Feeds

BOFH: Dessert storm

Guerrilla warfare

  • alert
  • submit to reddit

Application security programs and practises

Episode 38

"Oh this is bad," the PFY says.

"Yep, this is bad," I concur, looking at the pile of rubble a floor below what used to be the floor of our 'Operations Rest and Recreation facility' - or to be more technically correct, the cleaner's room the floor below Mission Control that we had walled in by an accommodating builder when the former occupant retired.

Admittedly, the room wasn't optimal, being a floor below Mission Control and all, but another cash job got a set of stairs installed and a tape safe door installed as the entranceway...

"My magazines!" the PFY sniffs, seeing his almost complete collection of Playboys in amongst the rubble. "I...I'd just completed the 1950s - including the March '55 Issue."

"I thought you said there wasn't one," I say, tapping a bit of rubble into the hole.

"That's what they want you to think," the PFY says, tapping his nose." But how did this happen?"

"You mean how did a cleaner's room built to sustain the weight of a couple of people, a couple of vacuum cleaners, 1,000 bars of tiny soap and 200 packages of greaseproof toilet paper fail under the weight of almost all the Playboys ever printed - including several shelves of non-English editions..."

"I was going to work on them next," the PFY sniffs.

"...a large TV stolen from the boardroom, two armchairs stolen from the boardroom atrium, a bar fridge stolen from the CEO's office, and the contents of the boardroom bar?"

"I..."

"Perhaps if you hadn't piled all your to-be-sorted magazines in the centre of the room?"

"I..."

"Be that as it may, I think we have a real problem. It looks like the room's collapsed into...the visitor's toilets on the ground floor? So we're going to have to lock those and come up with something to divert company attention till we can get that mess tidied up."

"Fire Alarm?" the PFY suggests.

"I think we're going to need more than an hour..."

"What do you suggest?"

"I'm thinking of a two-pronged operation," I say, thinking cap on. "The first, Operation Just Desserts, we tell the head of IT that we think the beancounters have a bulk eraser!"

"Weren't we going to get one for them - because their old one failed - which we'd supplied them in the first place?"

"Yes, yes, but we convince the head that it poses a threat to the whole company - that they could erase data at a whim!"

"And?"

"And that we need to go into beancounter central and look for it!"

"Why do we need to go in?"

"It's all part of the plan - so we can steal their office supplies."

"Why?"

"Unbeknownst to you we're all out of printer paper and our budget is spent - so we steal theirs while diverting attention from the cave in. It's Win-Win!"

"I..."

"Hang on...I've got another idea - while we're looking for the bulk eraser, we trash all their desktops so they'll have to get us to fix them when it's all over. We can bill them for our time - and take office supplies instead of money!!! Win-Win-Win!"

"The head of IT won't back that!"

"Of course he will! No one likes the head beancounter, and half the departments in the company have run out of stationery budget. We'll get a few of them on board and they'll demand we go in to 'find the bulk eraser'."

"But what happens when we don't find a bulk eraser?"

"We have a 'mission successful' party to say we've made the company safe, then hold the head beancounter responsible for all the data he's destroyed in the past..."

"With the eraser that we sold him and showed him how to use?"

"Yes."

"And won't the beancounters get a little irate at us stealing all their office supplies, shafting their Boss and trashing their machines? Won't they want some sort of...revenge?"

"Which is where the second phase, Operation...uh...Cannon Fodder comes in."

"How about a better idea?" the PFY interrupts.

"Which is?"

"Let's see..." the PFY says thoughtfully. "How about: We nip over to the sewer inspection company that does our drains and steal the head off an underwater camera and leave it sticking out of one of the women's toilets..."

"So it looks like we've got a pervert in the building!!!" I cry.

"And when the you know what hits the fan..."

"We leap in saying all toilets should be secured until we can check them over with our...camera detector!!" I finish. "I suppose it has a sort of...elegance."

...Three hours, a loud scream from the fourth floor and some running around later...

"I find it hard to believe that someone would use something like this to...spy...on people," the head of IT says to the head of security as they look the device over in Mission Control.

"Yeah," the head of security admits. "It's very unlikely. We checked our camera logs to see if anyone was carrying one of these around, but there was nothing. It's probably someone's idea of a joke - so we'll just check the other toilets, just in case."

"No camera records at all?" the PFY asks.

"Nothing."

"So it's almost as if the camera data had been...erased?"

I REPEAT!!!OPERATION JUST DESSERTS IS A GO!!!

Eight steps to building an HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.