Submitted via IRC for TheMightyBuzzard
After a false alert about an inbound missile, Hawaii's Emergency Management Agency has said a worker clicked the wrong item in a drop-down menu and sent it, and that its system was not hacked. But Hawaii News Now is reporting an AP photo from July has resurfaced, showing the agency's operations officer in front of monitors, attached to one of them is a Post-it note with a password on it.
Just.... wow. I'm nearly at a loss for words on how big of a screw up this is. And from the response of the spokesman sounds like this was a shared password, therefore no way to link it to a specific careless employee.
Richard Rapoza, emergency management agency spokesman, confirmed that the password is authentic and was actually used for an "internal application." He said he didn't believe that application is any longer in use, but declined to say what application the password was for.
Source: https://www.hardocp.com/news/2018/01/17/hawaii_emergency_management_password_found_in_press_photo/
(Score: 4, Insightful) by meustrus on Friday January 19 2018, @07:28PM (4 children)
Don't get me wrong, personal responsibility is great when people have it. But sometimes you have to design things to mitigate for lack of responsibility, because you aren't going to be running the system and you have no control over the person that will.
If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
(Score: 2) by Azuma Hazuki on Friday January 19 2018, @09:16PM (3 children)
Would it have killed them to build in something like a popup going "ATTENTION: You have selected the "Not a Drill" option. Please confirm that this is indeed an actual missile strike" or something?
I mean come on, a little poka-yoke here would have saved a ton of grief -- see https://en.wikipedia.org/wiki/Poka-yoke [wikipedia.org]
I am "that girl" your mother warned you about...
(Score: 3, Interesting) by meustrus on Friday January 19 2018, @09:49PM (2 children)
They probably did one "better" and made it pop up for every option!
If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
(Score: 0) by Anonymous Coward on Saturday January 20 2018, @12:59AM
We're doing high level UI design work here, would anyone like to start the SN Common Sense Consulting spinoff? SNCSC has a nice ring to it.
If there is a pop-up for every option (seems likely...), then the Oh Shit option should have a flashing pop-up, and maybe the computer plays an air raid siren too. The button to stop the siren sound will de-select the Oh Shit option.
As someone else noted, the person on this particular switch is not going to have much training.
(Score: 0) by Anonymous Coward on Saturday January 20 2018, @10:35PM
One piece of software I'm forced to use for work has a few places where after pressing Yes to "Are you sure?" it pops up another box and asks "Are you really sure?" with Yes/No/Cancel, and in one place, there's a third with "Are you really, really sure?"
It's a great way to train users to just reflexively click Yes.