back to article Idle Computer Science skills are the Devil's playthings

Ah, the sweet, sweet smell of Monday. What better way to start your week than combining it with the latest confession of wrongdoing from The Register readership in the form of our weekly Who, Me? column. Today's blast from the past comes from a somewhat unrepentant reader we shall refer to as "Charles". Take yourself back to …

  1. My-Handle

    Hire immediately

    But give him plenty of work to do and keep a close eye on him.

    I'm always happy to work with someone who can learn of their own accord, even better if they learn for learning's sake. And, to paraphrase Nanny Ogg, it's better having them inside pissing out than outside pissing in :)

    1. sorry, what?
      Stop

      Re: Hire immediately

      I recall one of my fellow graduate intake starters doing the same on a company DEC 10 during the lunch break on our second day of training, having just started work, and running it up on every terminal in the terminal room. He was caught. They fired him on the spot.

      So, "hire immediately" as long as the developer doesn't continue to do that sort of thing post-hiring!

    2. phuzz Silver badge

      Re: Hire immediately

      I was looking for the option of "hire them, and then make them clean up the mess they just caused".

      1. Antron Argaiv Silver badge
        Devil

        Re: Hire immediately

        Don't necessarily hire them, but assign Charles as an unpaid assistant to the BOFH.

        Those cables ain't gonna pull themselves under the raised floor.

        If he keeps his nose clean until he graduates, ask the BOFH if he should be hired.

      2. Martin-73 Silver badge

        Re: Hire immediately

        AOL!

    3. This post has been deleted by its author

    4. amanfromMars 1 Silver badge

      Re: Hire immediately

      The problem presently, and it is an abiding enigma and expanding conundrum which shows no signs of being able to be commanded and controlled, is that a failure by that and those most vulnerable to catastrophic loss of a failed and increasingly revealing remote narrative control to hire and/or pay an exceedingly generously danegeld sum to that and/or those able to easily disrupt and/or destroy bigger picture stories [and upon which all realities depend upon for their survival in an ignorant and unquestioning belief system/early primitive preprogramming of live assets/liabilities?:-)] ...... in order to immediately compensate one for a certain loss of future earnings even if one chooses to play nicely to the tune of others with an engaging and acceptable revised narrative program, is a natural viable and valuable available option?

      Quite whether nowadays, whenever so much is so easily disrupted and/or destroyed and/or held to ransom because of increasingly obvious catastrophic exploitable intelligence/program/OS vulnerabilities, one would choose not to do anything further in the field and just enjoy the fruits of one's danegeld labour in a system so comprehensively compromised, is an interesting question to consider before not answering.

      "Whoever controls the media, controls the mind" …. Jim Morrison

      “The most dangerous man, to any government, is the man who is able to think things out for himself… Almost inevitably, he comes to the conclusion that the government he lives under is dishonest, insane, and intolerable.” —H.L. Mencken, American journalist

      1. Sir Runcible Spoon Silver badge

        Re: Hire immediately

        "an interesting question to consider before not answering"

        Quite.

      2. Ugotta B. Kiddingme

        Re: Hire immediately

        Oh dear. I actually understood that. Either amanfrommars is a bit more lucid than usual or the white coated, benevolently smiling lads with that lovely padded room are already on their way for me.

        1. Cxwf

          Re: Hire immediately

          I’ve got a problem. I find this one ALMOST comprehensible, but not quite. So do I struggle to make sense of it and risk wasting my time? Or follow my usual policy of skipping his posts completely, and risk missing the most insightful post he’s ever made?

          1. Sir Runcible Spoon Silver badge

            Re: Hire immediately

            To be fair they're all pretty well thought out and to the point. It just takes a certain mental approach to decipher :)

            1. Vincent Ballard

              Re: Hire immediately

              Where by "mental approach" you mean "consumption of psychoactive drugs"?

              1. Sir Runcible Spoon Silver badge

                Re: Hire immediately

                "Where by "mental approach" you mean "consumption of psychoactive drugs"?"

                Only to get you started :P

                1. Martin-73 Silver badge

                  Re: Hire immediately

                  Consumption of 2 things made this a thumbs up post for me. Ethyl Alcohol, and a thesaurus

            2. cream wobbly

              Re: Hire immediately

              Mental? I'm completely off my rocker and I didn't get it.

          2. Jonathan Richards 1

            Martian meanderings

            Once in a while, I punt my theory that the logorrheic martian is somebody's prose generator script, maybe with its output lightly polished by an evolved primate. I've certainly seen prose generators that produce results with similar comprehensibility.

    5. Phil O'Sophical Silver badge

      Re: Hire immediately

      We had students like Charlie. The ones who phoned the computer centre and owned up were thanked, told not to do it again, and the underlying bug was fixed. The ones who ran away leaving someone else to clean up the mess were hunted down and had a very painful interview with the CC director. They also usually got a ban for some weeks or months.

      1. hmv Silver badge

        Re: Hire immediately

        I was going to say - there isn't a choice on the list that reflects what would happen in Academentia in the 1990s. A ban for a few weeks, or a 'quiet chat' (I once had once of those with Swansea University's BOFH - nothing malicious; just an accidental fork bomb).

        1. Anonymous Coward
          Anonymous Coward

          Re: Hire immediately

          Well, I actually managed to take down the entire support desk* of a major ISP back in the 90's.

          Myself and a colleague were attempting to test a customer line (2mbps!!) and our ping tests from our BSD laptops weren't really doing the job.

          So, we decided to run a little script to do the job for us, and every iteration spawned another process to, well, help out with the chores so to speak.

          *Everything was going splendidly for us, but it became apparent from the cries of consternation around us that something was amiss. By the time the in-house support trotted along to 'fix' the local switches we had definitely decided that we might have possibly had something to do with the disruption.

          In an amazing turn of co-incidence, the moment we stopped the scripts running the network appeared to 'resolve' its little tantrum and all was well. We kept our heads down and got on with our work, checking the 5 minute line stats on the customers router for one thing :)

          About an hour later I got a call from the senior network god who offered me an opportunity to 'learn how to soak-test a customer connection without taking down the entire network'. Training subsequently given and ne'er a bad word was said.

          Needless to say we learnt our lesson(s) and were a *lot* more careful after that. Ah...them's were the days.

          1. Down not across

            Re: Hire immediately

            About an hour later I got a call from the senior network god who offered me an opportunity to 'learn how to soak-test a customer connection without taking down the entire network'. Training subsequently given and ne'er a bad word was said.

            That reminds me of some network chaps, while troubleshooting issues, made the mistake of debug all ...

            .. on a core router.

            Powerful learning experience that is, and hence I don't recall anyone doing it twice. The more surprising thing is that even with the stories, it did happen more than once.

            1. Killfalcon Silver badge

              Re: Hire immediately

              "debug all ...

              .. on a core router."

              What would that do? Log every action taken for every packet through the router? That sounds like a bad time for all concerned.

              Back when I did tech support for actuaries, I ended up doing a league table for largest log file. Nobody got past 50 million rows, but I had to write a custom file parser to find out what the guy who got to 48million had even done...

              1. Down not across

                Re: Hire immediately

                "debug all ...

                .. on a core router."

                What would that do? Log every action taken for every packet through the router? That sounds like a bad time for all concerned.

                It would attempt to display debug information on everything. In most cases it will peg the cpu and the router will become unresponsive and only recoverable by powercycling it which is not what you want at an ISP.

                The only use for debug all without further specification what you want to debug (say an interface for example) is when you've been debugging various things and want to turn all debugging off with no debug all.

                1. Sir Runcible Spoon Silver badge

                  Re: Hire immediately

                  It *is* possible to run the command to turn it off, but you have to make sure you make no typo's and have a lot of patience (assuming you are already logged in of course)

                  1. stiine Silver badge
                    Facepalm

                    Re: Hire immediately

                    Been there. Done that.

                    I think it took 30 minutes for the console to catch up and let us know that the device was still operating...

                    Like was said above: Never again.

          2. Louis Schreurs Bronze badge

            (2mbps!!)

            Never came across a network definition of 0.002 bit per second.

            1. Anonymous Coward
              Anonymous Coward

              Re: (2mbps!!)

              That's about right for some bits of rural Aberdeenshire...

              1. ricardian

                Re: (2mbps!!)

                And most of Orkney's North Isles (Westray, Stronsay, Sanday, Eday, North Ronaldsay)

        2. Anonymous Coward
          Anonymous Coward

          Re: Hire immediately

          Swansea University was where I wrote my first screen-scraper in 6502 assembler (they used BBC Model Bs as terminals for the Prime) to get the logon details for anyone who used that machine.

          I had a "well done, don't do it again" chat that I still remember fondly.

          1. hmv Silver badge

            Re: Hire immediately

            Oh! That was you was it?

            Sounds like a year or two before me. The Prime was in it's last year of life in my first year. Waiting 20m for a 5-line Pascal program to compile :(

          2. big_D Silver badge

            Re: Hire immediately

            I got one of those chats, although it wasn't my fault.

            Another student had sabotaged my mates program and they had a small fisticuffs sessions in the corridor. As a witness, I had to join my mate in the professor's office for a "chat", which involved the prof saying the other student was a git, here, want a fag and a glass of scotch?

        3. StargateSg7 Bronze badge

          Re: Hire immediately

          Today in America (depending upon the state!), it would a FELONY abuse of computer systems, and if you're a LUCKY bastard of a student, the judge will only give you 3 to 6 months in the County Jail, a $10,000 (7000 Euros) fine and cell where Billy, Bubba, Carlos AND the GUARDS will probably have their way with you since county jails are usually far less controlled than the state or federal prison system. Afterwards, you get 1 to 2 years probation which has LOTS of restrictions on what you can do and which places you can goto! Screw that up and they send you back again for 1 to 3 years in the steel barred pokey!

          If you're the UNLUCKY BASTARD with an ornery judge AND/OR if that computer system was doing FEDERAL work (i.e. funded by or doing computing for a federal agency), then your arse is in the kablooie! They fine ya $250,000 US (around 175000 Euros!), and send you to a federal lockup for between 5 to 25 years and you serve the ENTIRE sentence because there is no parole in the Federal system. THEN you get 5 to 10 years probation afterwards AND if you screw that up you go back again and LIKELY get a 2nd Strike and Your Out Sentence (i.e. Life! - you only leave in a pine box!)

          In America, you can kill someone and still get only 15 years in the hard-time pokey. Screw up a database system across state lines or at a federal agency, and it could be a 25-to-LIFE SENTENCE for you! And since they TEND to send you to a Max or even Super-Max Penn for computer abuse, you get put in with the big time killers and armed robbery felons, dealing with fellow prisoners where every square inch of their face is tattooed and they tend to be 180cm+ tall and weigh 100 kg+.

          Since MOST techie/nerds are slight in stature, YOU BETTER HOPE you don't get put into general population, cuz your rear end is gonna be all raw, red and bleeding after the first day and the next and the next until the end of your sentence OR until ya finally hang yourself in your cell!

          .

          1. Louis Schreurs Bronze badge

            Caps

            Sure your post would be a nice read, but bit doubting ‘cause downvotes, but that use of caps made me skip and post this comment.

            1. Michael Wojcik Silver badge

              Re: Caps

              SSg7 is ONE of our resident KOOKS, of the variety ADDICTED to random BLOCK capitals. Skipping SSg7's posts USUALLY means nothing more than missing A BIT of entertainment.

              1. Martin-73 Silver badge

                Re: Caps

                It actually made sense and was reasonably accurate. But made me nervous as to which side of the argument he was on

      2. doublelayer Silver badge

        Re: Hire immediately

        I'm inclined to be sympathetic and go with the hire option. The type of person who tries something like this and ends up breaking the system as a result is usually the type of curious person who will figure out how everything works and use that knowledge for good. However, I don't think I can do that because of two major problems:

        The first problem is that he knew what would happen. If he ran his initial directory bomb long enough that he couldn't recover, that would be just fine and I'd think he should be hired. But he already knew that running this wouldn't help anything and wouldn't be self-limiting. Running it in parallel didn't really produce anything different--it just increased the amount of work needed to clear it up. That doesn't sound like curiosity to me. It sounds like pointless disruption.

        The second point has already been made, which is that I'm a lot more likely to consider someone nicely when they've confessed. I've dealt with plenty of people who have done a lot of damage, realized that, and contacted me to give me all the information they have that will help me fix it. I really respect those people; I know that, if we have a problem later when we're working together, they won't hide things from me and they're not going to have some problem letting me help out. By extension, anyone who doesn't confess and leaves me to discover, diagnose, and clear up their problem after they've just left it there is going to find themselves lower on my to-be-hired list than anyone who has confessed or hasn't caused me a problem.

    6. Anonymous Coward
      Anonymous Coward

      Re: Hire immediately

      I learned shell script and wrote a login emulator at my first university, while doing a non CS degree, and they weren't very impressed, to say the least. But it did make me realise I was studying the wrong subject, and give me the opportunity to do computer science at a much better university.

      1. spodula

        Re: Hire immediately

        Yeah, i did that as well on our Uni vax. Thaught i was so clever at the time. (Obviously I wasnt).

        Fotunately (for me), i didnt actually deploy it. I suspect that would have been last-straw territory.

        I think i was on a list of troublemakers, as i was smart enough to cause problems, but not smart enough to be any good at it, and the Vax Sysasmin at BIHE really knew his stuff.

        Other things i managed was writing scripts with busy-wait loops (inadvertently), doing strange things with directories, and logging on someone who was banned for doing nothing but playing MUDs all day as well as lots of things i dont want to admit.

        Saying that, i did teach myself C and C++ and write a chess program in DCL on that box as well.

        Frankly, looking back at it, as i wasnt even a computer science student (Electronic Engineering), i was suprised i wasnt just kicked off it.

        1. Dr Dan Holdsworth
          Black Helicopters

          Re: Hire immediately

          To be honest, the list of potential trouble-makers was probably an informal one compiled by the local technicians very early in an undergraduate's career at a university. At the time I was at university in the early nineties, universities were not engaged in the current "bums on seats" education method and could thus afford to be choosy with their students.

          Thus on the biological sciences course I was on, dissection practicals were introduced fairly early on, the better to identify and get rid of those nitwits who signed up to a zoology course without being prepared to work with dead animals (later on, when "Bums on Seats" was an overt policy, I did hear of zoology students objecting to being told to do dissections, and asking if instead someone else could do the actual dissection whilst they took notes. To his credit, the head of zoology simply said "No, do the practical or not, and if you don't you don't get a mark for it").

          The duffers, the stupid, the incautious around sharp blades and hot things were rapidly identified in those early practicals and the informal list made up; subsequently this would determine career pathways for many an undergraduate.

        2. big_D Silver badge

          Re: Hire immediately

          A mate was an op at Plessey on the night shift. He was bored.

          He wrote a space invaders on the VAX in DLC, using a spawned process for each sprite and the main routine killing the processes as the sprites got hit.

          That was harmless. What wasn't so harmless was another night op getting bored (what is it with night shift and boredom?), he ended up playing Essex MUD, using the modem over the PSS network... That was costly, back then, on its own. Only he was playing a complete team and had 6 sessions going.

          Luckily he was good friends with the person responsible for the telephone bill, who managed to spread the 3 figure cost across various projects. Slapped wrist and told not to do it again!

          1. ICPurvis47 Bronze badge
            Boffin

            Re: Hire immediately

            Back before I had a computer of my very own, I had access to the mainframe at work via a bunch of teletypes in a small room down on the ground floor. I used it for various work-related chores, programming in BASIC which I had learnt at college. Soon after we were married, my wife and I had a joint bank account (we both had cheque books), and I decided that it would be a good idea to keep track of our account balance, so I wrote a sort of crude spreadsheet program and stored it in my allocated storage space on the MF.

            I only ever accessed this program during the lunch break, so it did not impact my working time, but one day I was summoned to the Head of my department and told in the very strongest terms that I should not be using Company computer time to track my bank account. I was instructed to remove the program from the computer and not do it again, on pain of excommunication (from the MF).

            Some time later, we bought a Spectrum for home use, and I started using a modified version of my spreadsheet to control our household finances.

        3. cynical bar steward
          Big Brother

          Re: Hire immediately

          So this sysadmin from BIHE, whom you praise so much, where, or when do you think they gained their skills? Well I'll tell you, spending time at Wigan Technical college hacking their systems! It honed the apparent psychic skills for detecting who was up to "no good". The games were regulated, I learnt system programming too, which became the mechanism to control access to the games on the EE department's PDP, (POLLY) then a discrete area on SYBIL (the EE's VAX). When I renamed the other VAX from VAX to BASIL I didn't make many friends with the academics either.

          Nonetheless I saw the value in education, this idle time was self education so I tried to demonstrate some concern for security to those who let me be custodian of this newly formed network and also marvelled at some of the ingenuity I saw with students discovering this new playground.

          Don't forget, the academic calendar left a few summer weeks, which was also the sysadmin's playtime in education. I was (and am ) CITSNIC , and still playing, sorry, working with VMS (OpenVMS) even on the odd VAX.

    7. Anonymous Coward
      Anonymous Coward

      Re: Hire immediately

      I'd be careful about hiring such folks. Some ikkle firsties turn to the Dark Side because they're bored, and others turn because they're little shits.

      The first sort can be quite useful. Find them something to work on that stretches them and interests them - but don't give them any extra privs though, just in case they do turn out to be a little shit.

      The latter sort, they'll cause trouble just because they can, and some of them even revel in being told off. I knew of one kid who actually celebrated his 25th bollocking from the director of studies. His usual MO was pretending to be a terminal server to grab credentials - I used to enjoy breaking his little toys and crashing them back to his login prompt, then I'd prove that I'm a little shit too by winding up the operators. Who knew that sending "Hey there you useless tape monkey, come and get me!" as a request to the system console would upset them so much?

    8. Down not across

      Re: Hire immediately

      I'm always happy to work with someone who can learn of their own accord, even better if they learn for learning's sake. And, to paraphrase Nanny Ogg, it's better having them inside pissing out than outside pissing in :)

      While I don't disagree with Nanny Ogg, the main reason I would not hire Charlie is that when he realised it all went bit wrong, he didn't have the guts/integrity to own up to it.

      1. Mark 85 Silver badge

        Re: Hire immediately

        the main reason I would not hire Charlie is that when he realised it all went bit wrong, he didn't have the guts/integrity to own up to it.

        Exactly. He knew what he did and did it intentionally. If was something more of an honest mistake where he ,mistyped or didn't know he messed up, that's different.

    9. Kubla Cant Silver badge

      Re: Hire immediately

      Plus 10 points for ingenuity, minus 100 for malice.

      In his second adventure, having discovered how destructive his script was, he deliberately used it to bring down the whole system. He would have to be extraordinarily talented to make it worth the risk of employing such a psychopath.

    10. Marketing Hack Silver badge
      IT Angle

      Re: Hire immediately

      Hire immediately, but put him at a desk in the basement, and regularly threaten to take his way-to-prized Swingline stapler.

    11. Carpet Deal 'em Bronze badge
      Flame

      Re: Hire immediately

      I thought about that for a moment, but a simple "while (true) {mkdir a; cd a;}" loop isn't exactly clever. If he could genuinely say he wanted to see how deep he could go before the OS skinned his script alive, but he already knew it wouldn't stop him. Into the pit with this miscreant.

      1. Chris King

        Re: Hire immediately

        "Into the pit with this miscreant"

        Someone mentioned Nanny Ogg further up the thread, I was thinking more along the lines of the Patrician's scorpion pit - lower the bad ones in head-first, and the last thing they will see are the words "NEXT TIME, READ THE REGS".

      2. J.G.Harston Silver badge

        Re: Hire immediately

        And fixable with a while (true) {cd ..; rmdir foo}

        I had to do this when testing some filing system code to ensure 'copy foo foo/foo -r' type code was trapped and gave a 'can't copy foo inside itself' sort of error.

    12. Bill Gray
      Headmaster

      Re: Hire immediately

      "...to paraphrase Nanny Ogg, it's better having them inside pissing out than outside pissing in :)"

      Minor note: I would be confident that Lyndon Johnson's comment about mollifying a political opponent enough to turn him into an ally ("better to have him inside the tent pissing out than outside pissing in") probably came before Nanny Ogg's.

      1. Ken Hagan Gold badge

        Re: Minor note

        The "rule" usually cited in this context is that quotes gravitate to the more distinguished culprit. How sad for poor old LBJ. :)

        1. Bill Gray

          Re: Minor note

          The "rule" usually cited in this context is that quotes gravitate to the more distinguished culprit.

          If you really want people to take your comment seriously, tell them Winston Churchill said it first.

          -- Benjamin Franklin

          How sad for poor old LBJ. :)

          I'd prefer to think "good on ol' Sir Pterry; he's risen to the ranks of quotation magnets" (among whom Churchill, Franklin, Mark Twain, and Oscar Wilde are prominent), but I do see your point.

    13. big_D Silver badge

      Re: Hire immediately

      I agree totally.

      And I've also managed to bring a few mainframes and minis to their knees over the years.

      The classic, related here before, was on a DEC VMS Admin course in Reading. I was bored, the course was covering stuff I already knew, so, for a laugh, I did show users and started logging people off our VAX (each course had their own VAX). It worked fine, so I knocked up a quick bit of DCL that exported the user list to a file and went through the file and logged everybody but big_D off...

      Worked a treat. So I went one step further, I turned it into a self-submitting batch file. Submitted it and sat back and relaxed and looked around at frustrated faces as people kept getting logged off...

      Only I then made the fatal mistake of logging off myself. That was when I found the fatal flaw in my logic. During the login process, you don't have a username, but you do appear in the "show users" list as <login> and a process ID. ZAP! The login process just wasn't quick enough to get me from <login> to big_D before the batch job had killed my process.

      Luckily the instructor saw the funny side, even when he couldn't log onto the console in the computer room. In the end, we had to do a hard reset.

    14. cream wobbly

      Re: Hire immediately

      I cannot think of a single more fitting, nor more horrifying punishment.

  2. Shadow Systems Silver badge

    Oops.bat.

    :Loop; type Alt+256>a.txt; type Alt+256>b.txt; Type a.txt>b.txt; type b.txt>a.txt; goto loop.

    The faster the CPU, the more RAM it has to play with, & the larger the drives it starts on, the greater the "fun" that results.

    You'll need a boot CD/USB device handy so you can delete the two text files to regain control over your computer.

    Kiss all the free CPU cycles & drive space goodbye.

    The fun you can have when someone challenges you to crash their system without triggering the anti virus routines.

    *Ominous maniacal laughter*

    1. Pascal Monett Silver badge

      Re: Oops.bat.

      Test in Windows command prompt :

      Type a>a.txt <ctrl>

      The system cannot find the file specified.

      So, unless you've already created file a.txt and b.txt, your script is going to fail to do much more than use CPU cycles and fill the command prompt buffer.

      And, as soon as you kill the window, the problem is gone.

      1. Shadow Systems Silver badge

        Re: Oops.bat.

        Do you *really* think I'd post actual code that could be copied & pasted into a CLI that would run?

        I just wanted to get the concept across. Those that want to make it function will know how, those that don't will either RTFM to learn or will get nowhere.

        Sorry for the confusion.

    2. Anonymous Coward Silver badge
      Devil

      Re: Oops.bat.

      It would be far more effective if the first two 'type's were 'echo's.

      Of course the second one could be removed if you wanted to reduce your typing.

      It was also be more effective if the redirects were '>>' and therefore appending rather than overwriting.

    3. Doctor Syntax Silver badge

      Re: Oops.bat.

      The Unix equivalent is

      cat a >> a

      where a is a non-empty file. Or at least it used to be - maybe the cat's been neutered but for some reason I haven't checked for a good while. Handy for overwriting disks before returning a rented box.

      1. Waseem Alkurdi Silver badge

        Re: Oops.bat.

        root@waseem:~# cat a >> a

        cat: a: input file is output file

        I'd do this when overwriting disks though:

        root@waseem:~# dd if=/dev/urandom of=/dev/sdX bs=4096 status=progress*

        __________

        * only with newer versions of GNU coreutils

        1. GrumpenKraut Silver badge

          Re: Oops.bat.

          if=/dev/urandom looks a bit paranoid to me. If if=/dev/zero does not cut it, you'll want to destroy the disk anyway.

          1. whitepines Silver badge
            Boffin

            Re: Oops.bat.

            In the days of spinning rust, perhaps. In the days of solid state storage, urandom is a good compromise between tricking the disk write routines (i.e. ensuring blocks are erased instead of marked for garbage collection) and having to constantly buy and dispose of destroyed media.

            If anything's going to cross security domains, physical destruction is important of course. If it's just being wiped for reuse at the same security level, and the recipient isn't authorized to access the stored data, urandom does a pretty good job of wiping things out.

            1. GrumpenKraut Silver badge
              Pint

              Re: Oops.bat.

              > In the days of solid state storage, ...

              Today I learned something form the el Reg comments... again! Thanks.

  3. Andrew Norton

    Friend did something similar

    He worked for a government lab while also getting his PHD in particle physics, and during some downtime created some code which generated a recursive zip file, and not just a straight one directory, recursion etc. no it had 4 directors at the top level, which looped back at various points after various other named directories. He then wanted to run the code through his code analyser at work at the government lab, where his major coding tools were (he worked on a major project involving creating software for new research models) so, as you do, he emailed it to his work address (because they don't like taking media and plugging it in, that way lies espionage, and virii and such.

    And now you've probably guessed what happened....

    1. whitepines Silver badge
      Paris Hilton

      Re: Friend did something similar

      While I can guess, I'm still trying to figure out what kind of idiot firewall / scanner compiles code it comes across and runs it. Or was there something left out about sending a few samples of the output along with the code?

    2. Loyal Commenter Silver badge

      Re: Friend did something similar

      So I'm assuming here that he sent a sample of the recursive zip file to his email address and the virus scanner picked it up and...

      What happens next is the interesting bit. Any competent virus scanner would (hopefully) be able to detect a malformed zip file and not try and parse it for eternity, and then remove it from the email. I'm guessing this is not what happened, which strongly implies that the bit of software designed to explicitly look for malicious code is pretty poor at finding it.

      The severity of the result is going to depend on whether this is a single instance 'scanning' all email, or a separate thread for each email, and whether it has been designed with any sensible timeout. On balance, I think I'd probably design such a thing to use a thread pool, and scan each email on an idle thread, queueing them up if the thread limit is exceeded, and putting a sensible timeout on the processing (maybe 60 seconds which should be more than ample for most cases), with the timeout configurable. There may still be some other attack vectors to cause a denial of service, for instance flooding with multiple malformed messages, so perhaps limit the processing to one message per sender simultaneously. That's not going to deal with multiple malicious emails fro multiple senders, but that's the sort of thing that's getting into DoS prevention/mitigation territory and it has its own solutions.

      1. Dr Dan Holdsworth
        FAIL

        Re: Friend did something similar

        There used to be quite a few virus scanners that would try to open any zip file they came across. Cat /dev/zero | gzip > nasty.zip was a quick way to create the magic expanding zip file, which when the simple-minded virus scanner found it would crash the system after eating all of its memory.

        In a similar sort of theme, the senior staff of a certain Yorkshire university discovered that they had a problem with pornography being emailed around the place, and insisted upon punishment for anyone receiving such filth by email.

        Inside of oh, about five minutes, the entirety of the senior faculty were magically receiving both barrels of "rule 34" pornography; indescribable stuff that presumably someone somewhere likes, but which otherwise triggers gag and vomit reflexes whilst at the same time violating anti-porn rules in quite a staggering number of ways.

        The rule was rescinded remarkably quickly, with quite a few senior academics forswearing off computers for life.

        1. Loyal Commenter Silver badge

          Re: Friend did something similar

          At one place where I used to work, I can remember someone being hauled over the coals for receiving a dodgy email of some description. In true Kafka-esque style, TPTB would neither tell the individual involved who had sent it, nor what it contained, but were determined to punish him for it anyway.

          Needless to say, that particular company no longer trades.

      2. Vincent Ballard

        Re: Friend did something similar

        When you say that a competent virus scanner should be able to detect a malformed zip file, I think you may be missing the point. I understood the zip file to be well formed. It's certainly possible to make a zip quine, and although I've never personally seen it done it should in principle be "straightforward" to extend the technique to a valid zip file which contains multiple copies of itself with different names.

        1. Michael Wojcik Silver badge

          Re: Friend did something similar

          Yes. There are various sorts of well-formed pathological zip files (and similarly for other archive formats), well-documented in forums such as BUGTRAQ and VULN-DEV. The topic may have come up in an article in PoC||GTFO, too; I have a vague memory of that.

          Anyway, this is why modern malware scanners generally have configurable limits on directory depth, expansion factor, and nesting for archives and other compound file formats. If a limit is reached, the scanner treats the file as malicious.

          Of course this is an arms war, with attackers finding new looping constructs the scanner developers forgot to limit, creating polyglot files that scanners interpret incorrectly (or at least not in the way that end users interpret them), and so forth.

          1. jake Silver badge

            Re: Friend did something similar

            Pathological archive files was a common concept on RISKS Digest, starting in the mid '80s.

    3. JulieM Silver badge

      Virii

      What is a virius?

      1. Anonymous Coward
        Trollface

        Re: Virii

        He's the chap you employ for being virile. Shall I send you my application?

  4. Giovani Tapini Silver badge

    Error in PseudoScript at line: 3

    Error - Label "start" not defined...

    Script Terminated

    Pseudo>_

    1. Giovani Tapini Silver badge
      Trollface

      Re: Error in PseudoScript at line: 3

      Those thumbs down ... did I forget to indent or capitalise properly, or just because I omitted the joke icon? maybe each line should be terminated with a ;

      as this was El, Reg's own script language does that mean I have to commit Regicide?

  5. Andy Taylor

    BTDT...

    Myself and a fellow student once filled a system by writing scripts that fired emails back and forth to one another. Swapping the serial connectors conveniently placed in the corner of the terminal room was another favourite pastime.

    1. jake Silver badge
      Pint

      Re: BTDT...

      People like you are the reason that today's proper MTAs detect and quash mail loops. Thank you! Beer?

      1. Anonymous Coward
        Anonymous Coward

        Re: BTDT...

        I think you'll find that executives forwarding their home email to their work email while simultaneously forwarding their work email to their home email "so I don't miss anything important" had a lot to do with loop prevention.

        1. Korev Silver badge

          Re: BTDT...

          Not to mention the "Please remove my email from the mailing list" storms

          1. Anonymous Coward
            Anonymous Coward

            Re: BTDT...

            Please remove my email from this mailing list

            1. jake Silver badge

              Re: BTDT...

              ME TOO!!!!!!1!1!!!

  6. Anonymous Coward
    Anonymous Coward

    "including a small program emulating a login screen, that dumped the entered username and password in a file."

    I did exactly the same with old novell dos logon. Whilst they taught you useful things in C or Pascal class , they never seemed to bother with the finishing touches - like compiling and packaging your program. So i had to leave my my malware running in the IDE thingy.

    Got found out too, Still got the written warning . very proud of it .

  7. jake Silver badge

    Back in the day ...

    ... such shenanigans were considered part of the coursework, if unofficially.

    These days, it'll get you expelled and put on a terrorism watch list.

    Back in the day, the computer revolution happened. These days, companies like Apple patent paper bags and rounded corners, and charge $999 for simple, nondescript monitor stands. Coincidence? You decide.

    1. Waseem Alkurdi Silver badge

      Re: Back in the day ...

      and charge $999 for simple, nondescript monitor stands.

      <sad Apple geek>

      How dare you call it simple and nondescript! Shhh, she's going to hear you!

      </sad Apple geek>

      Anyhow, I really wonder as to why did people give a hoot about this. It's basic capitalism. Sheep willing to pay, and a company willing to sell to the flock. Supposed customers of "Pro" products are willing to splurge $6K - $15K on a display, ahem, reference display, so why not sell a $1K stand if there are customers willing to pay?

      1. Prst. V.Jeltz Silver badge
        Unhappy

        Re: Back in the day ...

        customers willing to piss away tax payers money that should be being spent on nurses , medicine & bandages etc , not lining your office with all the finery you can waste money on just because you think as the head of finance you deserve more expensive equipment than anyone else

      2. jake Silver badge

        Re: Back in the day ...

        There is nothing wrong with turning a profit, Waseem. However, turning an obscene profit is, well, obscene. Separating actual fools from their money is unethical.

        1. Waseem Alkurdi Silver badge
          Thumb Up

          Re: Back in the day ...

          Exactly!

          One point though:

          Separating actual fools from their money is unethical.

          Correct, but crooks have been separating fools from their money since forever. This is nothing, erm, "newsworthy". Or have people believed up until that point that Apple was a charity (or an honest garage-run neighborhood sale), not a big, fat megacorp?

    2. Cederic Silver badge

      Re: Back in the day ...

      No. Back in the day spotting how to do that was almost required, doing it by accident forgiven, finding out how to subvert the system to do it when you shouldn't rewarded with beer and actually doing it on purpose cause for a severe spanking.

      But I went to a university whose admin understood undergrads.

  8. Waseem Alkurdi Silver badge

    Today,

    he'd be called a script kiddie, and punished accordingly. Which he deserves, from an ethical point of view.

    That aside, if I were to be responsible for hiring for any organization which does "serious" work (i.e. security contractor, banking firm, TLA), I definitely won't hire him. Though he's a "deviant soul", thinking out of the box, and creative (mischievously so), this non-conformity could be a curse as well as a blessing.

    1. Ragarath

      Re: Today,

      Script Kiddie? I think not. He actually wrote the script / code.

      Script kiddies just download scripts others have written and run them, hence the name.

  9. Anonymous Coward
    Anonymous Coward

    For even more fun: After recursively creating directories with single character names, when you get to the maximum depth, rename each one to the maximum filename length on the way back up.

    1. Anonymous Coward Silver badge
      Holmes

      Back in the day, you wrote Internet Explorer's Temporary Internet File storage routines, didn't you?

      1. Sir Runcible Spoon Silver badge
        Thumb Up

        Thank you for a proper lol

      2. Jou (Mxyzptlk) Bronze badge

        Back in the day it was good that FAT32 still had the additional 8.3 filename, letting rd /s /q doing its job without much hassle.

    2. Killfalcon Silver badge

      If you ever find yourself having to unpick such a thing in Windows - 7Zip's file explorer will let you rename files that Windows won't.

      You can usually also do tricks with drive mapping to make windows think the filepath is shorter, but that won't work if every individual folder name is already at the limit.

    3. Jou (Mxyzptlk) Bronze badge

      Oh, that is old. With an easy fix.

      md empty

      robocopy empty directory-to-kill /s /e /r:0 /w:0 /purge

      rd empty

      This method even gets the link-looped directories, for example, in the user profile.

      If you want to make it better set obscure rights after creation, and remove all inheritance ;). Easy to solve for those with enough experience, but hard for those who never had to struggle such weirdness before.

      1. Robert Baker
        Gimp

        Easy Fix

        Ah, ROBOCOPY — the future of file-system enforcement! ;-)

        1. Inspector71

          Re: Easy Fix

          Attention all symlinks.....dead or alive, you are coming with me.

  10. JimPoak

    Run for it!

    I have in the past whitest a finished program chewing up the inodes and so disabling disk access.

    Please note I cannot take credit for this and I will take the fifth amendment.

    Recursive algorithms the preferred method of killing a computer.

    1. John 110
      Coat

      Re: Run for it!

      I thought the preferred method of killing a computer was the old "The next statement I make is a lie..." schtick

      1. Robert Carnegie Silver badge

        Re: Run for it!

        Your alternative to a recursive algorithm is a recursive algorithm.

        If you knew that your alternative to a recursive algorithm is a recursive algorithm... is that another recursive algorithm?

    2. whitepines Silver badge
      Holmes

      Re: Run for it!

      I've done something similar, or rather a program I was in charge of for a security system. Turns out ext3 doesn't like millions of files in a directory (hindsight 20/20, yada yada). Didn't so much run out of inodes as made things nearly impossible to remove -- rm -rf of the top directory didn't work, rm * inside the directory just caused the shell concatenation limits to be hit and nothing to happen. For extra fun there was data outside that directory that needed to stay intact -- ended up writing a small program to loop over the files sequentially and remove them one by one. Took hours to run IIRC on a fairly fast disk subsystem...

      Oops!

      1. PerlyKing Silver badge

        find is your friend

        find . -type f -print0 | xargs -0 rm

        1. whitepines Silver badge

          Re: find is your friend

          find is your friend

          Not when even it was choking on the sheer number of files. Can't recall the exact problem at this point but could have just been too slow or was chewing up too much RAM given the degree of, ahem, filesystem abuse that had taken place.

          Otherwise yep, that's a great way to recover from something like this.

          Something to keep people up at night: what happens to a BTRFS volume that has this happen? Nothing good I imagine, but I suspect the solution is more "mkfs.ext4 and restore from backup" than "fix it" given how BTRFS handles certain things.

          1. Claptrap314 Silver badge

            Re: find is your friend

            This is a case where actual systems programming would be a snap, I believe....

    3. Anonymous South African Coward Silver badge

      Re: Run for it!

      <i.Recursive algorithms the preferred method of killing a computer.</i>

      Bah.

      More than one way to skin a c*t (kill somebody's purdy compoota) :

      1. Hard reset tool (hammer)

      2. 240V directly onto any exposed terminals

      3. Remove heatsink and let the CPU die a hot and bothersome death (not always effective)

      4. Insert family of rodents into computer box with lots of food and water. Nature will take its course.

      5. Iron fillings. Lots of these.

      6. Empty a tin of Coke directly on the motherboard and do not wipe up. Bonus points if the motherboard is operational at the time of outpouring.

      Others are there, but you get the gist.

      Software algorithms will only make it perform undesirably, and can be fixed with the right PFY/knowhow.

      Hardware algorithms will make it stop performing permanently. :)

      Take your pick.

      PS - block of cheese in the mainframe + family of rodents = great fun

      1. Sir Runcible Spoon Silver badge
        Joke

        Re: Run for it!

        You definitely missed one..

        7. Allow automatic updates

      2. Waseem Alkurdi Silver badge

        Re: Run for it!

        3. Remove heatsink and let the CPU die a hot and bothersome death (not always effective)

        I think that you might have trouble with the thermal cutoff (sensor? switch?)

        1. Steven Raith

          Re: Run for it!

          That's a surprisingly new addition to most CPUs though, in the grand scale of things - the last CPU to not have it were (IIRC) Netburst P4s and Thorobed Athlons.

          I dare say some more specialised chips had it, but from a consumer grade standpoint, I think that's where thermal cutouts started to be 'the norm'.

          Steven 'this is just off the top of my head, correct me if I'm wrong, commentards' R

        2. DropBear
          Facepalm

          Re: Run for it!

          Today, yes. I have had literally that happen (brace broke, heatsink fell off) and have the machine survive with no observable ill effects, I'm using it to this day with a new brace.

          Back in the day, that's another matter - I recall seeing a YouTube video specifically testing sudden heatsink detachment on Intel and AMD CPUs - the Intel one got throttled down instantly, the AMD one went up in smoke, also instantly: they did have a similar mechanism, but it was polled relatively rarely on the assumption that thermal runaway does take some time. That was true if the fan died; it was most certainly not true if the heatsink itself departed wholesale...

          Incidentally, mine was an AMD and all this flashed before my eyes in the millisecond I realized the funny thump immediately followed by a 747 at takeoff I heard coming from the case could only be one thing - luckily, this happened much later, by then I was covered too apparently.

          1. Nunyabiznes Silver badge

            Re: Run for it!

            Quite modern* GPUs will die an interesting death if the fan/heatsink combo falls off.

            *For some value of modern in underfunded public agencies

      3. Mark 85 Silver badge

        Re: Run for it!

        I'm partial to taking them out behind the shed and applying gunpowder and projectiles. Some folks I know prefer explosives. There are a bunch of videos out there.

        1. whitepines Silver badge
          Boffin

          Re: Run for it!

          I'm partial to taking them out behind the shed and applying gunpowder and projectiles.

          ...which will leave the data-containing silicon bits largely recoverable in their plastic packages, and scattered to the wind to compound the problem. Not really a good way of doing anything other than getting visceral revenge on "that dang compootah!".

          Now a hammer to the chips in question, that's cheap, effective, and 100% guaranteed...

    4. amanfromMars 1 Silver badge

      Re: Run for it! .... in Spaces with No Hiding Places .... are For Errant Fools Running Errands

      Recursive algorithms the preferred method of killing a computer. .... JimPoak

      Not many realise, JP, that is what is killing trading markets and stalling progress in education and employment in enjoyment. No original lead in a novel direction.

      'Tis where Humanity currently be Stuck, Terrified and Terrorised?

      Methinks So. The Evidence is Surely Plain Enough BroadBandCast for All to See with Lots More Yet to be Shown in Support of the Motion, Immaculately Born of SMARTR Notions ‽ .

      1. Cliff Thorburn

        Re: Run for it! .... in Spaces with No Hiding Places .... are For Errant Fools Running Errands

        'Tis where Humanity currently be Stuck, Terrified and Terrorised?

        Certainly right there amFM, its like the Village of the Damned out there, believe me!

  11. TchmilFan

    One more slip and he’s out with 0 notice and shit references.

    ... provided he’s show promise, otherwise out out out.

    That’s not inventive, that’s just stupid. Wrapping it up in mollycoddling “curiosity” is bullshit. You can be curious without fucking things up.

    If he didn't realise that the box that was created to do repetitive tasks quickly then took the very repetitive task and did it very quickly, then he’s missing the point. That’s not a BOFH, that’s a user with little knowledge making poor decisions.

    1. Waseem Alkurdi Silver badge
      Thumb Up

      Re: One more slip and he’s out with 0 notice and shit references.

      If he didn't realise that the box that was created to do repetitive tasks quickly then took the very repetitive task and did it very quickly, then he’s missing the point.

      This!

      That’s not a BOFH, that’s a user with little knowledge making poor decisions.

      The same act in a different context (that of a sysadmin, like the BOFH himself in the '90s) can constitute a BOFH's act.

    2. Mark 85 Silver badge

      Re: One more slip and he’s out with 0 notice and shit references.

      Reading his previous exploits of exposing logins and passwords makes him malicious.

  12. trevorde

    True story...

    Never letting the truth get in the way of a true story:

    When I was an undergrad, back in the day when VAX systems were new, one of my class mates failed, due to too much time hacking and not not concentrating on coursework. So, what does a hacker do when he's just failed? So the story goes, he broke into the computer systems and gave himself a pass. Inevitably, he was found out and, in an amazing turn of events, struck a deal to show them how he'd done it, in exchange for a pass grade.

    The irony was that he failed the next year due to getting involved in too much guild politics. He was granted a repeat of that year and eventually scraped together a pass degree.

    The double irony is that he founded various software companies after leaving and managed to do reasonably well for himself.

    1. Jay 2

      Re: True story...

      Guild politics? This wasn't Aston Uni was it?

  13. Anonymous Coward
    Anonymous Coward

    Who hasn't done something similar?

    For me it taught me a lesson in the differences between DOS and Unix.

    The intent was to fill the user's disc quota by doing

    echo "Don't leave yourself logged in" >> please_logout.txt

    ./script.sh

    Under DOS invoking a batch file from a batch file terminated the old one unless you used "call". Under Unix it spawns a new process. Cue the system dying due to running out of PIDs!

    I'm not sure if the system automatically recovered by killing the process or manual intervention was required. Fortunately it was the first week of the uni year, so most people blamed it being all the freshers doing silly things.

    1. Michael Wojcik Silver badge

      Re: Who hasn't done something similar?

      Under Unix it spawns a new process. Cue the system dying due to running out of PIDs!

      Admins who don't set reasonable resource limits (setrlimit / ulimit) get what they deserve.1

      I've seen this plenty of times at customer sites. They report some problem, and it turns out one of their applications has an inadvertent fork bomb or filled up a small /var partition or what have you. "Isn't there some way we can prevent this?" they ask. Yes. Employ a system administrator who actually knows the OS you're running.

      1Granted, depending on how long ago this was, it might have been a UNIX variant that didn't have setrlimit. But setrlimit's been around for a while. Man page history says it appeared in BSD 4.1c, and while I'm not sure when AT&T UNIX picked it up (don't have my reference books handy), it was incorporated into POSIX.1 in Issue 4, Version 2, in 1994. As far as I can remember it was in all the UNIX variants I was using in the early 1990s. (I don't remember using it in anything in the '80s.)

      1. jake Silver badge

        Re: Who hasn't done something similar?

        To be fair, the OP went on to say "'m not sure if the system automatically recovered by killing the process or manual intervention was required".

  14. Steve Todd

    Pretty common for the time

    Security wasn't what it is now, and curious students with access to the likes of JANET tended to run amok. I can still remember the address X29.13000000, which held the address book of all the systems you could reach.

  15. SVV Silver badge

    what would you have done with a student who managed to take down the mainframe?

    The same as any serious IT professional would do : call the Black Monks of the Silicon Brotherhood and send them round to use their magc powers to remove all computering knowledge from the sinner's brain.

    1. diver_dave

      Re: what would you have done with a student who managed to take down the mainframe?

      I'll see your Black Monks and raise you a Technomage.

      He he...

      1. The Oncoming Scorn Silver badge
        Boffin

        Re: what would you have done with a student who managed to take down the mainframe?

        Elric: ...... I see a great hand reaching out of the stars. The hand is your hand. And I hear sounds, the sounds of billions of people calling your name.

        Londo: My followers?

        Elric: Your victims.

    2. Waseem Alkurdi Silver badge

      Re: what would you have done with a student who managed to take down the mainframe?

      "Computering"

      New word successfully acquired. :-)

    3. John 110
      Unhappy

      Re: what would you have done with a student who managed to take down the mainframe?

      ...Wait... did you do that to the people in my lab??

  16. Tony Gathercole ...
    Childcatcher

    Been there done that

    Sadly been there back in the early 1980s being responsible for the systems support of a timesharing mainframe at a UK higher education establishment and had to spend considerable effort trying to address activities such as these by 'enthusiatic' (and in some cases 'malicious') members of the student body. While ultimate discipline was down to the academic authorities (not Computer Services) it was necessary to identify the core offenders and generally to take them aside and explain the impacts of their misdemeanours on others. Bearing in mind the very limited resources available (2 x 76 MB disk drives (RP04 formatted for 36 bit use) supporting a community of 20K plus students - yes you read that correctly : two sub-one hundred megabyte disk exchangable disk drives - any mis-use had an immediate impact. What was equally apparant was the distress on other (shall we say less clued up) students if their account was 'taken over' and they were unable to complete coursework. Sometimes more drastic action was needed of course but generally trying to deny access to the system was non-productive as they would generally have access to multiple accounts as a result of their actions.

    Of course, now of that would have applied to the activities under taken while a student myself a few years earlier at a different establishment with an even smaller and more limited system.

  17. Wombling_Free

    Name checks out, timing is about right

    I will hazard a guess that this young 'Charles' went on to write novels featuring one "Robert Oliver Francis Howard". Just a guess, mind you.

  18. Richard Tobin

    I did something similar...

    .. as a schoolboy in the 1970s. We were allowed to use Birmingham University's ICL 1906A, mostly for Fortran and Algol 68 programming. I wrote a macro (= shell script) that recursively created subdirectories, just to see how many could be created. Apparently the operating system only allowed a limited depth of directories - 64 perhaps - and the macro exited with no harm done. Until the overnight accounting program ran, which had a much smaller limit on the level of nesting it could handle, and crashed.

    When I got to school the next morning I was summoned by a teacher who had been contacted by the university, and was sent to the university computer centre to explain myself. Their main interest seemed to be in why I had done it, and they accepted my explanation of innocent curiosity.

  19. Marty McFly
    Pint

    A series of firsts...

    In 1989 I was one of the first three students at my college to get Internet access. Shortly thereafter I was one of the first two students to get banned for inappropriate use by sending fake emails.

    Idle hands and creative minds under-challenged.

  20. LordHighFixer

    HP Business basic

    10 BRK(0)

    20 PRINT "^G"

    30 GOTO 10

  21. Anonymous Coward
    Anonymous Coward

    Ghosts

    I can't say that I ever took down a mainframe....but, I did have a pretty darned effective way of "ghosting" a user (Can't log in, can't log out, can't be forced off, etc.; The only way out is for the machine to be shutdown and restarted.). I'll refrain from giving any more details, since I'm not sure that bug on that particular system has been fixed, even though I found it 30+ years ago!

  22. Snarky Puppy
    WTF?

    The curious case of the hand-made serial connector

    In my first sysadmin job I needed a serial connector to connect an HP server to its green-screen system console. There were none spare but a colleague put one together with a soldering iron, a few bits of wire and some wiring diagrams he found online. We plugged our home-made connector to the server and terminal and it worked. Up came the login prompt.

    Within half an hour, the company network ground to a halt. No email. No access to network drives. No telnet access to servers. Nothing. The entire company dead in the water. Within minutes of removing the hand-made connector, everything returned to normal. Network collisions from the connector were believed to be the cause. No recriminations but I wish with hindsight that I'd held on to that connector...for research purposes...for a friend....

  23. anthonyhegedus Silver badge

    I did a similar thing at university

    Yes, I wrote a script to pretend to be a login screen, on our PrimeOS system. This was in 1984.

    But I never did anything to break the computer. What I did notice however, was that the line printer in one of the terminal rooms was particularly noisy when doing a line feed. I then wondered what it would sound like if I sent several line feeds to it. So I created a file with 1000 line feeds, and sent it. There was a lecturer doing a tutorial session in that room, or at least trying to. It was the room next door, and I could hear it. About 1 minute later an angry man runs into the room I'm in and shouted at me "did you do that?". I denied all knowledge, including knowledge of HOW to do it. He couldn't work out how to prove it was me, and left.

  24. Man inna barrel

    Call yourself a computer scientist?

    Keep him on the course, but ban him from the computer terminals.

    Real computer science does not require the use of a computer. Edsger Dijstra famously did not use a computer for years. Pencil and paper were good enough for him.

  25. Anonymous Coward
    Anonymous Coward

    Congratulations

    You just put a criminal in charge of your IT.

    Pretty similar to voting 'ehhh. what with all the crooks being elected in.

    1. Anonymous Coward
      Alien

      Re: Congratulations

      Talking of which, which of the Tory leadership candidates is that picture at the top of the article?

      1. Robert Carnegie Silver badge

        Re: Congratulations

        I think it's either Ian or Duncan Smith?

  26. Anonymous Coward
    Anonymous Coward

    me too

    I did the same sort of thing (emulating a login prompt from one of a set of guest accounts to see who would could enter their credentials), although in this case it was a Novell NetWare system. The not-too-bright CS teacher at the high school typed in her admin account, and that gave me a chance to explore the Novell admin tools. Eventually, one of my fellow students ratted on me, and the whole thing got me kicked out of the CS course, banned from the credentials that helped entrance into university, and very nearly kicked out of the school.

  27. Anonymous Coward
    Anonymous Coward

    Don't hire him!

    Make him work as an unpaid student assistant, with his other option being getting kicked out of school.

    That way you can give him all the crap work like cleaning up from stupid hackers (and make sure he knows he has to get approval from someone else before running a script he's written to "help" him with mundane tasks, lest he take the mainframe down again) and if he turns out to be bright and has reformed his ways you can offer him a paid job after he graduates.

  28. Muscleguy Silver badge

    Also back in the '80s Mrs Muscleguy was a CompSci student and a program she was running on the mainframe entered a loop and could not be shut down and for a time we were threatened with a large bill for the extra time used. But then her lecturers intervened and admitted students had not been taught how to properly kill routines and our family finances were not threatened.

    We had two kids and I was on a PhD stipend somewhat less than the married dole (our income went up when we had to claim it), so the proposed amount would have been significant for us.

    Ah, those were the days, when all the servers were named after LotR characters and places. I even knew some Vax commands back then, all forgotten now.

  29. Jou (Mxyzptlk) Bronze badge

    Fire because he did it a second time on other accounts

    While he was doing it with his account - no problem. But the second round doing it at other users: No mercy. First is because he impersonated other users. Second is he knew it would cause problems, and still did it and just walked away. I don't like "leave bombs behind" people with such a low common sense.

    1. Claptrap314 Silver badge

      Re: Fire because he did it a second time on other accounts

      But...Cool guys don't look at explosions!

  30. anonymous boring coward Silver badge

    Of course he was hired.

  31. Pangasinan Philippines

    60's TV

    Does anyone remember 'The Prisoner'? https://en.wikipedia.org/wiki/The_Prisoner

    Where the man in charge (number two) has the most powerful computer and says to number 6 (Patrick McGoohan) to ask the computer any question and the computer will answer it.

    So our hero types (slowly) 4 characters and puts this into the the computer, which starts making noises and then emitting smoke before it explodes.

    What question did you ask it? says number two.

    Our hero replies 'The one question that no-one can answer, WHY?'

    1. Olivier2553 Silver badge

      Re: 60's TV

      I don't remember that specific part, but upvote for citing The Prisoner.

      1. Louis Schreurs Bronze badge

        Re: 60's TV

        An upvote 4 upvoting D original poster. Went on to youtoob and gonna binge watch

  32. kirk_augustin@yahoo.com

    Don't hire

    It is such a stupid prank that he knew had to be harmful, and showed no skill of intellect at all. Of course everyone thought of capturing login name and password. I actually captured the professor's login and password even. It is not hard. That is not at all a skill worth hiring someone for.

    But the point is he kicked every one off who was running when he crashed it, so did actual damage to dozens of people, for no reason and with no gain.

  33. Wexford

    Wow, this is very similar to one of my own first-year shenanigans at uni. Except I was curious as to how much memory my user was allocated in this fancy new multi user system I was given access to, having only seen BBC Micro and an early MS-DOS.

    I wrote a simple one line shell script that called itself with a counter that would display. I'd multiply the highest number it got to with the size of "sh" when I ran "top" and that would tell me. Except the counter kept running and running and running...except noticeably slower over time, to the point that Ctrl-C was dead slow. Meanwhile, people in the computer lab started looking up from their green screen terminals and asking each other "is [server name] slow for you?".

    It was at that point I hurriedly left the lab. The BOFH pulled me up on it by changing my shell to a script that just displayed "Come and see me" on the terminal.

    I wound up employed there doing computer lab support for students, albeit a few years later.

    1. J.G.Harston Silver badge

      After six years' experience using computers where the filing system had a 'free' command or equivalent, it was a surprise and an irritant getting to university and using a system that had no way of telling you how much space *you* had used and how much space *you* had remaining.

      You could find the size of the shared disk, but no way to find out how much space was remaining, and could count the files within a specific directory tree, but nothing that explicity stated how much space *you* had used.

  34. SealTeam6

    Press CTRL-C before logging in

    I was also studying Computer Science at a university in the 1980s (yes I am an old git) and some fellow students also performed that prank. The best defence against it was to press Control-C before logging in, to exit the prank script. This would 'turn the tables' on the prankster because now you would have access to their user account and you could encrypt or delete all their files (The prank script needed to be run from a logged-in account)

    1. Michael Wojcik Silver badge

      Re: Press CTRL-C before logging in

      I was also studying Computer Science at a university in the 1980s

      I was as well.

      (yes I am an old git)

      I don't think this qualifies us as "old" by Reg readership standards. There are still a number of folks here who were working in the industry in the 1970s. Not sure if we have any regulars who were doing significant IT stuff in the '60s, but I wouldn't be surprised.

      The best defence against it was to press Control-C before logging in, to exit the prank script.

      Yes, that's worth a try, though a clever script author would (assuming UNIX here) trap the signals they could, or even better suppress all line-discipline signal generation using stty.

      But then this is why the SAK was invented.

      1. jake Silver badge

        Re: Press CTRL-C before logging in

        "Not sure if we have any regulars who were doing significant IT stuff in the '60s"

        There are quite a few. No, I'm not one of them ... depending on what you mean by "significant", of course. By way of reference, installing a Teletype Model 33 (so-called "ASR-33") and acoustically coupled modem to access the Stanford Tymeshare System was considered quite significant in 1968. Especially at home.

        I first made "keep a roof overhead and the dawgs in kibble" dollars with computers in the early 1970s.

    2. ICPurvis47 Bronze badge
      Windows

      Re: Press CTRL-C before logging in

      "university in the 1980s (yes I am an old git)"

      You're not an Old Git, I was at Uni 1969 - 1974.

      I'm THE Old Git. ;-)

      1. Mark Ruit

        Re: Old Git

        1963 to 1968...

        (Repeats and Sandwich years)

      2. rskurat

        Re: Press CTRL-C before logging in

        nowadays OG = "original gansta" but evidently OG has been in use for some time.

        1. jake Silver badge

          Re: Press CTRL-C before logging in

          Yes. OG means Original Gravity, a vital concept if you care about beer and/or wine. All other uses should either be depreciated or summarily ignored.

  35. Richard Laval
    Coat

    Reg-pseudo-script

    Where can I sign up for a course in that!

  36. Anonymous Coward
    Anonymous Coward

    while(1) { fork(); }

    Fork bombs were the worst...

    while(1) { fork(); }

    1. Nick Kew

      Re: while(1) { fork(); }

      Not true. Fork bombs eat memory (including of course swap space if permitted), but that's relatively benign compared to something equivalently evil in filesystem I/O. Fork bombs are (IME) relatively straightforward to defuse.

      Though I guess it depends on what the underlying OS is good at defending against.

      1. Michael Wojcik Silver badge

        Re: while(1) { fork(); }

        Any POSIX-compliant OS since 1994 (and many UNIXes prior to that) is excellent at defending against trivial fork bombs and many other simple resource-exhaustion DoS attacks, given a moderately competent system administrator.

  37. Anonymous Coward
    Anonymous Coward

    Trying to hide from a school IT tech...

    Back in the late 90s, my school network had a bunch of Windows 98 clients hooked up to some NT4 servers. I was quite a curious student, and often went prying into things that I shouldn't do. The IT tech got wise to this, and tended to keep a close eye on everything that I did.

    In an effort to hide some of my shenanigans from him, I created a directory from the command prompt in my home drive using a random Unicode character (using Alt+nnnn). Due to the pretty much non-existent support for Unicode in 98/NT4, this appeared both in Windows and the command prompt as a whitespace character. Any attempts to open this directory from Windows Explorer would just result in a 'file not found' message.

    The only way to open this directory was from the command prompt, and it required knowledge of which Unicode character I'd used. Feeling pretty proud of the fact I'd created a space that the IT tech couldn't get into, I thought nothing much more of it.

    That is, until the following day, when the computer network was at a grinding halt and it was pretty much unusable. CPU utilisation of the servers was off the scale, and the backup job still hadn't completed. It somehow transpired that not only was the directory non-traversable in Windows Explorer, it wasn't traversable by either the virus scanner or the backup agent, and both of them were stuck in a loop. Once the offending directory had been identified, the finger was firmly pointed at me.

    I just about managed to get away with it by pleading complete ignorance and claiming that there must have been some sort of corruption to the file system, which 'coincidentally' happened to affect my home drive.

  38. AndyD 8-)&#8377;

    OReally?

    "Oops. Deleting the ...nested directories thousands deep... took over an hour"

    rm -r dodgydir

    ... over an hour??

    1. Michael Wojcik Silver badge

      Re: OReally?

      I can believe it, for some of the systems universities were running in the '80s. Drives were much slower. Filesystems lacked some of the optimizations of modern ones.1 On shared systems contention for CPU and memory resources could be fierce - and they made use of disk-backed virtual memory extensively, increasing contention for the storage system.

      And if the filesystem were an NFS mount, over 10BaseT or similar ... it would have been agonizing.

      1Note that readdir(2) updates the atime of the directory inode, and unlink(2) updates the ctime. In the Old Times rm -r could quickly fill the write cache just with metadata updates.

      1. iainr

        Re: OReally?

        10Base-T? In the 1980s I'd have thought 10Base2 or thick ethernet would be more likely. Back in those heady days of t pieces and 50ohm terminators I would fairly regularly lose it with phd students who would decide to add a computer to the network using whatever coaxial cable would fit and without thought to what happens when you get over the magic "around" 200m. you would get added debuging fun when they either put a length of coax between the NIC and the T- piece or saved on the price of a t-piece by just removing the resistor end piece and replacing it with a length of coax directly into a NIC.

        I was in better humour dealing with the fallout of the student that going, on a 12 month exchange to a university in Holland wanted to know how to forward email. He followed the instructions failry well but whilst he didn't make the mistake of forwarding mail from Holland back to his account in Edinburgh he did forward the Dutch account to hist home account in New York as hew was going home for a couple of weeks. of course he'd forgotten that his home email forwarded to his account in Edinburgh. I think he had about 30 or 40Mb of mail orbiting over the north sea, across the atlantic and back every 3 or 4 miniutes.

  39. Michael Wojcik Silver badge

    Login spoofing

    It's good to know that almost 40 years ago, miscreants were spoofing login screens to catch unsuspecting users.

    Well, yeah. It's been around nearly as long as login prompts, presumably.

    Hell, PLATO IV had a Secure Attention Key - the sole purpose of which is to defeat login spoofing - in 1972. So we're nearly at 50 years, and there are probably earlier examples of login spoofing.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020