[SJDXA] ARRL IT: it’s far worse than they told us.

[John Crovelli]

I strongly recommend listening to the SEDXC recording beginning at about 16:00.  Very candid report by an ARRL Director.

GD
________________________________
From: sjdxa-bounces at mailman.qth.net <sjdxa-bounces at mailman.qth.net> on behalf of N2OO via SJDXA <sjdxa at mailman.qth.net>
Sent: Tuesday, September 24, 2024 3:20 PM
To: South Jersey DX Association <sjdxa at mailman.qth.net>
Subject: [SJDXA] ARRL IT: it’s far worse than they told us.


Sharing the following. De N2OO


The following was posted on CADXA Groups.io and other Web sources:

Heres a copy of a post by AA6YQ, developer of DXLab, on Facebooks My ARRL Voice group.



My ARRL Voice<https://www.facebook.com/groups/1181497555327577/?hoisted_section_header_type=recently_seen&multi_permalinks=3315531345257510&__cft__%5b0%5d=AZUiDrPkiXVoWhdsGVxGHWROKhrKccIAMIxrHEZfObgfL3H8yu-hQBRvDNRDw3lyUlmIjHmtzGP153FcUD3i4LMjA4kWBY7nZr8blmM8cavBCv8_JvTfr7lw6eKSAjAUBzAApHgQQZJhVS63iDrSca0vXFjFSFq1hZXU5o09XfzJXaD3mTwO1bVQMDH_cem3140JMoMqUpjb9HWWin5LpHvhqa8o456UrtrLOTqoXhSvUQ&__tn__=-UC%2CP-R>

Dave Bernstein<https://www.facebook.com/groups/1181497555327577/user/669779391/?__cft__%5b0%5d=AZUiDrPkiXVoWhdsGVxGHWROKhrKccIAMIxrHEZfObgfL3H8yu-hQBRvDNRDw3lyUlmIjHmtzGP153FcUD3i4LMjA4kWBY7nZr8blmM8cavBCv8_JvTfr7lw6eKSAjAUBzAApHgQQZJhVS63iDrSca0vXFjFSFq1hZXU5o09XfzJXaD3mTwO1bVQMDH_cem3140JMoMqUpjb9HWWin5LpHvhqa8o456UrtrLOTqoXhSvUQ&__tn__=%2CP-R>

<https://www.facebook.com/>



ARRL IT: Its far worse than they told us!

On 2024-09-19, ARRL Southeast Division Director Mickey Baker N4MB met via Zoom with the Southeast DX Club. A recording of the meeting is available here:

https://sedxc.org/sedxc/zoom/zoom_09.19.2024.mp4



Mickeys presentation (delivered without slides) begins at 11:20 .

Here are the points relevant to the System Disruption

1. Backups were destroyed; either the previous IT Directors effort to shift backups to inexpensive write-mostly storage on Amazon Web Services failed, or the ransomware perpetrators found these online backups and deleted them.

2. The new IT Director hired after the incident installed a new backup appliance, but reported it to be working without ever having tested its recovery functionality or performance.

3. Decryption keys provided by the ransomware perpetrators did not decrypt the ARRLs finance system; ARRL staff are still trying to recover the database from this system. All accounting is currently manual. This is why the 2023 Annual Report has not yet been published.

4. Recovering LoTW was accomplished by hiring John Bloom the original developer who released LoTW in 2003 with no testing and no user documentation. LoTW is running on versions of Centos (Linux) and SAP MaxDB both of which have been unsupported for more than 5 years. (Duh: guess what happens when you starve LoTW of development and maintenance resources for the past 7 years).

5. An IT Advisory Committee was created and is chaired by Kristen McIntyre, K6WX - an Apple Developer with no IT Operations experience. She advocates recreating the ARRLs IT environment from scratch. This committees first 3 meeting have made no progress.

6. Since early July, Jon Bloom has been working alone to re-implement the DXCC System in Python. The system previously ran on Windows 98 and FoxPro. FoxPro wont run on any operating system after Windows 98, and the ARRL did not retain the ability to create a Windows 98 system.

7. There is no documentation of which ARRL applications and services are running on which hardware.

8. Everything is running in 3 rooms on the second floor of ARRL Headquarters, with Servers and Storage in different rooms. Its been that way for ~20 years.

9. The ARRL is still spending ~$40K a month on recovery efforts (Finance system, DXCC system)

10. Mickey is unhappy with the approach to recovery. His offer to serve as Project Leader at no charge has not been accepted.

Bluntly, this situation is ridiculous. The complete absence of IT competence from the CEO on down is outrageous.

CEO Minsters 2021 proposal to re-implement LoTW from scratch his infamous Project X - was cancelled in 2023 as unaffordable before it ever got off the ground. Now Ms. McIntyre wants to re-implement the entire IT infrastructure from scratch? The ARRL badly needs leadership with experience in modern software engineering and iterative development.

Dont like it? Engage with your ARRL Director! Contact information is here:

http://www.arrl.org/divisions

de AA6YQ





Jim N7US



73. Bob Schenck, N2OO


Sent from my handheld Apple radio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.qth.net/pipermail/sjdxa/attachments/20240924/021446ca/attachment-0001.html>