Submitted via IRC for TheMightyBuzzard
After a false alert about an inbound missile, Hawaii's Emergency Management Agency has said a worker clicked the wrong item in a drop-down menu and sent it, and that its system was not hacked. But Hawaii News Now is reporting an AP photo from July has resurfaced, showing the agency's operations officer in front of monitors, attached to one of them is a Post-it note with a password on it.
Just.... wow. I'm nearly at a loss for words on how big of a screw up this is. And from the response of the spokesman sounds like this was a shared password, therefore no way to link it to a specific careless employee.
Richard Rapoza, emergency management agency spokesman, confirmed that the password is authentic and was actually used for an "internal application." He said he didn't believe that application is any longer in use, but declined to say what application the password was for.
Source: https://www.hardocp.com/news/2018/01/17/hawaii_emergency_management_password_found_in_press_photo/
(Score: 1, Insightful) by Anonymous Coward on Friday January 19 2018, @03:15PM (14 children)
> clicked the wrong item in a drop-down menu
Shouldn't anything with the panic-potential of an "incoming" alert take more than a drop down menu to send?
Seems like massive fail on the part of the UI designer(s).
(Score: 3, Informative) by Anonymous Coward on Friday January 19 2018, @03:38PM (10 children)
(Score: 0, Troll) by Anonymous Coward on Friday January 19 2018, @04:27PM (8 children)
The UI is ugly, sure, but don't give the operator a break. If you honestly can't be assed to confirm the word "DRILL" in front of the line, knowing full well that you're going to panic the entire state if you get it wrong, you really shouldn't be anywhere near the EAS.
(Score: 3, Informative) by meustrus on Friday January 19 2018, @06:04PM (7 children)
Given the seemingly random order of the links, though, there's a good chance that the last time the list displayed it was in a different order. For all anyone can tell the DRILL and not-DRILL options are usually swapped in their position on the list. Either that or somebody added stuff to the list and shifted it until the 4th option went from DRILL to not-DRILL, but still looks essentially the same.
A bad enough UI design will make normally intelligent people do unintended things, regardless of how many warning messages and confirmation dialogs you throw in their faces.
If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
(Score: 1, Insightful) by Anonymous Coward on Friday January 19 2018, @06:26PM (5 children)
This is the site of "personal responsibility" so you're lecturing into a hurricane.
(Score: 4, Insightful) by meustrus on Friday January 19 2018, @07:28PM (4 children)
Don't get me wrong, personal responsibility is great when people have it. But sometimes you have to design things to mitigate for lack of responsibility, because you aren't going to be running the system and you have no control over the person that will.
If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
(Score: 2) by Azuma Hazuki on Friday January 19 2018, @09:16PM (3 children)
Would it have killed them to build in something like a popup going "ATTENTION: You have selected the "Not a Drill" option. Please confirm that this is indeed an actual missile strike" or something?
I mean come on, a little poka-yoke here would have saved a ton of grief -- see https://en.wikipedia.org/wiki/Poka-yoke [wikipedia.org]
I am "that girl" your mother warned you about...
(Score: 3, Interesting) by meustrus on Friday January 19 2018, @09:49PM (2 children)
They probably did one "better" and made it pop up for every option!
If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
(Score: 0) by Anonymous Coward on Saturday January 20 2018, @12:59AM
We're doing high level UI design work here, would anyone like to start the SN Common Sense Consulting spinoff? SNCSC has a nice ring to it.
If there is a pop-up for every option (seems likely...), then the Oh Shit option should have a flashing pop-up, and maybe the computer plays an air raid siren too. The button to stop the siren sound will de-select the Oh Shit option.
As someone else noted, the person on this particular switch is not going to have much training.
(Score: 0) by Anonymous Coward on Saturday January 20 2018, @10:35PM
One piece of software I'm forced to use for work has a few places where after pressing Yes to "Are you sure?" it pops up another box and asks "Are you really sure?" with Yes/No/Cancel, and in one place, there's a third with "Are you really, really sure?"
It's a great way to train users to just reflexively click Yes.
(Score: 1, Insightful) by Anonymous Coward on Friday January 19 2018, @08:10PM
I agree completely with this for general-use code. Joe Snapchat or Grandma would mess this one up because it's an awfully ugly UI.
My problem is that the operator should be well aware that there's a DRILL and a OH-SHIT option on this page before they even sit down at the machine. I think we can assume some training on the system and how it works beforehand, so the fact that you can really ruin a lot of peoples' days should have been in the back of the operator's mind. They also probably had more than a few seconds to make the choice. Given the responsibility here, I think it's reasonable to expect them to take the time to actually read and confirm what they're doing.
If they really did just select the 4th option because that's what they did yesterday, well... it's definitely good we found this out now. Maybe they would have taken the extra time during a real emergency situation to check that they were selecting the OH-SHIT and not the DRILL option, but it's probably best not to count on that.
(Score: 0) by Anonymous Coward on Saturday January 20 2018, @03:14PM
What an absolutely horrible interface. I hope that is not the real thing. If it is, that's so fucked up beyond any reason...
(Score: 2) by The Archon V2.0 on Friday January 19 2018, @03:43PM (1 child)
+1, We All Gonna Die
(Score: 0) by Anonymous Coward on Sunday January 21 2018, @06:31PM
Anyone who believes there's actually a non-insignificant risk of Hawaii being nuked should consider this as a good learning experience so that things will be done better if there's a real missile strike.
It's a huge problem if it keeps happening often but if it only happens once a year or every few years heck think of it as a drill.
If the damage * probability of Hawaii being nuked - the damage * probability of Hawaii being nuked with this system installed is lower than the damage * probability of false alarms you might as well completely shutdown the system.
(Score: 2) by MichaelDavidCrawford on Friday January 19 2018, @08:20PM
-s.
A sailor entered zero in a certain database field. That zero was used as the denominator in an integer calculation.
The ship's entire network crashed. It had to be towed into port.
The Navy's investigation report blamed that poor sailor for entering a zero rather than the integer that really needed to be there.
Yes I Have No Bananas. [gofundme.com]
(Score: 2, Funny) by Anonymous Coward on Friday January 19 2018, @03:17PM (1 child)
It was for the password manager software.
(Score: 2, Funny) by Anonymous Coward on Friday January 19 2018, @03:50PM
No, that password is "password".
(Score: 2) by Grishnakh on Friday January 19 2018, @03:35PM (3 children)
Ok, after the false alarm due to obviously horrible UI, and now this, they just need to fire everyone in the place and start over. Maybe a few of the low-level people who've complained for ages about how bad the management is, but their complaints fell on deaf ears, can be kept around (and perhaps promoted to manage things); all the upper-level people need to be canned and given terrible references if they try to get any more management jobs.
(Score: -1, Troll) by Anonymous Coward on Friday January 19 2018, @03:54PM
I want this policy to be implemented at all workplaces, and am looking forward to the resulting 99.8% unemployment rate.
(Score: 0) by Anonymous Coward on Friday January 19 2018, @07:36PM (1 child)
These are civil servants we're talking about.
To fire any civil servant, said employee must at least be guilty of driving a school bus full of disabled minority kids into a burning church full of lesbian activist nuns. And even this is subject to union arbitration.
(Score: 2) by maxwell demon on Saturday January 20 2018, @06:45AM
You see, the church was already burning. The lesbian activist nuns had to be saved from the fire, and how to better do that than with a bus? And no, getting the disabled minority kids out of the bus first would have taken too much time.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 5, Funny) by Anonymous Coward on Friday January 19 2018, @03:38PM (2 children)
Hawaii
Emergency
Management
Password
No wonder they fucked it up. :-)
(Score: 0) by Anonymous Coward on Friday January 19 2018, @06:07PM (1 child)
Smoking hemp (and not the psychoactive varieties) won't get you high. Not that that would stop people like this from trying.
(Score: 0) by Anonymous Coward on Friday January 19 2018, @08:04PM
They have Kona Gold though!
(Score: 2) by MichaelDavidCrawford on Friday January 19 2018, @08:16PM (3 children)
The clearance type you need for Signals Intelligence is itself classified.
One of JFK's aids must have had a lobotomy because he stood next to the President at a news conference, with a document partially showing from his handbag.
That document was stamped TOP SECRET ULTRA.
Congress swiftly met in private to ban the use of TOP SECRET ULTRA and then create a new Signals Intelligence classification.
Some time later someone of high rank at the NSA dropped a dime to that insightful Presidential aid so he could tell the aid that his inadvertant mistake set The American Taxpayers back a quarter million dollars.
For what?
New rubber stamps.
Yes I Have No Bananas. [gofundme.com]
(Score: 2) by Bot on Friday January 19 2018, @09:30PM (2 children)
wow a quarter million dollars, in JFK age?
that must have been like 20 or 30 rubber stamps for the Army, but surely the Secret service had more complex requirements.
Account abandoned.
(Score: 2) by Bot on Friday January 19 2018, @09:33PM
> One of JFK's aids
Just in case the magic bullet failed to kill him. :)
Account abandoned.
(Score: 2) by MichaelDavidCrawford on Friday January 19 2018, @10:16PM
Navajo;n aerjlnal ewnfv. awer;nawlekr
Yes I Have No Bananas. [gofundme.com]
(Score: 0) by Anonymous Coward on Saturday January 20 2018, @06:52PM
what do you want to bet the post it was on a monitor connected to a windows machine. poor dumb fucks.