http://forums.ddo.com/showpost.php?p=4901556&postcount=2458 Quote:OK, as one bored system developer to another, I think I've come up with a HYPOTHETICAL scenario, what do you think?
Imagine you're going through system logs and you discover an anomaly. Maybe it's a ton of outbound DNS traffic, or https connections to a .ru domain. You did a little deeper, and clearly there has been an intrusion, though it looks like they didn't get far.
You tell management, and after a hurried conference, you decide to backup user data, scrub and bare metal reinstall. You decide to limp through the weekend and schedule it for the middle of the week to minimize interruption.
At T-12 hours, you find more suspicious activity, and decide to call in forensic experts. You delay a day to give them time to arrive and set up, plus time to get fresh backups of a wider range of systems.
The forensic team gets on site, starts digging, and find a real mess. You're totally pwned, and you store credit card numbers so it's a PCI compliance issue and you could be on the hook for millions of dollars of liability (1.4 million per breach was the average cost a couple of years back).
You can't bring the servers back up until you know everything is completely clean, you can't restore to backup because you don't know how far back you'd have to go, and you can't say anything to anybody outside the response team because this could be discoverable evidence in any legal proceedings.
You can't roll back, you can't go forward, you can't tell anybody, and it could take days.
Would that cover a well managed project that took this long? Anything in that scenario that would take it out of the "well managed" category?
NOTE: This is a HYPOTHETICAL scenario! This is a thought experiment, not an explanation of current events here!
Or it could just be standard Turbine fuckery. Who knows.