Feeds

BOFH: Dessert storm

Guerrilla warfare

  • alert
  • submit to reddit

Securing Web Applications Made Simple and Scalable

Episode 38

"Oh this is bad," the PFY says.

"Yep, this is bad," I concur, looking at the pile of rubble a floor below what used to be the floor of our 'Operations Rest and Recreation facility' - or to be more technically correct, the cleaner's room the floor below Mission Control that we had walled in by an accommodating builder when the former occupant retired.

Admittedly, the room wasn't optimal, being a floor below Mission Control and all, but another cash job got a set of stairs installed and a tape safe door installed as the entranceway...

"My magazines!" the PFY sniffs, seeing his almost complete collection of Playboys in amongst the rubble. "I...I'd just completed the 1950s - including the March '55 Issue."

"I thought you said there wasn't one," I say, tapping a bit of rubble into the hole.

"That's what they want you to think," the PFY says, tapping his nose." But how did this happen?"

"You mean how did a cleaner's room built to sustain the weight of a couple of people, a couple of vacuum cleaners, 1,000 bars of tiny soap and 200 packages of greaseproof toilet paper fail under the weight of almost all the Playboys ever printed - including several shelves of non-English editions..."

"I was going to work on them next," the PFY sniffs.

"...a large TV stolen from the boardroom, two armchairs stolen from the boardroom atrium, a bar fridge stolen from the CEO's office, and the contents of the boardroom bar?"

"I..."

"Perhaps if you hadn't piled all your to-be-sorted magazines in the centre of the room?"

"I..."

"Be that as it may, I think we have a real problem. It looks like the room's collapsed into...the visitor's toilets on the ground floor? So we're going to have to lock those and come up with something to divert company attention till we can get that mess tidied up."

"Fire Alarm?" the PFY suggests.

"I think we're going to need more than an hour..."

"What do you suggest?"

"I'm thinking of a two-pronged operation," I say, thinking cap on. "The first, Operation Just Desserts, we tell the head of IT that we think the beancounters have a bulk eraser!"

"Weren't we going to get one for them - because their old one failed - which we'd supplied them in the first place?"

"Yes, yes, but we convince the head that it poses a threat to the whole company - that they could erase data at a whim!"

"And?"

"And that we need to go into beancounter central and look for it!"

"Why do we need to go in?"

"It's all part of the plan - so we can steal their office supplies."

"Why?"

"Unbeknownst to you we're all out of printer paper and our budget is spent - so we steal theirs while diverting attention from the cave in. It's Win-Win!"

"I..."

"Hang on...I've got another idea - while we're looking for the bulk eraser, we trash all their desktops so they'll have to get us to fix them when it's all over. We can bill them for our time - and take office supplies instead of money!!! Win-Win-Win!"

"The head of IT won't back that!"

"Of course he will! No one likes the head beancounter, and half the departments in the company have run out of stationery budget. We'll get a few of them on board and they'll demand we go in to 'find the bulk eraser'."

"But what happens when we don't find a bulk eraser?"

"We have a 'mission successful' party to say we've made the company safe, then hold the head beancounter responsible for all the data he's destroyed in the past..."

"With the eraser that we sold him and showed him how to use?"

"Yes."

"And won't the beancounters get a little irate at us stealing all their office supplies, shafting their Boss and trashing their machines? Won't they want some sort of...revenge?"

"Which is where the second phase, Operation...uh...Cannon Fodder comes in."

"How about a better idea?" the PFY interrupts.

"Which is?"

"Let's see..." the PFY says thoughtfully. "How about: We nip over to the sewer inspection company that does our drains and steal the head off an underwater camera and leave it sticking out of one of the women's toilets..."

"So it looks like we've got a pervert in the building!!!" I cry.

"And when the you know what hits the fan..."

"We leap in saying all toilets should be secured until we can check them over with our...camera detector!!" I finish. "I suppose it has a sort of...elegance."

...Three hours, a loud scream from the fourth floor and some running around later...

"I find it hard to believe that someone would use something like this to...spy...on people," the head of IT says to the head of security as they look the device over in Mission Control.

"Yeah," the head of security admits. "It's very unlikely. We checked our camera logs to see if anyone was carrying one of these around, but there was nothing. It's probably someone's idea of a joke - so we'll just check the other toilets, just in case."

"No camera records at all?" the PFY asks.

"Nothing."

"So it's almost as if the camera data had been...erased?"

I REPEAT!!!OPERATION JUST DESSERTS IS A GO!!!

The Essential Guide to IT Transformation

More from The Register

next story
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
FLAPE – the next BIG THING in storage
Find cold data with flash, transmit it from tape
Seagate chances ARM with NAS boxes for the SOHO crowd
There's an Atom-powered offering, too
Intel teaches Oracle how to become the latest and greatest Xeon Whisperer
E7-8895 v2 chips are best of the bunch, and with firmware-unlocked speed control
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.