- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
This reminds me of the following quote (from Thief of Time by Terry Pratchett):
“Some humans would do anything to see if it was possible to do it. If you put a large switch in some cave somewhere, with a sign on it saying 'End-of-the-World Switch. PLEASE DO NOT TOUCH', the paint wouldn't even have time to dry.”
Admin
Well, while Jane was pretty dumb, the employees who opened the attachment were far dumber.
I mean, it's not like they could say 'I thought it would be OK', or 'I didn't know it was dangerous'
I think there should be a test before letting anyone use email or the Internet.
Something like a test email 'You have just won $50,000,000, press here to claim', with the button taking you straight to your termination notice.
Actually, that's not a bad idea for companies wanting to downsize - use 'gross stupidity' as the reason for firing them.
Admin
Things to do when I stop renting #235423
Admin
I would put the blame squarely on Joe himself. He should have removed the message from Jane's mailbox and made sure to submit a sample to their anti-malware vendor. Leaving live malware where your users can get to it is a recipe for (more) disaster.
Admin
That sounds like the story of how I acquired my chair.
Admin
I would've fired all the 50 of them.
It's 2013 people. Almost every business today has been running from a computer for at least 5 freaking years and you, as an employee, who sits all day long in front of that computer, your tool of the trade, still don't know that malware spreads by email and that you should not ever open an executable?
Bullshit, you're too dumb to work with a computer, assume it, let your seat be taken and go work somewhere your incompetence is not a risk, like flipping burgers.
Admin
TRWTF is waiting 13.2 minutes to steal her chair. Wait more than 5 minutes and that think might be gone already.
Admin
When I was just a lad, fucking around with Sub7 (you remember that delightful tool in the script kiddies box of tricks??) to see what it could do, I sent a school friend an email with some shitty flash game executable in it, into which the Sub7 server was hidden.
Accompanying this, I sent a mail saying "Absolutely do not open this file... it will compromise your computer and give me a back door to do absolutely anything I want with it. No seriously."
Literally 10 seconds later, "Ding" the server had contacted my IRC account to let me know that stupidity is alive and well, even in a school for apparently gifted kids.
As punishment I made all his video output go upside down.
Admin
Admin
Joe sounds like a moron for not configuring the mail sever anti-virus to remove any executable image attachment.
Admin
I can assume the ex-damager did have the option to send out the mail without the attachment. So the other question begging to be asked is why there wasn't a filter on attachments to not let exe, bat and other executable files through?
Admin
My thoughts exactly...
Admin
Too late; them burger flippers now also need to use computer cash registers; some even got them fancy computer clocks to tell when them burgers be ready.
And also, do you REALLY see zero risk in people, who can't pick up basic skills of their trade in a 10 year period, processing your FOOD?
Admin
Instead you could fire Joe for not installing a mail system that does not deliver .exe files in emails to the end user.
Or, if Joe requested such a system but didn't get the budget to install it, fire the bean counters who denied him the funds.
Firing the 50 is putting paint on the symptoms. Setting up your mail system so that the 50 can't do any harm any more is fixing the root cause.
Admin
"I wonder what happens when I press this button?" "Don't!" (presses it anyway) "Oh!" "What happened?" "A sign lit up saying 'please do not press this button again'"
Admin
Admin
TRWTF is that he was allowed to keep the chair.
Admin
"Please, after picking your nose and/or other orifices, wash your hands before handling food." Duh, wonder why? (pick, handle)
Admin
Filtering executable files is a great idea, but it should never be extension based. I can't tell you the number of times I've had to mail a batch or executable file to someone for legitimate purposes only to have it blocked. Invariably, you just rename it myexecutable.gif and state in the email to rename it. It's the ONE thing users seem to understand how to do.
Admin
Nothing special about the story, really. But I like the writing style.
Admin
To take a role of advocatus diaboli, the attachement might have been a PDF file attacking vulnerability in Acrobat Reader, or DOC file with macrovirus.
Admin
tl;dr: Joe likes Jane's chair. Jane gets herself fired, Joe steals the chair.
Good story.
Admin
myexecutable.exe.gif Why isn't this working? You told me we'd have this fixed an hour ago!
Admin
Nothing of this would have happened if they used Linux desktops. Plus, budget savings.
Captcha: distineo... if you use Windows, it's your destiny to get your computer loaded with crap until totally busted.
Admin
Admin
You would be surprised to see that, sometimes, they don't allow you to do it. It happened to me in the past: I configured the mail server to block all executable attachment, and a secretary (not in charge of anything) started shouting at me because "the emails were all broken". After hours of work, I realised that "emails broken" meant "all executables I send around are not going through". I checked with her manager why would they ever need to send such files, but they didn't come out with an answer. They just insisted to be allowed, as the secretary was becoming hysterical, screaming at the top of her voice.
At the end, I found out that the executables she absolutely needed to send were those idiotic PowerPoint slides with non-funny stuff.
Admin
Although it would probably be even better not to send the application by email at all, but instead to put it into an https-secured donwload area and then just send the link (for more security: just the name, keep the url a shared secret). After all, putting things into the cloud seems to be the thing to do these days :-)
Admin
Nothing at all would've happened if they'd used Linux desktops. No work, no email, no browsing, nothing.
You think people who are too dumb to know that executable email attachments shouldn't be opened would know how to use Linux for their day-to-day business needs?
You think an IT department who cannot configure their mailserver to filter executable attachments would be able to configure Linux desktops?
INB4 ERMAGERD UBUNTU IS TEH EAZIEST LINUX FAR EAZIER THAN WINDOZE!
Admin
I endorse this message.
Admin
What is the WTF here?? Some people are clueless, but that is a given. However, the world actually seemed to function the way I always dream it should... the person responsible for a spectacularly dumb act, lost their job in the end. And a high level manager no less. I kept waiting for the punchline to be 'and then he got fired by the manager because his security practices clearly were to blame for her being a clueless dumb*ss'.
Admin
TRWTF is someone in IT getting a good chair. Most of the chairs in our area seem to have been scavenged from what other departments have discarded; some of them actively try to throw their occupants. Client-facing departments, on the other hand, get the nice chairs.
Admin
TRWTF? This story has a happy ending! WTF stories should nearly never have happy endings! Grumble, grumble.
Admin
I don't see why desktops like Ubuntu aren't possible.
Admin
A cousin of mine got badly burnt while flipping burgers. Well to be honest, I believe it was from the fryer machine.
Every job is a risk.
Admin
Yeah, except using Linux would've killed all the productivity instantaneously.
Admin
It's because Quanta is throwing around red herrings and will probably move the goal posts. Windows 8 is already hugely different than Windows 7. The differences UI differences between it and Windows 7 are much greater than the UI differences between Windows 7 and Ubuntu 12.04.
Admin
The start menu is full screen now. People jump on the "We hate Windows 8" bandwagon so quickly these days that it's really boring. The problems with 8 are usually dumbasses that don't care to learn something very mildly new.
Admin
Admin
Not since Windows XP decided to hide extensions for known filetypes by default. Myexecutable.gif is no good, since all the naive user will see in Windows Explorer is myexecutable; use myexecutable.exe.renamed instead, or double-zip it with a password on the inner zip envelope so that scanners can't see there's a .exe inside.
Admin
All the rest you can ignore and happily enjoy the improved boot times and built-in hyper-V
(I hate in fact every single Windows start menu I have ever seen. I'll probably end up writing my own and make it open source, just like it would happen in Linux land)
Admin
Admin
At least Jane thought she was being helpful by warning others about something she herself already fell for. Which also probably means she really did listen to what Joe was telling her.
Admin
So which one is it?
Admin
The Real WTF is that the security director didn't run a false flag operation (intentionally sending a suspicious email) to remind people about the corporate security rules. Then again I've worked in companies where semi-anually "incompetence firings" are common and you get a little bit more on your raise the next year when you report the suspicious false flag .
Admin
Around 2008, due to the recession (which in my state had already been going on for ~20 years), I decided to go back to college. Desperate for cash, I spent a summer working at Wendy's, the only place that would even consider hiring me due to my BS in CS.
On a side note, Wendy's food really stands out compared to other large fast-food franchises. The only (fast food) burgers I would even consider are Culver's and Wendy's.
I was the grill guy, though technically I wasn't flipping burgers (the burgers had a two-sided grill). But I did flip the chicken. :)
Anyway, one day our register system went down with a .NET exception! Apparently, they were running some funky WinForms-on-embedded-.NET for their touchscreen registers. The manager acted like that happens all the time, wrote down the call stack, and called them up. It was a basic NullReferenceException right at startup, so I also suggested that they should do unit testing (or any testing, really) before a rollout.
Admin
Reminds me of Southwest's Pink Slip Virus commercial
Admin
There is only one WTF in this story, and that is Joe and his team being stupid enough to tell people not to open suspicious attachments. If the users could identify the attachment as suspicious they would never open it in the first place.
Only advice you can give is to just tell to not open any attachments from anyone, better yet, just remove them from the email on the server.
Admin
Admin
In my day-to-day use of Windows 8, it operates essentially identically to Windows 7. That's for my use cases and others would see a much larger difference -- but everyone will see a difference vs Ubuntu.
Admin
Um, yeah. That's where the money is. People who have the brains and the sense to get something real done aren't using Windows*, so Microsoft doesn't market to them.
*voluntarily, at least.