You are viewing a single comment's thread from:

RE: HiveSQL Downtime Update - Recovering from a ransomware attack

in HiveDevs2 years ago


I can see by your detailed reporting that you're kinda feeling some responsibility for the vulnerability due to the patching issue, but all I can say is - we're all human.Man... shit happens @arcange

You're one of the most diligent, hard-working and talented devs I've met here on hive. I remember chatting to you about hive SQL back in Krakow and in a 15-minute conversation I learned more about the intricacies of the blockchain querying functions I'd been using to narrow down potential Curie-worthy posts for submission than I'd learned in the previous year of self-teaching/experimenting. Although I've got to shout out @carlgnash for being super helpful tutoring in the beginning. The technical stuff is very difficult for me, and between his tutorage and my convo with you at SF3 I became very confident in querying the blockchain with SQL.

Anyway, all I'm really saying is don't beat yourself up too much about this attack. It takes someone of integrity to admit if they made a mistake, but as I said above we're all prone to them now and then. In the great debate about AI, perhaps this is one positive thing AI will bring to the table, the ability to manage complex systems such as SQL and other complex database systems, without the human fallibility that comes with stress, the way our brain works and the inevitable decline in efficiency that comes with age. I know I'm feeling that last one these days.

Good on you for noticing the attack quickly and working hard to identify the extent of the attack, close the vulnerabilities, and restore the integrity of the data with backups.

All the best 👍🙂

2 years ago in HiveDevs by
$0.00
    Reply 1
    Sort:  
  • Trending
    • [-]
     2 years ago  

    Thank you for your comment @raj808

    I remember meeting you in Kraków and I am happy to read that our conversation about HiveSQL and writing queries was fruitful for you.

    Honestly, I don't beat myself about this attack, quite the contrary. Knowing how the infrastructure is built and how it intertwines with other services, I'm quite proud of myself.
    But In terms of security, you have to be constantly vigilant and what happened tickled me at a time when this vigilance might have slowly died down. On the other hand, it allowed me to validate once more, and in real stress conditions the Disaster Recovery plan that I had put in place. In ~24 hours, the services were restored, which is a good score I could have done better, but since this was a disaster with prior intrusion, it was necessary to allocate time for an infrastructure security assessment.

    Your thinking on protecting systems with AI is interesting. I'm not sure that solves all the problems because it is surprising to see the creativity that humans can show, especially bad people when they are motivated. But I am certain that AI will contribute to better security and in any case improve the level of vigilance.

    Have a good week-end

    $0.02
    • Past Payouts $0.02
    • - Author $0.01
    • - Curators $0.01
    1 vote
    Reply