let me tell you why it sucks so much to call the government about data errors

this is based on a conversation spurred by a friend who is having extremely bad and unforgiveable issues with this, but i thought i'd share with everyone

"why can't I just call in to a number and put in my SSN and answer a couple questions to have my password reset"

okay, well, it could be they have interpreted PCI or federal security regulations in a ridiculous way, but more likely it's like this

when a large organization - any one, but the govt most consistently - does that bid process we've all heard about and winds up with a shitty contractor, what is actually so shitty about the software they make? i'm glad you asked, I'll explain: it crashes and doesn't work.

the software that large organizations use - insurance companies, hospitals, schools, the IRS - is almost invariably delivered in horrifying formats. a folder with 480 files, 40 folders and 38 .exes. that's what enterprise software looks like.

an entire business might run on a single .aspx that depends on a specific version of IIS running on a specific version of Windows Server 2003. upgrading is literally impossible, the program won't work anymore.

this kind of system has no exposed API endpoints. you can't say "well the frontend is broken, we'll just make our own thing that talks to the backend" - no buddy. you get the whole ball of wax, Visual Basic 6 frontend and all.

the database is inscrutable and you'd have to rewrite all the business logic, defeating the purpose of the $1.2 million you spent on the project, so no executive will ever go for it unless the system "isn't working"

what constitutes "not working"? i can tell you from experience: "the program won't open." anything else does not count as "not working". nothing else. nothign.

my company uses a horrifying piece of shit that only works in internet explorer (THIS WAS IN 2011) and if your login is invalid it puts you into a permanent loop of error messages that cannot be escaped unless the *server* is rebooted.

how about a java app developed in 2006 that has an SSL cert cooked into the code that can't be replaced? because it just can't? so now every single time you use it, it throws SSL cert errors over and over. this is "normal". "just click ignore"

when your login times out, it doesn't tell you. it throws a java stack error on the screen. this is for a $50,000 network monitoring system.

you literally can't expose this to users. it *cannot be done*. so forever, for the rest of the time that your company exists, unless you spend $250,000 or more to make another completely new system, you need employees who will *just* press "Update" in this Visual Basic window.

Chances are there's probably no permissions in this system, or not good ones. The lowest tier of access necessary to reset user passwords gives access to other things. So you can't expose this to anyone but employees, certainly.

Now, why is this so bad? It's because of Jeff

The software is fraudulent. Maybe the people making it don't know that, maybe they do, but the reason it was adopted instead of being refused is because of Jeff Coffee, a middle manager who is on a horizontal with about 19 other managers

He does nothing. He is useless. This part of Dilbert was accurate. He was promoted to his position by people who are also useless and have no idea what he can or can't do. He was in the right place at the right time and leveraged it.

Most executives have no idea what their company does. Executives are egotistical fucks who will not get their fingers out of pies they don't belong in. Software like this is adopted because Jeff wants to feel important, so he torpedoes his organization.

Jeff doesn't know how to ask "is there an API interface," and if he does and the company balks, he has no idea how important it is to drop the contract. Yes, he has his obligations, but the real problem is that he is a disconnected asshole with no idea what he's doing.

This is very consistent. I have heard stories about Jeff my entire life, and I have met many Jeffs in my career. Jeff is a thorn in the side of everything, and he does not listen to other people about anything.

Jeff doesn't know about computers. He has been working for ten years and the only things he uses are Office, a web browser and Webex. The latter two of these things are dead slow and throw inscrutable errors constantly.

When Jeff is watching a demo from Shitly, their new software contractor, he doesn't know that "oh, just click through those errors" is a red flag. He doesn't know that 40-second page loads in a webapp are a red flag, or that data interchange in common formats is crucial.

He doesn't know that text fields that can't be copied or passwords displayed in the plain are disastrously bad. And he won't show any of this to anyone until the ink is dry on the contract.

Maybe within 30 days the damage could be undone. That is not what happens. It's six, or nine, or nineteen months before anyone happens to shuffle into a position or power through the churn of turnover and promotions and notices that this system is bad.

At this point fixing it is effectively impossible. The data is cooked into something nauseating, like an Access database with thousands of machine-generated table names. Extracting it cannot be done.

This isn't a bit, at all. This is extremely likely. Like, a DB that contains thousands of tables, each one named with a GUID, with relational columns between them all? I've seen this.

If the contractor still exists by the time the fuckery has been detected, they either won't or can't help. They may not have anyone who actually understands the code. You'd think that would get them sued, but no.

All the execs who would be able to initiate that process are Jeffs, and none of them understand anything about how computers work. They don't get that if someone says they can't patch a program they own the source code for, that person is lying.

You won't get any help from them, and anyone who can't call up the company lawyers and just order a lawsuit directly has zero pull. No software vendor cares about the head of IT, or a VP, or anything other than your legal counsel.

I just personally went through an eight month migration process at work because a vendor that sold us a broken, fraudulent ✨cloud service✨ years ago would not give us a data dump, so in order to move to our own system we had to screenscrape it all

a fortune 500 will not screenscrape, a government entity will not screenscrape. so that's it. it's over. there's no solving it.

there's no fixing this through procedural or technical means. the problem is Jeff, the Dilbert dickhead who gets three or ten times the pay of all their reports and does absolutely nothing. This is not in any way mythical, it's a universal con.

This is why, when the person on the phone says they "can't", they probably can't. It's entirely possible nobody can. It's because everything is run by caveman shitheads who know nothing about technology more complex than a fork.

anyway that's it, that's the story. there's no point being incredulous because things are worse than you can possibly imagine.