News: 1727077574

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Did you hear the one about the help desk chap who abused privileges to prank his mate?

(2024/09/23)


Who, Me? Welcome, dear reader, to another instalment of Who, Me? in which Reg readers share tales of techie woe to remind you that your day could, in fact, be worse.

This week's hero is someone we'll Regomize as "Don" who worked the help desk at his county's largest employer some twenty or so years ago.

Like many help desks of the time, Don's employer used Microsoft SMS for remote management. Just to avoid confusion, that stood for Systems Management Server – not the Simple Messaging Service for which those initials have become much better known. In fact Microsoft changed the name of the software in 2007, to avoid the same confusion. It's gone through more changes since, and is currently known as Configuration Manager.

[1]

Anyway, history lesson aside, what you need to know is that SMS allowed help desk staff to remotely operate any computer on the network for troubleshooting purposes. Techs could watch users work, and control their PCs if need be to help fix problems. Nifty stuff.

[2]

[3]

Obviously this also had great potential for hijinks.

One fine afternoon, Don noticed his colleague – we'll call him "Phil" – working intently on something in his cubicle not far away. Sensing an opportunity for mischief, Don found Phil's name on the list of managed machines and double-clicked.

[4]

Up came a screen with an open Word document – obviously the important whatever-it-was that was commanding Phil's attention. Sneakily, Don inserted a few well-placed obscenities and smears upon Phil's character into the Word doc, then quickly disconnected and waited for hilarity to ensue.

And waited. Then waited some more.

When the hilarity stubbornly refused to ensue, Don cleared his throat.

[5]I don't know what pressing Delete will do, but it seems safe enough!

[6]Python script saw students booted off the mainframe for sending one insult too many

[7]Techie made a biblical boo-boo when trying to spread the word

[8]Bargain-hunting boss saw his bonus go up in a puff of self-inflicted smoke

"Um, Phil?"

"Yeah?"

[9]

"Haven't, um, seen anything pop up on your screen, have you?"

"No, like what?"

"Like, maybe, some unexpected words in your Word doc?" Don was straining with all his might not to burst out laughing at his clever subterfuge by this point.

"No mate, I haven't got Word open. I'm writing an email."

Hilarity ceased. Color drained from Don's face. Whose Word doc had he just defaced with defamatory and desultory remarks about Phil?

It turned out that Microsoft SMS, back in those days at least, had a habit of failing to update its entries when a PC on the network rebooted. So a user name on the directory could in fact be pointing to a completely different PC that had simply grabbed the same IP address.

Thankfully, quite a few people were away from the office at the time, so it didn't take long to figure out whose Word document had been vandalized.

The victim was, predictably, unimpressed – both at the content of the Word document and the unauthorized intrusion into his PC. It ultimately took the intervention of Don's manager to calm things down. And at least the altered document hadn't made its way to anyone else's eyes.

Don tells Who, Me? that he's now very, very, careful about making sure things are what he thinks they are before jumping in.

Microsoft obviously takes a bit of the blame for this one. Have you ever had a lapse of judgment compounded by technology that made things much worse? [10]Click here to tell us about it in an email to Who, Me? and we might share your adventure on a future Monday. ®

Get our [11]Tech Resources



[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2ZvE8R7A7mVza7KZjFwgNjwAAAoo&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZvE8R7A7mVza7KZjFwgNjwAAAoo&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZvE8R7A7mVza7KZjFwgNjwAAAoo&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44ZvE8R7A7mVza7KZjFwgNjwAAAoo&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[5] https://www.theregister.com/2024/09/16/who_me/

[6] https://www.theregister.com/2024/09/09/who_me/

[7] https://www.theregister.com/2024/09/02/who_me/

[8] https://www.theregister.com/2024/08/26/who_me/

[9] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_onprem/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33ZvE8R7A7mVza7KZjFwgNjwAAAoo&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[10] mailto:whome@theregister.com

[11] https://whitepapers.theregister.com/



Same old

elsergiovolador

Before computers (remember those times?) if a colleague left documents at the desk unattended, they could expect "funny" cactus shaped pictograms to appear seemingly out of nowhere.

Lol

Anonymous Coward

"No mate, I haven't got Word open. I'm writing an email."

That's when I started to lol. Back then, you really never could take any information from the network at face value.

Double check was needed.

"Back then, you really never could take any information from the network at face value."

Bebu

So nothing has changed? :)

Auto-Replace Shennanigans

Mos Eisley Trooper

In the early noughties we often used to have fun with a colleague (and it came both ways, we got as good as we gave ! ), for example swapping the tin of M&S curry in his lunch-time procured shopping in the communal fridge for a tin of dog food (an easy label swap), putting kippers in his briefcase, inserting "adult" magazines into the pile in his in-tray (remember those??) and so on.

Anyway, one time when working on a code specification document he left his PC unattended and (foolishly !) unlocked, so whilst he was away we had some fun in the MS Word dictionary, adding some auto-replacements. First of all was his name (whenever he typed "Gary" it auto-changed to "Gazza"), "floating point" became "flossing point"....and then there were some more risqué ones (I'll let you use your imagination). Some he spotted, some he didn't.

Luckily all documents went through in an internal review before being sent out, so that's when a lot of our fun came to light (along with sworn future vengeance and retaliation).

Re: Auto-Replace Shennanigans

Joe W

To be fair: anyone using the auto-replace functionality is begging for this... (I hate that. A lot.)

Stuart Castle

Back in the early 90s, my Uncle did tech support for a local company, and decided to play a prank. He'd read something about hacking the company PABX, and used what he'd learned to prank a friend.

He bypassed the restrctrictions on calling premium rate lines the company had put on the PABX, and attempted to transfer the call to his friend.

He got a call from his boss a few days later, asking to see him.

Apparently what had happened is that when he transferred the call, because he'd bypassed the restrictions improperly, the call had got stuck on hold in the system and did not transfer. Three weeks later, the company got a £1500 phone bill, and got the company that installed the PABX in to investigate, when the engineer found what had happened. That PABX had helpfully logged everything, including where the call started..

So, my uncle was called in, as the user of the extension that actually made the call. I don't think he had to pay the money back, but he was fired. I suspect he didn't have to pay the money back because the system really should have hung the call up when it wasn't answered after a while, and any tribunal would have pointed that out.

Personally, I wouldn't do that sort of stuff, not even as a prank, but if I did, I would have initiated the call on the user's extension. Not my own.

That said, some people are that stupid. I was called into my boss one day to explain why there were hundreds of pounds worth of international calls made by my extension. I was confused by this, as I make any personal calls on my mobile (I get free mminutes, so it's not worth me using my office extension for personal calls, and at the time, didn't have any family or friends abroad, so no reason to make personal international calls).

Wanting to sort this out, I got the swtichboard operators to send me a list of calls made by my extension. It was then I noticed something. Every single international call was made when the building was closed to staff, so I couldn't have made the calls even if I'd wanted to. Turns out one of our security guards was going into my office every night, and calling his family. He was fired.

Unobfuscated Perl (#2)

A rogue group of Perl hackers has presented a plan to add a "use
really_goddamn_strict" pragma that would enforce readability and
UNobfuscation. With this pragma in force, the Perl compiler might say:

* Warning: Write-only code detected between lines 612 and 734. While this
code is perfectly legal, you won't have any clue what it does in two
weeks. I recommend you start over.

* Warning: Code at line 1,024 is indistinguishable from line noise or the
output of /dev/random

* Warning: Have you ever properly indented a piece of code in your entire
life? Evidently not.

* Warning: I think you can come up with a more descriptive variable name than
"foo" at line 1,523.

* Warning: Programmer attempting to re-invent the wheel at line 2,231.
There's a function that does the exact same thing on CPAN -- and it
actually works.