←back to thread

The Space Shuttle Columbia disaster and the over-reliance on PowerPoint (2019)

(mcdreeamiemusings.com)
210 points scapecast | 3 comments | 28 Aug 25 21:44 UTC | HN request time: 0s | source
Show context
mintplant ◴[29 Aug 25 00:44 UTC] No.45058689[source]
My dad headed up the redesign effort on the Lockheed Martin side to remove the foam PAL ramps (where the chunk of foam that broke off and hit the orbiter came from) from the external tank, as part of return-to-flight after the Columbia disaster. At the time he was the last one left at the company from when they had previously investigated removing those ramps from the design. He told me how he went from basically working on this project off in a corner on his own, to suddenly having millions of dollars in funding and flying all over for wind tunnel tests when it became clear to NASA that return-to-flight couldn't happen without removing the ramps.

I don't think his name has ever come up in all the histories of this—some Lockheed policy about not letting their employees be publicly credited in papers—but he's got an array of internal awards from this time around his desk at home (he's now retired). I've always been proud of him for this.

replies(3): >>45059756 #>>45061022 #>>45061361 #
dclowd9901 ◴[29 Aug 25 06:54 UTC] No.45061022[source]
It's funny how the thankless jobs of quality assurance become so critical so quickly. And I mean that ironically of course.

To folks out there: do the important work, not the glamorous work, and you'll not only sleep well, but you might actually matter as well.

replies(3): >>45061762 #>>45065189 #>>45073866 #
jacquesm ◴[29 Aug 25 08:52 UTC] No.45061762[source]
Yes, but first it has to go horribly wrong. Same for security. After the breach there is plenty of budget.
replies(3): >>45062020 #>>45062830 #>>45064807 #
arethuza ◴[29 Aug 25 09:35 UTC] No.45062020[source]
Many years ago I had a fascination with security and fancied becoming the CISO for the multinational I was working for at the time - my boss at the time, the CIO, said the role would really have no power and would be there as a sacrificial lamb should there actually be a serious security breach. This rather put me off the idea.
replies(5): >>45062058 #>>45063338 #>>45064706 #>>45064851 #>>45076243 #
GiorgioG ◴[29 Aug 25 12:41 UTC] No.45063338{3}[source]
On the flip side, some companies have gone to extremes. I now have to MFA and provide a pin-code to authenticate. I have to do this several times a day. It's fucking mind-boggling how I can get anything done in a day when I spend so much time verifying who I am. I'm waiting for the next innovation...require a drop of my blood to log in.
replies(1): >>45064020 #
1. jacquesm ◴[29 Aug 25 13:41 UTC] No.45064020{4}[source]
Why is that extreme? I have to provide a pin code using MFA to my bank to authenticate, and their sessions are a lot shorter than your average developer or operator session.

And their actions impact far more than just my own account. Is it inconvenient? Yes. Does it work? Yes. Is it perfect? No, absolutely not but it is a useful layer in the cake.

replies(2): >>45064384 #>>45064554 #
2. ◴[29 Aug 25 14:11 UTC] No.45064384[source]
3. michaelt ◴[29 Aug 25 14:24 UTC] No.45064554[source]
Requiring a user to MFA once per day per device is normal for a work account - but that's already a lot compared to services like gmail.

After all, workers are mostly working in an access-controlled office or their private home; and your endpoint protection will be ensuring they're connecting from a company-issued laptop and that they have screen lock on a timer and a strong password.

I'm already validating something-they-know (FDE password) and something-they-know (OS password) and something-they-know (SSO system password) and something-they-have (company laptop). And once a day I'm validating another something-they-have (TOTP code/Yubikey).

Asking people to provide the second something-they-have several times a day seems like security theatre to me.