Actually, I've worked in various companies as a Systems Administrator/ Systems engineer, and I've almost always been in a position to destroy/delete copious amounts of data. The persons maintaning the systems are often the same as those performing the backups, as well as handling any kind of monitoring systems. On top of that, I always have full physical access to the servers and datacenters, which means console root access to databases and storage.
However, as stated before, whilst I 'could' do this, it would also be easily traceable to me. So this is a once in a lifetime move, followed by jail, endless debt for my childrens grandchildren and so on...in short, you're gonna have a bad time; the trick would never be deleting stuff for people in my position, but getting away with it would be neigh impossible
It would take someone pretty high up in the company to pull that off. They need access to not only delete the files on the servers, but the backups as well. I think it's also important to note that there are almost always more than 1 backup of a big project like a MMO, and they are usually stored off site, and there is usually one backup stored on something not connected to the internet.
Rest assured, I doubt that anyone will ever pull off such a stunt. Even if they did, they would end up in jail for many years.
There are many, laws that doing this would break. Theft, cyber crimes, corporate espionage among others. You might get more time behind bars doing this than if you killed someone.
Actually it would take someone relatively low level on the hardware side. Deliberately compromising the backups as they are made and before they are sent off site, deleting the entire system by re-partioning disk arrays. A whole lot of things would need to be done and could by a relatively low-level hardware specialist.
This has been done in the past to my knowledge, perhaps not in a game development environment but in SME business environments and at least two software development houses.
Also the legal position is somewhat less clear cut than you said.
Ok, I am not an authority on the programming that goes into it all, but isn't there an integrity check done by the backup program everytime you back something up? You know, that thing that remembers where to start the next backup and tells you if you have the right backup tape/cd/etc... in? How could you compromise that more than once without being found out? I'm really asking. Not cause I want to do it of course, but because I want to know what you know
Well you know those backup logs are written to system files that are editable by people with system level access and it is these people that are doing the backups and monitoring the results. Also you do not have to compromise every backup just the last full backup that all the following incremental backups will use as the reference to build forward to the final recovery point. As someone else has said it becomes entirely obvious who did this after the event, it can also be detected early, if someone looks in the right place at the right time.
It is a dumb move done by someone who is at least temporarily mentally disturbed.
I was just thinking of crazy what if scenarios, and I started thinking. What if some crazy intern or disgruntled employee decided to impose the ultimate act of cyber terror...what if they deleted your mmo from the actual corporate servers. Are there safeguards to prevent this?
Backups. Yes.
Wasn't there a lame f2p that actually lost their DB (through incompetence, of course) a couple of years back?
Self-pity imprisons us in the walls of our own self-absorption. The whole world shrinks down to the size of our problem, and the more we dwell on it, the smaller we are and the larger the problem seems to grow.
There's a large overlap between planning for the risk of a tornado hitting your data center and the risk of a sysadmin going berzerk. Most of the serious IT disasters I've seen are because backups/replication were silently failing and went unnoticed for months until a critical hard drive crashed and burned.
The only time I've ever seen a sysadmin go berzerk and deliberately destroy a machine, it was actually a simple workstation at the center of an argument between the IT dept and a power user that escalated into a rage-reformat.
It's sometimes harder to clean up the subtle stuff: data corruption, setting up backdoors or copying confidential files, than cleaning up after someone taking an axe to the server room. But that whole world is beyond my comfort zone.
There's a large overlap between planning for the risk of a tornado hitting your data center and the risk of a sysadmin going berzerk. Most of the serious IT disasters I've seen are because backups/replication were silently failing and went unnoticed for months until a critical hard drive crashed and burned.
The only time I've ever seen a sysadmin go berzerk and deliberately destroy a machine, it was actually a simple workstation at the center of an argument between the IT dept and a power user that escalated into a rage-reformat.
It's sometimes harder to clean up the subtle stuff: data corruption, setting up backdoors or copying confidential files, than cleaning up after someone taking an axe to the server room. But that whole world is beyond my comfort zone.
Yep, "smoke incidents" are fun too. I have also had a large capacitor on an almost new UNIX box go ballistic inside the machine and drill a hole through a 1/4" aluminum heat sink and other components in an interesting way.
No tornadoes or Hurricanes (cyclones here) but earthquakes, fires and other "acts of god". But the odd rogue sysadmin (very odd indeed) has occurred too.
I'm pretty sure most MMOs save daily server backups so I'm thiking the worst that could happen is a 24 hr rollback? It's definetly annoying but there would be little to no long term damage.
1.) You would need access to the servers and details, something usually only the top dogs so to speak get access to.
2.) You would need to be able to access backups. Most often there isn't one but several different backups. Data is often backed up multiple times, designed primarily to fix issues such as exploits or issues that pop up to restore data to the account. This also can be further increased by logs which can record details of a character and what they hold/possess and other snip its.
3.) The act would be extremely noticable and picked up almost instantly. By that time they would of likely been forced out and likely found themselves in some serious trouble with the law.
Its just not likely at all. Even if say an atom bomb were to drop down on the company, exploding the servers to bits and wiping their hardware off the face of the earth, chances are they would have backups somewhere else in which they could restore the details. Sure, it would take longer to fix things up but it would be almost unlikely that everything would be wiped off the face of the earth unless it was a small company without that many resources at hand, which even then they tend to have access to cloud severs to save data and likely have some offsite back ups.
Comments
That´s how I imagined it.
Well you know those backup logs are written to system files that are editable by people with system level access and it is these people that are doing the backups and monitoring the results. Also you do not have to compromise every backup just the last full backup that all the following incremental backups will use as the reference to build forward to the final recovery point. As someone else has said it becomes entirely obvious who did this after the event, it can also be detected early, if someone looks in the right place at the right time.
It is a dumb move done by someone who is at least temporarily mentally disturbed.
Héhé, good times...you should google "Roger Duronio" and "Terry Childs" for examples. It shows it is surely possible. And what happened to those guys
And to err on the side of caution, if you see your sysadmin today, be friendly and respectfull
Backups. Yes.
Wasn't there a lame f2p that actually lost their DB (through incompetence, of course) a couple of years back?
Self-pity imprisons us in the walls of our own self-absorption. The whole world shrinks down to the size of our problem, and the more we dwell on it, the smaller we are and the larger the problem seems to grow.
There's a large overlap between planning for the risk of a tornado hitting your data center and the risk of a sysadmin going berzerk. Most of the serious IT disasters I've seen are because backups/replication were silently failing and went unnoticed for months until a critical hard drive crashed and burned.
The only time I've ever seen a sysadmin go berzerk and deliberately destroy a machine, it was actually a simple workstation at the center of an argument between the IT dept and a power user that escalated into a rage-reformat.
It's sometimes harder to clean up the subtle stuff: data corruption, setting up backdoors or copying confidential files, than cleaning up after someone taking an axe to the server room. But that whole world is beyond my comfort zone.
Yep, "smoke incidents" are fun too. I have also had a large capacitor on an almost new UNIX box go ballistic inside the machine and drill a hole through a 1/4" aluminum heat sink and other components in an interesting way.
No tornadoes or Hurricanes (cyclones here) but earthquakes, fires and other "acts of god". But the odd rogue sysadmin (very odd indeed) has occurred too.
It would be extremely difficult.
1.) You would need access to the servers and details, something usually only the top dogs so to speak get access to.
2.) You would need to be able to access backups. Most often there isn't one but several different backups. Data is often backed up multiple times, designed primarily to fix issues such as exploits or issues that pop up to restore data to the account. This also can be further increased by logs which can record details of a character and what they hold/possess and other snip its.
3.) The act would be extremely noticable and picked up almost instantly. By that time they would of likely been forced out and likely found themselves in some serious trouble with the law.
Its just not likely at all. Even if say an atom bomb were to drop down on the company, exploding the servers to bits and wiping their hardware off the face of the earth, chances are they would have backups somewhere else in which they could restore the details. Sure, it would take longer to fix things up but it would be almost unlikely that everything would be wiped off the face of the earth unless it was a small company without that many resources at hand, which even then they tend to have access to cloud severs to save data and likely have some offsite back ups.