Do you have adblock enabled?
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Boing Boing)   Student at Central Florida University writes app to improve campus course-selection system, gets extra credit for his efforts. Just kidding, the project has been terminated and he faces three semesters of academic probation   ( boingboing.net) divider line
    More: Florida, Boing Boing, academic probation  
•       •       •

14258 clicks; posted to Main » on 05 Aug 2012 at 7:52 PM (4 years ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



97 Comments     (+0 »)
 
View Voting Results: Smartest and Funniest
 
2012-08-05 05:30:38 PM  
Better articles here and here.

He was doing the charging of fees for this service and according to the second article upon which I have linked "Arnold's software was tying up the campus computer network, claiming it accessed UCF's scheduling website 220,000 times, as often as every 60 seconds."

I do not have the opinion on this but do feel that the Boing Boing story lacks quite the bit of relevant details.
 
2012-08-05 05:46:09 PM  
Hmmm... smells like internal politics to me.
 
2012-08-05 06:07:54 PM  

This About That: Hmmm... smells like internal politics shiatty IT infrastructure to me.


FTFY. Even if you load 70% less data, if you're touching the server 10x more often, it adds up. But the University should have worked with him on this instead of threatening him. Now they're going to have to walk back a national story.
 
2012-08-05 07:48:09 PM  

Benevolent Misanthrope: This About That: Hmmm... smells like internal politics shiatty IT infrastructure to me.

FTFY. Even if you load 70% less data, if you're touching the server 10x more often, it adds up. But the University should have worked with him on this instead of threatening him. Now they're going to have to walk back a national story.


At the beginning, his app would query the school's class database once every fifteen minutes because a blanket query of the system could take 14 minutes to complete. But that's one query. Push it out to multiple users all running a 14 minute query at different intervals and I imagine the traffic built up pretty quickly. So the kid rewrote the app to only check for particular classes instead of retrieving the whole schedule of classes, which he should have done in the first place.

I wonder if they're punishing him for the months he ran the app while just querying the whole database willy nilly.
 
2012-08-05 07:52:16 PM  
Also, I think this is from one of Meow's links:

Courtney Gilmartin, communications coordinator for UCF News & Information, said UCF's schedule search page was accessed 220,000 times as often as every 60 seconds between mid-December and June. Arnold doesn't agree.

"I think it's completely made up," Arnold said.


Considering he designed the app to check for classes as often as every 60 seconds, I wonder what he's basing his assumption on. Or maybe he's disagreeing with the total number of times the page was accessed.
 
2012-08-05 07:53:11 PM  

Benevolent Misanthrope: Hmmm... smells like internal politics shiatty IT infrastructure to me.


But we already said it happened at a university.
 
2012-08-05 07:53:37 PM  

Lsherm: Also, I think this is from one of Meow's links:

Courtney Gilmartin, communications coordinator for UCF News & Information, said UCF's schedule search page was accessed 220,000 times as often as every 60 seconds between mid-December and June. Arnold doesn't agree.

"I think it's completely made up," Arnold said.

Considering he designed the app to check for classes as often as every 60 seconds, I wonder what he's basing his assumption on. Or maybe he's disagreeing with the total number of times the page was accessed.


Maybe he means his app was completely made up.
 
2012-08-05 07:53:50 PM  

he faces three semesters of academic probation


Double-secret or the regular kind?
 
2012-08-05 07:55:32 PM  
As an ex university comp sci student who missed the tech bubble disgusted at what universities offered for money, I'll put money on him being able to buy and sell that school in a few years. And I'll put my money where my mouth is.WHo's got a link to his funding?
 
2012-08-05 07:56:37 PM  
If it works, he'll simply drop out and get a six-figure job in Cupertino. And CFU will lose out on alumni contributions.
 
2012-08-05 07:59:48 PM  
as often as every 60 seconds

OMFGZ one request every minute SHUT DOWN EVERYTHING
 
2012-08-05 08:02:26 PM  
If you make the beauracracy easier to navigate, the purpose of college is moot.
 
2012-08-05 08:03:03 PM  

"I'm more than skeptical," said Arnold. "I'm pretty positive it had no effect whatsoever on their systems."

No effect?


Go back to marketing and leave the programming to people that know how to avoid DDoSing a website.

 
2012-08-05 08:04:21 PM  
Someone needs to make an app to streamline the Bursar's office functions. Actually the last time I had to go to a Bursar's office, they had one window out of three open for students registering for classes at the beginning of the semester, and the person manning the window was so slow.
 
2012-08-05 08:04:45 PM  

mc6809e: "I'm more than skeptical," said Arnold. "I'm pretty positive it had no effect whatsoever on their systems."

No effect?

Go back to marketing and leave the programming to people that know how to avoid DDoSing a website.


"I'm pretty positive it had no effect."

Well obviously it DID, dumbass. Just because you didn't think it WOULD doesn't make it so.
 
2012-08-05 08:06:19 PM  
He also has to write a six page paper. Apparently, UCF thinks a whopping six page paper is punishment. I don't think it's a real school.
 
2012-08-05 08:07:57 PM  
Micky Mouse University in Orlando, Florida. What more do you need to know?
 
2012-08-05 08:08:22 PM  

Lehk: as often as every 60 seconds

OMFGZ one request every minute SHUT DOWN EVERYTHING


This.
 
2012-08-05 08:08:47 PM  

Lehk: as often as every 60 seconds

OMFGZ one request every minute SHUT DOWN EVERYTHING


It did, that was the problem.
 
2012-08-05 08:12:09 PM  
I love Florida and the stories it has. It make my life seem so meaningful, pleasant and sane by comparison.
 
2012-08-05 08:13:51 PM  
Student is trying to respond in comments of this article.
 
2012-08-05 08:14:20 PM  
Cedar Falls Utilities really needs to upgrade their campus network.
 
2012-08-05 08:18:22 PM  
Option A:

Dis-enroll immediately
Disavow any relationship between yourself and that university
Get a job doing something useful
Sue that p.o.s. university for libel if they ever try to claim you as a graduate of their shiathole.

Option B:

Dis-enroll immediately after writing that paper telling everyone what a farking joke that place is.
Disavow any relationship between yourself and that university
Get a job doing something useful
Sue that p.o.s. university for libel if they ever try to claim you as a graduate of their shiathole.
 
2012-08-05 08:21:02 PM  

WelldeadLink: Student is trying to respond in comments of this article.


If he defended himself that well in his hearing no wonder he lost. It took him two tries to get it right.
 
2012-08-05 08:21:54 PM  

SevenizGud: Option A:

Dis-enroll immediately
Disavow any relationship between yourself and that university
Get a job doing something useful
Sue that p.o.s. university for libel if they ever try to claim you as a graduate of their shiathole.

Option B:

Dis-enroll immediately after writing that paper telling everyone what a farking joke that place is.
Disavow any relationship between yourself and that university
Get a job doing something useful
Sue that p.o.s. university for libel if they ever try to claim you as a graduate of their shiathole.


YouTube would be faster.
 
2012-08-05 08:21:59 PM  
Reminds me of the student that installed 30 copies of the SETI program on one of the schools servers to try and get a higher count and ended up choking the server.
 
2012-08-05 08:23:07 PM  
They could keep the queries system or switch over to a event based email system. Each student could select which classes they wanted to be notified when a spot opens up and then it would send an email to the list. Better idea then having the whole school continually querying the entire database every 60 seconds.
 
2012-08-05 08:27:32 PM  

WelldeadLink: Student is trying to respond in comments of this article.


From that link is this:

He must write a five- to eight-page paper on what he would do if he were placed in the role of a UCF administrator and had to update the system

No doubt to be followed by a mandatory 5 page report on which janitorial service would be most cost-effective for the university followed by:

A mandatory 5 page report on how to identify the female students most likely to have sex with a school administrator and not blab about it, followed by:

A mandatory 5 page report on whether the spread offense would be....

Come ON ALREADY WITH THE SLAVE LABOR!!!!!

/he isn't a graduate student YET
 
2012-08-05 08:29:18 PM  

Lsherm: Also, I think this is from one of Meow's links:

Courtney Gilmartin, communications coordinator for UCF News & Information, said UCF's schedule search page was accessed 220,000 times as often as every 60 seconds between mid-December and June. Arnold doesn't agree.

"I think it's completely made up," Arnold said.

Considering he designed the app to check for classes as often as every 60 seconds, I wonder what he's basing his assumption on. Or maybe he's disagreeing with the total number of times the page was accessed.


Well the app he wrote has a very specific appeal to a very narrow group of people, so maybe he knows that many queries wouldn't be possible from the few people who'd installed the app.
 
2012-08-05 08:32:22 PM  

meow said the dog: He was doing the charging of fees for this service and according to the second article upon which I have linked "Arnold's software was tying up the campus computer network, claiming it accessed UCF's scheduling website 220,000 times, as often as every 60 seconds."


There's really something weird going on if the system can't handle a query once every sixty seconds. And if that's the frequency of requests, then he spread the 220,000 request over almost half a year. Unless it was a really badly written query or the database is very poorly optimized, one query a minute shouldn't effect anything. Of course PeopleSoft is one of those huge wannabe mainframe crapware packages so it might actually choke on something Microsoft Access running on a 286 could handle easily.
 
2012-08-05 08:34:18 PM  

SevenizGud: WelldeadLink: Student is trying to respond in comments of this article.

From that link is this:

He must write a five- to eight-page paper on what he would do if he were placed in the role of a UCF administrator and had to update the system

No doubt to be followed by a mandatory 5 page report on which janitorial service would be most cost-effective for the university followed by:

A mandatory 5 page report on how to identify the female students most likely to have sex with a school administrator and not blab about it, followed by:

A mandatory 5 page report on whether the spread offense would be....

Come ON ALREADY WITH THE SLAVE LABOR!!!!!

/he isn't a graduate student YET


It's clear yoou know how college administrators think. Had my first lesbian experience with the Dean's secretary just to get priority placement in a class my senior year.
 
2012-08-05 08:35:59 PM  
Sounds like someone didn't like him doing their job better than them.

I could be wrong, but I never underestimate the problem of human ego.
 
2012-08-05 08:39:40 PM  
The student did 2 things inherently wrong. First, he charged students for this which UCF has a very clear policy against as do 99% of the schools in the country. If he hadn't charged for this application, he wouldn't have been in as much trouble. Second, he says his system accessed UCF's every 15 minutes, which is also incorrect. If you read his own presentation, which he's posted on his website, he states that students can pay more money to have it check our servers more often, up to every minute. Multiply that by the number of students who were using it and you get your 220,000 attempts. Is UCF's system capable of handing that amount of searches? Yes it is, however it does degrade the system, especially during peak enrollment times which is when he wanted to run this most.

Also, while this is a good idea, A. He wasn't the first, a program called knighttracker did this first. That guy actually asked permission, which UCF turned down for the same reasons we stopped this guy's website. Knighttracker actually has filed a patent for his software (good luck). B. This guy didn't do any of the programming, he outsourced it to Lithuania or somewhere like that. C. This guy better found his own company, because he obviously knows very little about politics in a work environment. He now has gotten a taste of that, hopefully he learns from it.
 
2012-08-05 08:42:59 PM  

Agent Smiths Laugh: Sounds like someone didn't like him doing their job better than them.

I could be wrong, but I never underestimate the problem of human ego.


He probably just amplified a flaw in the existing system. Students are exceptional at it. When I worked as a sysadmin years ago at a big college we still had phone registration for classes. My first year we could accept 400 simultaneous calls, but students were still locked out of the system. Why? Because the work study students who worked in the financial aid call bank were using all of their available lines to dial in so they could work out their classes first and lock out other people. I think they had 250 lines of their own to use, and they would dial them all into the registration system just to keep other students out.

Solution? Auto-hang up after two minutes of inactivity.

Never underestimate the power of a student to wreck your shiat.
 
2012-08-05 08:46:57 PM  

EngineerAU: meow said the dog: He was doing the charging of fees for this service and according to the second article upon which I have linked "Arnold's software was tying up the campus computer network, claiming it accessed UCF's scheduling website 220,000 times, as often as every 60 seconds."

There's really something weird going on if the system can't handle a query once every sixty seconds. And if that's the frequency of requests, then he spread the 220,000 request over almost half a year. Unless it was a really badly written query or the database is very poorly optimized, one query a minute shouldn't effect anything. Of course PeopleSoft is one of those huge wannabe mainframe crapware packages so it might actually choke on something Microsoft Access running on a 286 could handle easily.


Each student and each class was accessing the system every 60 seconds. Say he had 100 students and each had 3 classes on the list. You would be accessing UCF's system 300 times every minute. Also, yes it is a PeopleSoft system. The tables it is accessing to do this class search contain millions of rows. It's going to take a toll when you search that often.
 
2012-08-05 08:47:35 PM  
We had a student do that for our old student information system.

When we upgraded, he called IT asking to have access to the new system so he could continue his side business. We never noticed his app was running because he was querying the database using a legitimate username/password. (his own)
 
2012-08-05 08:49:16 PM  
back in the days of the onion... i went to a small private college and majored in CS. my CS prof was proud to show off the program he wrote that did exactly this. but back then the whole campus network was run on VAX with dumb terminals. people were confused and frightened by computers, and hardly anyone used his program. but it was awesome and hugely useful for those of us that knew about it, and even back then i can't imagine that it took much server resources to run.

(i'm really not that old, it was just a suck college.)
 
2012-08-05 08:52:16 PM  

diaphoresis: SevenizGud: WelldeadLink: Student is trying to respond in comments of this article.

From that link is this:

He must write a five- to eight-page paper on what he would do if he were placed in the role of a UCF administrator and had to update the system

No doubt to be followed by a mandatory 5 page report on which janitorial service would be most cost-effective for the university followed by:

A mandatory 5 page report on how to identify the female students most likely to have sex with a school administrator and not blab about it, followed by:

A mandatory 5 page report on whether the spread offense would be....

Come ON ALREADY WITH THE SLAVE LABOR!!!!!

/he isn't a graduate student YET

It's clear yoou know how college administrators think. Had my first lesbian experience with the Dean's secretary just to get priority placement in a class my senior year.


[Do you want to know more?]

*click*

*click click*

*click click click*


Work damn you!
 
2012-08-05 08:55:03 PM  
Well, it was UCF.

(FIT graduate degrees in CS and SM who was offered a teaching position at UCF years ago)
 
2012-08-05 08:55:11 PM  
This guy is just doing what many many many enrollment programs need to do.

Most schools could really give a shoot about enrollment. The fact that the administrators don't have to sit in the gym for hours and hours enrolling people in one class at a time is such a huge relief (see BACK TO SCHOOL) to an example of what it's like ...

There is little economic incentive for most schools to improve their systems, especially since most of it involves re-engineering systems that were written in web languages that are now extinct (ISAPI, Java Servlets, ASP, cgi-bin) but for most students it's one of the things they need the most. It's also one of the things that students manipulate the most - enrolling in classes that they *might* want to take.

Frankly, I think most schools could really use something like this - including the ability to look at who HAS taught a class and how often, the statistics on enrollment (i.e. This class fills up fast once the juniors are let in) and - one feature I like the most - autoenrollment through waiting list w/ automatic kick-out within 3 days of conflicting classes.
 
2012-08-05 08:56:55 PM  
I don't understand, was every person that used his app sending their queries? Or did he have a central server that made the queries? Making it only scan for the classes requested should have brought down the bandwidth used. But that only helps until it gets popular and has enough requests for different classes. This sounds like something he should have ran by the IT department with some projected request increase. You don't just start dumping someone's server additional automated traffic and hope for the best.
 
2012-08-05 08:57:48 PM  
"Not invented here" syndrome. Just a newer version for a newer generation.
 
2012-08-05 09:00:45 PM  

trappedspirit: I don't understand, was every person that used his app sending their queries? Or did he have a central server that made the queries? Making it only scan for the classes requested should have brought down the bandwidth used. But that only helps until it gets popular and has enough requests for different classes. This sounds like something he should have ran by the IT department with some projected request increase. You don't just start dumping someone's server additional automated traffic and hope for the best.


He had several VM's of his own that were making the queries. Yes, he searched for the classes that the students selected on his website. Unfortunately, each search is pulling among millions of rows which eats up the bandwidth. Since this is PeopleSoft, I can tell you that a simple search such as he was doing causes 14 MB of data (according to the logs). Also, he CHARGED for it, which is a clear violation of UCF policy.
 
2012-08-05 09:03:04 PM  

vudukungfu: As an ex university comp sci student who missed the tech bubble disgusted at what universities offered for money, I'll put money on him being able to buy and sell that school in a few years. And I'll put my money where my mouth is.WHo's got a link to his funding?


For every successful tech entrepreneur, there are dozens of failures and barely-scraping-bys. A guy who creates an app that just forwards a request to a separate server and parses the data in a different format, and originally did it by essentially downloading the entire database regularly to sift through a few records, isn't exactly top caliber material.

Obviously, neither are the school IT staff; even the good ones are probably burdened by bad management and bad practices, like most big old companies. They let their web site generate queries that needed 14 minutes to process? They returned an entire database dump to anyone who asked the right way? They never once checked their server logs, or the server performance, and let the abuse continue for 7 months? They didn't offload their computing to Amazon EC2 to handle peak loads? That's all their own negligence. It's extremely likely that they were one malicious prankster away from a Bobby Tables moment.

Idiots clash with idiots, and in these cases the more powerful idiot always wins.
 
2012-08-05 09:04:24 PM  

Bucky Katt: Micky Mouse University in Orlando, Florida. What more do you need to know?


It's actually is a nationally top rated computer science and engineering school. And does quite well in independent international rankings also.
 
2012-08-05 09:05:53 PM  
Speaking as someone who went to UCF twice unsuccessfully, yet had no issues graduating at Valencia (AA) and Rollins (BA, valedictorian in all but name), this does not surprise me.
 
2012-08-05 09:07:52 PM  
Top rated and they do this to a student who made their system look like Mickey Mouse wrote their programming?

Dude, SELL your app to other universities and tell these schmucks where they can jump. You're already BETTER than they are.
 
2012-08-05 09:10:44 PM  
images.askmen.com

This kid sounds like a tool.
 
2012-08-05 09:15:16 PM  

meow said the dog: He was doing the charging of fees for this service and according to the second article upon which I have linked "Arnold's software was tying up the campus computer network, claiming it accessed UCF's scheduling website 220,000 times, as often as every 60 seconds."


Too be honest, he really doesn't sound very bright, especially when he doesn't even understand, by his own admission, why it was causing a high load.
 
2012-08-05 09:16:32 PM  

EngineerAU: meow said the dog: He was doing the charging of fees for this service and according to the second article upon which I have linked "Arnold's software was tying up the campus computer network, claiming it accessed UCF's scheduling website 220,000 times, as often as every 60 seconds."

There's really something weird going on if the system can't handle a query once every sixty seconds.

I see you've never had to use the Peoplesoft system that UCF uses. The university I graduated from uses it also. It is possibly the slowest thing I've ever used on the internet. A monument to bad development.

 
2012-08-05 09:17:49 PM  

cxjohn: Top rated and they do this to a student who made their system look like Mickey Mouse wrote their programming?

Dude, SELL your app to other universities and tell these schmucks where they can jump. You're already BETTER than they are.


Anyone in any university's IT could throw together the same badly built sack of crap that'll DDoS their own systems as soon as more than a half-dozen people use it, do a better job, and probably have it done in a day or two. Obviously there are management failures with directors who refuse to allow any new projects because they're too busy chasing down the bugs from all of the older ones, but filling a hole with a steaming pile like that is why change management and meetings with "stakeholders" get put in place in the first place.
 
2012-08-05 09:34:27 PM  

diaphoresis: SevenizGud: WelldeadLink: Student is trying to respond in comments of this article.

From that link is this:

He must write a five- to eight-page paper on what he would do if he were placed in the role of a UCF administrator and had to update the system

No doubt to be followed by a mandatory 5 page report on which janitorial service would be most cost-effective for the university followed by:

A mandatory 5 page report on how to identify the female students most likely to have sex with a school administrator and not blab about it, followed by:

A mandatory 5 page report on whether the spread offense would be....

Come ON ALREADY WITH THE SLAVE LABOR!!!!!

/he isn't a graduate student YET

It's clear yoou know how college administrators think. Had my first lesbian experience with the Dean's secretary just to get priority placement in a class my senior year.


*Click's user profile*

Not sure if I want you to go on.
 
2012-08-05 09:37:26 PM  
I just called him out on his little comment section BS. He blamed his typo on the comment section... Man up you little beyatch. Subby, he didn't get in trouble for nothing and he's only on academic probation. Seems fair.
/comment section
 
2012-08-05 09:41:45 PM  
So their infrastructure sucks, the IT and or IS director(s) are hacks, they are ten years behind and punishing someone over being embarrassed. Color me shocked. Welcome you corporate America.

If you aren't taking business courses you are doing it wrong regardless of your major (minor exceptions excluded). Most people in college have dreams and a passion yet no clue how to make it reality then settle later on in life. If you learn the fundamentals of businesses you will have a better understanding of "the rules". If you learn "the rules" you will know where you can follow, bend or maybe even change them for the better.
 
2012-08-05 09:42:45 PM  

foxyshadis: They let their web site generate queries that needed 14 minutes to process? They returned an entire database dump to anyone who asked the right way? They never once checked their server logs, or the server performance, and let the abuse continue for 7 months? They didn't offload their computing to Amazon EC2 to handle peak loads? That's all their own negligence.


All of this. Holy sh*t, that is some serious ineptitude on the part of the school's IT
 
2012-08-05 09:45:54 PM  

mc6809e: "I'm more than skeptical," said Arnold. "I'm pretty positive it had no effect whatsoever on their systems."

No effect?

Go back to marketing and leave the programming to people that know how to avoid DDoSing a website.


It had such a horribly detrimental effect that they couldn't even deal with it for six months.
 
2012-08-05 09:47:27 PM  
Bucky Katt:
Micky Mouse University in Orlando, Florida. What more do you need to know?

Let's see... almost 60,000 students (one of the largest university campuses in the United States), attached to a large research park, lots of nationally-ranked educational programs...
 
2012-08-05 09:47:50 PM  
*yawn* State School problems. You really don't get to complain about the outcome when you want to pay bargain-basement prices for an "education." I'm glad I went somewhere where they were actually interested in the outcome of their teaching and the products they were creating instead of always dumbing everything down and punishing anyone who shows true ingenuity. This guy obviously has the smarts to be an entrepreneur; what's he doing at a state school where the main focus is to get its bottom-tier students prepared for a life of substitute teaching or being an assistant manager in HR?
 
2012-08-05 09:52:02 PM  
Assuming this uses PeopleSoft as some have said, it's pretty obvious what's going on. Here's how, at least IME, PeopleSoft works. Let's say you want to run a query. Now, think about that query in your head -- don't type anything. Congratulations. You've just created a 300 meg log file, crashed a server, and gotten a consultant two hours of billing time.

If you actually perform a business action (say, you want to know a relevant piece of information), you'll need to upgrade to a quantum computer and perform the Oracle JD Edwards rain dance.
 
2012-08-05 09:53:45 PM  

The Slush: foxyshadis: They let their web site generate queries that needed 14 minutes to process? They returned an entire database dump to anyone who asked the right way? They never once checked their server logs, or the server performance, and let the abuse continue for 7 months? They didn't offload their computing to Amazon EC2 to handle peak loads? That's all their own negligence.

All of this. Holy sh*t, that is some serious ineptitude on the part of the school's IT


I don't even consider myself a good database administrator (though it's a part of my job -- and one I try to hand off to better people when possible), but even I could do a better job than this. That said, I'm willing to bet there's a million unemployed people (999,999 of whom are on Fark) who could do a better job.

Then again, I've been in IT in one form or another long enough to know that things that are seemingly inexcuseable are usually dictated by either management or by structure.
 
2012-08-05 09:54:10 PM  

ThrobblefootSpectre: meow said the dog: He was doing the charging of fees for this service and according to the second article upon which I have linked "Arnold's software was tying up the campus computer network, claiming it accessed UCF's scheduling website 220,000 times, as often as every 60 seconds."

Too be honest, he really doesn't sound very bright, especially when he doesn't even understand, by his own admission, why it was causing a high load.


On a normal server, it wouldn't cause a high load. On a normal server, it would have created an index for the query, and gotten him the results extremely quickly, with no load to speak of. 220,000 accesses over 6 months is once per minute. If your system considers that a denial attack, something is wrong with your system.
 
2012-08-05 09:57:58 PM  
Reading about it from the local paper, the student also has to write something like a 7-10 page essay on what he did, why it was wrong, and what he learned from this mess. Which is kind of weird because he wrote another app previously - about open parking spots on campus lots/garages (UCF campus is, hands down, the worst area to try and park in the United States) - and tried to ask permission from UCF parking services to do so. They denied him. He apparently also tried to seek permission for this app but was ignored. Not denied, just ignored. So he went ahead with it anyway.

Still, our local papers are usually a little loose with the facts, so I don't know how much of it is true. But UCF is pretty f*cking weird when it comes to punishing students for grey area things. And the red tape is absolutely nuts. But, good effort for trying kid.
 
2012-08-05 10:01:28 PM  
I don't get the sense that the school is really trying to punish this kid for bogging down their IT infrastructure. To me, that sounds like an excuse. The guy was charging people to use his app. He was making money off the school. THAT'S what the problem was.
 
2012-08-05 10:10:08 PM  

The Jami Turman Fan Club: On a normal server, it wouldn't cause a high load.


A "normal" server? Out of thousands of different types of servers, there's a normal type?
 
2012-08-05 10:19:58 PM  

Fabric_Man: If it works, he'll simply drop out and get a six-figure job in Cupertino. And CFU will lose out on alumni contributions.


As a dean, I'm getting a kick... etc.

Rest assured that if this thing actually worked as advertised, the university administration would be more than happy to use it to be able stretch its teaching resources farther. It should be pretty obvious that there is something quite wrong with either the app or how it is being used.
 
2012-08-05 10:29:21 PM  

meow said the dog: Better articles here and here.

He was doing the charging of fees for this service and according to the second article upon which I have linked "Arnold's software was tying up the campus computer network, claiming it accessed UCF's scheduling website 220,000 times, as often as every 60 seconds."

I do not have the opinion on this but do feel that the Boing Boing story lacks quite the bit of relevant details.


You're supposed to be incoherent, not informative. Wrong alt?
 
2012-08-05 10:39:12 PM  
University administrations, you'll never find a more wretched hive of scum and villainry.
 
2012-08-05 10:46:24 PM  

fustanella: Speaking as someone who went to UCF twice unsuccessfully, yet had no issues graduating at Valencia (AA) and Rollins (BA, valedictorian in all but name), this does not surprise me.


I can't tell if you're trying to insult yourself or the school.
 
2012-08-05 10:46:40 PM  

mc6809e: Go back to marketing and leave the programming to people that know how to avoid DDoSing a website.


ROFL. How about leaving web development to people who know how to handle 60 queries an hour?
 
2012-08-05 10:46:52 PM  

The Jami Turman Fan Club: something is wrong with your system.


it's peoplesoft
 
2012-08-05 10:53:37 PM  

a sharp nail: [images.askmen.com image 376x490]

This kid sounds like a tool.


And he's got the poppy-outy eyes like the Colorado shooter, along with the "smile that is not a smile".
 
2012-08-05 10:54:55 PM  

xl5150: *yawn* State School problems. You really don't get to complain about the outcome when you want to pay bargain-basement prices for an "education." I'm glad I went somewhere where they were actually interested in the outcome of their teaching and the products they were creating instead of always dumbing everything down and punishing anyone who shows true ingenuity. This guy obviously has the smarts to be an entrepreneur; what's he doing at a state school where the main focus is to get its bottom-tier students prepared for a life of substitute teaching or being an assistant manager in HR?


Obvious troll is obvious. But I feel like biting anyway.

/my state school was ranked #1-#4 nationally for my undergrad engin degree, depending on the year
//always in the top 20 in the world overall... top 15 this year, it looks like
 
2012-08-05 10:56:35 PM  
I went to UCF, so I am getting a kick.
 
2012-08-05 11:10:13 PM  
I graduated from UCF. Luckily, I was never one of the ones who had to wait anxiously for a class to open up just to make my schedule work. However, I knew those who did. It was a pretty stressful experience for them. An app that would've made their life less stressful would've been nice. However, as others have said, I think the biggest issue is probably the fact that he was charging for it. If he had given it away for free, they might have just sent a Cease and Desist letter if it was causing issues.
 
2012-08-05 11:11:48 PM  
/Side Note - Kind of amazing how many of us Farkers are in Orlando or went to UCF. Even though it has 60,000 students, UCF always felt like a small school to me.
 
2012-08-05 11:17:59 PM  

foxyshadis: cxjohn: Top rated and they do this to a student who made their system look like Mickey Mouse wrote their programming?

Dude, SELL your app to other universities and tell these schmucks where they can jump. You're already BETTER than they are.

Anyone in any university's IT could throw together the same badly built sack of crap that'll DDoS their own systems as soon as more than a half-dozen people use it, do a better job, and probably have it done in a day or two. Obviously there are management failures with directors who refuse to allow any new projects because they're too busy chasing down the bugs from all of the older ones, but filling a hole with a steaming pile like that is why change management and meetings with "stakeholders" get put in place in the first place.


Not necessarily. My sister just quit working for a certain NW Ohio private University in a former glass making town (so it shouldn't be hard to figure out, but I don't want to get her in trouble). She said the IT department there was terrible, which I believe in part because not once, but TWICE did they completely wipe her coworker/friend's hard drive with no warning. We'll leave aside the obvious 'well why the fark were you keeping anything on it after the first time' question and just say yeah... that's never a good sign for an IT department.

I briefly worked at a U near where I live and their support staff wasn't much better; I was trying to upgrade the drivers for an old color printer (bosses wanted it hooked up) but didn't have permissions, and the IT chica they sent over didn't actually know what she was doing either so it never happened.

/shakes head
 
2012-08-05 11:21:11 PM  
bighairyguy: University administrations, you'll never find a more wretched hive of scum and villainry.

and there you have it. I couldn't say it better. . .
 
2012-08-05 11:23:45 PM  
Isn't it odd how people in authority always find ways to punish those who comes up with an idea to improve a system. Perhaps a warning would have been enough and asking the young man to work with administration on improving his work. It could have worked for all concerned. Punishment is better. Long live apparatchiks!
 
2012-08-05 11:24:08 PM  

ladyfortuna:
Not necessarily. My sister just quit working for a certain NW Ohio private University in a former glass making town (so it shouldn't be hard to figure out, but I don't want to get her in trouble).


Wouldn't have been a College initially, changed to a University a few years back, would it?
 
2012-08-05 11:31:50 PM  
I find it sad but amusing that the armchair IT experts here are second guessing a University IT department when they A) Don't really know all the facts about what happened and why B) Don't know the technical specifications of the system, including what else it was doing, how many other systems it was linked to, how much data it had to handle, and how many resources it had to do it with and C) are suggesting options for doing it the "right" way when they obviously have no experience in University IT.

Outsource to Amazon's cloud? Seriously? Do you have any idea how much complexity that would add to the system, not to mention the show stopper of possibly needing to explain to your student base why their stolen personal information happened to be on a computer not owned or protected by the U when it got hacked? Including explaining to the government why PHI or PCI data was present on non certified systems?

Universities usually have to account for the money they spend, one way or another. You don't oversize systems "just in case" especially when you already have millions invested in a major app like Peoplesoft or SAP. You do your best to right size the system within a small range, so you neither waste money nor fail your project. If you think screwing up an IT app this size hurts your career in the private sector, have a look at what it does in the academic computing world. Hell hath no fury like the tax paying public believing their money is being wasted.

What this guy did was (in simple terms) place a non negligible load on the University's systems without formal permission to do so for the purposes of making money. Let's say that even more simply: He took U resources and used them to make money for himself.

If the U ignored him because their server could handle it or expanded the system to handle his load, most of you would be calling for their heads instead, for handing money from "your taxes" (not usually true) over to a "corporate whore".

PS: On top of all this, I have to wonder why this minor story is Fark-worthy. Sounds like an effort by the perp in question to build support for his "clever" entrepreneurial efforts...
 
2012-08-05 11:32:51 PM  
It amazes me how after the REAL facts have been spelled out in this thread AND two others more accurate articles on the web, people are still acting like this guy is a victim.

He didn't write the app, he charged for the app, and he doesn't know enough about how the shiat works to know what he did wrong. He broke the rules and PROFITED from it.

Why is everyone acting like UCF has a crappy infrastructure?
 
2012-08-05 11:37:57 PM  

Lehk: The Jami Turman Fan Club: something is wrong with your system.

it's peoplesoft


PeopleSoft is AIDS.
 
2012-08-05 11:58:13 PM  

DssDevl: Why is everyone acting like UCF has a crappy infrastructure?


Because they're using Peoplesoft, which makes the world's best servers crappy?

superman82: /Side Note - Kind of amazing how many of us Farkers are in Orlando or went to UCF. Even though it has 60,000 students, UCF always felt like a small school to me.


You have no idea what a small school is like, do you?

I went to a school with about 3,000 total enrollment, graduate and undergrad. Please don't claim that an experience at a school 20 times the size was remotely comparable.

Could you recognize nearly everybody on campus? Could you sit in one spot and see half the student body pass through over the course of a few hours? If you wanted to see a friend or two, could you just drop by the student union and find somebody you knew fairly well? Did you know anyone involved with any of your D1 sports teams? Better yet, did you know any of the coaches, trainers or other staff for your D1 teams? Were they willing to do a favor for you, as an unexceptional member of the student body (say, sharpen skates)? Could you strike up a casual conversation with the President of the school? Did you even ever see the President in person, much less have a chance to chat in a casual context? On multiple occasions?

My bet is on no. You did not have a small school experience. You went to a large school and stayed within one social circle. The thing with a small school is that you'll often have contacts in every social circle there, even ones you'd never really think twice about. I can easily say was two degrees away from everyone on that campus, and all through people I knew fairly well.

Sorry for the rant, but that comment sounded quite stupid to me as somebody who really did go to a small school. Those dynamics are simply impossible to replicate at a school that size.
 
GBB
2012-08-06 12:17:15 AM  
Fark UCF. I went to register, parked in the visitor parking lot and had to pay for parking at a meter. I paid for my spot at around noon. As I was walking from the meter to the registration building, I noticed a parking enforcer walking down the row, checking each spot, but hadn't yet reached my car. I thought about going up and saying, "Hey, just paid for parking, just wanted to let you know.", but decided against it thinking that the system is automated, they will see it when they type in the space number.

NOPE. Came back to a ticket on my car. Took it, and my parking receipt to the Parking window. Lady glanced at it and said my receipt was for a different day. BS!!! She says the system is automated and there is NO WAY this could happen. I argue for several minutes before she looks again, then says that 12pm is after 2pm, the receipt and ticket were from different days. I then point out, that it must mean I'm a time traveler, because by her deduction, I got the receipt from 'tonight'. She then says it's a fake. I tell her, "if your system is automated, then you can confirm the receipt in your system to prove it's not fake". She disappears for 20 minutes. 20-farking-minutes!! before telling me that "it's been taken care of". WTF does that mean?? She says that the ticket has been taken care of. Again, WTF does that mean? We went back and forth before I said, "In plain English, does that mean you are voiding the ticket??" She says yes. I ask why she couldn't just say that? And I ask for it in writing.

Seriously, Fark UCF. This was the very first experience I had with this school and it certainly wasn't the last. Between course catalog disputes, and them canceling my degree specialty, tuition hikes, textbook BS, and this cheating BS that wasn't actual cheating because that jackass professor said that he didn't use the publisher's test bank, then ended up using the publisher's test bank, which we studied off of.... FARK UCF!!!
 
2012-08-06 12:18:51 AM  
He should have waited until he was able to apply for an internship with the school (if one exists) and then launched the app while having open communication with the school.

/DRTFA but I'm assuming it worked by mining data from queries?
//I have improvements for the network at my school but I'm waiting for the internship to toy around with the system.
 
2012-08-06 12:27:08 AM  

FitzShivering: Then again, I've been in IT in one form or another long enough to know that things that are seemingly inexcuseable are usually dictated by either management or by structure.


That's why I pulled back on my punches a bit and blamed the department as a whole and management in particular. This isn't something that one person could have personally screwed up so bad. I know quite well how many good employees toil under terrible management, or just give up entirely and start coasting through every day.

AccuJack: Outsource to Amazon's cloud? Seriously? Do you have any idea how much complexity that would add to the system, not to mention the show stopper of possibly needing to explain to your student base why their stolen personal information happened to be on a computer not owned or protected by the U when it got hacked? Including explaining to the government why PHI or PCI data was present on non certified systems?

Universities usually have to account for the money they spend, one way or another. You don't oversize systems "just in case" especially when you already have millions invested in a major app like Peoplesoft or SAP. You do your best to right size the system within a small range, so you neither waste money nor fail your project. If you think screwing up an IT app this size hurts your career in the private sector, have a look at what it does in the academic computing world. Hell hath no fury like the tax paying public believing their money is being wasted.


EC2 is PCI and FISMA certified, dumbass.

You sound like the one who just doesn't get it. In all the years I've been employed, contracting, and consulting, I've never seen one company right size it. Within a year they either have massively overbudgeted and wasted a hundred thousand dollars, as by the time they need the capacity they provisioned technology will be a tenth of a price, or they underbudgeted and they need an emergency upgrade (which is usually when I get called in). Right sizing is impossible, because needs fluctuate unpredictably in the real world; it's one of those convenient fantasies that consultants put on their MS Project timelines to land big gigs, and disappear as soon as they have their last payment, right before the scale problems start breaking their carefully patched system.

Cloud computing is all about eliminating the need to right size. You pay for whatever size you happen to need at any point, because you literally pay by the cycle, by the byte, by the bit. Peoplesoft runs perfectly on encrypted hard drives and always have; if you don't know that, you don't belong in IT. Always encrypt your cloud, kids. Any vulnerabilities on any level above the hard drive exist completely outside of cloud/physical consideration, and are moot, because they would exist and should be mitigated in exactly the same way as local databases - the data returned matters, not where it comes from. Your assumption seems to be that physical assets are automatically safe unencrypted, though, which is exactly the attitude what causes so many of these disclosures. How many of your projects are truly safe if a drive was discarded?
 
GBB
2012-08-06 12:30:04 AM  

cirby: Bucky Katt:
Micky Mouse University in Orlando, Florida. What more do you need to know?

Let's see... almost 60,000 students (one of the largest university campuses in the United States), attached to a large research park, lots of nationally-ranked educational programs...


They are too big for their own good. It's turning into a brick and mortar degree mill except the process is so confusing, most people spend an extra year in classes to make up for deficits because they were told to take the wrong class at some point or a prerequisite that wasn't actually a prerequisite. I went to a counselor every single semester to make sure I didn't waste any more time there than was necessary and 3 times we discovered inconsistencies and conflicts between the course catalog, their "course map" handouts, and the actual course subject matter. The school is way more interested in making a buck, more so than most schools. The school isn't set up to care about your education, that's just a side effect of their business plan. If they could charge you for walking on sidewalks or breathing the air in a building, they would.
 
2012-08-06 01:02:17 AM  

Danimal79: Each student and each class was accessing the system every 60 seconds. Say he had 100 students and each had 3 classes on the list. You would be accessing UCF's system 300 times every minute. Also, yes it is a PeopleSoft system. The tables it is accessing to do this class search contain millions of rows. It's going to take a toll when you search that often.


I have to wonder why on earth they let just anyone access the database. If they want to only allow "permitted" apps to access it, they should require a password for reading and only give that out to legit developers who know what they're doing (including any students who get permission to work on projects like this). People access a legit app (via the web or student registration or whatever it is) and on the back side it has credentials to log in.

/happily never dealt with PeopleSoft
//but no way in hell the databases I do deal with allow random reading
 
2012-08-06 01:03:28 AM  

Lsherm: Benevolent Misanthrope: This About That: Hmmm... smells like internal politics shiatty IT infrastructure to me.

FTFY. Even if you load 70% less data, if you're touching the server 10x more often, it adds up. But the University should have worked with him on this instead of threatening him. Now they're going to have to walk back a national story.

At the beginning, his app would query the school's class database once every fifteen minutes because a blanket query of the system could take 14 minutes to complete. But that's one query. Push it out to multiple users all running a 14 minute query at different intervals and I imagine the traffic built up pretty quickly. So the kid rewrote the app to only check for particular classes instead of retrieving the whole schedule of classes, which he should have done in the first place.

I wonder if they're punishing him for the months he ran the app while just querying the whole database willy nilly.


Maybe a trained engineer.
 
2012-08-06 02:06:18 AM  

Danimal79: EngineerAU: meow said the dog: He was doing the charging of fees for this service and according to the second article upon which I have linked "Arnold's software was tying up the campus computer network, claiming it accessed UCF's scheduling website 220,000 times, as often as every 60 seconds."

There's really something weird going on if the system can't handle a query once every sixty seconds. And if that's the frequency of requests, then he spread the 220,000 request over almost half a year. Unless it was a really badly written query or the database is very poorly optimized, one query a minute shouldn't effect anything. Of course PeopleSoft is one of those huge wannabe mainframe crapware packages so it might actually choke on something Microsoft Access running on a 286 could handle easily.

Each student and each class was accessing the system every 60 seconds. Say he had 100 students and each had 3 classes on the list. You would be accessing UCF's system 300 times every minute. Also, yes it is a PeopleSoft system. The tables it is accessing to do this class search contain millions of rows. It's going to take a toll when you search that often.


Not if the allowed queries are even a little bit sane. I have 600 people hitting a database many times a minute where just one table is over 100M rows. This database runs on a dual quad core system with 96GB of ram and some SSD's, not exactly a budget breaking machine for a university. Now if even a fraction of those queries were wide open table scans the resources would be pretty quickly exhausted (not really since we have resource limitations setup per user, but that's not available in every database system).
 
2012-08-06 05:16:44 AM  

diaphoresis: SevenizGud: WelldeadLink: Student is trying to respond in comments of this article.

From that link is this:

He must write a five- to eight-page paper on what he would do if he were placed in the role of a UCF administrator and had to update the system

No doubt to be followed by a mandatory 5 page report on which janitorial service would be most cost-effective for the university followed by:

A mandatory 5 page report on how to identify the female students most likely to have sex with a school administrator and not blab about it, followed by:

A mandatory 5 page report on whether the spread offense would be....

Come ON ALREADY WITH THE SLAVE LABOR!!!!!

/he isn't a graduate student YET

It's clear yoou know how college administrators think. Had my first lesbian experience with the Dean's secretary just to get priority placement in a class my senior year.


Go on...
 
2012-08-06 05:36:02 AM  
Well. They obviously don't want anyone to finish.
 
2012-08-06 07:54:37 AM  

robodog: Danimal79: EngineerAU: meow said the dog: He was doing the charging of fees for this service and according to the second article upon which I have linked "Arnold's software was tying up the campus computer network, claiming it accessed UCF's scheduling website 220,000 times, as often as every 60 seconds."

There's really something weird going on if the system can't handle a query once every sixty seconds. And if that's the frequency of requests, then he spread the 220,000 request over almost half a year. Unless it was a really badly written query or the database is very poorly optimized, one query a minute shouldn't effect anything. Of course PeopleSoft is one of those huge wannabe mainframe crapware packages so it might actually choke on something Microsoft Access running on a 286 could handle easily.

Each student and each class was accessing the system every 60 seconds. Say he had 100 students and each had 3 classes on the list. You would be accessing UCF's system 300 times every minute. Also, yes it is a PeopleSoft system. The tables it is accessing to do this class search contain millions of rows. It's going to take a toll when you search that often.

Not if the allowed queries are even a little bit sane. I have 600 people hitting a database many times a minute where just one table is over 100M rows. This database runs on a dual quad core system with 96GB of ram and some SSD's, not exactly a budget breaking machine for a university. Now if even a fraction of those queries were wide open table scans the resources would be pretty quickly exhausted (not really since we have resource limitations setup per user, but that's not available in every database system).


The problem isn't really the size of the tables, it's the number of tables and the joins on those tables. The way PeopleSoft has designed the class tables isn't the most forthcoming to speed. On top of that, there are some ridiculous state regulations that we have to abide by that don't help either. Things such as never being able to clean out our course catalog, even with classes from decades ago just in case those students come back to UCF.

itazurakko: Danimal79: Each student and each class was accessing the system every 60 seconds. Say he had 100 students and each had 3 classes on the list. You would be accessing UCF's system 300 times every minute. Also, yes it is a PeopleSoft system. The tables it is accessing to do this class search contain millions of rows. It's going to take a toll when you search that often.

I have to wonder why on earth they let just anyone access the database. If they want to only allow "permitted" apps to access it, they should require a password for reading and only give that out to legit developers who know what they're doing (including any students who get permission to work on projects like this). People access a legit app (via the web or student registration or whatever it is) and on the back side it has credentials to log in.

/happily never dealt with PeopleSoft
//but no way in hell the databases I do deal with allow random reading


State regulation that states you have to have a publicly available course catalog with search capabilities.
 
2012-08-06 09:30:16 AM  
university is clearly lacking a bofh.

this should be solved remotely in less than three commands; not be a national article and debate.
 
2012-08-06 09:56:42 AM  

Danimal79: State regulation that states you have to have a publicly available course catalog with search capabilities.


Well of course. That doesn't mean you expose your actual database connection as the API.

The IT department is supposed to write (or buy, if that's how they roll) an application, let it run on the web or on phones or over the actual telephone or whatever they like, that accesses the database SANELY and in a controlled manner on the users' behalf. If some student wants to screen-scrape that, fine, but letting the end users have direct access to the database (where they can easily DDoS if they're malicious, never mind any sincere mistakes like this student made) is crazy.

Notice you can search Amazon for books all you like, but you don't do it by writing your own SQL queries against their database, y'know? You use the web interface they have kindly provided for you.

If you want to let people write apps against your back-end, you give them credentials (allowing THEM to write an application for others to use, etc) so that you can track what they're doing and shut them off if there are shenanigans. Students do this, cooperatively, many places - but they do it correctly and get permission.

evilmousse: university is clearly lacking a bofh.

this should be solved remotely in less than three commands; not be a national article and debate.


Indeed. Hopefully both parties learned from this.
 
2012-08-06 11:04:01 AM  
foxyshadis:

AccuJack: Outsource to Amazon's cloud? Seriously? Do you have any idea how much complexity that would add to the system, not to mention the show stopper of possibly needing to explain to your student base why their stolen personal information happened to be on a computer not owned or protected by the U when it got hacked? Including explaining to the government why PHI or PCI data was present on non certified systems?

Universities usually have to account for the money they spend, one way or another. You don't oversize systems "just in case" especially when you already have millions invested in a major app like Peoplesoft or SAP. You do your best to right size the system within a small range, so you neither waste money nor fail your project. If you think screwing up an IT app this size hurts your career in the private sector, have a look at what it does in the academic computing world. Hell hath no fury like the tax paying public believing their money is being wasted.

EC2 is PCI and FISMA certified, dumbass.

How about HIPAA? Or even if it is, how about the fact that the U has no visibility into or responsibility for security on those systems? I know very few U employees willing to use cloud services for this reason, if only because it's something the higher ups will use to blame them if things go FUBAR. Then there's the fact that a lot of the app vendors (dunno about Peoplesoft) will refuse to support their software if you're integrating cloud services... they blame the cloud environment for problems, and the finger pointing only stops if you can cut that part of the app out and demonstrate the problem still exists. It used to be the same way for virtualization technology.

On top of all that, there's the fact that U IT systems tend to be used for 10 years or more, and integrating cloud resources into such a system means you're betting that the company supplying the cloud will continue to do so, will continue support using a compatible API for as long as you need them, and won't cause other problems down the line. There aren't very many U developers or managers who are willing to add in the stack of extra complexity and risks associated with using cloud services in any critical project, either because they fear the consequences of failure from management, or honestly don't want to risk providing poor services to their U, or both.

You sound like the one who just doesn't get it. In all the years I've been employed, contracting, and consulting, I've never seen one company right size it. Within a year they either have massively overbudgeted and wasted a hundred thousand dollars, as by the time they need the capacity they provisioned technology will be a tenth of a price, or they underbudgeted and they need an emergency upgrade (which is usually when I get called in). Right sizing is ...


In my own career I've seen companies get it right... I work for a big 10 university IT department (for the past 6 years of my 23 year so far career). Not the majority of the time certainly, but they do try and a lot of the time succeed. The best I've seen was a medical device company that failed maybe 10% of the time. Having flexible resources helps... multiple commodity computers forming app tiers, virtualization, etc that allow re-tasking of underused resources or flexible allocation in the first place. There's no substitute for quality people, good prior planning and conservative choices though.

If you've never seen anyone 'get it' you should probably look around for a smarter class of company to work for. I suspect that the oft-quoted statistic that 'half of all IT projects fail' is averaging in some clueless dot-com busts with the good ones. Has it occurred to you that your being a consultant who is called in to fix issues might give you a slanted view of the competence IT in general?
 
2012-08-06 06:32:11 PM  

itazurakko: The IT department is supposed to write (or buy, if that's how they roll) an application, let it run on the web or on phones or over the actual telephone or whatever they like, that accesses the database SANELY and in a controlled manner on the users' behalf.


It sounds like they did most of that, the only real problem was letting someone with guest access query the whole damn catalog through the web interface. If my years in IT at a university taught me anything, it's that someone probably demanded that functionality even after being warned that things like this might happen. For years my management would deal with technical problems with "oh, we'll just make a policy" - as if we were in a fortune 500 bank with employees we could fire.

The kid didn't write an app that ran off the back end - he was passing queries through their web interface.
 
Displayed 97 of 97 comments

View Voting Results: Smartest and Funniest

This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
On Twitter





Top Commented
Javascript is required to view headlines in widget.

In Other Media
  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report