It's a particularly busy week for me: on top of a few looming deadlines, I'll be at Business of Software 2008 in Boston. So, I figured it'd be the perfect opportunity to revisit some classics.

A True Ninja Hacker Is Like The Wind was originally published on July 20th, 2006. This article also marked a turning point for TDWTF: prior to this, nearly all articles were focused around bad code; starting here, I changed the direction a bit to explore Curious Perversions in Information Technology that go beyond the code.


It was a dark and stormy night; the kind of night whose only escape from the monotonous pattering of a torrential downpour was the deafening boom of thunder, violently shaking the very foundation each building; the kind of night where a momentary lapse in the deluge welcomed only powerful gusts of wind, eerily howling through every corridor and alleyway; the kind of night that -- ok, fine, it was a slightly overcast late-afternoon, but work with me here.

Wrapping up and otherwise uneventful day, Mark Churchill received a high-priority page. It was an automatic alert sent by Intel Platform DMI:

*** DMI Indication ***
Severity = Critical
Event Type = Physical Container Security Breach
Origination = QCINSQL02

The source of the alert was the chassis intrusion switch: one of the servers in the (highly secure) datacenter was opened. Annoyed at the paperwork required for such an alert,  Mark pulled up the worklog to see if there were any emergency maintenance requests that he some how didn't hear about. They showed that no work was scheduled to be done.

As Mark went to lock his workstation and go to the data center, he received another alert from DMI: "Container Security Status OK". And then another Critical "Container Security Breach." And then another. And then another. This was not good; Mark rustled up a couple of the bigger Ukrainian coders and headed up to the data center. By now, his pager was at 300+ new DMI alerts.

The most logical explanation that Mark and the Ukrainians could think of was that an elite team of corporate ninja hackers some how managed to breach the data center. Since the data center is highly secured, the ninjas must have gotten roof access (probably with a helicopter) and repelled down to the ventilation shaft. From there, they likely blew a hole in a wall with their ninja explosives and were in the middle of stealing terabytes of highly-sensitive corporate data.

Mark and his Ukrainian team had no idea how many ninjas to expect, but they were prepared for anything: Borysko brought a putter that he had kept in his cube. Shaking nervously as he slid his access card across the security panel, Mark and the Ukrainians burst into the server room. It was empty. Could the ninjas have escaped already?

They crept further through the server room and Borysko, taking point, spun around and signaled to be extra careful. He motioned to the financial services web farm area where a faint "tap ... tap ... tappity ... tap ... tap" noise could be heard. With his golf club drawn and ready for battle, Borysko tip-toed on over. Again, no ninja.

Borysko signaled OK, and Mark and the others rushed over to find the source of the tapping noise. It turned out that the new guy switched out all of the weekly back up tapes but forgot to close the front panel of 25+ different servers. He did lock up the racks after himself, but an updraft from the fans caused the front panels to swing in the breeze, opening and closing and tripping the chassis intrusion each time.

Though they didn't find any ninjas, they did find a scapegoat to buy the beer for all of them at happy hour.