
A perfect storm that brought down LinkedIn.com - fanf2
https://engineering.linkedin.com/blog/2018/11/coding-conversations--the-perfect-storm--that-brought-down-linke
======
saltybytes
Why am I not surprised?

Back in 2011/2012 I worked with LinkedIn's api on a product for one of our
clients at a small web shop. While coding the login auth my team and I
discovered more than 10 security issues and addressed them to LinkedIn.
According to them they had only one dev working on the api and there was no
time or resource available to fix these issues. So we filed bug reports w/o
LinkedIn ever acknowledging them. Two weeks later LinkedIn was hacked and
167mio user accounts were sold for a few bitcoins on the darkweb.

Bottom line: take security serious. Throw so money and resources on it! Don't
be greedy and let things like this happen again. Oh, and don't hire people who
can't spell SRE or are 22-year-old fresh out of college folks who are not
fully aware of their responsibility.

All this shows us the ridiculous hiring strategy of LinkedIn, a terrible,
understaffed and greedy business, you should never work for.

~~~
fierro
Nice ageism there at the end

~~~
p-squared
The key phrase is "who are not fully aware of their responsibility". The
commenter is not wrong in identifying a subset of the candidate pool which has
a high risk of inadequate experience for this kind of work.

------
jpobst
It's amazing how often perfect storms happen, since every outage is apparently
caused by one.

------
jacknews
Is this a perfect storm like the Tacoma Narrows bridge, or British Rail's
wrong kind of snow etc?

Today's systems have become astoundingly, barely-manageably complex, to the
point where this kind of thing happens all the time, but let's not delude
ourselves with the slightly mystical 'perfect storm' analogy.

~~~
fierro
Every storm is perfect

------
blakesterz
"SREs have a saying, “every day is Monday in operations,” which means our
systems are in a constant state of change and our teams are on call 24/7 to
address any site issues that do pop up."

I kinda like that, but at the same time, ugh.

------
th0br0
I wonder what this third-party framework is/was...

