Feeds

BOFH 1: TWAT O

The Pedant's Guide to Computing Knowledge

  • alert
  • submit to reddit

Application security programs and practises

Episode 8

BOFH 2000: Episode 8

And what is this supposed to achieve?" the PFY asks, dubiously looking over a project proposal the boss has handed out with no small amount of gusto and enthusiasm.

"The plan is to lighten the administrative load on us and the new Helldesk types by training up the most proficient computer user in each area to act as a first-line-of-defence type, who can eliminate all the simple day-to-day problems that plague us so much."

"You think it'll work?"

"About as likely as an unplagiarised Look-and-Feel interface."

"So you don't think the candidates are the full quid?"

"48p at best."

"Well I spo.."

"They couldn't retain WATER without studying first.."

"Yes, but..."

"They think firewalls are used in chimneys!"

"Yes, and you'l..."

"That only Jenny Craig makes thin clients..."

"U.."

"The only hardware they've ever handled's in the bedroom - and even that was bug-ridden. They think that Linux is a character from Charlie Brown.. BZZERT

The PFY, spotting a potential re-entrant mental loop, resets me with the help of his trusty cattle-prod connectivity tester. (Which he'll regret later)

"So, what'll we teach them?" he asks thoughtfully..

"The very basics - how to put the lid back on a PC, get the CAPS LOCK key off, where the Power switch is, what a network cable looks like - that sort of thing."

"I see," he says, looking as doubtful as I feel.

. . .

"Now can anyone tell me the most important thing about computing safety?" I ask, looking around the audience to see if any of the assembled people has any answers. And of course WHENEVER you have one of these sessions there's always some complete TWAT (pardon my Russian) in the audience who was programming an Apple ][E in his nappies who has a thousand and one pointless, irrelevant and meandering stories to tell you about the foibles of the 6502 instruction set. And when he's not doing that, he's correcting your monologue with snippets from the 'Pedant's Guide to Computing Knowledge'."

Ok, so I'm just slightly bitter.

"Bound to be the power supply!" today's installation of TWAT informs us. "Lots of voltage in a switched mode power supply, stacked up in a electrolytic capacitor and able to be discharged up to an hour after a device is unplugged from the wall."

See what I mean?

"No!" I cry, "But we'll come back to that later. For now, we'll talk about the SECOND most important thing about computing safety, which is to secure your machine from unwanted accesses. Remember, a secure machine is a safe machine! Now how would we choose a good password?"

"A pseudo random string of alphanumerics and symbols with mixed case," TWAT blurts, before anyone's had a chance to take in the question.

Because of the technical nature of the response, a couple of the onlookers are fooled into nodding their head in agreement.

"NO!" I cry enthusiastically, adding a hint of conspiracy into the pot. "That's just what they'd be expecting you to do!"

"What who'd be expec..?" my Royal pain asks.

"Industrial Spies!" I comment, lowering my voice "Believe it or not, industrial espionage exists - even at our paltry level of commerce. Sometimes it's just information they want - sometimes they want to disrupt our processes!

Why just last week three people in accounting came to work to find their hard disks completely erased and all the DIMM chips removed from their machines!"

A gasp of horror flows around the room, even though 98% of them wouldn't know a DIMM if they found one in their coffee.

"But they'd have to get in the building to steal DIMMs, so your password wouldn't matter," TWAT comments "They could take your harddrive away and just examine the contents. With the new magnetic aura detection they could read the files that you'd previously erased, even if you used an aggressive overwriting packa.."

RIGHT! I've had enough!

"You're right, of course," I cry, pandering to the whole self-worth experiment underway in front of me, "which is why I've asked for a massive increase in the security budget! Anyway, that's enough about security, now onto hardware. Memory Errors! Can anyone tell me the recommended way to reseat the DIMMs in this box here?"

No prizes for guessing who's up, complete with wrist strap (which he brought with him - sadder still) before I can finish the sentence.

"Well on this one you turn the power off at that wall >CLICK< then flip the key to the unlock position like so >SNICK< push the two buttons at the back like this >CLICK< then lift the cover up and towards you, and Bob's your second cousin."

"Right, and now the reseating?"

"Simple, these are the DIMMs here, and you reseat them by taking them out like so >>ZZZZZZZzzzzzzzzzzzz...<<

"Now what has he done wrong here?" I ask the fireworks spectators.

>>ZzzzzzZZzZZZZZZZZZZZZZZZZ<

"That's right, he's forgotten to check for a UPS unit in this cardboard box marked 'Printer Paper'!"

>>ZZZZZZZZZZZZZZZZZZZZZeeeeeeerrrrrrrrrrrrrr... <<

"And he failed to notice that someone's dropped an unfolded paper clip into the machine which has, by a one-in-a-million chance got connected between the Phase line in the power supply and the DIMM chip!"

. . .

Of course I switch the UPS off, eventually... ..and he's still bloody going!!

"I can't believe that UPS unit isn't isolated from ground!" he gasps "It must be faulty - someone should fill out a >>ZZZZZZZZZZEEERRRRT!<<

"Woopsy," I cry, as my little helper plops to the ground in a daze. "Now, can anyone tell me the most important thing about Computing Safety?" I ask.

"Not to piss you off?" someone murmurs from the back.

And who says you can't teach people things? ®

BOFH is owned by Simon Travaglia: don't mess with his copyright

Eight steps to building an HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
The triumph of VVOL: Everyone's jumping into bed with VMware
'Bandwagon'? Yes, we're on it and so what, say big dogs
Carbon tax repeal won't see data centre operators cut prices
Rackspace says electricity isn't a major cost, Equinix promises 'no levy'
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.