Feeds

BOFH: Axe handles - occasionally quite slippery

Just a sleeper bot programmed to murder us all

  • alert
  • submit to reddit

3 Big data security analytics techniques

Episode 11

12:34:56am. Company Stores

Wakeup trigger. . .

9 ... 8 ... 7 ... 6 ... 5 ... 4 ... 3 ... SELFTEST: OK 2 ... 1

Peripheral test ... USB Boot Media ... OK Panel ... OK Cameras ... Std:OK,Infra:OK,UV:OK 3D Directional Mic OK Hi Speed Steppers 1:OK,2:OK,3:OK,4:OK SERVOS 1:OK,2:OK,3:OK,4:OK Battery OK, level 67% Servo Saw OK booting ...

no ntp update > 180 days!

Wireless Strategic Update ..... timeout. Update Server unavailable, assuming M.A.D.

>RRRRREEEEEeeeeeeeooooooooorrrrrrrrrr!< >crunch!<

>RRRRRrrreeeeooorrrrrrr< >clatter!<

>boop<

>PING!<

. . .

"So we're dealing with a break-in," the Boss says.

"A break-OUT, I think you'll find," the PFY says.

"No, a break-in. Someone's sneaked onto our floor, waited till it was dark and then cut their way down to Stores to steal something!"

At this point the Boss looks at the PFY and me as if willing one of us to break down in a tearful confession.

"To steal something that shouldn't have been here in the first place," I say, fingering the "Addressee Unknown – To be collected" label on a large crate with a hole cut out of the side of it. "How long's this crate been here?"

"Uhhhhh, that one, about eight months or so," Steve from Stores says. "We rung someone to come and collect it, but they must have forgotten. I tried again a couple of months later but the number was disconnected."

"Take a quick gander inside the box will you?" I ask, motioning the PFY over.

"Sawdust and woodchip?" the Boss says.

"Correct. And more dust inside the box than out – implying that whatever was IN the box has cut its way OUT."

"That's ridiculous! No one could survive for eight months in a tiny crate!"

"Yes, you'll notice I used the word someTHING, not someONE."

"Uh-oh," The PFY says, quietly reaching for Steve's unpacking hammer.

"Uh-oh, what?" Steve and the Boss blurt in unison.

"Aaaaaah-Nothing," the PFY says. "I think I left the iron on at home. But you're right, it must have been a break-in ..."

"How bad is it do you think?" the PFY asks as we ride the lift back to Mission Control.

"It depends. If it's just a sleeper bot programmed to murder us all in our sleep in the office, it's bad. If it's a sleeper bot with complete updates of our previous defence strategies programmed to murder us all in our sleep in the office, then it's a little bit worse. But at least we know one thing ..."

>PING<

"What's that then?"

"It's already in the office," I say, pointing at the large hole in our wall, "and hasn't attacked yet."

"So it's waiting for something?"

"Or someone. After you ..."

Six hours later ...

"It's the waiting that gets to you," the PFY says, with that hunted look problem-users often get when the lift stops working.

"I know," I concur. "I've looked everywhere and haven't seen a thing. It must have let itself out."

... Two days later ...

"Still nothing?" the PFY asks.

"No."

"What do you think it's waiting for?"

Suspicious stain on the seat discourages occupancy

"The trigger? Who knows. We know it can hear and see, but I suspect it's a combination of voice recognition and a timer. So it'll activate on our voices after it thinks we've been lulled into a false sense of security ..."

"Yes, but where is it???"

"I'm beginning to think it's in disguise. You know – made to look like something else. Something that belongs in our office."

"So it could be ... anything?"

"Anything less than the size of a half-rack – and probably something new in the office ..."

... Half an hour later ...

"WHAT THE HELL ARE YOU DOING!?" the Boss shouts, bursting into Mission Control in a fury.

"What do you mean?"

"Why the hell did you put an axe into the new water cooler?"

"Oh, sorry about that," the PFY says. "I was just showing Simon my backhand when the axe slipped."

"What, and he was correcting it when HE put an axe into my new wheelie drawers?"

"No, no, I'd removed the axe from the water cooler but the handle was a bit wet and quite slippery and I dropped it."

"TWICE?"

"Three times actually – I'm a bit of a butterfingers."

"And that would explain the document shredder too?"

"Uh, no, that was my assistant. He didn't realise how slippery the handle was."

"The potplants?"

"Ah well, that was a simple misunderstanding. My assistant was just doing his bit for Global warming."

"How would that stop Global Warming?"

"Oh, are we supposed to be STOPPING Global Warming? Well, it appears we got the complete wrong end of the stick on that one. A nice stick too – used to be a potplant."

... And so it goes. I think the low point came when the PFY claimed he set fire to the Boss's new armchair because he was protesting against animal cruelty, but in the end we managed to placate him by assuring him that he wouldn't come in on Monday to find the place still in disarray. Obviously the second half of that sentence was completely redundant.

Twenty minutes after he's left Mission Control, I change his password and remote restart his desktop. Five minutes after that he's back.

"Oh yes, it's a routine password security feature we activated a couple of days ago," The PFY explains. "If you ignore the 14-days-to-set-your-password warning, it sets it to one of the list of 100 random words."

"Can't you change it back?"

"System security doesn't permit 2 Administrator-made changes in a day – to stop administrators changing your password hacking into your mail then changing it back," the PFY lies.

"Oh, I see. Well what are the words?"

"I think I have them on my Dictaphone," he replies

"What, you don't have a list of them?"

"No, they're in the computer – I read them out off the screen onto the Dictaphone in case I ever got trapped by it and couldn't login to view them."

"Oh ... I ... see. Can I borrow the Dictaphone then?"

"Sure."

And the rest is history.

Who could have known the successful trigger was Friday Afternoon and the word "LAGER" in the PFY's voice?

Target Acquired ...

Who could have known a hitherto insignificant wheelie chair (with a suspicious stain on the seat to discourage occupancy) could sprout a small saw where the backrest used to be?

Who could have known the PFY was waiting behind the Boss's door with an Axe?

Camera Fault. >crash!< Mic Fault. SERVO 1 OFFLINE. >crash< SERVO 2 OFFLINE. EXCESSIVE BATTERY DEPLETI. . . >CRASH<

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
European Court of Justice rips up Data Retention Directive
Rules 'interfering' measure to be 'invalid'
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Bored with trading oil and gold? Why not flog some CLOUD servers?
Chicago Mercantile Exchange plans cloud spot exchange
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
IT bods: How long does it take YOU to train up on new tech?
I'll leave my arrays to do the hard work, if you don't mind
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.