Devs sent into security panic by 'feature that was helpful … until it wasn't'
Screenshot showed it wasn't a possible attack – unless you qualify everything Google does as a threat
On Call Velkomin, Vælkomin, Hoş geldin, and welcome to Friday, and therefore to another edition of On Call – The Register's end-of-week celebration of the tech support tasks you managed to tackle without too much trauma.
This week, meet a reader we'll Regomize as "Mac" who worked for a software developer that targets non-English-speaking European markets with a SaaSy business management suite that it delivered in several non-English languages – perhaps even the Icelandic, Faroese, and Turkish in which we opened this week's article.
One unremarkable Wednesday morning, Mac's world was rocked when a user filed a trouble ticket to report that the app was now displaying English, a language that was not an option for this software.
A screenshot of the app was sought, delivered, and examined. It showed mangled translations of buttons and dialogs.
Mac and his colleagues were immediately suspicious that someone might be up to no good.
"Our engineering team checked the logs and deployment history, wondering if someone had managed to kidnap our app and add an English translation of it," he told On Call.
- Tech support warrior left cosplay battle and Trekked to the office
- After a long lunch, user thought a cursor meant their computer was cactus
- Techie fluked a fix and found himself the abusive boss's best friend
- To patch this server, we need to get someone drunk
A thorough examination was therefore required, during which one of Mac's crew spotted something in the screenshot: an automatic translation feature enabled in the user's browser.
"The customer had accidentally triggered Chrome's helpful 'Translate to English' function, which had converted the entire page," Mac explained.
The fix was easy – telling the customer how to disable translation – but several developers at Mac's company also spent a fair bit of time double-checking deployment settings – just in case they'd made the problem possible.
Once they figured out the user was to blame, they filed the incident under "features that are helpful until they aren't" and sighed with relief that they'd not experienced an attack.
Has a feature that was useful until it wasn't caused you support problems? If so, click here to send On Call an email and we'll try to make you welcome in a future installment of the column. ®