News
Welcome to the News community!
Rules:
1. Be civil
Attack the argument, not the person. No racism/sexism/bigotry. Good faith argumentation only. This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban.
2. All posts should contain a source (url) that is as reliable and unbiased as possible and must only contain one link.
Obvious right or left wing sources will be removed at the mods discretion. We have an actively updated blocklist, which you can see here: https://lemmy.world/post/2246130 if you feel like any website is missing, contact the mods. Supporting links can be added in comments or posted seperately but not to the post body.
3. No bots, spam or self-promotion.
Only approved bots, which follow the guidelines for bots set by the instance, are allowed.
4. Post titles should be the same as the article used as source.
Posts which titles don’t match the source won’t be removed, but the autoMod will notify you, and if your title misrepresents the original article, the post will be deleted. If the site changed their headline, the bot might still contact you, just ignore it, we won’t delete your post.
5. Only recent news is allowed.
Posts must be news from the most recent 30 days.
6. All posts must be news articles.
No opinion pieces, Listicles, editorials or celebrity gossip is allowed. All posts will be judged on a case-by-case basis.
7. No duplicate posts.
If a source you used was already posted by someone else, the autoMod will leave a message. Please remove your post if the autoMod is correct. If the post that matches your post is very old, we refer you to rule 5.
8. Misinformation is prohibited.
Misinformation / propaganda is strictly prohibited. Any comment or post containing or linking to misinformation will be removed. If you feel that your post has been removed in error, credible sources must be provided.
9. No link shorteners.
The auto mod will contact you if a link shortener is detected, please delete your post if they are right.
10. Don't copy entire article in your post body
For copyright reasons, you are not allowed to copy an entire article into your post body. This is an instance wide rule, that is strictly enforced in this community.
view the rest of the comments
Maybe I'm being silly because I'm not in IT, but it would seem to me that one of the ways to avoid this sort of thing happening would be a diverse array of software to choose from rather than everyone using the same one. I don't think compatibility should be an issue any more than it is for OpenOffice to be able to open Microsoft Word files. We're not generally talking about complex interactions here, are we? It's usually database info that can't be access, isn't it? But I don't hear about diversification as a solution.
Please do explain to me what I'm missing because I feel like I'm missing something.
Ah we cross paths again..
Nope the bosses want us to use one of the largest platforms because those are the best supported… usually
Also security; in many places, IT is a cost rather than being seen as an investment… car dealers want a nice building because that attracts people— fsck IT, it doesn’t attract people to buy cars…
All major car franchises have their own systems. I've been away from car dealerships for a while now but they all use similar systems and for the most part the cheapest service is always the choice. The dealerships all have differing but competent standards when dealing connections to the cooperate head quarters but everything else is a crap shoot of poorly considered decisions driven by cost and only cost. Not that the hole that the crooks used were probably through the a dealership but its possible since I know how obtuse certain groups are at dealerships.
There are a lot of industries that have niche software needs. It's hard for a competitor to break in because the market is only so big and it's better to have something standard and time tested.
Interoperability is often limited to a one-time database migration, and often requires a specialist to do a lot of the transfer manually.
I don't know if that's the case with this software because it's not my industry, but I've dealt with similar issues. You'd be surprised how much of the world still runs on AS/400
I was about to comment similarly.
This is why I always advocate against cloud and "always connected" services for critical line-of-business software (and software for personal use, but that's a slightly different but also similar argument).
I'm unclear if CDK is a cloud service that's offline for customers, but it sure sounds like it. The other possibility is a supply-chain attack which affected local installs, such as what happened with SolarWinds a few years ago, but with that many dealerships being simultaneously affected by CDK shutting down their systems, it seems more like the former.
In an ideal world, that would be the case. But as is often the case with niche business software, there's usually only a few players (if that many), and any newcomers are either bought out or can't compete.
Isn't that monopolistic though? I realize this is a pipe dream, but wouldn't it be theoretically possible to use the law to stop that?
I don't know much about the market for car dealership software, but I work for a non-profit that deals with environmental remediation. Finding LOB software that meets our needs is an absolute nightmare because it's so niche. What we can find is either crazy expensive, doesn't do what we need it to do, is from some terrible fly-by-night vendor, or some combination of those. So when you do find something that mostly meets your needs, you pretty much have to take what you can get.
The government can incentivize or contract out companies to write software, but AFAIK, they can't compel any company to do so. IANAL, but I would also assume they'd need to stop approving any M&As that may be contributing to market consolidation
You basically nailed it with "pipe dream".
I guess the only other option would be for the companies to write the software themselves, which they don't have the time or the money to hire people to do, I'm sure.
Right.
In reality, we'd end up with about a million Access "databases" (or Excel files) getting emailed around, lost, stolen, corrupted, etc (ask me how I know that lol).
It's the same problem with every other monopoly. Everyone wants it, both shareholders and customers. It's objectively more efficient to standardize on the same equipment or software, train workers on it. It's better for workers too since their skills are transferrable. It's only bad when the negatives show up, such as price gouging by the shareholders, or them cutting corners in quality or security. But my point is that not going with a single vendor isn't free on all sides of the equation, it requires work, which is why on average we tend to prefer monopolies even as consumers.
To put it bluntly, I really don't want to have to think about grocers profit margins and prices after having worked 9 hours. I just want to get fucking eggs and bread from the store nearby. I don't want to drive or bus ride to another one. It won't happen. And that's why it doesn't. The assumptions about the individual (constantly shopping around for the best price) in the mainstream microeconomic theory are just wrong. This translates into small businesses (not only) shopping for their dealer sales software system.
You make a lot of good points. I wasn't really thinking about it from an economic perspective, just a security perspective.
Security doesn't make money. They will have lost sales due to this event, but not nearly as much as they saved by skimping on security.
And they haven't actually lost that many sales, either. If you're going to buy a car, you're going to buy a car. If the place is closed, you're going to come back later. Few people are going to go to a competitor if they've already made their choice of brand. And even fewer are going to decide not to buy a car at all over this event.