• am I frist? (unregistered)

    :D

  • zen (unregistered)

    rabbit thoughts?

  • ben (unregistered)

    Hare brained?

  • LCrawford (unregistered)

    Surely there was something else that gave them a leg up: the image file name contained some fragment of the LagomorphicCogitations.com name?

    A good thing that Johnny wasn't named John Smith - who probably has a guessable AD login at hundreds of companies [email protected].

  • Pjrz (unregistered)

    Occam's razor. Isn't it more likely an employee at Lagomorphic reads theDailyWTF and happened to come across the picture?

    (And thanks Ben for saying "Hare brained". I knew there was a pun there somewhere, but only got as far as "rabbit"!)

  • null null (unregistered)

    Must be a slow WTF day at TDWTF HQ

  • Whoever (unregistered)

    http://www.tdpri.com/attachments/reach-out-png.296338/

  • MiserableOldGit (unregistered) in reply to Pjrz

    Yeah, more than likely said employee forwarded it to a few friends for a laugh and eventually it spread to someone who showed it to someone who decided to do something. I'd say the thing about phishing is just a plausible excuse to get something they decided was mildly embarrassing taken down.

  • Chronomium (unregistered)

    Enjoy this article before the next audit comes through and it gets deleted. Then another article will show up detailing the WTF-ness of wanting to take down the first article, and the cycle continues...

  • troll (unregistered)

    This: https://img.thedailywtf.com/images/12/q3/e12/win-login-wtf.jpg

    was removed from here: https://thedailywtf.com/articles/Squared-Interior-Design

  • BernieTheBernie (unregistered)

    "remove a picture of a cute bunny, because it happens to be owned by an old employee and its name might be part of their password". I see. His password is CorrectBunnyBatteryStaple

  • operagost (unregistered)

    "Then he moved on to asking a Facebook group to remove a picture of a cute bunny, because it happens to be owned by an old employee and its name might be part of their password." There is a 100% chance this has already happened.

    Meanwhile, the CIO's password is "P@ssw0rd".

  • Chronomium (unregistered) in reply to troll

    There it is.

    https://en.wikipedia.org/wiki/Streisand_effect

    Kinda surprised it took this long, but it was probably a lot of effort.

  • Anon (unregistered)

    Pretty pointless article. You could have just deleted the picture and moved on.

  • Anon (unregistered) in reply to Anon

    Pretty pointless comment. You could have just closed the browser tab and moved on.

  • Nobody Important (unregistered)

    I'm still trying to figure out how someone's email address is a security risk. Are employees not allowed to send emails out of the organization, because the recipient would then have some "security-sensitive" information which they might use to hack into the company???

  • troll (unregistered) in reply to Chronomium

    No, it actually was roughly 60 seconds of google image search:

    site:thedailywtf.com windows login errord

    10th result for me

  • Alex Papadumbass (unregistered)

    Oh dear, we learn from history that we learn nothing from history! There's already a term to describe this kind of stupidity: Streisand Effect. 14 years later, we still don't learn and have thousands of examples.

  • null null (unregistered) in reply to Nobody Important

    It's the standard email address format that does it. Account enumeration allows to you spam phishing attempts. More targets from one company => more potential victims => more chances at infiltration.

  • Just a guest… (unregistered)

    So, instead of fixing an issue, they prefer removing a clue about it. Highly brilliant, we all know that it's not a bug, it's a feature!

  • Joe (unregistered) in reply to Nobody Important

    Didn't some Japanese corp use random emails for most workers other then people who need one EG sales?

  • Your Name (unregistered) in reply to Just a guest…

    How would you fix this issue?

  • Sam (unregistered)

    One look at the image and I think the company is huge and has a nickname synonymous with "key store"

  • Carl Witthoft (google) in reply to LCrawford

    Hah. We fooled you over here at nevermindtherealcompanyname.com . We use John.Smith@

  • SmellTheDespair (unregistered)

    Please take down this comment. It is a security violation and is embarrassing to the company:

    "as we are looking to limit our exposure of cooperate information."

    If you're going to be a large WTF-y corporation, at least learn how to spell "corporate."

  • JustSomeDudette (unregistered) in reply to troll

    "I'm still getting used to my new keyboard, and occasionally hit the '' and ENTER keys at the same time," writes 'someone now know as Johnny'. "I was pretty sure I had done this one morning when I logged in to Windows for the first time, however I got in okay and figured all was well...until I got back from a morning meeting, having locked my workstation. I was greeted with the usual login prompt (screenshot attached), but with '' appended to my username. I was forced to hard boot my machine since Windows doesn't allow you to edit your username on the locked-login screen." Text that went with the image.

  • Dan (unregistered) in reply to JustSomeDudette

    "Switch User" didn't work?

  • Brian Boorman (google) in reply to Sam

    My first impression for an AD domain labeled "LM" was Lockheed Martin...

    And there is a Michael Dowden from Pittsburgh (where I believe Remy is from) on LinkedIn, but the profile is visible to those already in his network. So I can't use that to verify...

    Addendum 2017-08-24 16:23: Oh duh. Lock Mart. Got it.

  • Brian Boorman (google) in reply to Brian Boorman

    Reading the comments of the original article leads one to believe it's actually Liberty Mutual. https://thedailywtf.com/articles/comments/squared-interior-design#comment-380904

  • Quite (unregistered)

    (coughStreisandEffectcough)

    There is a possibility that it was browsed to using the "random article" button by someone who worked at Ra***t Intelligence, who then, gurgling with delight, called all his colleagues over with a "Look what I just found on the net!" and one of those colleagues lacked a sense of proportion, let alone one of humour.

  • Howard Richards (google) in reply to troll

    And of course, a quick search on web archive and you get the original article and the image, unchanged and untouchable

    https://web.archive.org/web/20150120161925/http://thedailywtf.com/articles/Squared-Interior-Design

  • Scholr-R_LEA (unregistered) in reply to Alex Papadumbass

    Streisand Effect? You don't know Streisand Effect until you look at the responses some Steam 'game developers' gave to criticism (or in some cases, inadequately suffusive praise) and the way it rebounded on them. Look up 'Digital Homicide', 'FatFly', 'Dalas Reviews', or 'Cobra Studios' for a few hilarious (and/or cringe-worthy) examples.

  • Joseph Osako (google) in reply to Alex Papadumbass

    Streisand Effect? You don't know Streisand Effect until you look at the responses some Steam 'game developers' gave to criticism (or in some cases, inadequately suffusive praise) and the way it rebounded on them. Look up 'Digital Homicide', 'FatFly', 'Dalas Reviews', or 'Cobra Studios' for a few hilarious (and/or cringe-worthy) examples.

    Addendum 2017-08-25 16:35: OK, so that first one was submitted even though it looked like I was getting an error... WTF?

  • Dave (unregistered)

    Herbal Sipilis? Really?

  • Bunny (unregistered)

    So, did they ask LinkedIn to take down these 45'000 profiles yet?

  • James (unregistered) in reply to Just a guest…

    There isn't really an issue to fix. Did you not read the entire article?

  • Axel (unregistered)

    NOW we know Elmer Fudd's password:

    BunnyHunter2

Leave a comment on “The Security Audit”

Log In or post as a guest

Replying to comment #:

Log Out

« Return to Article