• (nodebb)

    Wasn't this Stacey was it?: http://publicemailrecords.com/email_search?id=FG4WJUk$I1FH:m:FxJhMtw&state_abr=IL&from_state=true

    Email address looks remarkably similar....

  • Pete (unregistered)

    TRWTFs:

    1. Group policy allowing her to turn off anti-virus
    2. Allowing her to put limitless amounts of backups onto an important server

    Neither of which are Stacy's fault.

  • Quite (unregistered)

    TRWTF is the company not setting up a job to automatically perform her backups for her. I haven't done a backup in years. IT handle all that.

    Except at home, where I've set up a task to do the backup weekly, during the night sometime when I'm usually asleep.

    Whoever doesn't do something similar is a little silly.

  • Quite (unregistered)

    Incidentally, is anyone put in mind of John Cougar Mellencamp and/or Journey?

  • Roman (unregistered)

    TRWTF is the stupidity of the IT department.

    Put "little black things" on everyone's desk, brief people with instructions and forgot it (ie do not check ever again)?

    This is company wide "backup solution"? LOL!

  • Robin Bobcat (unregistered) in reply to Quite

    Until you find out that oops, IT has been somehow saving a blank file every week... When it comes to redundancy, multiple methods are a fine thing. Just in case.

  • Robin Bobcat (unregistered) in reply to Pete

    3: Being able to receive, open, and install attachments from an unknown/untrusted source. 4: Teaching her how to shut off antivirus without teaching her to heed its alerts. 5: Basic Internet Safety 101: the attachment is not your friend.

  • Quite (unregistered) in reply to Robin Bobcat

    6: Company policy allowing staff to play on Facebook when they should be doing work. OTOH I suppose it's the modern equivalent of the cliche of the secretary who spends her whole day filing her nails. "Sorry, but I thought you asked me to do some filing."

  • IP_Guru (unregistered)

    Even worse if the backup directory is permanently mounted on her PC the next time she gets a crypto virus it will encrypt all the backups as well. (happened to a friend of mine, fortunately that was not his only backup)

  • mkl (unregistered) in reply to Quite
    1. Not pulling backups from the machines in background/after work hours and forcing users to push backups instead.

    If users can access the remote backup from their regular user accounts, usually any malware they run can too.

  • (nodebb)
    1. Relying on desktop anti-virus to block email viruses.
  • RichP (unregistered)
    1. Group policy allowing her to turn off anti-virus
    2. Allowing her to put limitless amounts of backups onto an important server

    Until next week when it's :

    1. Overly restrictive group policies that prevent "real work" from being done, come on, just train your users, don't treat them like morons and spend all day trying to protect them from themselves!
    2. Unnecessarily strict quotas on network folders. Hey, disk space is cheap, just add more hard drives!

    Ugh.. I work with Stacey, only mine is a dude and a company owner.

  • Jester (unregistered)

    Where I work, turning off the antivirus is a disciplinary offence. A pity it's Kaspersky...

  • Peter (unregistered)

    Oooh. I'm disappointed. I had hoped that that was the story how Stacy and John met, hooked up and lived together happily ever after.

  • Sandman (unregistered)

    I'm surprised nobody called out the fact that the email said "FACBOOK". THAT should've been the first clue.

  • (nodebb)

    About time to introduce SAD - Secretary Appreciation Day - if it doesn't exist already for more than 100 years.

  • (nodebb) in reply to RichP

    Unnecessarily strict quotas on network folders. Hey, disk space is cheap, just add more hard drives!

    That requires a backup system that has a bit more common sense than a common housefly.

    There is some Microsoft process making shadow copies or so running on my machine that hogs up an entire disk partition within a few weeks, regardless of my settings telling it not to use more than a bit less than half of the volume's size.

  • (nodebb) in reply to PWolff

    ... And then just stops to make any more copies without any perceivable notification whatever instead of discarding the oldest one(s) as I've explicitly told it to do.

  • Bb (unregistered)

    "And that's the story of how Stacy brought down the website by filling the content server with 6 terabytes of backups."

    Well done. slow clap

  • AP (unregistered)

    "Stacy was a secretary. "

    -- the moment I realized that this was going to be a "secretarys is stoopid" article.

  • Carl Witthoft (google)

    "This is a story^H^H^H^H ditty about Stacy^H^H^H^HJack and John^H^H^H^HDiane..."

  • trolling (unregistered)

    6TB!? Stacy is a very large downloader of porn! :troll:

    Filed Under: Isn't porn the usual reason server drives are filled.

  • Dan Mercer (unregistered)

    20 years ago the company I worked for had a project at a fortune 50 firm. People did their own backups which led to some people just lazily copying the entire C: drive. My buddy the sysadmin spent every morning just going through the backups and clearing space. One day he was surprised to see a huge file usage for one of our most experienced users. He was one of the two guys I used for Beta Tests. So he started poking around the files and saw they were all image files. Then he got a huge shock when he opened them and found they were kiddie porn - really nasty stuff. Calls were made, FBI guys arrived, an arrest was made and the guy was frog marched out of the building.
    Then the other shoe dropped - he'd gotten the files from the company's Usenet feed. I had tried telling them allowing the alt groups in was a big mistake but no one listened. They had been dragging their feet for years on getting a firewall for the network - all their projects were like that, they never would settle on a technology, they'd always try to get the best technology - a difficult task when tech is changing so quickly. Should have taken the advice of the old general: "A good plan violently executed now is better than a perfect plan executed next week." - George S. Patton .

  • JimTonic (unregistered) in reply to trolling

    As uncle Bill once said: "640 KB should be enough for anybody!"

  • Herby (unregistered)

    Mail from Facebook... Well I got a mail from Facebook to an email address on my domain name. Seems that somebody used the email address for their Facebook account. Groan, do I have to do this again? This time I took action. Go to Facebook and ask for a password reset, they dutifully send me (on the aforementioned email address) a reset code, and I get into the account. First matter of business is that Facebook wants a new password, and I happily oblige. Then the fun begins. I post a few messages about going away, and change the language to English while I'm at it (thankfully I have a little knowledge of Spanish to find the proper menu items). Then it is time for FRIENDS. Lots of FRIENDS. For about 30 minutes I click on friend invite buttons. Must have been hundreds of them. Friends and more friends. Friends of friends of friends. That lasted until Facebook wanted to "verify" me with a phone number. Then I decided to call it quits. I consigned the email address to the discard pile and called it a day. My hope is that the person who set the thing up learned a lesson. Use your proper email address next time. I don't know how the friends turned out, but there were a LOT of then in several languages and scripts. What fun.

  • LH (unregistered)

    Stacy looks like a nice person. Uneducated on the perils of the net, perhaps, but not stupid by any means.

    Loose IT practices hardly a WTF made. Business do their best within their class. Shit happens, sometimes.

  • (nodebb)

    So we trained the monkeys to autohack the system?

  • Excellent story! (unregistered)

    Well-played with that last line. Oh, very well played indeed! One of the best-written stories I've seen on here in months, in fact... kudos.

  • Erik (unregistered) in reply to Robin Bobcat

    Heh. You're not supposed to have a backup strategy. You're supposed to have a RESTORE strategy.

    Put a reminder in your calendar at a regular interval to restore (some of) your files to some secondary location and do a diff on the originals to check that the backup is correct.

    I'm certain you could automate this as well when talking about a company wide solution.

  • Quite (unregistered) in reply to Carl Witthoft

    Yeah, that's what I said.

  • poniponiponi (unregistered)

    And now we see the side effects of letting people used to tablets and phones and other such Fisher Price toys onto real computers.

    After 20 years of trying to hammer at least a shred of tech literacy into people's brains, we've thrown up our hands and given them facebook appliances with shiny gems and bouncing birds and huge buttons with pictures on them.

  • AstorLights (google)

    Finally a funny article with a twist at the end :D Good one!

  • Jester (unregistered) in reply to Dan Mercer

    Nothing wrong with allowing the alt groups. What you shouldn't allow is the alt.binaries groups...

  • Joe (unregistered) in reply to Jester

    usenet is dead now days

  • (nodebb) in reply to Joe

    And it's dead because of this very problem. Verizon dropped the alt groups under pressure from the feds. Once Verizon no longer carried it, it was the death rattle for Usenet.

  • Niranjan Raju (unregistered)

    Epic. More or less predictable till the last line. LOL.

  • Andrew (unregistered) in reply to Pete
    1. IT not setting up automatic backups
  • ΕΨΗΕΛΩΝ (unregistered)

    TRWTF her boss yelling at the technicians instead of the person that:

    1. Used work PC for personal stuff
    2. Tried to open a suspicious attachment
    3. Put entire company at risk
  • Gechurch (unregistered) in reply to ΕΨΗΕΛΩΝ

    Interesting take on this. I can't say that I agree. Secretaries are meant to have good organisational skills, good interpersonal skills, good phone manners etc. A good secretary will also know how to use IT as it applies to their job: typing Word documents, replying to and filing away emails, and creating calendar events.

    IT staff are meant to implement strategies and technologies to keep company data safe. There are so many things that any IT staff member worth their salt would have done that would have stopped this from being the problem it was:

    • Implement a decent anti-spam system so the phishing/virus email never reached the secretary
    • Locked down the anti-virus system so it can't be turned off by non-IT staff
    • Set up folder redirection so all important company data is stored on servers that are properly backed up; or,
    • Implement an automatic backup system on the local PC, and have email alerts so you know if it fails

    There are more, but the above I would consider rudimentary. And all of them could have been implemented in an afternoon.

    It seems John's entire security policy is 'require staff not to fall for phishing scams or ever get viruses' and his entire backup strategy was 'require staff to take manual backups, and don't ever check to see if they're happening'. This is inexcusable in my opinion.

  • GorGutz 'Ead 'Unta (unregistered)

    People who disable their anti-virus because an email told them to download something deserve to have their internet privileges taken away. It's the digital equivalent of eating candy somebody mailed you.

  • isthisunique (unregistered)

    I've seen this happen before but what was worse is that it coursed though one of the mounted share directories. Someone managed to catch it early so the damage was limited. Still backups were absolute chaos so I have no idea if they ever restored everything that had been encrypted before it was stopped.

    It's a real problem and a new threat for up and coming small to medium businesses. If IT infrastructure is not set up properly such an incident can bring down an entire business or set it back months.

    You can never entirely rely on anti-virus software so a good backup solution is an absolute must.

  • Andreas (google) in reply to Pete

    Windows Backup doesn't know about "generations" or "rotation" or "deduplication" any of the fancy stuff. Windows Backup will gladly eat up all your diskspace. Even on an SAMBA-share.

    (As happenend here with a single secretary PC for all of the articles reasons. The backup-server had a 10TB RAID attached. Was full in 6 months. At least you don't have to delete the Backups through the WIndows-GUI, but can just delete the backup-sets, or you'd take 2 weeks to delete 9 TB of (redundant) backups)

  • anonymous (unregistered) in reply to trolling

    The backup growing to 6TB is no surprise, seeing how the IT doesn't seem to be doing a good job at, well, IT. Probably no differential backups, or mechanism to rotate daily, weekly, monthly.

    Also, why is the storage server for the website also the storage server for the backups? That leads to a follow up question: Where do they back up their website data? Or will we read about that in a later dailywtf ;)

  • Arle (unregistered) in reply to Peter

    Me too! :)

  • Anonymous (unregistered)

    People who disable their anti-virus because an email told them to download something deserve to have their internet privileges taken away. It's the digital equivalent of eating candy somebody mailed you.

    Just mail them brownies with laxatives in them. That sort of person would probably eat them.

Leave a comment on “Indomitable Stupidity”

Log In or post as a guest

Replying to comment #:

« Return to Article