- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Bullshit. Train horns work on compressed air, not electricity. I DO work at the "one spot". For real.
Did your friend's car had pneumatic turn signals???
I don't think so...
Admin
Since I am, of course, So Much Smarter (tm) than this guy, I laughed and thought:
"haha, this poor bastard doesn't know how easy it is to lock Windows with pressing Win+L, hahah!"
.. at which point, just to prove to myself that I'm indeed superior, I hit Win+L, and figured out I've forgotten my password (my Windows logs in automatically, home computer).
After about 10-20 futile attempts to get back to my work, I remembered my hidden Administrator account password (of course I'd still lose all work as it'd log me out).
I remembered it since just the same month ago I had to enter into the repair console from the install XP disk, and I figured I don't know my Administrator user Password. Luckily it was sitting there on my desktop in a .. text file called... passwords.txt. I know, very secure!
I'm thinking about maybe moving it to a sticky note, I mean, it's a home machine, so although it sounds ridiculous, it's better than passwords.txt on your desktop..
But hey, never mind any of this, I'm still cool, making great sites and all, and indenting and commenting my code real well... I'm cool, right...? Right..? :P
Admin
At a programming job a few years ago, april 1st rolled around and one of the guys made a little prank program. He installed it on this uptight guys pc when he left it unlocked one day.
I don't remember exactly how it worked but I think he had remote registry access and was adding autorun keys. Anyway, it caused things to automatically run themselves. Notepad would randomly appear on his screen several times during the day and he would become more and more confused.
The hardest thing was trying to keep a straight face as I was right behind him and had a view of his screen. He kept turning around to me and asking if I saw that and what was going on.
Eventually we couldnt stop laughing and he figured it out.
All good fun.
Admin
I fail to see how this is a WTF. The worst that the Side Bar has to offer is usually more WTFish than this...
Admin
Thanks for marking that as not work safe, now I'm fired.
Admin
does anyone else find this the least bit funny?
Admin
I rarely prank, but a few years back my supervisor had ordered a billboard type poster with our URL on it which was then placed in a prominent place in the city centre, and had taken photos of it in place. He was a bit of a bragger, and he happened to have previously mentioned that he could spot an edited photo a mile off.
As I remember it, it was a co-worker who first suggested that someone might edit a terrible typo into the URL in the picture and I gave it my best shot. I'm not very skilled at photo editing but it happened to work very well.
I wish I was there for when my supervisor was gently guided toward the edited version of the photo, but I was glad to hear he wasn't left to panic for very long at all because it would have been detrimental to the health of all involved.
Admin
I told my wife about this, and she suggested inserting a Waldo into all the images instead.
Admin
Admin
Dwight Schrute, is that you?
Admin
Admin
I don't think this was intended to be funny, although the pseudonym chosen by the original poster was certainly pretty stupid. I trust that this is an instance of someone coming clean of an act that has caused him many years of inward shame, for the saking of helping others avoid similar shame.
Perhaps I am wrong. If so, well, I prefer to err on the ameliorative side. I do hope others who excuse their pranks as harmless can take the point:
We do not know the internal realities, or the personal histories, of those with whom we have only a casual working relationship Seemingly innocuous meanness can have a devastating effect on the hearts of others. If you have a concern about the potential for security breaches caused by another's neglect, there are better ways to communicate the concern.
I am not naive. I am aware that there are some reading this list who are so lacking in a sense of self-worth that they actually do relish the power to hurt. I can only pity them, and hope that they wake up before they cause too much harm. For others who might not have thought through the consequences, but who operate out of basic standards of decency, I can only suggest "think before you say or do mean things." What goes around does indeed come back around.
Admin
Time for me to bring out this tired old story:
A co-worker of mine used to like to find people who've left their computers unlocked, and would fire up Microsoft Word, write something very unprofessional in large bold type like PORN and then walk away to leave it glaring there for all to see.
He did this to me once.
I added his name to the document as the "author" and sent it to the corporate printer down the hall. A couple hours later, someone kindly dropped it off at his workstation.
Admin
Not really an unlocked computer prank - but an MSDOS virus I got years ago.
The virus would randomly munge characters as you were typing. Sometimes the wrong letter showed up, sometimes nothing, sometimes two or three characters.
Over a few weeks, I kept thinking that I was regressing horribly in my typing ability, but the virus got more overt over time, until pressing one key would result in "weqrouinszvu" showing up on the screen.
It was obvious, then, that something was wrong. I really don't remember how we figured out it was a virus.
I don't condone writing and spreading viruses, but I always thought it was hilarious. I wish I could remember what it was called.
Admin
Pry off the "N" and "M" key on the keyboard and swap them.
Admin
Back when I used to work as a technician in a small computer shop, we had this tech who had a bad temper and low threshold for frustration. He would often be seen bashing on a keyboard or throwing customer computer parts around when running into even the most simple issues.
One day I he was setting up a new computer that a customer had purchased and went away for lunch. MSDOS was a popular OS option at that time for the cost consious buyers. I jumped on his freshly installed system and opened up command.com in a hex editor and swapped all the commands around. Changed cd to md. Changed dir to rem. mkdir to rmdir, etc.
Absolutely hilarious to watch 'cd' come back and tell him that the directory already exists. Or dir telling him the syntax was correct.
After half an hour of cursing he ended up reinstalling DOS.
Admin
In my workplace, we have really strict rules about not leaving computers unlocked when you're away.
Well I once forgot to lock mine. So my coworker kindly sent an e-mail to my boss stating that "I'm getting too much salary. Could you kindly reduce it?"
Luckily my boss got it immediately and replied to me something like: "Forgot to lock your workstation, eh?"
Some people here used to send e-mails to the company 'everyone' group, meaning several hundreds of people in several countries. It really wasn't fun, the messages were always something like: "Hey everyone, I'm a moron who forgot to lock his/her workstation."
But after all, there never was such a mail from the same user more than once.
captcha: cognac. yes please, it's Friday after all.
Admin
In college, I, too, had someone snooping around my home directory. So I made an 8-byte file, with read permission restricted but globally executable, named "virus". Because he seemed just foolish enough to try running it.
Some days later, I logged out because the system load suddenly shot up by at least a hundred and everything ground to a crawl. I learned later that he had indeed found and run "virus".
The file's contents? "%0&%0&%0".
Fortunately, though he got a scolding over the incident, they never called me onto the carpet.
Admin
My favourite 'soft hack' is to create a HOSTS file that maps a whole set of IP addresses (thus the Web site) to alternative domains.
For example, if the IP address for www.google.com is 66.102.9.104, then in the hosts file I would add...
66.102.9.104 www.yahoo.com
This is WAY hard for a Support person to fix too (and I am in Support!) :-)
Admin
A slight variation: the screensaver already was 3dtext (the company name, woohoo). But there's an option to specify the reflected bitmap....
Looking back, maybe we put a little too much effort into finding an image that was just right. Still, there's an element of style necessary in these things.
captcha: kungfu. I knew that.
Admin
Admin
I'm not sure it's so odd for someone not to lock their screen at work. You kind of expect that your co-workers are mature enough not to mess with things. This is of course not the case if you work somewhere where security is paramount. And in either case, the person's reaction is completely idiotic.
I haven't done something similar at work, but I remember messing around with people's accounts in college. There was always someone who forgot to log out of the dumb terminal (which gave shell access to the UNIX server account). Those of us who spent a lot of time in the lab took turns making all kinds of things happen to these accounts.
If I was the one doing it, I'd start out with something gentle, like making the login echo a comment about the user's intelligence, or modifying the prompt to do the same. I'd leave a comment in the file that this had been done because the person had failed to log out, so I hope they got lectures when they went to the sysadmins to get it fixed (this was circa 1992, and most students had only learned a few commands to be able to read email, mud, and irc).
I was never cruel enough to delete files (although I would rename important files to .filename, which made them appear to be deleted to the user), but if I saw a repeat offender I'd alias frequently used commands: irc to ls, the mail application to man man, telnet to cat the user's mailbox, etc.
Others, however, were less nice, and would delete files or send emails in the person's name.
There was usually at least one account a day to play with, which goes to show that people really don't think.
Admin
Assuming the data is sensitive to begin with, it doesn't really make much sense to give access to people who have no business seeing it. Programmers can happily work on their development systems with fake data of their own, without ever having to touch the real systems.
Would you trust a company to handle sensitive data if they had one set of people responsible for actual day to day software creation, and for executing the actual business process at the same time? Can you imagine going to your bank, and when you ask someone about your account the answer is "hold on a second, I need to fix a bug in this entry screen first"? The notion is completely ridiculous.
Of course if the data you work with is not very sensitive at all it doesn't matter.
Sure, it's a chance. We had some screens stolen by a guy who just walked in and out without anybody bothering him, a few years back. There is a keypad on the front door now.
It helps that we are seriously out of the way - on a high floor in a building that doesn't have too many unknown visitors to begin with. Any potential thief would have to enter the building, go to our floor, get past the keypad, and then try to walk out without being challenged.
Actually I was just baiting Obiwaynekenobi after his sneer at people who "just don't handle important enough data" ;-)
But for the record, I do know that IT is not the central purpose of life and the programmers write their programs primarily so that other people can do their work. I don't look down on them; they have their skills and work, and I have mine.
Admin
Do you know the BSOD screensaver? It actually runs through the complete crash sequence, including a simulated reboot. So it looks like your PC is constantly crashing and rebooting.
A former coworker once installed it on a production server and then went on holiday. Drove the operators nuts.
Admin
I once changed keys on friends keyboard from QWERTY setup to ABCDEF... First time he had to log in was tricky but he managed. Then I had to hide my keyboard for few weeks when leaving. He actually started to use such keyboard. The best look was people coming to him wanting to write something.
On other job we had a simple PutOneMilionFilesOnDesktop.bat :)
Admin
Back in the day, we were in a unix shop, with a few hundred unix desktops in use. One co-worker left his machine unlocked, and we did a quick rlogin from there to a random machine, where we installed a cronjob.
This ran every minute, and overwrote his .signature file with
"My name is Pierre, Lucky Pierre..."
Took him ages to find it.
Admin
[i]echo alias ls='ls ../' >> .bashrc[i]
More fun things to type in to an unattended shell include
echo "echo sleep >> ~/.bashrc" alias man="export PS1='Formatting man page. Please wait...'"
Admin
Admin
Hmm, the personal computer is kind of... "personal", wouldn't you agree? Doing something like this is not only actually damaging his property, it is also destroying any measure of trust that may have been there. If I had roomies who would do something like this... I would move out of the dorm, and sue them for damages. Yes you read that right.
Leaving a shell open is a mistake, but more or less destroying the installation as a response has nothing to do with humor. This is not a prank, but purely malicious. When someone forgets to lock his appartment do you go in, put his stuff on the sidewalk and pee on the floor? Or if it's a car, do you push it down a hill?
Admin
Admin
At my last job we didn't play any you-left-your-box-unlocked pranks, mainly because we all knew each others passwords in our office (this is what happens if you employ a bunch of good friends...).
What we did was "secure the workplaces" of someone if he was off for a few days. This could be wrapping the whole desk (including computer, screen, keyboard etc) in shrink-wrap, putting a box around the chair, putting up a 3-litres bottle of beer on the table an labelling it as "vacation stand-in" and the like. Nothing harmful, and always good for a laugh when returning. Actually, we started to look forward to what the others had done...
One time, though, a colleague left a root shell open and forgot to lock his box, and then went on lunch with us. Only to find 'rm -rf /' executed. To this day, we don't know who did this. The room was locked, and the whole departement was at lunch with us. God praise backup.
Another 'nice' (read: simple, but effective) thing to do is to set the default run level to 6 on linux boxes. ;)
Admin
And what about guys like me who wear both the programmer hat and the tech support hat? Although this:
is basically true of our office as well, except replace the keypad with a mag-card scanner.
Admin
My friends and I did something similar. The self-email was always from "The Eggplant Family", an homage to the head of the computer center, who for some reason acquired the name "The Eggplant".
Your university must have had smarter students than mine. There were quite a few people we got multiple times.
Admin
That's too easy. Create a few files by hand (with names like "Mr Anderson did you get my package.txt"). When the user starts deleting them, create a few more.
Admin
Strange. On my Dell here it's Alt-F4...
captcha: tastey.
Well at least a dictionary attack wouldn't break it...
Admin
An old favorite used to be to set impossible screen saver passwords (e.g. kjerbcadsj,csk) on machines that were left unlocked in PC Shops... wasn't evil enough to change the marquee text though. never hung around long enough to see the sales guys sweat during a cusotmer demo though (most shops no longer leave machines unlocked...)
Admin
Heres my story which I helped mastermind with a friend:
Working at a large military simulation company, there was an officer joker who bragged he knew all the tricks in the book, and would never be caught out. We shall call him Andy.
About a week previous, there was a problem with a virus which wrecked havoc on the network. It had been cleaned up by now, but we thought it would prove a plausible hook to stitch him up.
While he was away from his unlocked computer, we installed a VNC remote desktop client on his machine. Then sent him an email which we spoofed to look like IT support, saying they needed him to be present at his computer at a certain time so they could check some folders for remains of the virus.
He took it hook, line and sinker. At exactly the right time he showed up at his PC, unlocked his computer, and sat back to wait for IT support to get on with it.
At which point, I log in via the VNC server on my computer, and start checking around his system.
So far so good.
The key was, i knew where he had some 'dodgy' files stored on his harddrive, quite a few actually. mostly videos and pictures. After a while of looking in system folder, i jump to the other folders, and start opening up the pictures and playing videos.
At this point he starts going white as a sheet, with a look of disbelief on his face.
I then shut everything down, at which point my colleague sends an email to the tune of 'IT support found some very serious and offensive material which is in breach of your contract, expect a call from HR soon'
We then call him up (note: we're sat just behind him) and almost pass as a serious HR person before breaking down and laughing down the phone at him. At which point he finally clicks as to what we had done and goes balistic.
Needless to say, once he saw the funny side of it, he never uttered the words 'you'll never catch me out' again.
Top that!
Admin
Admin
On the pre-OSX Macs, you could simply open up the properties folder for any program/file and past a new icon onto it. An old standby trick was to go into the folder that held the contents of the Apple menu & copy the shutdown script to the desktop & then paste over the 'Apple HD' with something & rename it something else. You then reicon & rename the the shutdown script to 'Apple HD'. Any attempt to open the HD results in a nice clean shutdown.
Next on the fun list is replacing the 'happy mac' boot screen with the 'HD not found' error screen.
Admin
Yep, Sun Blade 100. The Real WTF was that they had 10 programmers doing heavy data processing on a Sun Fire 280 dual 500MHz server. It was not uncommon for a programmer to kick everyone else off so he could get some CPU time.
Admin
Sure it helps when you're way out of the way, but some places aren't. I work downtown in a major city. Our office building isn't open to the public in the sense that we have random people always coming in and out, but somehow, this guy walked past the security guard, up the elevators to the 8th floor, and followed someone through the mag-card scanner door, past the secretary's desk, and all the way to the other end of the floor before someone stopped and questioned him.
If you haven't yet, read "The Art of Deception" by Kevin Mitnick. Probably one of the best books out there for understand not only social engineering but how many people are way too trusting or not confident enough to ask questions.
My office is behind a mag-card as well, but I'm still not leaving my computer unlocked when I run off for a few minutes.
(As an aside, I don't think every situation is mandatory for locking a computer... if you and your buddies work in a secure location with only a handful of people in it and a secure door that no one knows the password to get through, then go ahead and not worry about it. There's a forensic office that only myself and two others have access to and we don't worry about leaving information out in the open in it. But when you can't be positive who might be able to come in and out, locking up sensitive data should be mandatory.)
captcha: ninjas (they'll get past the locked desktop anyways)
Admin
The image on this entry made me think of this:
captcha: sanitarium -- I guess that's appropriate for this place? :-)
Admin
That's nothing! I have a Logitech optical mouse that does exactly the same thing. it doesn't show on the process list and the only way to kill it is with a large, blunt instrument.
Admin
At my university, there were public access terminals connected to the campus mainframe. Several of these were in unsecured locations, so anyone walking in off the street could gain access to the computer system if someone forgot to log off. As such, it was against university policy, and you could get your account locked until you had a one-on-one visit with the sysadmin to get your account back. Your account was almost required to survive at the school, since it was a very technical school.
Some of the pranks for letting people know you were stupid were an email to a class or campus mailing list, or sending the dictionary to the sysadmin's console:
cat /usr/dict/words | write <sysadmin>
or if you wanted the user to have to get help from an operator to recover their account:
echo logout >> .login
or to just confuse people by keeping them from logging out:
echo rlogin '$host' >> .logout
Admin
At my university, there were public access terminals connected to the campus mainframe. Several of these were in unsecured locations, so anyone walking in off the street could gain access to the computer system if someone forgot to log off. As such, it was against university policy, and you could get your account locked until you had a one-on-one visit with the sysadmin to get your account back. Your account was almost required to survive at the school, since it was a very technical school.
Some of the pranks for letting people know you were stupid were an email to a class or campus mailing list, or sending the dictionary to the sysadmin's console:
cat /usr/dict/words | write <sysadmin>
or if you wanted the user to have to get help from an operator to recover their account:
echo logout >> .login
or to just confuse people by keeping them from logging out:
echo rlogin '$host' >> .logout
Admin
Still, that means quite a few people who had the really really crap version of Win 95 (pre USB support) for however long their install survived, which is quite scary...
Admin
After reading the comments on this story I have come to the conclusion that the real and most overwhelming reason to lock your computer when you're away is. . . to prevent your cow-orkers from messing with it.
Hmm, security experts do say that the most important security threats come from within an organization. This story and the associated comments only serve to prove that theory.
Admin
The MS screensaver has been around for ~8+ years. Microsoft bought the company that made it ~ 6 months ago.
Admin
My trick was to go to the display control panel and set the icon size to the maximum. This was great because in Windows XP, it goes up to a whopping 128 pixels...
Never did quite get it all the way back, but it was interesting to see his start menu suddenly have big icons and bumping the top of the screen.
More recent "tricks" was I'd get mail for them, then open a new email message saying "Mail" and an arrow pointing down. I then placed their mail on the bezel of the monitor.
Admin
Something I'm surprised nobody's mentioned as a reason to lock your workstation:
I worked at a consultancy for a few years where we would commonly be doing proposals for potential clients while using the same laptop at current client sites. I figured the reason we were so strict about locking is to protect our client's information.
I still don't know why it's a big deal in an ordinary department.