• (cs) in reply to Jerim
    Jerim:
    I seriously hope you never try to demonstrate how easy it is to get away with murder.
    Unless he does it on the guys running that consulting firm*, and he makes sure to tell them about his demonstration immediately beforehand. Then it would just be a brilliant example of poetic justice.
    • assuming it actually existed, and wasn't just made up to celebrate the holiday
  • Aaron (unregistered)
    1. view source or inspect element
    2. change display:none to display:block on a couple of div tags
    3. Save as Html or reload
    4. Profit!
  • (cs) in reply to Jeffrey Dahmer
    Jeffrey Dahmer:
    Who hasn't done something like this?

    If you mean, using testing data data, yes, everyone does. In our purchasing product development environment, I used to order "gold ingots". Lots of them.

    But this is just gross....

  • (cs)

    "We assume you are an admin until proven otherwise. By 'otherwise' we mean any chimp too dumb to save and edit HTML."

  • (cs) in reply to Aaron
    Aaron:
    1) view source or inspect element 2) change display:none to display:block on a couple of div tags 3) Save as Html or reload 4) Profit!

    I bet you also told everyone that the psychiatrist Luke Skywalker talked to was dead all along?

    And that the movie wasn't actually set "A long time ago", that was just a ruse to keep Nicole Kidman's kids from escaping the Moulin Rouge?

    (PS: Spoilers)

  • SG_01 (unregistered) in reply to Lorne Kates
    Lorne Kates:
    Aaron:
    1) view source or inspect element 2) change display:none to display:block on a couple of div tags 3) Save as Html or reload 4) Profit!

    I bet you also told everyone that the psychiatrist Luke Skywalker talked to was dead all along?

    And that the movie wasn't actually set "A long time ago", that was just a ruse to keep Nicole Kidman's kids from escaping the Moulin Rouge?

    (PS: Spoilers)

    Pfft, you're all working too hard...

    javascript: void( $(".artic").show() )

    Done ^^

  • Aequitarum Custos (unregistered) in reply to SG_01
    SG_01:
    Pfft, you're all working too hard...

    javascript: void( $(".artic").show() )

    Done ^^

    You have won April Fools day on TheDailyWTF

  • Dr. X (unregistered)

    What is a Humerus?

  • C-Octothorpe (unregistered) in reply to Dr. X
    Dr. X:
    What is a Humerus?

    Funny, but misspelled...

  • (cs) in reply to Dr. X
    Dr. X:
    What is a Humerus?

    It's your funny bone.

  • (cs) in reply to Dr. X
    Dr. X:
    What is a Humerus?
    A bonus?
  • (cs) in reply to C-Octothorpe
    C-Octothorpe:
    Dr. X:
    What is a Humerus?

    Funny, but misspelled...

    Nice. =)

    /tosses a quarter to Akismet

  • SomeYoungGuy (unregistered) in reply to drusi
    drusi:
    lolwtf:
    So data recovery guys test their plan for recovering from a worst-case scenario in which their system, all databases, and all backups are lost. They recover from off-site backup.

    I'm not seeing a WTF here.

    The "data recovery" guys actively destroyed all data, including backups, in the guise of an "audit." How the hell is that not a WTF?

    Like a Fire Marshal coming to test safety procedures by starting an actual fire. Building burns to the ground, people die. Similarly ironic.

  • Coyote (unregistered) in reply to jl

    Could have been worse. They could have "made unavailable" certain critical resources with 10 gallons of gasoline and a match.

    CAPTCHA: augue - Winning the argument by using a (power) auger.

  • JJ (unregistered) in reply to Tiran Kenja
    Tiran Kenja:
    Anonymous Coward:
    From the RSS feed entry for this article:

    An unexpected error occurred in RssFormatProviderFactoryBase (line 401) while formatting Attributed to Malice for RSS. The article may be accessed directly via the following link: http://thedailywtf.com/Articles/Attributed-to-Malice.aspx.

    It's April 1st. I am guessing that's why.
    No, that's not why. It's April 1st because yesterday was March 31st.

  • Sobriquet (unregistered) in reply to Nagesh
    Nagesh:
    Often students study throughout the year to score more marks. Then comes final exam, but final exam is not true test. True test is life which comes after final exam. Easy to cram and score in final exam. No cramming available in life. You don't know what you face next. This person face something that he came out of. That's good test. Offsite backups are most useful when making recoveries for failure.

    So... never attribute to malice that which is written by the fatuous?

  • Anon (unregistered) in reply to JJ
    JJ:
    Tiran Kenja:
    Anonymous Coward:
    From the RSS feed entry for this article:

    An unexpected error occurred in RssFormatProviderFactoryBase (line 401) while formatting Attributed to Malice for RSS. The article may be accessed directly via the following link: http://thedailywtf.com/Articles/Attributed-to-Malice.aspx.

    It's April 1st. I am guessing that's why.
    No, that's not why. It's April 1st because yesterday was March 31st.

    And tomorrow is April 2nd...

  • владимир (unregistered)

    I would try it on Nagesh's humerus.

  • (cs) in reply to Anon
    Anon:
    JJ:
    Tiran Kenja:
    Anonymous Coward:
    From the RSS feed entry for this article:

    An unexpected error occurred in RssFormatProviderFactoryBase (line 401) while formatting Attributed to Malice for RSS. The article may be accessed directly via the following link: http://thedailywtf.com/Articles/Attributed-to-Malice.aspx.

    It's April 1st. I am guessing that's why.
    No, that's not why. It's April 1st because yesterday was March 31st.

    And tomorrow is April 2nd...

    Obvious master it is you!!!

  • (cs) in reply to Anon
    Anon:
    JJ:
    Tiran Kenja:
    Anonymous Coward:
    From the RSS feed entry for this article:

    An unexpected error occurred in RssFormatProviderFactoryBase (line 401) while formatting Attributed to Malice for RSS. The article may be accessed directly via the following link: http://thedailywtf.com/Articles/Attributed-to-Malice.aspx.

    It's April 1st. I am guessing that's why.
    No, that's not why. It's April 1st because yesterday was March 31st.

    And tomorrow is April 2nd...

    And Sunday comes afterwards...

  • Frank (unregistered) in reply to frits
    frits:
    RIP Stephen King

    ...and Sarah Palin.

    You do realize that when she's President, the Secret Service will find your post and haul you away to Gitmo, don't you?
  • (cs)

    The REAL WTF is giving that kind of access to outside entities. No consultant or auditor should be given that level of access or permission.

  • Gunslinger (unregistered) in reply to Doug
    Doug:
    Well, the "display:none" wtf is one of the best (worst?) I've read on the site in ages.

    Use Firebug to make it easily readable.

    Too much work.

    CAPTCHA: ratis - I don't give a ratis about this WTF.

  • Anarke (unregistered)

    TRWTF is that outsiders got that level of physical access. I was once asked for root credentials to systems that I had "ownership" of by the internal audit team. This was a "Big" company that did financial and tax work. I told them "no." I asked for the tools they wished to run and what reports on them they'd like.

    I then read their scripts (Ugly csh that made HORRIBLE assumptions) and laughed. Not only would they not collect metrics, they would not even work. Rather than find out where the binaries such as "ls" were, they assumed they were in some ridiculous location (/usr/local/bin) so as to make the entire script do nothing more than spit out the hostname and their formatting, but no data. I gave them their reports as well as the log to show the script had been run as root.

  • Anonymous Coward (unregistered)

    I'm curious as to why all the other comments are about backups and not the php code in the article.

  • eternicode (unregistered) in reply to Anonymous Coward

    Just attribute it to malice.

  • eternicode (unregistered)

    The form does a GET submission, meaning the user would be able to see a flash of /SetSession.php?is_admin=no in their address bar (before the session page redirects to the account spage or whatever, probably with another autosubmission). Some curiosity and a login later, /SetSession.php?is_admin=yes gets them admin privileges.

    TRWTF is that this code is sent to the browser in the first place.

  • pez (unregistered)

    Why yes, I will remove tdwtf from my trusted javascript list.

  • (cs) in reply to Frank
    Frank:
    frits:
    RIP Stephen King

    ...and Sarah Palin.

    You do realize that when she's President, the Secret Service will find your post and haul you away to Gitmo, don't you?

    That's cool. As long as they're looking for a guy named "frits" I should be in the clear.

  • (cs)

    Very humerus.

  • wlao (unregistered)
    Svengali:
    The other half was researching woody-analogs for human boner.
    There, FIFY.
  • (cs) in reply to Anon
    Anon:
    And tomorrow is April 2nd...
    No, yesterday was April 2nd
  • Cheong (unregistered) in reply to tagno25
    tagno25:
    I would call that, "hit by a bus" plan enactment, more like a "hit by a bomb" plan
    If they really made sure everything is backed up thrice, I'd think think should try to restore from local disconnected media before seeking to restore from an offsite backup.

    Or if they enabled shadow copy at the origional backup location (and the free disk space is a few times bigger than their backup), they may try to retrieve the deleted files there first.

  • Diogenes (unregistered) in reply to jl

    I remember a firedrill in an army barracks in the 1980s (no name pack drill) The building itself housed offices and was built in the 1880's

    Anywhoo they decided to make it more realistic by "popping smoke" - a few broken arms, legs and dislocated ankles later ....

  • (cs) in reply to Diogenes
    Diogenes:
    I remember a firedrill in an army barracks in the 1980s (no name pack drill) The building itself housed offices and was built in the 1880's

    Anywhoo they decided to make it more realistic by "popping smoke" - a few broken arms, legs and dislocated ankles later ....

    Not quite as disasterous, but I have a similar story. When I was in the Marine Corps Infantry, our company was sitting outdoors for an NBC (Nuclear, Biological, Chemical) class. Our company commander thought it would be "good traing" to suprise us with a couple of CS grenades. One landed right next to me. Before I could get my mask on, I had already taken a deep breath of CS. The fight-or-flight instinct kicked in and I ran. Blindly. I didn't even see the tree coming...

  • (cs) in reply to frits
    frits:
    Diogenes:
    I remember a firedrill in an army barracks in the 1980s (no name pack drill) The building itself housed offices and was built in the 1880's

    Anywhoo they decided to make it more realistic by "popping smoke" - a few broken arms, legs and dislocated ankles later ....

    Not quite as disasterous, but I have a similar story. When I was in the Marine Corps Infantry, our company was sitting outdoors for an NBC (Nuclear, Biological, Chemical) class. Our company commander thought it would be "good traing" to suprise us with a couple of CS grenades. One landed right next to me. Before I could get my mask on, I had already taken a deep breath of CS. The fight-or-flight instinct kicked in and I ran. Blindly. I didn't even see the tree coming...

    Something tells me you aren't the only person still telling this story.

  • Stinky mc teats (unregistered) in reply to tagno25

    Not really. It did fail. Why did they have to resort to off site backups, Just load the last hours tape from the jukebox and hit restore...

    What fool sets up a set of redundant servers and does NOT do a image to SDLT at least every 4 hours? it should have been able to be restored from a in house tape from that morning.

    Finally, why did they not have a raid 60 set up? with failover mirroring? It's really easy to foil some testing company if you have real hardware in place instead of crap designed by someone that does not do a complete job for critical backups.

  • (cs) in reply to lolwtf
    lolwtf:
    So data recovery guys test their plan for recovering from a worst-case scenario in which their system, all databases, and all backups are lost. They recover from off-site backup.

    I'm not seeing a WTF here.

    The WTF is in performing a catastrophe recovery simulation that is both a) destructive and b) surprise. Good engineering, professionalism, and plain ol' common sense dictate that you do not do both simultaneously.

    When your professional services involve white-hat hacking, security or data/systems recovery, your number one priority is always, always, and fucking always to leave data and systems the way you found them.

    If you perform a destructive drill without notifying those to be inspected a-priori, you pretty much tie the loss of data to the inspected ability to recover (which in this case was being claimed to faulty.)

    As an inspector, you do not have a recovery plan of your own. How could you? So how could you, professionally and ethically perform a destructive simulation on your client's premises under conditions you cannot possibly control.

    That's pretty much putting a client's assets at a destructive risk that is completely unnecessary and possibly unrecoverable. If not even weapon manufacturers do that except in the rarest of circumstances, what sort of a retarded buffoon would think this is a good idea in an IT shop?

    It is absolutely f* stupid, to a point that is just retarded and criminal, to even think doing so is a good idea. In my line of work, companies I've worked on have conducted recovery scenarios by simulation, by rehearsal of recovery checklists, and destructive runs followed by backup tests on test/pre-production hardware (the type of hardware one promotes to "production" if actual production hardware suffers a catastrophic failure, down to steps required to open/close firewalls, DNS changes, etc.

    Never, ever, ever do you put live data and back ups at unnecessary (and unannounced) risk. Doing otherwise is nothing more than a pissing contest to prove one is right and win a contract.

    That is a WTF.

  • Steve (unregistered) in reply to Stinky mc teats
    Stinky mc teats:
    What fool sets up a set of redundant servers and does NOT do a image to SDLT at least every 4 hours?
    The sort of fool that ends up featured on TDWTF.
  • eric bloedow (unregistered)

    that "knife test" reminds me of a story in a book, "Government goofs": it describes the requirements for high-class ashtrays, and one requirement is the "size of the pieces it makes when smashed with a hammer"...so you would have to actually smash them to see if they met this requirement...

  • Axel (unregistered)

    How is it that one of Nagesh's pointless ramblings is a featured comment?

Leave a comment on “Attributed to Malice”

Log In or post as a guest

Replying to comment #:

« Return to Article