
The good old "DELETE FROM records WHERE 1;.... FFFFFFFFFFFFFUUUUUU----" on the production system on a Friday afternoon...
Re: (Score:2)
The good old "DELETE FROM records WHERE 1;.... FFFFFFFFFFFFFUUUUUU----" on the production system on a Friday afternoon...
Even then you would have to be a hack to not be able to recover a snapshot of database prior to the incident from redo log.
Properly managed capability to see database as it existed at any point in time is maintained throughout the useful life of the database with no exceptions.
Pressing the wrong button ? (Score:2)
'Programmer' working with live data? (Score:5, Insightful)
Re: (Score:3)
Re: (Score:2)
a month in the Aberdeen Hilton? More colloquially known as Queen Street Police Station or Grampian/PS Divisional Headquarters.
Re: (Score:2)
Yeah, someone working in the police force there is either very incompetent or very shady.
Actually, you are overlooking the most likely scenario: Someone (or more than someone) working for the Scottish Police Authority is both very incompetent AND very shady.
Re:'Programmer' working with live data? (Score:4, Informative)
Very convenient, and of course we all know programmers develop their code on the only copy of a live database (of which there are no backups)...
I know of at least one project from my former life as a consultant where that happened, the production server was available and being set up to match development for the first release, then it kinda just rolled into production without anyone notifying IT so all the production monitoring, backups etc. was never turned on. They were not happy when they eventually found out many months and many, many manhours of production data later, but fortunately nothing bad happened in the mean time. Or another project I was on, where finance had kinda built their own system outside IT that they de facto used for reporting but wasn't supported in any way. If you haven't seen it happen, be grateful.
Re: (Score:2)
Smaltalk...
Phrasing? (Score:5, Insightful)
"Programmer error" != some idiot pressing the wrong button.
If you want powerful software, you get powerful results. You also get powerful fuck-ups. Don't blame the person who coded it, blame the idiot who clicked through 4 different "are you REALLY SURE you want to do this" warnings.
Re: (Score:2)
Or you can blame the idiot designer who didn't properly explain the consequences of "doing this" in their black-box interface, so that the user could make an informed decision.
Re: (Score:2, Insightful)
Or you can blame the designer that designed a system where it's possible for a normal user of the system to bulk delete an entire swath of the database while working on a single record, and without having an audit trail record that allows point-in-time recovery from backups without any data loss.
Re: (Score:2)
The article's title is sensationalist and the caption feeds that sensationalism.
The content itself is more nuianced.
The "DROP TABLE crime;" button? (Score:1)
Is it next to the "any" key?
Re: (Score:3)
Actually, New Scotland Yard is the HQ of the Metropolitan Police in London and this disaster was only for Police Scotland.
Police Scotland is the recently formed amalgamation of the four or five police forces that Scotland had into a single force. The merger was to unify various systems, presumably so that something like this could affect the whole of Scotland rather than just one part.
Irish? (Score:2)
Re: (Score:2)
Re: (Score:2)
Sackings and investigation required. (Score:2, Insightful)
Seriously, what kind of system can't recover from a backup? Why can't this system? What idiot allowed the situation to arise where backups can't be restored?
Re:Sackings and investigation required. (Score:5, Interesting)
This can't be restored because the police do not want it restored. The are under investigation for abuse of stop and search powers, and racial profiling. Suddenly all of the reports that they have to file after each stop and search are gone. IT error my ass.
GCHQ to the rescue! (Score:1)
Didn't GCHQ have a backup? They have a Backup Of Everything, no?
(captcha: archives)
Re: (Score:1)
Pfft, they should just call the CIA/NSA to get one of their "backup copies".
Ah... (Score:2)
ye olde 'programmer pressed the wrong button' again when the brass ignored their pleas for implementing backup systems.
Karma _is_ a bitch.
pay peanuts, get monkeys (Score:1)
Single key mistake? (Score:2)
Cannot be a mistake. It's intentional. Intentional stupidity at least.
On the other side a single key error from a user is different. But still, a function that wipes data, all of them, with a single key(press) should require no less than a second key for confirmation.
My personal diagnosis:
- 95% The report is totaly nonsense trying to move responsibility on someone else.
Re: (Score:2)
Consider the difference between "DELETE FROM foo WHERE bar = 0;" and DELETE FROM foo WHERE bar > 0;". If bar is a numeric column that should always be positive, we've gone from deleting erroneous rows to all good rows. One character difference. Easy to do accidentally. Also easy to catch if the shop is properly run, and if top management doesn't want that error to happen.
Re: (Score:2)
Re: (Score:2)
One I saw.
Business application. Sales bean counting.
Pretty standard stuff. Start a new entry. First step. Enter old buisness#, leave blank for new. When enter is hit the computer creates parent row and returns new # to client.
If you bailed out of the entry without hitting enter once, it would call cleanup with null. Which was fine, except the one cleanup function our 'genius architect' had written himself, to help make the deadline. For some reason he thought that a null meant no constraint, delete e
Scotland's Police Lose Data Because of Programmer' (Score:2)
And they don't keep backups, like the most trivial ISP does, like I used to work for
So.... (Score:3)
Is Lois Lerner working in Scotland now?
Re: (Score:2)
She only lost internal emails, which were not considered official records.
And where was the backup? (Score:1)
It is inexcusable to not have a backup of the database. Sure the programmer was stupid. Should take less than 5 minutes to restore that many records from the backup that should be in place.
Re: (Score:2)
the backups were apparently in police notebooks. Police notebooks are intended to be complete verbatim records of encounters with members of the public, but we all know that doesn't happen. We are talking about stop/search records here, and while City of London police did pilot body cams for a while (I submitted a story on this, it was rejected for strange unknown reason) in response to a public campaign for police to submit to constant public monitoring ("Leon's Law") hence complete oversight by the PUBLIC
The question that should be on top of everyone's (Score:2)
...mind, is: ...why was a lowly data monkey allowed the sort of access required to "accidentally" delete official records??
It takes a special kind of negligent to permit such crass contempt for operational data. This should prompt a criminal prosecution of not only the operator but the idiot who accepted the specification as well. Hell, my personal wiki doesn't allow deletion (as is the default, it takes a deliberate effort to change this to allow even an administrator account to delete ANYTHING), because y
Bullshit (Score:2)
You cannot lose data because of one wrong keystroke. You can only lose data as part of a persistent culture of being careless about data. Anything put into this system should be logged, and that log is the backup. Data was lost due to inadequate, incompetent design. Or, it was designed to lose data, and it was very competent.
Re: (Score:2)
Well, there was a lot of wrong keystrokes in just the right order leading up to this, but it did end in the erroneous pressing of "enter" - without which the prior keystrokes of DELETE * FROM EVIDENCE wouldn't have mattered.
But it was definitely the single, final, erroneous keystroke that is to blame and therefore definitely an accident.
Only in Holyrood (Score:1)
The admission came as senior officers appeared before a Holyrood committee.
Among them was Chief Constable Sir Stephen House, who said he had apologised for giving incorrect information to the police watchdog over stop and search statistics.
This is something that can only happen in Holyrood.
Sounds like they need to get their House in order
backups (Score:1)
Whatever happened to off-line backups? One mistake can't wipe you out then.
Re: (Score:2)
Whatever happened to off-line backups? One mistake can't wipe you out then.
What is worse all database systems worth using offer the ability to view the database as it was at any point in history. It is like a rolling historical backup guaranteeing data cannot be lost forever due to mistakes manipulating data.
Och (Score:1)
someone please tell me I'm imagining this? (Score:2)
This news breaks the same DAY leaks of Police Scotland are discovered to have been (and continue to be) performing an undisclosed number of "consensual" stop-searches on *children* under 12?
HINT: CHILDREN UNDER 12 CANNOT LAWFULLY GIVE CONSENT IN SCOTLAND.
This while the Hollie Grieg thing is STILL ongoing despite the fact that Robert Green has been persecuted by the Scottish police and judiciary for exposing the former Lord Advocate's involvement in the cover-up of her friends' involvement, more to the point
Tut tut... (Score:2)