Yet another wonderful gift given to the world by cigarette smokers, as if the butts/trash everywhere and toxic second-hand smoke wasn't enough.
For those unaware, smokers would get drunk and pass out with lit cigarettes that would set their couch on fire and burn their house down. This lead to a push to cover everything in "flame retardants" which are more accurately called "human retardants", as they do little to actually prevent combustion from an effective source and are tied to everything from cancer to developmental issues.
Reminds me a lot of working in tech to be honest. Things break, postmortems are held. Even if the breakage is as simple as "this was an honest mistake", everything is held to "how can this never happen again," so process and red tape is added. Rinse and repeat ad nauseam until your delivery speed is butchered, the bugs _still_ happen, but hey, a project manager or someone somewhere now gets to pat themselves on the back for running a meeting and adding more process that they can now tout on their future interviews.
The entire point is that "an honest mistake" shouldn't be able to cause a large incident at a mature company. Requiring tests, code reviews, a test env, locked-down prod etc may slow down delivery, but it also prevents Andrew the sales dev accidentally corrupting the production database when he's doing a "quick fix for a customer".
risk of outage + its costs vs. risk of mitigation + its costs.
or as fight club said
> Take the number of vehicles in the field, A, multiply by the probable rate of failure, B, multiply by the average out-of-court settlement, C. A times B times C equals X. If X is less than the cost of a recall, we don't do one.
i don't necessarily mean prod DB going down as an "honest mistake," though. I think that is pretty deserving of a postmortem. What i meant is like, a bug making it through that stops something critical from working because the dev didn't write a test for it. We already know the resolution, we know who fucked up, we understand why it happened. There's no need for a postmortem to painstakingly add another layer or process for devs that screw up. Like, a lot of companies will then say "okay how can we prevent developers from forgetting to write tests" and start thinking about auto-generators for code, or adding some CI check, or a level of bureaucracy when all that was needed was the dev to own up to the mistake, or maybe their manager to tell them "c'mon, this can't happen again" and we can all move on with our day. And, if it keeps happening across differing folks, only THEN would I start thinking about process additions.
This is fixed by putting a dollar number on outages, and a seperate dollar number on process. Ie. "if each release has an extra day of tests and checks, then it will delay our hockey stick growth curve by 10%. Thats worth $X".
Turns out, it's usually better to be fast and break things, over trying to be reliable.
> Turns out, it's usually better to be fast and break things
In terms of # of correct guesses, sure. In terms of damage from guessing incorrectly over time, usually not.
The trick is to separate processes - A CSS update probably isn't very risky, and an auth or login update probably is. Don't bundle them into "website updates".
Run ahead with the layout changes and spend some time on failure-planning for the auth change.
Precisely this. The "move fast and break things" mantra came from a context where there were no users for the product yet and the people most inconvenienced by breakage are your own. It's a mantra saying "Don't worry about screwing up the UI team with a DB migration if it takes only five minutes to reverse the migration or ten minutes to tweak the UI; you can hash it out together and get back to work on the real problem." It's a reminder that exposing yourself to a little more pain now gets you to viable product faster, and the faster a startup gets to viable product, the likelier it is to take off before it hits the end of its runway.
It is not to be applied to destructive changes to systems users care about, and none of the companies named in the 2017 book by that title use that engineering tactic on their flagship products because real people care now.
> The 2009 Greenstreet Berman study, carried out by the UK government, showed that in the period between 2002 and 2007 the UK Furniture and Furnishings Fire Safety Regulations accounted for 54 fewer deaths per year, 780 fewer non-fatal casualties per year and 1065 fewer fires each year following the introduction of the UK furniture safety regulations in 1988.
That's an apples / oranges comparison unless we agree on an actuarial calculus for the value of saving an entire life vs. the cost of shortening a million lives by a day.
Funny thing about fires, though: they often forget to stop burning when they get to the kids' bedroom upstairs, or the wall of the nice old granny next door...
As a society, we generally try to strive for a higher standard than "The less cautious among us get what's coming to them."
We don't, for example, have the attitude "seatebelts are whatever, let speeding people get pulped." And there's a good history as to why we don't do that.
Even people with bad judgment deserve a shot at avoiding horrible death in a civilized society.
I'm currently working on minimizing the risks to life and limb associated with drunk driving, partially because I've known too many people dear to me who have suffered because of it to be comfortable with the notion "you deserve everything coming to you." So I think we may find ourselves at an "agree to disagree" place. ;)
You seem to be assuming that my friends were the ones who were doing the drunk driving, not the ones in the other lane of traffic when the drunk driver swerved.
In truth, they were both. I've known people who drove drunk and hurt others and I've known people who drove drunk and have been hurt and I know people who didn't drive drunk and were hurt by a drunk driver.
It's a systemic problem and requires a systemic solution. Personal responsibility is the can we kick when we're unwilling to face the need to change incentives and structures.
It's likely worse than that, because I suspect this study is biased towards flame retardants being effective.
It is true in a very narrow range of conditions a flame retardant can prevent combustion, but it's like an airbag that will only deploy for impacts between 15 and 17 MPH. In real world circumstances with real world combustion sources they don't make a difference.
It's do-gooders and "safety first" types who are to blame, unless there was some body of smokers I'm unaware of who said "do this to protect us from the consequences of our own actions."
For those unaware, smokers would get drunk and pass out with lit cigarettes that would set their couch on fire and burn their house down. This lead to a push to cover everything in "flame retardants" which are more accurately called "human retardants", as they do little to actually prevent combustion from an effective source and are tied to everything from cancer to developmental issues.