- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
How many computers does this company have anyway? Handling passwords this way is stupid no matter what, but manually installing systems (which, by the way, would be possible with just an administrator login) is probably cheaper when you're only managing a handfull of computers.
Admin
Admin
In the mid-90s I worked for a large database company (they are still around - they are not quite as large any more - that should give you some hints to ponder). At one point the HR sub-department in charge of keeping everyone's travel info on file sent out a company-wide email saying "If you have any changes to make in your travel profile, please send them to us." And you guessed it - lots of people (mostly sales, what can you say) sent out reply-alls to thousands of people giving out credit card numbers, frequent flyer numbers, address changes and so on. The traffic went on for almost two days, even with pleas to stop (including a classic where someone inadvertently replied-all to an email asking them to no longer reply-all).
Admin
Why would that be inadvertent? It's worth it for someone to reply to everyone and just say SHUT UP AND QUIT REPLYING TO ALL! It notifies everyone on the list to stop replying to all from then on.
Of course if they made that mistake in the first place, they probably wouldn't understand the explanation of what they are doing wrong.
Admin
Reminds me of our old sysadmin. He had a list of almost everyone in the company's passwords, printed out, hanging on the wall of his cube. He had administrator access to every system in the building, why he wanted everyone's other passwords is beyond me. All I know is that he never knew mine, since they give us local system administration permissions so we can install software, etc. (we're solutions consultants who need that to work in other locations and install or use tools on the fly that we need)
Captcha: craaazy
Need I say more?
Admin
I don't think their computers are networked together at all; at least not permanently. That would make too much sense!
I think they keep them separated to ensure that the "Skynet Scenario" never happens. Or maybe something like Battlestar G on SciFi. You know, networking the subsystems only for powerful, focused calculations but keeping them separated most of the time to block viruses from completely taking over of all systems and making us watch Three's Company reruns on all monitors, all day, every day!
We are Sooooo in the dark ages, aren't we?
Captha ith "slashbot" - Isn't that the lil yellow smiley that slashes, uhh rolls back, all of those prices at your local S-mart?
Admin
So I can only assume these horrible circumstances are all true at this company:
The network admin(s), their boss, and everyone involved is a complete moron.
The network has no central domain, thus no common domain admin. Workgroup?
All users are admins on their own box. (ok, not uncommon for a development group, but everyone? Managers, secretaries, etc?)
So how does this kind of thing happen? My guess:
Shoot them, shoot them all now... -Me
Admin
If this is real (and I still can't believe it) then we finally know the company where Dilbert works.
Admin
This isn't as bad as a company I worked for. They had a publicly well-known username without a password (everybody used it to login to the fileserver in the morning!) that had full read and quite a bit of write access to the file server.
According to the network admin it had to have a lot of privileges because the managers and upper management used the account for storing their data. I guess it didn't occur to him that lowly workers would also have the same amount of access. Keep in mind that this was a company of over 200 employees where most of the employees were $7/hr scum hired to do phone surveys.
The worst part about it all is that I was in charge of fixing their security so they could comply with the Gramm-Leach-Bliley act (one of their new clients was a large bank). During the pre-audit the network administrator said they had an intrusion detection system. I don't think he knew what an IDS was because he said that their Novell server would send an alert when someone typed in a password wrong and detect an "intrusion". =/
Those were the days...
Admin
Has anyone been kind enough to point out this site and this article to that company? Please do so!
Admin
I had a response to this but I'm too busy laughing to share it. I'm met admins almost this incompetent, but not quite.
Admin
That's the price for hiring Minesweeper Consultants and Solitaire Experts to administrate a company network.
Admin
Come on, everybody knows that TS = Tethered Swimming!
Admin
this assumes you CAN change your own password - remember the previus post was to the company asking them to send their NEW password to this cown to sit there all day entering the new passwords ..... so he has lost the list of everyones passwords, or maybe the yellow note on the monitor is just too small for everyone passwords .... :-)