I remember my first day of my first professional programming job back in 1996. I had just learned SQL that morning (which I’d never even heard of before) and that afternoon I forgot to add a WHERE clause to a DELETE command. Good times …
Fortunately this was in production and not in any important environment like development or test.
That’s why I start my dangerous queries with a broken first word like ELETE FROMtable... and do a proofread before adding the D. Saves you from annoying mistakes either by stupidity or fat fingering the enter key.
Lol “credentials”. This was done directly on the server, which was kept always logged in with the admin account so anybody in the server room could access it. It was OK though, this was just a small company … just Reliance Electric, now part of Rockwell Automation.
And you thought “security through obscurity” was bad - this was “security through apathy”.
That was the 90s. It’s so long ago, we’ve come so far, so luckily there is no way any respectable company in 2025 does anything like that anymore.
Meanwhile: There’s me joining a ~400k employee corporation half a year ago to find out that they don’t have a dev env and testing is done on production, we just have to not push the “publish” button to keep our tests in preview mode instead of going live in our customer-facing ecom solution. 😬
I remember my first day of my first professional programming job back in 1996. I had just learned SQL that morning (which I’d never even heard of before) and that afternoon I forgot to add a WHERE clause to a DELETE command. Good times …
Fortunately this was in production and not in any important environment like development or test.
That’s why I start my dangerous queries with a broken first word like
ELETE FROM table...and do a proofread before adding the D. Saves you from annoying mistakes either by stupidity or fat fingering the enter key.Always think twice before bringing the D.
If they gave a newbie full r/w creds to a prod db, that’s 100% on them and not you.
Lol “credentials”. This was done directly on the server, which was kept always logged in with the admin account so anybody in the server room could access it. It was OK though, this was just a small company … just Reliance Electric, now part of Rockwell Automation.
And you thought “security through obscurity” was bad - this was “security through apathy”.
That was the 90s. It’s so long ago, we’ve come so far, so luckily there is no way any respectable company in 2025 does anything like that anymore.
Meanwhile: There’s me joining a ~400k employee corporation half a year ago to find out that they don’t have a dev env and testing is done on production, we just have to not push the “publish” button to keep our tests in preview mode instead of going live in our customer-facing ecom solution. 😬
Onosecond