[Info-vax] Meditech in the news

Dave Froble davef at tsoft-inc.com
Wed Jan 12 20:00:27 EST 2022 

On 1/12/2022 6:44 PM, Arne Vajhøj wrote:
> On 1/12/2022 5:23 PM, George Cornelius wrote:
>> Arne Vajh?j <arne at vajhoej.dk> wrote:
>> [...]
>>> Hewlett Packard said in a letter published by Kyoto University on
>>> December 29, 2021 that it took "100% responsibility" for the issue
>>> ...
>>> HPE said: "The backup script includes a find command to delete log files
>>> older than 10 days. In addition to functional improvement of the script,
>>> the variable name passed to the find command for deletion was changed to
>>> improve visibility and readability."
>>> ...
>>> The company added: "However, there was a lack of consideration in the
>>> release procedure of this modified script. We were not aware of the side
>>> effects of this behavior and released the [updated] script, overwriting
>>> [a bash script] while it was still running," HPE admitted. "This
>>> resulted in the reloading of the modified shell script in the middle of
>>> the execution, resulting in undefined variables. As a result, the
>>> original log files in /LARGE0 [backup disc storage] were deleted instead
>>> of the original process of deleting files saved in the log directory."
>>> </quote>
>>
>> Say what you will, 100% online backup storage does not replace
>> magnetic tapes that are removed from tape drives and moved to a
>> tape rack or an external vault when the backup is complete.
>>
>> Backups should be physically secured, or at least something close to
>> that: an interlock associated with each backup such that it takes
>> more than mere programmatic action by root to overwrite it. Now that
>> ransomware takes steps to erase your backups, an interlock that
>> requires human intervention, perhaps at the storage array console
>> itself, in order to be overridden, should be the norm, not the
>> exception.
>
> There is certainly advantages of having backups on tape.
>
> But with hundreds of TB then the effort to do proper tape backup
> is significant.

The issue is not whether or not tapes are used.  The issue is whether the 
backups can be accessed for other than actual backups.  Removable disk drives 
would do the same as removable tapes.  Backup to a node that cannot be normally 
accessed, and in a different location would work.  The key is, you can lose 
everything, but still recover from last backup.


-- 
David Froble                       Tel: 724-529-0450
Dave Froble Enterprises, Inc.      E-Mail: davef at tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA  15486

More information about the Info-vax mailing list