Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday January 19 2018, @03:12PM   Printer-friendly
from the note-to-self dept.

Submitted via IRC for TheMightyBuzzard

After a false alert about an inbound missile, Hawaii's Emergency Management Agency has said a worker clicked the wrong item in a drop-down menu and sent it, and that its system was not hacked. But Hawaii News Now is reporting an AP photo from July has resurfaced, showing the agency's operations officer in front of monitors, attached to one of them is a Post-it note with a password on it.

Just.... wow. I'm nearly at a loss for words on how big of a screw up this is. And from the response of the spokesman sounds like this was a shared password, therefore no way to link it to a specific careless employee.

Richard Rapoza, emergency management agency spokesman, confirmed that the password is authentic and was actually used for an "internal application." He said he didn't believe that application is any longer in use, but declined to say what application the password was for.

Source: https://www.hardocp.com/news/2018/01/17/hawaii_emergency_management_password_found_in_press_photo/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Informative) by meustrus on Friday January 19 2018, @06:04PM (7 children)

    by meustrus (4961) on Friday January 19 2018, @06:04PM (#624802)

    Given the seemingly random order of the links, though, there's a good chance that the last time the list displayed it was in a different order. For all anyone can tell the DRILL and not-DRILL options are usually swapped in their position on the list. Either that or somebody added stuff to the list and shifted it until the 4th option went from DRILL to not-DRILL, but still looks essentially the same.

    A bad enough UI design will make normally intelligent people do unintended things, regardless of how many warning messages and confirmation dialogs you throw in their faces.

    --
    If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 1, Insightful) by Anonymous Coward on Friday January 19 2018, @06:26PM (5 children)

    by Anonymous Coward on Friday January 19 2018, @06:26PM (#624814)

    This is the site of "personal responsibility" so you're lecturing into a hurricane.

    • (Score: 4, Insightful) by meustrus on Friday January 19 2018, @07:28PM (4 children)

      by meustrus (4961) on Friday January 19 2018, @07:28PM (#624846)

      Don't get me wrong, personal responsibility is great when people have it. But sometimes you have to design things to mitigate for lack of responsibility, because you aren't going to be running the system and you have no control over the person that will.

      --
      If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
      • (Score: 2) by Azuma Hazuki on Friday January 19 2018, @09:16PM (3 children)

        by Azuma Hazuki (5086) on Friday January 19 2018, @09:16PM (#624908) Journal

        Would it have killed them to build in something like a popup going "ATTENTION: You have selected the "Not a Drill" option. Please confirm that this is indeed an actual missile strike" or something?

        I mean come on, a little poka-yoke here would have saved a ton of grief -- see https://en.wikipedia.org/wiki/Poka-yoke [wikipedia.org]

        --
        I am "that girl" your mother warned you about...
        • (Score: 3, Interesting) by meustrus on Friday January 19 2018, @09:49PM (2 children)

          by meustrus (4961) on Friday January 19 2018, @09:49PM (#624935)

          They probably did one "better" and made it pop up for every option!

          --
          If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
          • (Score: 0) by Anonymous Coward on Saturday January 20 2018, @12:59AM

            by Anonymous Coward on Saturday January 20 2018, @12:59AM (#624992)

            We're doing high level UI design work here, would anyone like to start the SN Common Sense Consulting spinoff? SNCSC has a nice ring to it.

            If there is a pop-up for every option (seems likely...), then the Oh Shit option should have a flashing pop-up, and maybe the computer plays an air raid siren too. The button to stop the siren sound will de-select the Oh Shit option.

            As someone else noted, the person on this particular switch is not going to have much training.

          • (Score: 0) by Anonymous Coward on Saturday January 20 2018, @10:35PM

            by Anonymous Coward on Saturday January 20 2018, @10:35PM (#625363)

            One piece of software I'm forced to use for work has a few places where after pressing Yes to "Are you sure?" it pops up another box and asks "Are you really sure?" with Yes/No/Cancel, and in one place, there's a third with "Are you really, really sure?"

            It's a great way to train users to just reflexively click Yes.

  • (Score: 1, Insightful) by Anonymous Coward on Friday January 19 2018, @08:10PM

    by Anonymous Coward on Friday January 19 2018, @08:10PM (#624868)

    I agree completely with this for general-use code. Joe Snapchat or Grandma would mess this one up because it's an awfully ugly UI.

    My problem is that the operator should be well aware that there's a DRILL and a OH-SHIT option on this page before they even sit down at the machine. I think we can assume some training on the system and how it works beforehand, so the fact that you can really ruin a lot of peoples' days should have been in the back of the operator's mind. They also probably had more than a few seconds to make the choice. Given the responsibility here, I think it's reasonable to expect them to take the time to actually read and confirm what they're doing.

    If they really did just select the 4th option because that's what they did yesterday, well... it's definitely good we found this out now. Maybe they would have taken the extra time during a real emergency situation to check that they were selecting the OH-SHIT and not the DRILL option, but it's probably best not to count on that.