Feeds

BOFH: Double whammy

No time to argue

  • alert
  • submit to reddit

3 Big data security analytics techniques

Episode 21 "It's a capacitor - uhhh, electrolytic," the PFY says, gazing into space, deep in concentration.

"What?" the Boss asks, looking vacant.

"Nah," I reply. "There was no bang, and besides it's got that siliconny edge to it."

"A Power Transistor?"

"BINGO!" I cry.

"WHAT!?" the Boss snaps.

"That smell. Something's cooked in the machine room and the smell's leaked through the aircon, so we're trying to figure out what it was."

"Can't you just look in the machine room?"

"Where's the fun in that?" the PFY asks.

"Yeah, that's no fun at all. Anyway, I'm thinking power supply," I add.

"If it's a power transistor it's almost certain to be, BUT, for the bonus point question, did it short out or open circuit?" the PFY asks.

"What does that mean?" the Boss interrupts.

"If it's shorted it will have almost certainly taken out a circuit breaker - plus all the power supplies of machines on that breaker - but if it's open circuit it'll just be the one machine."

"How can you tell that from a smell?"

"It's an educated guess thing," I reply. "For instance, older kit tended to have older technology with larger components which generally meant more current required to cook them which in combination meant more smell. Newer kit has such smaller componentry and advanced heatsinking that it often barely makes a sound when it fails - particularly if it's a short circuit failure."

"Huh?"

"If it's an open circuit failure," the PFY explains scribbling vague component diagrams on the whiteboard, "there's likely to be a small component which died meaning a small sound and a small smell, but if it's a short circuit failure there's liable to be a large bang and lots of smell."

"Hadn't you better go and check?"

"No, if there's a system outage we'd be paged and as you can see there's been no..."

*BEEP* *BEEP* *BEEP*

"..?" the boss implies.

"No, that's just a single page, if it's important there'd be..."

*BEEP* *BEEP* *BEEP*

"Now will you check?"

"In a moment, the second beep just means that it's an important server, but if it were really urg..."

*BEEP* *BEEP* *BEEP*

...Seconds later, in the computer room...

"It's alright, no need to panic!" the PFY says. "It's just the salaries payments machine."

"And why shouldn't we panic about that!?" the Boss gasps.

"Because we're contractors, we get paid through accounts receivable," I reply.

"I'm not a contractor!"

"Ah, well in that case forget what I just said," the PFY says.

"So our payroll system is down?" the Boss gasps.

"No, no."

"Oh, it's a redundant system?"

"No, the payroll system is up, it's just the machine that dials up the bank to feed the data about who gets paid what isn't."

"How long will it take to fix?"

"It depends what's wrong with it"

"You just said it was a power supply!"

"Yes, it probably is, but it's not technically our machine - it's the bank's. That being the case we're not permitted to open it. To make it worse, the machine is fitted with a tamper evident high security locking system so we can't open it even if we had discovered that the lock wasn't all that 'high' security."

"Who's got the key then?"

"Finance, possibly - but if the case is opened the High Security BIOS in the machine will lock it from powering on until someone from the bank enters a special enabling number."

"Why?"

"I believe the thinking was that if the box was made super secure then no-one would be able to insert...uh.. extra payments...into the data that was sent to the bank."

"Yes, that probably makes sense," the Boss nods.

"Yeah, you're right," the PFY says sarcastically. "It would be so much more difficult to insert a couple of extra rows into our salaries database just before the data transfer to the payments machine then, delete them immediately after..."

"Or inserting a second machine - like that laptop over there - into the serial line between the salaries database and salaries payments machines and just add a couple of payments to the data stream..." I add.

"I'll...uh... call finance," the Boss mumbles.

...Later that day..

"A dud capacitor," the engineer says pointing into the power supply.

"Really?" the PFY says smugly. "Not something siliconny?"

"Point taken," I admit dryly. "So how long will it take to fix?"

"Hmmmmm" the engineer sighs, in the manner that only engineers and mechanics can manage. "...Tricky."

"How tricky?" the Boss asks.

"Dunno, when do you need it by?" the engineer asks shrewdly.

"As soon as possible," the Boss says, making the proverbial land-war-in-Asia classic blunder.

"Weeellllll, it'd probably be costly," he says, thinking pound signs.

"What if we have a replacement power supply?" the PFY suggests.

"You'd void the warranty," the engineer warns, countering the PFY's counteroffer.

"Not if an engineer were paid...CASH...to install it," the PFY observes.

...ten seconds later..

"So it's agreed, I'll give you a power supply and you get 50 quid to install it."

"And everyone's pay will go through," the Boss says happily. "I'll just go and sort out the 50 quid."

"A...hundred quid" the PFY says.

"Huh?"

"Fifty quid for installation, and 50 quid for the supply."

"They're our power supplies!"

"No, they're power supplies I rescued before the kit went into the bin!"

"I...guess I don't have time to argue," the Boss blurts, folding at the thought of missing an automatic mortgage payment.

...five minutes later...

"..and here's YOUR 50 quid"

"Thanks," the PFY says graciously. "Fire her up."

"Sure thing," the engineer says, flicking the switch.

>Click< >CRACK!<

"Now THAT was a power transistor!" I snap.

"Sure sounded like one," the engineer says. "So what do we do now?"

"Get a replacement power supply from your office before five!" the Boss gasps.

"Get there and back in an hour and install it? You've got to be joking"

"I may have another spare power supply..." the PFY suggests. "...But this one's a little more expensive."

"And there's probably going to be an additional power supply reinstallation charge..." the engineer hints.

Something tells me that's the start of a beautiful friendship... ®

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Bored with trading oil and gold? Why not flog some CLOUD servers?
Chicago Mercantile Exchange plans cloud spot exchange
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
IT bods: How long does it take YOU to train up on new tech?
I'll leave my arrays to do the hard work, if you don't mind
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
Cisco reps flog Whiptail's Invicta arrays against EMC and Pure
Storage reseller report reveals who's selling what
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.