Feeds

BOFH: Double whammy

No time to argue

  • alert
  • submit to reddit

Application security programs and practises

Episode 21 "It's a capacitor - uhhh, electrolytic," the PFY says, gazing into space, deep in concentration.

"What?" the Boss asks, looking vacant.

"Nah," I reply. "There was no bang, and besides it's got that siliconny edge to it."

"A Power Transistor?"

"BINGO!" I cry.

"WHAT!?" the Boss snaps.

"That smell. Something's cooked in the machine room and the smell's leaked through the aircon, so we're trying to figure out what it was."

"Can't you just look in the machine room?"

"Where's the fun in that?" the PFY asks.

"Yeah, that's no fun at all. Anyway, I'm thinking power supply," I add.

"If it's a power transistor it's almost certain to be, BUT, for the bonus point question, did it short out or open circuit?" the PFY asks.

"What does that mean?" the Boss interrupts.

"If it's shorted it will have almost certainly taken out a circuit breaker - plus all the power supplies of machines on that breaker - but if it's open circuit it'll just be the one machine."

"How can you tell that from a smell?"

"It's an educated guess thing," I reply. "For instance, older kit tended to have older technology with larger components which generally meant more current required to cook them which in combination meant more smell. Newer kit has such smaller componentry and advanced heatsinking that it often barely makes a sound when it fails - particularly if it's a short circuit failure."

"Huh?"

"If it's an open circuit failure," the PFY explains scribbling vague component diagrams on the whiteboard, "there's likely to be a small component which died meaning a small sound and a small smell, but if it's a short circuit failure there's liable to be a large bang and lots of smell."

"Hadn't you better go and check?"

"No, if there's a system outage we'd be paged and as you can see there's been no..."

*BEEP* *BEEP* *BEEP*

"..?" the boss implies.

"No, that's just a single page, if it's important there'd be..."

*BEEP* *BEEP* *BEEP*

"Now will you check?"

"In a moment, the second beep just means that it's an important server, but if it were really urg..."

*BEEP* *BEEP* *BEEP*

...Seconds later, in the computer room...

"It's alright, no need to panic!" the PFY says. "It's just the salaries payments machine."

"And why shouldn't we panic about that!?" the Boss gasps.

"Because we're contractors, we get paid through accounts receivable," I reply.

"I'm not a contractor!"

"Ah, well in that case forget what I just said," the PFY says.

"So our payroll system is down?" the Boss gasps.

"No, no."

"Oh, it's a redundant system?"

"No, the payroll system is up, it's just the machine that dials up the bank to feed the data about who gets paid what isn't."

"How long will it take to fix?"

"It depends what's wrong with it"

"You just said it was a power supply!"

"Yes, it probably is, but it's not technically our machine - it's the bank's. That being the case we're not permitted to open it. To make it worse, the machine is fitted with a tamper evident high security locking system so we can't open it even if we had discovered that the lock wasn't all that 'high' security."

"Who's got the key then?"

"Finance, possibly - but if the case is opened the High Security BIOS in the machine will lock it from powering on until someone from the bank enters a special enabling number."

"Why?"

"I believe the thinking was that if the box was made super secure then no-one would be able to insert...uh.. extra payments...into the data that was sent to the bank."

"Yes, that probably makes sense," the Boss nods.

"Yeah, you're right," the PFY says sarcastically. "It would be so much more difficult to insert a couple of extra rows into our salaries database just before the data transfer to the payments machine then, delete them immediately after..."

"Or inserting a second machine - like that laptop over there - into the serial line between the salaries database and salaries payments machines and just add a couple of payments to the data stream..." I add.

"I'll...uh... call finance," the Boss mumbles.

...Later that day..

"A dud capacitor," the engineer says pointing into the power supply.

"Really?" the PFY says smugly. "Not something siliconny?"

"Point taken," I admit dryly. "So how long will it take to fix?"

"Hmmmmm" the engineer sighs, in the manner that only engineers and mechanics can manage. "...Tricky."

"How tricky?" the Boss asks.

"Dunno, when do you need it by?" the engineer asks shrewdly.

"As soon as possible," the Boss says, making the proverbial land-war-in-Asia classic blunder.

"Weeellllll, it'd probably be costly," he says, thinking pound signs.

"What if we have a replacement power supply?" the PFY suggests.

"You'd void the warranty," the engineer warns, countering the PFY's counteroffer.

"Not if an engineer were paid...CASH...to install it," the PFY observes.

...ten seconds later..

"So it's agreed, I'll give you a power supply and you get 50 quid to install it."

"And everyone's pay will go through," the Boss says happily. "I'll just go and sort out the 50 quid."

"A...hundred quid" the PFY says.

"Huh?"

"Fifty quid for installation, and 50 quid for the supply."

"They're our power supplies!"

"No, they're power supplies I rescued before the kit went into the bin!"

"I...guess I don't have time to argue," the Boss blurts, folding at the thought of missing an automatic mortgage payment.

...five minutes later...

"..and here's YOUR 50 quid"

"Thanks," the PFY says graciously. "Fire her up."

"Sure thing," the engineer says, flicking the switch.

>Click< >CRACK!<

"Now THAT was a power transistor!" I snap.

"Sure sounded like one," the engineer says. "So what do we do now?"

"Get a replacement power supply from your office before five!" the Boss gasps.

"Get there and back in an hour and install it? You've got to be joking"

"I may have another spare power supply..." the PFY suggests. "...But this one's a little more expensive."

"And there's probably going to be an additional power supply reinstallation charge..." the engineer hints.

Something tells me that's the start of a beautiful friendship... ®

Eight steps to building an HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.