Akamai DNS failure was due to software configuration update – IT Pro – News

This is of course nonsense if you want to put this as a generic statement. If only because worldwide legislation changes every day, which companies and institutions have to comply with. All software changes/upgrades. (there had been 280 bills that have been dealt with in the Netherlands in 2020 (I cannot find 1-2-3 how many of them have been approved, but even though only 20 of them)

Business logic should be separated from the core of the IT systems, so that you can change it without having to change the underlying system. In addition, legislation always has an initial period. If you use that as an argument, you need at most 4 update moments per year under normal circumstances.

Encryption methods are changed/strengthened. You don’t have to replace your entire street the moment you go from SHA256 to SHA512 (I’m just making up something). You can then say, you should have started with SHA512, but if it wasn’t there then, it’s not much use.

Usually these are all relatively small changes that are easy to roll out with a year’s delay.

This too is nonsense. Companies like Amazon, Netflix, Facebook, Adobe all work with CI/CD pipelines and not just for the misspellings of the company restaurant menu…

Funny, but the companies you mention are all not exactly critical infrastructure.
What I am talking about are systems at the police, network operators, telecom operators and other organizations that do have to guarantee a certain SLA.

A webshop that misses a few sales, a few chat messages that are not delivered, a few videos that cannot be viewed are hardly critical. Yes it costs those companies money, but that’s it.

And Adobe? There you mention exactly that one company that does not use a CI/CD for the roll-out to its customers, but works with a release train in the last steps.

This is of course completely correct and then your CI/CD will stop at a certain Acceptance environment and eventually a release will be created that is audited

How often does such a release get an audit?
Usually that is every 6 weeks or even longer and the lead time is quickly a week or 2.

At that point, you are simply back in the 1999 situation.

I’m sorry, but I feel that the quality of the software suffers from the idea that everything can be fixed with an app update.

And the people who say that you need to update often and that the speed needs to be increased? Those are the people who have never been bitten by the phenomenon of the update that has passed all the checks, but whose update and rollback procedure does not seem to work.

Sooner or later, that moment will visit every company and every programmer. I hope if it happens to you, you have the political resources to keep your job. At that point, your technical skills no longer matter.

–