Feeds

BOFH: The mystery of the impenetrable data safe

Impenetrable? Yeah right

  • alert
  • submit to reddit

Application security programs and practises

Episode 33

"Check it out," the PFY says, pointing at the pair of fat blokes who are levering a large crate into the Boss's office on a heavy duty trolley. "What do you think it is?"

"I'm not sure - It's carefully packaged and very heavy so whatever it is is probably bloody expensive,” I reply.

No sooner is it in the Boss's office than the door is closed, blinds wound shut and the sounds of hammering are heard.

"Curiouser and curiouser," the PFY mumbles.

"To the Batcave!" I blurt as we both make a dash for Mission Control.

"I can't see, the Boss is in the way!" the PFY snaps once he's activated the hidden camera on the Boss' bookshelf, strategically placed where it'll never be touched (inside the spine of a volume of The VAX/VMS Architecture Planning Guide).

"Plan B," I say, as the PFY taps away furiously.

"...No, there's a fatbloke blocking...everything!" the PFY seethes as its vantage point (the spine of Improving your Management style) proves useless.

"Ok, easy," I say. "We'll catch the fat blokes as they leave and offer them some pikey cider if they spill the beans."

"Sorted!" the PFY says, preceding me out the door. "Bugger!"

"What?"

"They've gone!" he says, pointing at the Boss' office, which is now open and empty.

"Weird," I say. "I didn't know they could move the fast, unless..."

"...Someone else offered them some pikey cider to make themselves scarce!" the PFY finishes.

"Ok, well lets just strike while the iron's hot," I say, making a move for the empty office.

...

"Armourworth 3000 Intelligent Datasafe," the PFY reads off the front panel.

"Hmmm," I say. "No dial, no keypad no external cabling. It's either wireless, a timelock or has some fancy mechanism inside it which determines the opening criteria. But how 'intelligent' can it be?"

"Smarter than me," the Boss burbles, entering through the doorway.

"Yeah, I've got an intelligent paperweight like that," the PFY responds.

"Is it computerised?" the Boss asks.

"No it's a brick," the PFY replies.

Sadly, the Boss' attention span expired between the PFY's sentences so the Boss probably now thinks the PFY has computerised brick.

Sigh

"Yes, this is the Armourworth Intelligent safe!" the Boss says. "Top of the line for storing data. In fact, it's a safe within a safe. The outside safe talks to my laptop through a special webpage which talks via a special short range network which is encrypted to 512 thingies."

"512 thingies," the PFY gasps. "That sounds pretty secure!"

"It is! I had to take my laptop to the dealer to get it setup for this safe, and it would apparently take ALL the computers in the world over TEN YEARS to break into this safe."

"Well, no time to lose then!" I say, making to leave.

"Are you suggesting you could break into this safe?" the Boss asks. "They use these to store Government secrets!"

"You mean secrets like how the Weapons of Mass Destruction disappeared?"

"I... ... It's impenetrable!" the Boss states ignoring the PFY's outburst.

"You're on!" I say.

...

"So what's our plan?"

"Spend a couple of days printing safe manuals and looking frustrated till the Boss gets complacent"

...two days later...

"So, who fancies a couple of drinks after work - my shout - to celebrate the PFY's birthday?" I ask.

No sooner had the Boss heard free beers than he was up for it. I make a mental note to suggest he attends a Richard Stallman talk about GPL sometime.

...Later that night...

"Ok, so he's left his laptop at work," the PFY whispers, "but you've still got to get into it"

>tappity< >tap<

"How did you..."

"Keystroke logger," I reply. "And we open up his browser and check his favourites and...lookee, Armourworth Login”

"It'll be password protected!" the PFY says. "And the password's bound to be..."

"SAVED IN THE BROWSER!" I blurt happily, seeing the prefilled fields. "Bonus!"

>click<

>CLUNK< >CLICK< >WHIRRRRRRRRRR< >CLACK<

"You little dancer!" the PFY says opening the door. "Who'd have thought it'd be so eas.."

"Uh-oh," I say, recognising the internal safe from our recent documentation downloads. "Now THAT is a serious safe. 12 digits, with three successive failures initiating a lockout requiring a serviceperson reset."

"So we'd better get it right then." the PFY says. "What do we think, birthday, twice?"

"Bound to be. So first of April, but what year??"

"'54." the PFY says. "Same as my Dad's."

>BUZZ<

"One down," I say. "Home phone number?"

"With internationl prefix," the PFY adds.

"Of course!"

>BUZZ<

"Bugger, one try left, what could it be?"

"The factory default?" the PFY suggests.

"He wouldn't!"

..Twelve zeros later...

>CLACK< >WHIRRR<

"He would," the PFY sighs. "So what's he hiding???"

"......" I say

"What?!" the PFY says, pushing past "...."

...

"Why would you keep nothing in an expensive safe like that?" the PFY wonders out loud.

"Because he has nothing of any value," I say, opening my backpack. "Which is why I've bought along this expensive item of my own to store."

"What?" the PFY says as I pull my present out. "Is that a...salmon?"

"Oh yes," I say, slapping the fish in the safe, pulling the airtight seal off the internal door and slamming it shut.

"That's just cruel!" the PFY says.

"No," I say, tapping away at the keypad. "Cruel is entering the wrong number in three times."

"Oh."

"Cruel," I continue. "Is breaking off the wireless antenna connection."

>SLAM!< >WHIRRRR<

"Cruel," I add. "Is chucking your housekeys into the safe before I close it."

"I... Y... You BASTARD!" the PFY gasps.

"Yeah I know," I chuckle happily.

Eight steps to building an HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
The triumph of VVOL: Everyone's jumping into bed with VMware
'Bandwagon'? Yes, we're on it and so what, say big dogs
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.