Thursday, July 29, 2010

You lock the door and throw away the key

Like most reasonably big software companies, we have a bunch of testing rooms scattered around the building.  For some reason, many of these are locked.  Access is restricted to the testers (and one or two lucky developers).

This leads to the uncomfortable situation where developers beg testers to let them in.



  1. Ha! I knocked on the same door today... someone finally let me in... and the person I was looking for wasn't there anymore! :)

  2. Somehow my card gets me in. Probably a mistake...

  3. This is beyond stupid! Is there any reason for this measure???

    Come look for me if you need to enter any rooms, I have a magic key! :-)

  4. Control is Power.

    That's one of the chapter titles in my book. When you have no real power, you can create the illusion of power by controlling something. Anything. Doesn't matter what it is.

    I think the door locking is done for the same reason we block installation of Google's Chrome. Because we can.

    [Except, of course, us sneaky developers know how to use The Google to find an offline installer, but you didn't hear that from me.]

  5. Anonymous2:08 pm

    Did you have the secret password? Did you bring chocolate or some other goodies? Money? Afterall, what's in it for us?
    Ming the Merciless Tester

  6. As a corporate security administrator that blocks access to Internet downloads, I take exception with your Google Chrome comment. ;)

    Every piece of software installed on a PC carries security vulnerabilities with it. (Notably of late Apple's Safari browser, Adobe Acrobat, heck even older versions of Irfanview are vulnerable to malicious JPG files!) These vulnerabilities open up an organization to risk. unnecessary risk. So we try to limit the software allowed to run so that we can focus our efforts on securing the software we know is used. We spend a lot of money time and effort on securing the "front door". Allowing users to install any software they wish opens up all kinds of backdoors.

    I've explained it to fellow employees this way. "If you are willing to cover the companies costs of cleaning up after a compromise that your install allowed, then go ahead and install that software. If not, then don't do it."

  7. It's a delicate balance.

    The absolute last thing I want is for a hospital to call me to let me know that my software doesn't work with IE 7 or 8 because the only supported browser here is IE 6.

    Same thing with automatic updates. We used to block them, and never install XP service packs, then be astonished that we'd lose three days of productivity when the Slammer worm hit us. Then when it hit us again a month later. Insanity. If a Microsoft patch is going to hose my application, I want to be the one to see it first.

  8. Not installing patches is a special kind of stupid. Too many companies have been raked over the coals because the fix was out there for months.

    Yeah, and developers have special needs. Especially ones with external customers. So much so that if it were up to me you'd have an entire lab on its own network with its own Internet connection. And never it and the main company net would meet!

  9. Have I mentioned, we're hiring? :)

  10. Agfa right? I remember seeing something interesting pop-up on Workopolis. Can't remember why I didn't follow up on it!

  11. Yup.

    Lots of listings here, changing daily...