Feeds

BOFH: He... made... you... HE made YOU a DOMAIN ADMIN?

Simon, are you breathing? Simon!

Application security programs and practises

Episode 2

"Yeah, so we just need you to upgrade these machines," the Beancounter says.

"Upgrade them to what, Windows 8?" I ask, suppressing the gag reflex.

"No I mean upgrade them with the updates."

"Oh, so you mean upDATE them, not upGRADE?"

"It's the same thing!" he simpers.

"Not at all. An upDATE is when the system stays essentially the same but and upGRADE is when something is replaced with something perceived to be better – but which also might need updating."

"Yeah, it's the same thing. Better software," he snips.

"Think of it this way. An upDATE is when your Missus gets you to buy a new suit and and upGRADE would be when she gets Brad Pitt in whatever clothes he's wearing. She may upDATE his clothes at some stage in the future or she might just be too pleased with the upGRADE to bother."

"I still think it's the same thing."

"Yes, and I've been suggesting upGRADING the beancounters for some time now for that reason. It was my mistake trying to upDATE your perceptions. In any case, tell me more about these updates, upgrades or whatever you'd like to call them?"

"These machines here" he says, motioning to a pile of five desktops abandoned on a desk.

"And what update, upgrade or whatever am I applying?"

"I just want them to work."

"So they're... not... working... presently."

"No, there's something wrong with them."

"So you want me to FIX them, then possibly update them, then possibly upgrade them and then possibly update the upgrade to the latest level. Or maybe you just want a partial fix?" His face reddens:

"IT'S THE SAME THING!"

"No, not at all. If we go back to our previous example, a partial FIX would be setting your wardrobe on fire – technically removing the bits that are broken."

"And a total fix?"

"That would be making sure you were in the wardrobe at the time," the PFY says, appearing from the doorway behind me.

"What's wrong with them?" I say, pointing at the deceased boxes.

"I don't know," the Beancounter says evasively.

"Hardware or Software?" the PFY says.

"I guess it's software?" he says, exceeding his runtime level of ignorance and providing evidence of untruths...

"So it's software," I say.

"Possibly."

"Did they all fail at the same time?"

"I'm not sure. I just came into work one morning and they weren't working."

It's a lie of course – and the PFY and I both know it was a lie. If he'd come into work one morning and some machines hadn't been working I'd have had helpdesk calls and follow-up calls up the wazoo in 15 minutes. "And the... night before they weren't working – what happened then?"

"I don't know, I was at home."

"So immediately before you went home," the PFY says, "were you doing something – maybe running a ghost server doing some dodgy upgrades? Maybe booted a Hiren disk and excommunicated the machines from the domain so that you could do be Master of all you surveyed? Maybe installed a bunch of software that you shouldn't have. To REALLY break the machine you must have had admin rights – right?"

Honestly, it's pathetic. If I had 10 quid for every halfwit who's seized administrative control of their desktop only to COMPLETELY STUFF IT UP I'd have alcohol poisoning by now. Or type 2 diabetes. Or both. The ILLUSION that somehow the access they crave will make them a code-wielding savant able to make group policy calls like a professional turns my kebab-digester.

"So which one was it?" the PFY asks.

"I... None."

"But you stuffed these machines with administrative access, so how'd you get access?"

"You gave me access!" he shoots back. "Two weeks ago. I'm... a domain administrator."

Space aliens, landing in my backyard and using my barbecue to rustle up some hedgehog kebabs is more believable than this.

"I did not!"

"Not you, your Boss. He made me a Domain Administrator so that I could administer all our shares."

"He doesn't have access!"

"No, but I was looking for you in your office and ran into him and he..."

"He used my access to make you a domain admin?!" I ask, scarcely believing my own voice.

"Apparently so," the PFY says, flashing his phone screen at me. "The Boss, the Director, the bloke from H.R. who deals with all the serious-breach-of-conduct crap, and the head of security. All domain admins. And you and me of course."

"Did anyone just hear a seal being broken – maybe seven trumpets blowing?" I ask.

"No, why?" the PFY asks.

"I... No reason," I respond. "I take it in the last few seconds you've... fixed... that other business?"

"Domain Admin count back to normal."

"Right, so we're all good then?" I ask, heading for the door.

"I'm not, I need admin rights!" whines the Beancounter.

"History appears to indicate that you don't," I say, pointing at the pile. "But feel free to check with the Boss about that when he gets out of hospital."

"Hospital?"

"Wardrobe fire," the PFY says.

"When?!"

"An hour or so from now. A bloody tragedy. I'd be careful if I were you – 'specially if my assistant starts sending you rayon bathrobes..."

Eight steps to building an HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
The triumph of VVOL: Everyone's jumping into bed with VMware
'Bandwagon'? Yes, we're on it and so what, say big dogs
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.