Heartily recommend that pranks book.
Of course there were no lab representatives waiting at the appointed time, so lots of people just dumped their cats (or perhaps they were feral cats that they rounded up?) at the train station. The neighborhood was infested with them for some time after that.
Unusually for gramps, he actually proved that this particular story was true. He actually had a newspaper clipping that told the story.
Ya its free but also burns quick and doesn't put out enough heat.
As a taxi service, I believe I would want to know if I'm about to have a shortage of taxis in any one area of town, and I'd better only have a concentration in one area of town for an event the entire world is talking about, like a reunion tour or a championship game.
Even with the hack, the moment all of the taxis started converging on one area of town, alarms should have been going off and managers should have been asking questions. But that's not what happened, because we say yes the moment money enters the conversation, without bothering to ask what it says about you as a person if you'll do anything for money, or for that matter if the money is even real or just a trick to get our attention.
This is the first time this has happened and the total cost of it is at most a few hours revenue. They’ll likely add safeguards to prevent such a thing now, but if they ran the company preparing for every possible way things could go wrong, they’d get absolutely nothing done.
All your customers thinking your app isn't secure any more isn't "low pain".
Not that unusual at all when you are talking about 10s of 1000s of lines of code written by different people over the span of about 8 years.
It also happens to have the side benefit that an operator watching the flagged zones would be able to see this kind of an issue happening in advance and maybe check into why every cab is suddenly bee-lining it to zone 3.
Nowadays it's all automatic, there are no predefined zones - only past statistics and about zero operators.
edit: srsly, that's what Uber is all about. and YTaxi is one of Moscow Ubers.
A real taxi firm would notice and stop taking new calls to the address, but Yandex.Taxi aren't really 'dispatching' taxis, they're just advertising jobs, and letting drivers respond in real time.
In fact, I'd imagine that almost none of the orders placed are reviewed in realtime, and the only indicator that anyone would have had for this to begin with would have been a higher than average number on the dashboard for 'trips requested today' - an interesting metric, but not something that I would expect to be monitored closely in real time.
I'd imagine there's a 'no show' procedure that doesn't involve human oversight, so the first couple of drivers likely arrived at the address, waited a few minutes, then coded in the no show and moved on to different jobs.
This is also likely a metric on a dashboard which would have been the second indicator - booking cancellations/no-shows/driver rejections. But again, it's an analytics metric, rather than realtime actionable business intelligence, so it's the sort of thing that gets put into weekly reports. Maybe someone would have seen it and thought 'huh, that's a bit high', but probably didn't trigger any alarms.
Eventually a curious taxi driver would start to question why there are so many taxis outside this address, and would get out of his car and chat to his colleagues. They'd identify that they'd all been asked to the same address, and probably all cancel together and drive off.
MAYBE the third indicator here would be a call from one of the drivers to customer support, letting them know about the 'system glitch' that meant multiple taxis were waiting at the same address, but it's equally possible that the drivers just moved onto their next fare without reporting any issue.
So potentially, the first time that anyone at YT realised there was a serious issue was already 10-15 minutes after the incident occurred, by which time, it's already late. On top of that, it's unlikely that they have a way to easily and effectively cancel all bookings to a particular address.
I don't have any details on the hack itself or YT's infrastructure, so it may have been very difficult to identify and cancel the fraudulent bookings en masse (e.g.: fuzzed addresses, booking times, different users, card details not stored or different card numbers used, etc.).
By the time it got escalated to any technical teams, we're already likely 30-40 minutes into the incident itself, at which point they have to analyse what is happening, trace how it happened, and identify a fix.
With the immediate nature of taxi booking (I want a taxi NOW, not in 45 minutes), it doesn't surprise me that an incident like this can occur before any technical measures can be put in place to stop or mitigate it.
No one wants this single pair of instances in a Tier 4 datacenter that host a single key-pair authenticated process with dual manual approval and an air-gap that dispatches one taxi (and precisely one taxi) every 30 days on a route where it can be guaranteed to hit its time prediction.
Any fool can build a bridge that stands. It takes an engineer to build a bridge that barely stands.
Faster faster faster always wins because that’s what the management wants to hear. As long as their options best before the consequences stack up, they have no - and accept no - responsibility for the longevity of the company.
If you haven’t worked with any defectors than you’ve managed better than many of us, or you’re very lucky.
Yandex has thousands of cars here in Moscow. There were around 60 in this jam on the prospect.
So most likely not "ordered all avaiable", but "the order was forwareded for all available in the radius" or something like that.
Surely you can't order a car in Yadex Taxi much less order all of them or even a car from another part of the city.
https://www.reddit.com/r/Damnthatsinteresting/comments/x3neh...
Without knowledge of Russian or context this could just be taxis on some sort of protest rally.
individual drivers or individual taxi firms in a market due to their decentralization are much more robust to any kind of individual failure.
People often ask "is the car smarter than the driver?" but the correct question would be if the car, or system is more diverse than the aggregate knowledge of all the participants.
Making cars (human or machine driven) depend on a centralized service basically takes away that advantage.
* assuming you have enough fuel/battery
Revoking accesses it hard.
https://www.thedrive.com/news/a-swarm-of-self-driving-cruise...
jammr.com: It's like Uber for Traffic Jams!
1) Rickshaw or cargo bike with a narrow pull along trailer to let me use the bathroom 2) Similar setup with food and drink 3) Similar setup with a few gallons of gas if I've gotten a bit too close to empty 4) More expensive (XL?) version of the service where I am getting delivery from a helicopter (since drones flying over congested traffic is not an FAA approved delivery method)
You might not be able to make this a daily thing, but when things get bad I suspect the margins might be unreal.
doodoober.com is available!
shyt.com is taken though.
One night Modest Mouse played downtown Phoenix and went past the time light rail stopped running on weeknights. Same thing happened, basically everyone who took the train called for a cab. Once I realized what was happening I just grabbed the first group who flagged me down and got the hell’s out of there.
What I especially like about the video is it is completely obvious something isn’t right and they’re all still trying to get to the pickup point.
https://www.bloomberg.com/news/articles/2022-02-28/uber-to-a...
My prediction: Ransomware hits self-driving cars.
You're locked in the car until you Venmo the bad guys some credits.
To encourage compliance, the stereo starts playing the sound of running water.
> In July 2015, IT security researchers announced a severe security flaw assumed to affect every Chrysler vehicle with Uconnect produced from late 2013 to early 2015.[120] It allows hackers to gain access to the car over the Internet, and in the case of a Jeep Cherokee was demonstrated to enable an attacker to take control not just of the radio, A/C, and windshield wipers, but also of the car's steering, brakes and transmission.[120] Chrysler published a patch that car owners can download and install via a USB stick, or have a car dealer install for them.[120]
The worst part is they were never really transparent about what the issue was.
You can also search for #YandexTaxi : https://nitter.42l.fr/search?q=%23YandexTaxi
