Sunday, February 24, 2013


It's a strange feeling to be somebody's nemesis. On the one hand it's obviously awful that there is someone who holds you in contempt and would like nothing more than to see you wiped from the earth. To know that your every breath is an affront to all they believe in, that it is not enough that you be gone, but also that all memory of you be scrubbed from history. On the other hand, there is perverse pleasure to be taken in the power this gives you. One word can send them in to paroxysms of rage, their whole day can be ruined by nothing more than a reminder of your existence. It's hard not to play with this a little from time to time, hard not to pour water on the anthill just to watch them run around in panic.

At this point you might, quite fairly, be wondering what I could possibly know about nemeses. After all, it's not as though I'm some sort of international man of mystery or a classic Moriarty-eqsue arch villain (or am I?1). I am a mundane, middle class software developer from nowhere interesting, how could I possibly have a nemesis? The key part is 'software developer', so I am talking of course about database administrators, or DBAs as they are more commonly known. The DBA has a simple job: make sure the data is secure. Keep those who shouldn't be able to see it from seeing it, and don't let the integrity of the data get compromised in any way. It may be a simple job, but it is not an easy one, or so harried DBAs keep telling me. My job as a programmer is to store and access data, modifying it where necessary, massaging it into a user friendly format. To put it another way my job is to make the DBA's job more difficult.

I sympathise with them to some degree. Auditing, transaction logs, offsite backups, a whole world of processes and concepts that wouldn't exist if developers didn't want to mess around with the pristine data. Every time I need to talk to a DBA it's because I need to either see more data (clearly a privacy concern), modify data (even more clearly a data integrity concern), or sort out a way to send data to a third party (both a privacy and integrity concern). Lord above, I'll probably want to do it using some horrible denormalised data format as well. I think nothing I've ever said has made a DBA's face contort in horror quite like "we're importing it from an Excel file sent as an email attachment by [company name redacted]."2 Then again, if nobody ever wanted to view or modify the data, the entire DBA industry would be nothing more than an elaborate, high tech Rube Goldberg machine that existed solely to keep obsessive data hoarders from interacting with the rest of society. Which would be an awful thing to do them. Obviously.

The DBA's self image seems to be one of the guardian in a remote medieval fortress, tinder dry scrolls of ancient knowledge and great import stacked oh-so-carefully, indexed with a complex but elegant system. Then one night in tramps some great brute of a programmer demanding to see those scrolls, only he's not sure which one it is and he doesn't want to know about the elegant system, so he starts flicking through them at random. There is moonlight coming through the narrow windows high above but he insists on lighting his way with a flaming torch from which sparks jump ever closer to the precious artifacts. Those scrolls found to be of no immediate use are dropped on the floor only to be covered in muddy footprints by this thoughtless oaf. Eventually he grunts something about deleted flags and storms out, leaving the stunned DBA alone, enraged, and feeling violated. Hackers might be the barbarians at the gates but at least they start outside; programmers are the barbarians who got let in and given permission to do as they see fit.

It's understandable that if your job is to protect data then you would hate the people whose job it is to mess around with data. So it's all right to hate me, DBAs, but if you could just go ahead and give this user the db_datawriter role anyway, that'd be great.

1I am not
2That made me kind of sick, too, if I'm being honest


  1. Minor copy edit: in the content, your endnotes are 1, 2 but in the actual endnotes they're numbered 1, 3.


Note: Only a member of this blog may post a comment.