I’ve been after this guy to patch his server for a few weeks. He keeps getting sidetracked, which is understandable, but there are ways to deal with that.
Last week, we started getting close to getting it done. On Friday, the plan was together and it was almost ready to go. All we needed was to get final approval on the plan, get a change control in place, and then the work would be scheduled and we’d have a commitment and a set date where the work would be done. And that would end the sidetracks.
Then, on Monday, someone asked me if he was out of the office. He hadn’t said anything about going on vacation, but, indeed, he had an out-of-office autoreply set. Among other things, it said that super heroes need vacations too, and if the Legions of Doom are attacking, to contact this other guy. So I contacted the other guy. Fortunately he was able to figure out what was going on with the change request and keep the ball rolling toward getting the approvals and the schedule set.
I admit I don’t know much about the Legions of Doom and their technical capabilities, but there are other undesirables who know how to exploit the vulnerability I want him to patch, which means we have to presume the Legions of Doom have similar knowledge. So what I want to know is, if the Legions of Doom were planning to attack and he knew about it, why exactly didn’t he patch the server before he went on vacation for a week?
As much as I wanted to, I resisted the urge to reply to his autoreply with that question.