• (cs)

    Uhhh ok. So the front desk people were war dialing? GG

  • Vollhorst (unregistered)

    The only thing I "detect" in it is that the hotel guys always used the admin line which increased the heat and caused some problems because they didn't know what they were doing? Or am I missing something?

    Is the last admin login automatically used for those guys? More a whatever than a wtf. ;)

  • Dave (unregistered)

    I think the author of this story must have forgotten to include 1 or 2 crucial details that might have made this story make sense.

  • Grovesy (unregistered) in reply to Lysis
    Lysis:
    Uhhh ok. So the front desk people were war dialing? GG

    Read is a few times over incase I hS missed something.. That's what I took from this, somone from the front desk was dialing in as an admin and resetting the ports.

    Though not quite sure how that is possible with passwords changing daily.

  • PleegWat (unregistered)

    No, the admin port got assigned wrong this time round.

  • Matt (unregistered)

    I think it was the hotel staff thinking that they could do a better job arranging the ports than the developer

  • (cs)

    The picture of the blind man's foot and cane must have been a hint that no one would see the point of this story.

    (Fixed the picture -ed.)

  • Michiel (unregistered)

    The real wtf is in the code of the article (@the blinking underscore):

    <blink wtf="sweet, an excuse to use the blink tag!">_</blink>
  • Aloysius (unregistered)

    So if the port numbers were changed randomly, the front desk computer terminal could have connected to the admin port, sent some random characters and got the police warning on the screen. Still, what caused the random port shift?

  • (cs) in reply to Dave
    Dave:
    I think the author of this story must have forgotten to include 1 or 2 crucial details that might have made this story make sense.

    Seems pretty clear to me. The ports got swapped such that the admin interface was redirected to the front-desk terminals, thus the users saw the hack warning.

  • Grovesy (unregistered) in reply to seaturnip
    seaturnip:
    Dave:
    I think the author of this story must have forgotten to include 1 or 2 crucial details that might have made this story make sense.

    Seems pretty clear to me. The ports got swapped such that the admin interface was redirected to the front-desk terminals, thus the users saw the hack warning.

    ahh, now that makes a bit more sense..

    I'd still like to know what caused the random redesignation of ports.. if it was random at all.

  • Damir (unregistered) in reply to Michiel
    Michiel:
    The real wtf is in the code of the article (@the blinking underscore):
    <blink wtf="sweet, an excuse to use the blink tag!">_</blink>

    And for a moment there I've thought they used an animated GIF :D

  • (cs) in reply to seaturnip

    Yes, but why were the ports being swapped? That is the crucial part of this WTF that is missing. In fact, the write-up is a complete WTF.

  • Grovesy (unregistered) in reply to GalacticCmdr
    GalacticCmdr:
    Yes, but why were the ports being swapped? That is the crucial part of this WTF that is missing. In fact, the write-up is a complete WTF.

    Isn't it obvious? being the eighties, and looking back at the evidence we know from films like Short Circuit that computers are alive. The ports were randomly reassigned by the minicomputer itself, it was getting bored sending the same old data down the same old ports.

  • Nibbler (unregistered) in reply to GalacticCmdr
    GalacticCmdr:
    Yes, but why were the ports being swapped? That is the crucial part of this WTF that is missing. In fact, the write-up is a complete WTF.
    Seconded. If this is an obvious ongoing problem, why on earth didn't they attempt to solve the underlying problem?
  • mtu (unregistered)

    Kinda reminds me of how I used to place an executable file named cmd.exe onto my web server, which did nothing but pop up a message boy saying "F*** off!".

    I laughed at every HTTP 200 this caused in my logs :D

  • tonecoke (unregistered)

    It would appear that part of the hack detention/warning code changes the ports also.

    Being the period it was, they just needed to type in START GLOBAL THERMONUCLEAR WAR followed by PLAY TIC-TAC-TOE for everything to be ok again.

  • anne (unregistered) in reply to Michiel
    Michiel:
    The real wtf is in the code of the article (@the blinking underscore):
    <blink wtf="sweet, an excuse to use the blink tag!">_</blink>
    That's no WTF, that's just awesome! Thanks for bothering to look at the source and unearth that great comment, too. I have to remember to use the wtf attribute more often in my HTML. :)
  • (cs) in reply to mtu
    mtu:
    Kinda reminds me of how I used to place an executable file named cmd.exe onto my web server, which did nothing but pop up a message boy saying "F*** off!".

    I laughed at every HTTP 200 this caused in my logs :D

    A "message boy"?!? WTF?

    HTTP 200? As far as I remember, 200 means success. Don't you mean HTTP 404? or something else? WTF?

    I probably just don't get it.

  • (cs) in reply to Grovesy
    Grovesy:
    GalacticCmdr:
    Yes, but why were the ports being swapped? That is the crucial part of this WTF that is missing. In fact, the write-up is a complete WTF.

    Isn't it obvious? being the eighties, and looking back at the evidence we know from films like Short Circuit that computers are alive. The ports were randomly reassigned by the minicomputer itself, it was getting bored sending the same old data down the same old ports.

    Much like Number Johnny Five, the minicomputer was desperately craving more input.

  • jtl (unregistered) in reply to anne
    anne:
    Michiel:
    The real wtf is in the code of the article (@the blinking underscore):
    <blink wtf="sweet, an excuse to use the blink tag!">_</blink>
    That's no WTF, that's just awesome! Thanks for bothering to look at the source and unearth that great comment, too. I have to remember to use the wtf attribute more often in my HTML. :)

    Don't forget the second one:

    PASS: SWORDFISSH<blink wtf="wheeeeee!!">_</blink>

  • (cs) in reply to tonecoke

    It seems obvious to me: the system was using all of its ports, so when it needed to phone out, to contact the police, it needed to grab an existing port, which triggered some sort of re-allocation.

  • Micha (unregistered) in reply to skington

    That's an interpretation. My question is, if the ports were being reassigned randomly (and the admin port too), how can the admin always find the good port to connect to?

  • Nutmeg Programmer (unregistered)

    The password was being interpreted as a command to change the IO?

    FI DEL IO

  • Simon (unregistered)

    The story seems 'unfinished to me'. Somehow it would be perfect if:

    "Later on Andrew reviewed the piece of code that wrote the bogus warning and discovered that at the same time the port numbers were re-assigned in order to re-secure the system."

    However, somehow I doubt it would be that neat.

  • (cs) in reply to Nutmeg Programmer
    Nutmeg Programmer:
    The password was being interpreted as a command to change the IO?

    FI DEL IO

    That's the only thing I can even imagine from the story. I was trying to come up with something related IDE and LILO (even though it says LIO). And SWORDFISSH has SSH in it but I don't think that came around until the mid 90's.

    The title for this WTF is very apt. It makes no sense.

  • David (unregistered) in reply to Michiel
    Michiel:
    The real wtf is in the code of the article (@the blinking underscore):
    <blink wtf="sweet, an excuse to use the blink tag!">_</blink>

    Way back in '96 I was in the first "Internet Programming" class at my school. The instructor claimed that Marc Andressen admitted to adding blink to html one evening when he was drunk.

  • (cs) in reply to skington
    skington:
    It seems obvious to me: the system was using all of its ports, so when it needed to phone out, to contact the police, it needed to grab an existing port, which triggered some sort of re-allocation.

    I didn't detect any sarcasm, but it appears from the story that the computer doesn't actually call the police.

  • Josh (unregistered) in reply to TheRider

    It means that someone successfully ran the fake CMD.EXE file and it gave them the message "F*** off!".

    And I think TheRider meant "message BOX". Why he would type "BOY" is beyond me. The Y isn't anywhere near the X.

    Must've have been one of those WTF spasms.

  • Kyle Bennett (unregistered)

    It's the passwords.

    "FIDELIO" - FI DEL IO, "SWORDFISH" SWORD FI SH.

    OK, so FI invokes some kind of subshell... never mind that this works without spaces between the commands... and... OK, well, DEL IO must.... um... delete the IO port, yeah that's it... and, well... using SH, or SSH, is obviously a hacking attempt... and...

    OK, I got nuthin'.

  • Gilhad (unregistered) in reply to Josh

    On some keyboards is Z and Y switched (so they call it QWERTZ). On such keybords are Y and X just the first and second keys on left down. So the typo is very simple.

  • pt314 (unregistered) in reply to Josh
    Josh:
    And I think TheRider meant "message BOX". Why he would type "BOY" is beyond me. The Y isn't anywhere near the X.
    I guess you're using a QWERTY keyboard. I also guess TheRider is using a QWERTZ one.

    Though a message boy popping up because of a HTTP request would be way scarier, so it would actually serve the purpose better.

  • (cs) in reply to Gilhad
    Gilhad:
    On some keyboards is Z and Y switched (so they call it QWERTZ). On such keybords are Y and X just the first and second keys on left down. So the typo is very simple.

    I used to love that prank when I was a kid. Changing somebody's keyboard layout. That'll teach them for not buying the Optimus Maximus.

  • Botzinger Gulm (unregistered) in reply to Josh
    Josh:
    It means that someone successfully ran the fake CMD.EXE file and it gave them the message "F*** off!".

    And I think TheRider meant "message BOX". Why he would type "BOY" is beyond me. The Y isn't anywhere near the X.

    Must've have been one of those WTF spasms.

    It is on German(?) keyboard layouts, known as QWERTZ keyboards. They have Z and Y swapped, which is an entirely different wtf.

  • Botzinger Gulm (unregistered)

    Spasmodic keyboard clue spree!

  • jou (unregistered) in reply to Josh

    Some keyboard layouts has X and Y swapped compared to the US layout. For example the one that's printed on my keyboard (Swiss, but I'm using US-International in the OS since it's more convenient to code). And the Germans (and probably many others) has those keys swapped, too.

  • Me (unregistered) in reply to pt314
    pt314:
    Though a message boy popping up because of a HTTP request would be way scarier, so it would actually serve the purpose better.

    A message boz would be even scarier!

  • Paul (unregistered) in reply to Josh
    Josh:
    And I think TheRider meant "message BOX". Why he would type "BOY" is beyond me. The Y isn't anywhere near the X.

    Must've have been one of those WTF spasms.

    Or maybe a Freudian fart - he may have been thinking about boys.

  • KT (unregistered) in reply to Michiel
    Michiel:
    The real wtf is in the code of the article (@the blinking underscore):
    <blink wtf="sweet, an excuse to use the blink tag!">_</blink>
    ">_<
  • halber_mensch (unregistered) in reply to Josh
    Josh:
    It means that someone successfully ran the fake CMD.EXE file and it gave them the message "F*** off!".

    And I think TheRider meant "message BOX". Why he would type "BOY" is beyond me. The Y isn't anywhere near the X.

    Must've have been one of those WTF spasms.

    Y and Z are swapped on german kezboard lazouts. Just a theorz.

  • AC (unregistered) in reply to Paul
    Paul:
    Or maybe a Freudian fart - he may have been thinking about boys.

    Makes sense, I do it all the time.

  • ChefJoe (unregistered)

    The way I read it the ending is that the front desk printer was printing what would be on the terminal... so when he got the message that they were phoning the police the front desk had the printer spit that out.

  • (cs)

    The WTF is that the Prime Directive was violated. Security measures must have no impact on innocent bystanders.

  • Shakespeare (unregistered)

    In ur wtf, eatin' your sense.

    Captcha: Rats

  • Andrew Harkavy (unregistered)

    I agree, the story is a little confusing (the way it is told). I figured they would embellish a bit here or there to make it more readable. Apparently not. Anyway, here is the original, for better or verse...

    In the late 80's, I was lead developer for a large hotel chain. We had 240 hotels running off of 4 big regional minicomputers. Each mini handled 60 or so hotels dedicating 6 ports to each for terminals, printers, etc. This pushed the hardware we were using considerably, causing occasional system 'burps', bumping all the ports numbers over by one. The front desk staff would see bizarre things such as print jobs dumping to their terminals, and the main menu printing out on the printer.

    Each mini also had a single port dedicated to developer dial-in support. In the age of 2400 baud modems, security and hacking were tame issues, met by equally tame preventative measures.

    Anyone accidentally stumbling upon the dial-in number would see a typical login page. Enter anything but a secret code of the day, and the would be hacker would be left pondering a message that their break-in had been detected, the line had been traced, and the police were being contacted... It was all fake, but we figured what the hell, try to scare em off.

    One day, after a one of those system 'burps', a bizarre support call was received at corporate support. A front desk clerk at one hotel was on the line frantically exclaiming "Help! the computer is calling the police!"

  • Bob (unregistered) in reply to Grovesy
    Grovesy:
    I'd still like to know what caused the random redesignation of ports.. if it was random at all.
    Clearly it was the work of hackers.
  • Anon (unregistered)

    I hate to be one of those "this wtf sucks" people, but this WTF sucks. Very confusing.

  • (cs) in reply to Josh
    Josh:
    It means that someone successfully ran the fake CMD.EXE file and it gave them the message "F*** off!".

    And I think TheRider meant "message BOX". Why he would type "BOY" is beyond me. The Y isn't anywhere near the X.

    Must've have been one of those WTF spasms.

    Still, that makes me wonder what the source code for that file looked like...

    #include <stdio>
    
    int main(void) {
        printf("Content-type: text/javascript\n\n");
        printf("alert(\"F*** off!\");");
        return 0;
    }

    ?

    P.S. I have no idea why the board is doubling the line breaks in the code block above. The only line that's blank in the comment editing window is the one after the #include.

  • Micha (unregistered) in reply to Andrew Harkavy

    NOW that does make sense ! Wow, what a novelization in this WTF !

  • (cs)

    I agree that this one doesn't make sense. One of a few things happened, the port switch could be on the client or server side. Either way, its a huge WTF because this shouldn't be modifiable by the average individual. Maybe they reinstalled the app and it reset the ports ? If that is the case that means that the server's side ports got shifted and it is the work of careless programming by changing the port assignments.

Leave a comment on “Phoning It In”

Log In or post as a guest

Replying to comment #:

« Return to Article