The Company Deleted by One Line of Code Was a Hoax!

Yesterday we reported that a man had mistakenly deleted his entire company using just one line of faulty code. Now it turns out that the entire thing appears to have been made up by the poster as a publicity stunt.

Marco Marsala posted on the Server Fault forums asking for help earlier this week, explaining that his careless use of the “rm -rf” command in Unix had caused him to accidentally delete the contents of all of his servers, including the backups. The story became incredibly popular online and was reported by a number of major news sources as well as garnering a large number of responses to his original post, with a variety of sympathy, pity, and derision.

On Friday, the post was deleted by Stack Overflow, the parent forum of Server Fault and later a post made by a moderator, Sven, brought to light that the story was, in fact, a hoax. The poster, Sven, a Server Fault moderator, pointed to an Italian news report that detailed that the story was part of a marketing stunt by Marsala in order to promote his company and gain visibility. Marsala told the paper that the whole thing was “just a joke”. A statement by Stack Overflow revealed they did not find it quite as funny, saying “The moderators on Server Fault have been in contact with the author about this, and as you can imagine, they’re not particularly amused by it.”

In many ways, it could be surprising how many people believed the story, especially on a forum populated almost entirely by those knowledgeable in technology. It is yet to be decided how Server Fault will deal with the hoax topic, with Sven currently allowing the community in question to decide its fate.

One Line of Code Accidentally Deletes Entire Company

As far as code mistakes go, few can claim that their careless coding practices caused the deletion of their entire company. Marco Marsala ran a small web hosting company that carried the websites of a number of clients until he unwittingly instructed the servers to delete their entire contents, effectively wiping out his business and the websites of his clients.

In response to the tragedy that befell his servers, Marsala took to the Server Fault forum to explain his plight and perhaps hope that some of the forum’s denizens would be able to help him with his predicament. Instead of help, most of the advice he received simply informed him that the chance he had forever deleted his company was high and his code had completely destroyed both his own data and that of his clients.

I run a small hosting provider with more or less 1535 customers and I use Ansible to automate some operations to be run on all servers. Last night I accidentally ran, on all servers, a Bash script with a rm -rf {foo}/{bar} with those variables undefined due to a bug in the code above this line.

The reason why Marsala lost all of his data stems from his use of the “rm -rf” command, which can be broken down to “rm”, removing files, “-r” meaning it will delete recursively into every subfolder and “-f” for force, meaning no warning will be given. Due to the two variables surrounding the / being empty, this caused the system to delete from the root directory, essentially wiping out everything on the machine. To make matters worse, while he had taken backups, the backup devices had been mounted just before the erroneous script ran, causing them to also be wiped.

Responses to Marsala’s post ranged from pity to insulting, however, all agreed that the data on the servers was almost certainly gone for good with no recovery. Most focused on pointing out the mistakes he had made, instead of being able to offer him any help, “This is not bad luck: it’s astonishingly bad design reinforced by complete carelessness” wrote user Massimo.

For Marsala, there doesn’t look to be a good end to this story. There are very few options open to him that would allow the data to be recovered and even those, such as contacting professional data recovery experts, are expensive, time-consuming and have no guarantee of success. This should serve as a cautionary tale for those wishing to start their own online businesses to be very careful over what you run on your servers and the care you take of your backups.

Bash for Windows 10 Unfazed by Deadliest Linux Command

Linux Bash shell came to Windows 10 recently as part of the latest Windows Insider preview build. Immediately, people began to experiment, some to see how well the shell was implemented, while others went straight for a command capable of wiping the entire system on a Linux operating system “rm -rf /”.

For those not familiar with Linux and the Bash shell, the reason this command is so deadly can be broken down into its three parts. “rm” is the command for removing or deleting files. “-rf” contains the additional commands for recursive and force. In combination, this causes all files, folders, and subfolders to be removed, without providing any prompt for the user, even those which are write protected. Finally, “/” represents the root location of the file system, where all files and folders are stored and where the command will look for files to delete. Often usage of this command is restricted or generates a warning on modern Linux systems as, should it be executed, everything will be deleted.

This danger made it an obvious choice to try out on Windows 10’s Bash shell though you would hope it was tried from the safety of a virtual machine or throwaway installation. Fortunately (or unfortunately), this command doesn’t cause anywhere near the damage it does to Linux, although the Bash terminal itself is not so lucky, being reduced to a useless black window when started up.

https://twitter.com/shanselman/status/717846035515584512

Windows isn’t fully safe from misuse of the Bash shell, as if you run the terminal as administrator and target the /mnt/c directory, the C drive can be deleted. Although, with the lengths you have to go to in order to wipe your operating system, if it happens then it’s likely your own fault, and really, it’s no more dangerous than the command line already in Windows.