From Tony N2MFT:

---------- Forwarded message ---------
From: Tedd Mirgliotta (KB8NW) via Ohio/Penn DX Bulletin <[email protected]>

The following was posted on CADXA Groups.io and other Web sources:


Heres a copy of a post by AA6YQ, developer of DXLab, on Facebooks My ARRL Voice group.

ARRL IT: Its far worse than they told us!

On 2024-09-19, ARRL Southeast Division Director Mickey Baker N4MB met via Zoom with the Southeast DX Club. A recording of the meeting is available here:

https://sedxc.org/sedxc/zoom/zoom_09.19.2024.mp4

 

Mickeys presentation (delivered without slides) begins at 11:20 .

Here are the points relevant to the System Disruption

1. Backups were destroyed; either the previous IT Directors effort to shift backups to inexpensive write-mostly storage on Amazon Web Services failed, or the ransomware perpetrators found these online backups and deleted them.

2. The new IT Director hired after the incident installed a new backup appliance, but reported it to be working without ever having tested its recovery functionality or performance.

3. Decryption keys provided by the ransomware perpetrators did not decrypt the ARRLs finance system; ARRL staff are still trying to recover the database from this system. All accounting is currently manual. This is why the 2023 Annual Report has not yet been published.

4. Recovering LoTW was accomplished by hiring John Bloom the original developer who released LoTW in 2003 with no testing and no user documentation. LoTW is running on versions of Centos (Linux) and SAP MaxDB both of which have been unsupported for more than 5 years. (Duh: guess what happens when you starve LoTW of development and maintenance resources for the past 7 years).

5. An IT Advisory Committee was created and is chaired by Kristen McIntyre, K6WX - an Apple Developer with no IT Operations experience. She advocates recreating the ARRLs IT environment from scratch. This committees first 3 meeting have made no progress.

6. Since early July, Jon Bloom has been working alone to re-implement the DXCC System in Python. The system previously ran on Windows 98 and FoxPro. FoxPro wont run on any operating system after Windows 98, and the ARRL did not retain the ability to create a Windows 98 system.

7. There is no documentation of which ARRL applications and services are running on which hardware.

8. Everything is running in 3 rooms on the second floor of ARRL Headquarters, with Servers and Storage in different rooms. Its been that way for ~20 years.

9. The ARRL is still spending ~$40K a month on recovery efforts (Finance system, DXCC system)

10. Mickey is unhappy with the approach to recovery. His offer to serve as Project Leader at no charge has not been accepted.

Bluntly, this situation is ridiculous. The complete absence of IT competence from the CEO on down is outrageous.

CEO Minsters 2021 proposal to re-implement LoTW from scratch his infamous Project X - was cancelled in 2023 as unaffordable before it ever got off the ground. Now Ms. McIntyre wants to re-implement the entire IT infrastructure from scratch? The ARRL badly needs leadership with experience in modern software engineering and iterative development.

Dont like it? Engage with your ARRL Director! Contact information is here:

http://www.arrl.org/divisions

de AA6YQ

Jim N7US

Tedd Mirgliotta, KB8NW - E-mail addresses:
<[email protected]> and <[email protected]>
Editor of the Ohio/Penn DX Bulletin (OPDX - DXer's Tool of Excellence)
================================================