Fair points,

All of the service contracts I've worked behind say effectively: If we can't keep it from happening, then we can't be held responsible for it happening.

You paid for a managed linux server, linux has a bug and you crash, we are not responsible. We'll patch when it comes out, we'll add a firewall rule to mitigate. But we could not have kept it from happening.

It's pretty weak I know, but one thing I have learned is that there is a lot of conscious and unconscious, communicated and uncommunicated acceptance of risk in many industries.

I advocate for professional , responsible, management and communication of risk in my day to day activities.

I feel like I've done my best work when I can talk to clients directly and honestly about risk, and how we can manage it.

I can do what I can, but I can't worry about or fret about stuff I can't do anything about.

(Which is , I think, basically what you are saying above )

I can do a lot of reasonable things to protect against uncontrolled aspects of operation.

We had only one hard drive and it failed, so we went to a pair of mirrored disks.

We had only one web server and it failed so we went to a cluster of 2 to a bagilion web servers.

We used open source software and it was a hot mess so we .....um hullo? anyone else?

.... Canonical, Microsoft, Redhat, Oracle, Amazon, Google , what have you..

They can do mitigation and management in ways I can't.

I lived and breathed Redhat for along time, and we sold linux under "Redhat is good, redhat can make it go"

They added safety and consistency. I mean it wasn't / isn't perfect, but it worked. It got a lot of stuff done in a short amount of time for us.

Risk management never gets old, it is as old as the first profession ( Prostitution: "Will my primary mate catch me." ) ( Which of course led to the second oldest professions : Lawyers )

P.S. I decided to give email another go, for old-time sake, that's why I revived thethread I guess: I read my mail :)

David

On Sat, Nov 21, 2020 at 12:06 PM D. Hugh Redelmeier <hugh@mimosa.com> wrote:

| From: David Thornton via talk <talk@gtalug.org>
| Date: Fri, 20 Nov 2020 15:25:42 -0500

Thanks for reviving this thread 10 months later. What prompted you to do
that? Note: this is not a complaint. I continue to think that this is an
important and unresolved topic.

| As administrators we have a responsibility to vet. Even if it's to
| "deligate" the vetting, we have to vet the deligate.

"have to" means "responsibility to". Unfortunately, responsibility without
capability is a recipe for disaster.

Clearly you've thought about this in a setting with customers. How do you
discharge this responsibility?

The GPL says: you get what we offer but we accept no responsibility.

Many commercial software contract and EULAs disclaim responsibility
and forbid using the software in safety-critical settings. They then
often fall back on saying at most you can get back the purchase cost.

So a responsible decision-maker cannot delegate the responsibility yet has
no practical or even theoretical tools to discharge the
responsibility. Except bankruptcy law.

- you can ask your customer / client / employer that "here are the risks
that I can imagine, are you willing to accept them?"

- you can make sure that there are no assets available that can be lost
when and if problems arise

- you can work to reduce risks. This quickly hits the law of diminishing
returns, long before the risks are eliminated. But I'm sure we can
do better than the industry norms, as long as customers
understand that they must and should pay for the up-front cost.

Customers / clients often think that they are safer with large
corporations. In that role, I've found the help from large companies (eg.
Microsoft, Sun Microsystems (back in the day), ...) to inferior
to help from small companies. Both are eclipsed by support from FLOSS
communities. But support only deals with problems in the future, not
damage that has happened.

In the area of security, the worst breaches are the ones you never learn
about.

| Npm is a hot mess, and most people get that now.
|
| Galaxy / puppetforge / helm stuff ? Take a number.
|
| It sprouts faster than you can get on it sometimes.
|
| Pays the mortgage :)

You can't live with them and you can't live without them?