Feeds

BOFH: Dessert storm

Guerrilla warfare

  • alert
  • submit to reddit

Reducing the cost and complexity of web vulnerability management

Episode 38

"Oh this is bad," the PFY says.

"Yep, this is bad," I concur, looking at the pile of rubble a floor below what used to be the floor of our 'Operations Rest and Recreation facility' - or to be more technically correct, the cleaner's room the floor below Mission Control that we had walled in by an accommodating builder when the former occupant retired.

Admittedly, the room wasn't optimal, being a floor below Mission Control and all, but another cash job got a set of stairs installed and a tape safe door installed as the entranceway...

"My magazines!" the PFY sniffs, seeing his almost complete collection of Playboys in amongst the rubble. "I...I'd just completed the 1950s - including the March '55 Issue."

"I thought you said there wasn't one," I say, tapping a bit of rubble into the hole.

"That's what they want you to think," the PFY says, tapping his nose." But how did this happen?"

"You mean how did a cleaner's room built to sustain the weight of a couple of people, a couple of vacuum cleaners, 1,000 bars of tiny soap and 200 packages of greaseproof toilet paper fail under the weight of almost all the Playboys ever printed - including several shelves of non-English editions..."

"I was going to work on them next," the PFY sniffs.

"...a large TV stolen from the boardroom, two armchairs stolen from the boardroom atrium, a bar fridge stolen from the CEO's office, and the contents of the boardroom bar?"

"I..."

"Perhaps if you hadn't piled all your to-be-sorted magazines in the centre of the room?"

"I..."

"Be that as it may, I think we have a real problem. It looks like the room's collapsed into...the visitor's toilets on the ground floor? So we're going to have to lock those and come up with something to divert company attention till we can get that mess tidied up."

"Fire Alarm?" the PFY suggests.

"I think we're going to need more than an hour..."

"What do you suggest?"

"I'm thinking of a two-pronged operation," I say, thinking cap on. "The first, Operation Just Desserts, we tell the head of IT that we think the beancounters have a bulk eraser!"

"Weren't we going to get one for them - because their old one failed - which we'd supplied them in the first place?"

"Yes, yes, but we convince the head that it poses a threat to the whole company - that they could erase data at a whim!"

"And?"

"And that we need to go into beancounter central and look for it!"

"Why do we need to go in?"

"It's all part of the plan - so we can steal their office supplies."

"Why?"

"Unbeknownst to you we're all out of printer paper and our budget is spent - so we steal theirs while diverting attention from the cave in. It's Win-Win!"

"I..."

"Hang on...I've got another idea - while we're looking for the bulk eraser, we trash all their desktops so they'll have to get us to fix them when it's all over. We can bill them for our time - and take office supplies instead of money!!! Win-Win-Win!"

"The head of IT won't back that!"

"Of course he will! No one likes the head beancounter, and half the departments in the company have run out of stationery budget. We'll get a few of them on board and they'll demand we go in to 'find the bulk eraser'."

"But what happens when we don't find a bulk eraser?"

"We have a 'mission successful' party to say we've made the company safe, then hold the head beancounter responsible for all the data he's destroyed in the past..."

"With the eraser that we sold him and showed him how to use?"

"Yes."

"And won't the beancounters get a little irate at us stealing all their office supplies, shafting their Boss and trashing their machines? Won't they want some sort of...revenge?"

"Which is where the second phase, Operation...uh...Cannon Fodder comes in."

"How about a better idea?" the PFY interrupts.

"Which is?"

"Let's see..." the PFY says thoughtfully. "How about: We nip over to the sewer inspection company that does our drains and steal the head off an underwater camera and leave it sticking out of one of the women's toilets..."

"So it looks like we've got a pervert in the building!!!" I cry.

"And when the you know what hits the fan..."

"We leap in saying all toilets should be secured until we can check them over with our...camera detector!!" I finish. "I suppose it has a sort of...elegance."

...Three hours, a loud scream from the fourth floor and some running around later...

"I find it hard to believe that someone would use something like this to...spy...on people," the head of IT says to the head of security as they look the device over in Mission Control.

"Yeah," the head of security admits. "It's very unlikely. We checked our camera logs to see if anyone was carrying one of these around, but there was nothing. It's probably someone's idea of a joke - so we'll just check the other toilets, just in case."

"No camera records at all?" the PFY asks.

"Nothing."

"So it's almost as if the camera data had been...erased?"

I REPEAT!!!OPERATION JUST DESSERTS IS A GO!!!

Choosing a cloud hosting partner with confidence

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.