Feeds

BOFH: Axe handles - occasionally quite slippery

Just a sleeper bot programmed to murder us all

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Episode 11

12:34:56am. Company Stores

Wakeup trigger. . .

9 ... 8 ... 7 ... 6 ... 5 ... 4 ... 3 ... SELFTEST: OK 2 ... 1

Peripheral test ... USB Boot Media ... OK Panel ... OK Cameras ... Std:OK,Infra:OK,UV:OK 3D Directional Mic OK Hi Speed Steppers 1:OK,2:OK,3:OK,4:OK SERVOS 1:OK,2:OK,3:OK,4:OK Battery OK, level 67% Servo Saw OK booting ...

no ntp update > 180 days!

Wireless Strategic Update ..... timeout. Update Server unavailable, assuming M.A.D.

>RRRRREEEEEeeeeeeeooooooooorrrrrrrrrr!< >crunch!<

>RRRRRrrreeeeooorrrrrrr< >clatter!<

>boop<

>PING!<

. . .

"So we're dealing with a break-in," the Boss says.

"A break-OUT, I think you'll find," the PFY says.

"No, a break-in. Someone's sneaked onto our floor, waited till it was dark and then cut their way down to Stores to steal something!"

At this point the Boss looks at the PFY and me as if willing one of us to break down in a tearful confession.

"To steal something that shouldn't have been here in the first place," I say, fingering the "Addressee Unknown – To be collected" label on a large crate with a hole cut out of the side of it. "How long's this crate been here?"

"Uhhhhh, that one, about eight months or so," Steve from Stores says. "We rung someone to come and collect it, but they must have forgotten. I tried again a couple of months later but the number was disconnected."

"Take a quick gander inside the box will you?" I ask, motioning the PFY over.

"Sawdust and woodchip?" the Boss says.

"Correct. And more dust inside the box than out – implying that whatever was IN the box has cut its way OUT."

"That's ridiculous! No one could survive for eight months in a tiny crate!"

"Yes, you'll notice I used the word someTHING, not someONE."

"Uh-oh," The PFY says, quietly reaching for Steve's unpacking hammer.

"Uh-oh, what?" Steve and the Boss blurt in unison.

"Aaaaaah-Nothing," the PFY says. "I think I left the iron on at home. But you're right, it must have been a break-in ..."

"How bad is it do you think?" the PFY asks as we ride the lift back to Mission Control.

"It depends. If it's just a sleeper bot programmed to murder us all in our sleep in the office, it's bad. If it's a sleeper bot with complete updates of our previous defence strategies programmed to murder us all in our sleep in the office, then it's a little bit worse. But at least we know one thing ..."

>PING<

"What's that then?"

"It's already in the office," I say, pointing at the large hole in our wall, "and hasn't attacked yet."

"So it's waiting for something?"

"Or someone. After you ..."

Six hours later ...

"It's the waiting that gets to you," the PFY says, with that hunted look problem-users often get when the lift stops working.

"I know," I concur. "I've looked everywhere and haven't seen a thing. It must have let itself out."

... Two days later ...

"Still nothing?" the PFY asks.

"No."

"What do you think it's waiting for?"

Suspicious stain on the seat discourages occupancy

"The trigger? Who knows. We know it can hear and see, but I suspect it's a combination of voice recognition and a timer. So it'll activate on our voices after it thinks we've been lulled into a false sense of security ..."

"Yes, but where is it???"

"I'm beginning to think it's in disguise. You know – made to look like something else. Something that belongs in our office."

"So it could be ... anything?"

"Anything less than the size of a half-rack – and probably something new in the office ..."

... Half an hour later ...

"WHAT THE HELL ARE YOU DOING!?" the Boss shouts, bursting into Mission Control in a fury.

"What do you mean?"

"Why the hell did you put an axe into the new water cooler?"

"Oh, sorry about that," the PFY says. "I was just showing Simon my backhand when the axe slipped."

"What, and he was correcting it when HE put an axe into my new wheelie drawers?"

"No, no, I'd removed the axe from the water cooler but the handle was a bit wet and quite slippery and I dropped it."

"TWICE?"

"Three times actually – I'm a bit of a butterfingers."

"And that would explain the document shredder too?"

"Uh, no, that was my assistant. He didn't realise how slippery the handle was."

"The potplants?"

"Ah well, that was a simple misunderstanding. My assistant was just doing his bit for Global warming."

"How would that stop Global Warming?"

"Oh, are we supposed to be STOPPING Global Warming? Well, it appears we got the complete wrong end of the stick on that one. A nice stick too – used to be a potplant."

... And so it goes. I think the low point came when the PFY claimed he set fire to the Boss's new armchair because he was protesting against animal cruelty, but in the end we managed to placate him by assuring him that he wouldn't come in on Monday to find the place still in disarray. Obviously the second half of that sentence was completely redundant.

Twenty minutes after he's left Mission Control, I change his password and remote restart his desktop. Five minutes after that he's back.

"Oh yes, it's a routine password security feature we activated a couple of days ago," The PFY explains. "If you ignore the 14-days-to-set-your-password warning, it sets it to one of the list of 100 random words."

"Can't you change it back?"

"System security doesn't permit 2 Administrator-made changes in a day – to stop administrators changing your password hacking into your mail then changing it back," the PFY lies.

"Oh, I see. Well what are the words?"

"I think I have them on my Dictaphone," he replies

"What, you don't have a list of them?"

"No, they're in the computer – I read them out off the screen onto the Dictaphone in case I ever got trapped by it and couldn't login to view them."

"Oh ... I ... see. Can I borrow the Dictaphone then?"

"Sure."

And the rest is history.

Who could have known the successful trigger was Friday Afternoon and the word "LAGER" in the PFY's voice?

Target Acquired ...

Who could have known a hitherto insignificant wheelie chair (with a suspicious stain on the seat to discourage occupancy) could sprout a small saw where the backrest used to be?

Who could have known the PFY was waiting behind the Boss's door with an Axe?

Camera Fault. >crash!< Mic Fault. SERVO 1 OFFLINE. >crash< SERVO 2 OFFLINE. EXCESSIVE BATTERY DEPLETI. . . >CRASH<

Internet Security Threat Report 2014

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
IBM storage revenues sink: 'We are disappointed,' says CEO
Time to put the storage biz up for sale?
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
Symantec backs out of Backup Exec: Plans to can appliance in Jan
Will still provide support to existing customers
VMware's tool to harden virtual networks: a spreadsheet
NSX security guide lands in intriguing format
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.