back to article The perfect crime – undone by the perfect email backups

A tale of theft, fraud and understanding the meaning of "Delete" to end your working week. Welcome to a legally questionable episode of On Call. Our story is another from a reader Regomized as "Ellen" and once again concerns Digital Equipment Corporation's finest. In this case, DEC's ALL-IN-1 office automation suite of the …

  1. SminkyBazzA

    Panic stations

    Sounds like a certain senior manager also needs their email backups reviewed for naughty business, literal or otherwise.

    1. Paul Hovnanian Silver badge

      Re: Panic stations

      But not a very technically savvy one. I've worked for outfits where management would refuse to use e-mail. Even to summon an employee to an in-person meeting. Or place or take phone calls from anything other than a company-owned line*. No call logs. No evidence. But not anything classified. It's bad enough when the boss worries about covering his tracks after the fact. It't even scarrier when they know how to do so beforehand.

      *At a previous job, I had returned a page from a superior from my home phone. Which had proven to be very embarrasing (and expensive) for the company. While speaking with him, I had a friend sitting near me who was an excellent witness to my side of the conversation. And who, in spite of repeated efforts by that company, I have never revealed the identity of.

  2. jake Silver badge

    One wonders what will happen when ...

    ... major governments of the world discover that when BigHighTechGossipMonster deletes all that personal data that they have been illegally hoarding for the last couple decades, all that really gets deleted is the current working copies. The carefully curated off-site backups live on forever, in all their redundant glory, just as they were designed to do.

    1. ShadowSystems Silver badge

      Re: One wonders what will happen when ...

      Especially the backup I made to retain the paper, audio, & video trail that proves that the target of the blackmail will be very horrified to realize is no longer subject to corporate retention policies.

      *Cough*

      I, uhh, I mean, ummm...

      Look over there! A distraction! ---===>>>

      <<<===--- Runs away...

    2. Anonymous Coward
      Anonymous Coward

      Re: One wonders what will happen when ...

      Hillary, we're looking at you.

      1. Sp1z

        Re: One wonders what will happen when ...

        No we’re not. Shut up and stop trying to politicise everything.

        1. Anonymous Coward
          Anonymous Coward

          Re: One wonders what will happen when ...

          I don't think it's political unless she is running for office again.

          Is she?

      2. Mooseman Silver badge

        Re: One wonders what will happen when ...

        "Hillary, we're looking at you."

        But none of the Repugnican presidents that did exactly the same then?

    3. fajensen

      Re: One wonders what will happen when ...

      And, all they have to do is: "Loook! Over There!! There's a Muslim/Tranny doing something"!!!

  3. Mast1

    "Delete" = "Hide"

    I heard a story that the Psion organiser (early PDA) saved data in UVEPROM, ie unerasable while in device. "Deletion" involved flipping the 8th bit in an ASCII code, which was interpreted as not to read the file. This approach relied on the EPROM being much larger than anyone could reasonably fill purely by typing. Apparently the Psion was a favourite of the criminal fraternity who recorded their deals on them. Once apprehended by the police, correctly read, the Psion provided a nice audit trail.

    1. phy445

      Re: "Delete" = "Hide"

      Isn't this essentially the same on MS-DOS based systems? My memory is that they just added a character to the start of a filename so that they were flagged so as not to show up in directory listings but remained until someone sent the command to clear space. I'm fairly sure that the clearing process was (is?) just removing them from the record of what is on the disk (hence the existence of undelete utilities).

      1. GlenP Silver badge

        Re: "Delete" = "Hide"

        Essentially, yes, also the FAT table retained the sector links.

        IIRC it changed the first character rather than adding a character (only 8 remember) so to undelete you had to know, or guess, what the first character should be*.

        I can't recall the exact details but I was once able to reconstruct a Word temporary file via Norton even though undelete failed. The user, a young student placement, had spent all day typing a document then failed to save it - one of the times IT managed to save the day and prevent a lot of tears.

        *I used to work for an Apricot dealer, swapping between PC compatible and Apricot versions of DOS. The latter used A: for the HD so it wasn't unknown to type Format A: on an Apricot then Y followed by "Oh sh*t!" Ctrl-C and Undelete usually sorted it.

        1. Hey Nonny Nonny Mouse

          Re: "Delete" = "Hide"

          Nah you just had to use a disk sector editor to change the first byte of the filename from the "deleted" value to something printable, it didn't matter what it was.

          1. John Brown (no body) Silver badge

            Re: "Delete" = "Hide"

            It was the high bit of the first byte of the filename. You just had to flip it back to 0 to get the original filename back. There were/are plenty of undelete tools around to make it even easier.

            The character set was quite limited, upper-case only (lower-case letters you type in are auto-translated to upper-case on accessing the directory), some limited range of non-alphanumeric characters and DEFINITELY NO characters above ASCII 126 so the high bit of any character in a filename will never be set other than the special case of setting it for the first character marking that file as deleted.

        2. An_Old_Dog Bronze badge

          Re: "Delete" = "Hide"

          I recall looking at a list of such deleted files in a utility. MS-DOS had changed the first character of each deleted file to that lower-case Greek character which looks like an "o" with a short tail on the top, sticking out to the right (sigma?).

          1. A.P. Veening Silver badge

            Re: "Delete" = "Hide"

            I recall looking at a list of such deleted files in a utility. MS-DOS had changed the first character of each deleted file to that lower-case Greek character which looks like an "o" with a short tail on the top, sticking out to the right (sigma?).

            From your description I first thought you meant "δ" which is delta, but on second thought I think you are right with sigma ("σ").

            1. Martin Silver badge
              Happy

              Re: "Delete" = "Hide"

              OK, I'm impressed that you can type Greek characters. No doubt it's easy to do if you know how, but still, I'm impressed!

              1. jake Silver badge

                Re: "Delete" = "Hide"

                You must be very new to computers, Martin.

                1. Martin Silver badge
                  WTF?

                  Re: "Delete" = "Hide"

                  First programmed a computer when I was at school, in 1969, in Basic, Algol and Fortran. Started work in 1976. Worked in real-time software development and infrastructure development and support on early message switching systems, theatre lighting, POS systems, and market data systems, using Assembler, C, Python, running on CP/M, UNIX and Linux. I've written software for bespoke real-time microprocessor systems, debugging the software in partnership with the engineer debugging his hardware. I've worked on infrastructure development for complex networks of dozens of machines. Retired in 2015.

                  Still use computers every day (Chromebooks and Linux boxes, no Windows), still writing occasional bash scripts.

                  No, I don't think I'm new to computers. But I don't know everything about them, and I don't know easily how to type Greek characters.

                  1. ICL1900-G3 Bronze badge

                    Re: "Delete" = "Hide"

                    Excellent response to an unnecessarily snarky post.

                    1. jake Silver badge

                      Re: "Delete" = "Hide"

                      Remember back when sarcasm and snark were coin of the realm around here?

                      Apparently even biting the hand that feeds IT isn't hip anymore ...

                  2. jake Silver badge
                    Pint

                    Re: "Delete" = "Hide"

                    And yet, with all that background, after reading ElReg this last decade and a half(±), you have never noticed non-ASCII characters in the commentardery, and instantly figured out how it was done‽

                    Dancing rodents[0]. You have managed to well and truly flabber my gaster. Have a beer.

                    [0] Conga rats.

              2. Ken Moorhouse Silver badge

                Re: No doubt it's easy to do if you know how...

                Copy and paste from a suitable source, in this case...

                https://en.wikipedia.org/wiki/Greek_alphabet

                Α α, Β β, Γ γ, Δ δ, Ε ε, Ζ ζ, Η η, Θ θ, Ι ι, Κ κ, Λ λ, Μ μ, Ν ν, Ξ ξ, Ο ο, Π π, Ρ ρ, Σ σ/ς, Τ τ, Υ υ, Φ φ, Χ χ, Ψ ψ, Ω ω.

                1. Martin Silver badge
                  Happy

                  Re: No doubt it's easy to do if you know how...

                  Should have thought of that! Thanks. I'll bear it in mind for the future. Have an upvote,

                  1. ArrZarr

                    Re: No doubt it's easy to do if you know how...

                    And, for what it's worth, the alt gr key will give you grave accents for when you're feeling posh enough to type café correctly.

                    If anybody knows how to get the funky I in naïve without resorting to hex codes or the aforementioned comment, I'm all ears!

                    1. A.P. Veening Silver badge

                      Re: No doubt it's easy to do if you know how...

                      If anybody knows how to get the funky I in naïve without resorting to hex codes or the aforementioned comment, I'm all ears!

                      Using the correct keyboard settings (US International with "dead" keys), it is just a combination of " and i.

                    2. C-Clef

                      Re: No doubt it's easy to do if you know how...

                      Alt+0239 = ï.

                      Strange that nobody has seen fit to mention that little utility hiding within the Windows directory (for Windoze users) called charmap.exe. I think I first discovered it in Win 3. I have it permanently on the task bar along with paint, calculator, a hex editor, and NotePad++.

                      As I frequently have to write emails in both French and German as well as normal English, I have the need for umlauts as well as grave and acute accents, circumflexes, etc. Using this little utility has taught me that all the accented characters I regularly need can be typed by holding down the Alt key and adding four digits.

                      I have a Post-it note stuck to the side of my screen which looks like this:

                      ä=0228 Ä=0196

                      ö=0246 Ö=0214

                      ü=0252 Ü=0220

                      ß=0223

                      etc.

                      But charmap can give you, as well as Central European characters, Arabic, Cyrillic, Greek, Hebrew, etc.as well as those more obscure characters like © and ® and so forth.

              3. Snapper Bronze badge

                Re: "Delete" = "Hide"

                Have you considered that he might be using a Mac.....

              4. A.P. Veening Silver badge

                Re: "Delete" = "Hide"

                OK, I'm impressed that you can type Greek characters. No doubt it's easy to do if you know how, but still, I'm impressed!

                Just add Greek to the languages of your computer (and include the keyboard), after that it is only a matter of switching. And as the Greek alphabet only has 24 letters compared to the 26 of the Latin alphabet, you won't even run out keys.

        3. Scott 26
          Headmaster

          Re: "Delete" = "Hide"

          "FAT table" ... File Allocation Table table.... sorry, that gets you a downvote :)

          1. richdin

            Re: "Delete" = "Hide"

            There were two FATs - a copy to rebuild the original from JIC.

      2. Mast1

        Re: "Delete" = "Hide"

        Yes, but with UVEPROM, (a) you cannot re-set the bit by software to "undelete" and (b) depending on time of year, you could be waiting a long time for sufficient sun so as to shred the data. The police tend not to be that patient.

        1. A.P. Veening Silver badge

          Re: "Delete" = "Hide"

          and (b) depending on time of year, you could be waiting a long time for sufficient sun so as to shred the data.

          UV lamps are cheap.

          1. PC Paul

            Re: "Delete" = "Hide"

            long later Yes, but the UV EPROM will be inside the case and likely have a sticker over it's quartz window. It would only get erased as a very deliberate action. EEPROMs came along a lot later than UV EPROMs and didn't catch up in capacity or cheapness for quite a while.

            1. FIA Silver badge

              Re: "Delete" = "Hide"

              Damn I feel old, I've got this far in this thread without realising that UVEPROM is the modern name for what I'd just call an EPROM.

              Sometimes the IT industrys penchant for retrospectivly naming things is really annoying.

              1. John Brown (no body) Silver badge

                Re: "Delete" = "Hide"

                Yes, it seems weird using a new name now.

                • PROM. Can't be erased
                • EPROM, erasable (by UV light)
                • EEPROM, electrically erasable

                There's no need, ever, for the term UVEPROM :-)

                1. jake Silver badge

                  Re: "Delete" = "Hide"

                  "There's no need, ever, for the term UVEPROM"

                  So little use, in fact, that in all the years I've been using them (early '70s), this is the first time I recall seeing that term.

        2. rototype

          Re: "Delete" = "Hide"

          I remember there was a trick with Psion organisers and the Datapacks - the 64k (yes k) datapacks were quite expensive, but the Oxford Spelling Checker was a reasonable price (about 1/2 what the 64k datapack cost as I recall) and came on said 64k datapack - one trip through the EPROM eraser at work and I had a 64k datapack - I think most of the PSION user group knew/used this trick as well.

      3. bpfh Silver badge

        Re: "Delete" = "Hide"

        It removed the first letter of the filename didn't it? I remember undelete returning a list of files and having to select the first name of each one!

    2. Greybearded old scrote Silver badge
      Thumb Up

      Re: "Delete" = "Hide"

      I take the view that delete is a hangover from the days of floppy disks and "enormous" hard drives that wouldn't hold one of my photographs.

      My projects tend to have a soft delete and perpetual undelete, just because storage is cheaper than lost data. Although that wouldn't be appropriate in a GDPR adjacent application.

    3. Eclectic Man Silver badge
      Happy

      Re: "Delete" = "Hide"

      I remember years ago, one drug smuggler did exactly that, and was VERY embarrassed when the police seized his PSION organiser and read all of his 'deleted' files.

      "As a drug smuggler, Paul Dye knew that a filofax was of no use to him, but

      since his highly entrepreneurial business demanded a portable diary, contact

      list, memory prompter, calculator and note-taking device, he opted instead for

      a Psion Organiser.

      At around (pounds)100 for the basic machine, he got a hand-held computer

      whose memory could hold details of his (pounds)200 million drug smuggling ring,

      and could be wiped clean if the law caught up with him.

      But since he has been fined (pounds)202,000 and is now doing 28 years in gaol

      partly on the strength of evidence obtained from the machine's "erased" memory

      we may conclude that he potentially has a case under the Trades Description

      Act."

      https://catless.ncl.ac.uk/Risks/6/38

      1. Cederic Silver badge

        Re: "Delete" = "Hide"

        Another entry on that digest is an interesting one: 1988 reference to neural networks struggling with what they refer to as 'black faces'.

        Very long standing problem..

        1. molletts

          Neural networks

          I knew someone who didn't believe that neural networks existed before the current "AI" obsession.

          It blew his mind when I showed him my copy of "Explorations in Parallel Distributed Processing" from 1988, revealing an already-established field of study. As for the 5¼" floppy disks tucked into the back cover, they truly blitzed his chakras.

          1. jake Silver badge

            Re: Neural networks

            Then he'd probably dissolve into a pool of grey goo if you have him read Minskey & Papart's late '60s book "Perceptrons", largely discussing the late '50's "Perceptron" machine, which itself was based on work on binary classifier algorithms done in the early 1940s.

    4. Loyal Commenter Silver badge

      Re: "Delete" = "Hide"

      It may be different now, in the days of whole disk-encryption and journalling file systems, but the act of "deleting" a file usually just removes the directory entry of the file. Unless the disk it is on is getting close to being full, the odds are that it will stay there for some time until overwritten, and any disk-recovery software (e.g. recuva) can quite easily recover the contents of deleted files, if not their original file names.

    5. heyrick Silver badge

      Re: "Delete" = "Hide"

      On the Psion 3 family, updating a file on the flash memory simply writes a new copy of it to be used in place of the older copy. Eventually the thing fills up and needs to be formatted to get the space back. But, yes, I can see people not realising that there may be multiple copies of a file lurking there.

      Or, on many filing systems of the era, deleting a file simply destroys the links held in the directory and marks the space as free. The file itself is retained until overwritten.

      On an early RISC OS, I was able to recover a file accidentally deleted by doing a *Create to make a file that was as big as the free space. The entire lot was dropped into Edit (the word processor, but could handle control codes) and hacked about with until the file was found and pieced together (not being in contiguous sectors made it harder).

      Thankfully RISC OS on a floppy drive didn't bother to blank the file first, it simply allocated it in the directory and left the user/programmer to sort out what happens next. Saved my ass a few times. ;)

      1. SloppyJesse
        Joke

        Re: "Delete" = "Hide"

        I didn't realise the Psion 3 used ZFS!

      2. Hey Nonny Nonny Mouse

        Re: "Delete" = "Hide"

        I've done similar with deleted RAID sets, it's a neat trick and rather magical when you create a "new" container on a blank array that's suddenly full of all your client's exchange stores.

      3. Martin an gof Silver badge

        Re: "Delete" = "Hide"

        Edit wasn't really a word processor - it was a text editor at heart, and although it was invaluable to have one sitting there in the ROM by default, I tended to use StrongEd in preference, with its rather handy hex mode. The number of times I've recovered JPEGs by searching for JFIF or a string that looked in StrongEd like "ÿØÿÀ"...

        M.

        1. molletts

          StrongEd

          I loved StrongEd - its text rendering was so much faster than Edit. As well as making editing feel "not clunky any more", it made task windows much more usable.

    6. Sequin

      Re: "Delete" = "Hide"

      Back in the day many offices used Amstrad PCW8256, 8512 and 9512 machines as they came with word processing and a printer, and you could buy spreadsheet, database and accounting packages, as it was a CP/M machine. If using the Word processing software and you chose to delete a file, it just flipped a bit on the header and moved it to another user partition. In CP/M you had 16 user partitions on a disk - the equivalent of folders on DOS machines. I file in one user partitin couldn't be seen from the others. Locoscript let you use the first 8, and if you deleted a file it got moved into the partition plus 8, so if it was stored in user 1, the "deleted" file would be moved to user 9 and so on. I think backup copies were also stored there. Finding and restoring them was trivial.

      I loved those machines!

    7. Ken Moorhouse Silver badge

      Re: I heard a story...

      Correct.

      The Psion devices had two on-board EPROMs, so that when you'd filled up one by normal file operations (including deletion by hiding) you could copy the data to the other device, shrinking the total of bytes to the number of active files, taking the "full" device out, zapping with an UV eraser, then putting it back in. This meant that one had to be disciplined to work in a way compatible with this workflow.

      As PC Paul mentions, the devices had open backs to them to enable them to be zapped, but were supplied with an index tab to cover the hole, analogous to the write-protect tab on a cassette. Cassette? Oh, never mind...

  4. Stuart Castle Silver badge

    Not really a use of my IT skills, but when one of our users reported their laptop had been stolen, I looked up the footage from the nearest camera, which had actually recorded the theft. Unfortunately said thief had long gone, and the room was open to the public for a special event, so we had no access records.

    I dutifully phoned 999, reporting the crime. Within a few minutes, I got a call from our local Police station, so offered them access to whatever they needed to solve the crime. Their response? "Here is a crime number. Please investigate the crime, and let us know if you find anything." The user was obviously not impressed, but chuffed when we were able to to claim on the insurance and buy her a new laptop.

    1. GlenP Silver badge

      We had a visit from the Police at work, asking if they could view our CCTV footage for a particular night as a crime had been committed nearby. Due to the ancient system we had then it wasn't easy to just view it, but I did offer to drop it onto a memory stick, which they were delighted about - promising to collect it in a couple of days.

      That's the last we ever saw of them - so obviously it wasn't that important and I wasted my time trying to help!

      The most they might have got anyway were times vehicles passed, the cameras didn't cover much beyond our immediate property boundaries and were poor quality.

      1. keithpeter Silver badge
        Pint

        "That's the last we ever saw of them - so obviously it wasn't that important and I wasted my time trying to help!"

        TBF it *may* have been that the police were able to catch the guilty party red handed (so to speak) and so may no longer have needed the footage.

        Still rude not to acknowledge.

        1. Doctor Syntax Silver badge

          It may also have been that they gave the CCTV cameras a glance as they were leaving and realised they didn't cover much beyond the boundaries and would have been of poor quality.

          1. Anonymous Coward
            Anonymous Coward

            Ha, if it's anywhere in London, the police already have access to CCTV that's good enough for catching most people.

            1. Robert Carnegie Silver badge

              There's a scene in one or more of Ben Aaronovitch's "Rivers of London" novels (modern police vs. magic) where PC Grant goes around collecting CCTV data which local businesses are happy to copy onto his personal USB stick. Not ideal procedure though, that. Unless it's a new one.

    2. heyrick Silver badge

      Back around the millennium and near Guildford, my neighbour was burgled. The rozzers turned up, gave her a reference number and told her to contact her insurer. That's the last she saw of them.

      Kind of makes a person wonder what the hell they actually do...

      1. jake Silver badge

        "Kind of makes a person wonder what the hell they actually do."

        Check the CCTV footage (Megage? Gigage?) and issue traffic citations would be my guess.

        1. Herby

          Traffic Citations??

          Isn't that what speed cameras are for?? (*SIGH*)

          1. TeeCee Gold badge
            Coat

            Re: Traffic Citations??

            That's Constable speed camera to you.

        2. Anonymous Coward
          Anonymous Coward

          Not round here. We've got a bike parking area. All brand new and full of CCTV that no-one ever looks at. Police don't even bother to acknowledge crime reports for the area.

      2. Anonymous Coward
        Anonymous Coward

        90% of policing for low value stuff (aka, not owned by a big political donor) is "paperwork".

      3. Mooseman Silver badge

        "Kind of makes a person wonder what the hell they actually do..."

        Mostly struggle with vastly depleted numbers of actual beat coppers. Where I live the nearest plod is based 12 miles away, we don't see one in the area for months at a time. We do have a PCSO, however. HIs beat is "south Sussex".....

    3. david 12 Silver badge

      My Doctor pointed out that he didn't care about the laptop, but the case included a prescription pad (which could be used to obtain drugs), and his home address (which would make his home a target for drug-seeking crime), and that if there was a home invasion, his family would be very unhappy.

      That was sufficient to get the police interested in his small crime. They watched the footage, recognized the person involved, went around to his house, recovered some of the material, and warned him off.

    4. Paul Cooper

      In fairness to the Police, they get some very odd requests for crime numbers resulting from the Insurance companies' love of them. I had a ridiculous one - I had my camera stolen while in Buenos Aires. Didn't realize it had been stolen until too late to do anything practical and I had no desire to get mixed up with Argentinian police (I worked for the UK government at the time). Got home and started a claim on my travel insurance. "Have you got a crime number?" they asked. I pointed out that I didn't, and they asked me to ring the local (UK) police to get one! I duly did so - and had a good laugh with the police officer I spoke to, who expressed great willingness to go to BA to investigate the crime! But he was obviously used to similar silly requests, and I got my crime number, out of which I got a rather better camera than the one I had stolen!

      1. Mooseman Silver badge

        I had a few things nicked when living as an impoverished student in one of the rougher areas of Birmingham. Insurance asked for a crime number, local police said they would get round to it eventually - which they did after the riots in 85. A grizzled old copper turned up at my door with the crime number and the advice to have a look for my purloined hifi amplifier in the local pawn shops. That was it.

        1. sandman

          Quite sound (pun intended) advice. I had some quite valuable books stolen in Portsmouth, I didn't bother with the police, just went almost literally around the corner to the nearest antique/second-hand bookshop, recognised my books, pointed out to the shopkeeper (fence) my signature inside each one, and issued a few brisk threats involving physical harm and property damage. My books were grudgingly returned.

      2. Dave314159ggggdffsdds Silver badge

        It only seems daft until you consider the effects on people trying it on. Somehow, despite the bit where the plod'll just accept whatever you say and give you a crime number, most insurance fraudsters don't want to go to the police with their made-up story of loss.

      3. TSM
        Trollface

        Well, you clearly shouldn't have been stealing cameras in the first place!

        1. Paul Cooper

          I was wondering if someone would notice my grammatical error!

      4. adam 40 Silver badge

        Camera thief!

        "I got a rather better camera than the one I had stolen"

        Ha! never mind, I'll leave this here anyway....

  5. Alan J. Wylie

    A similar story involving core store

    A previous post of mine:

    "You mean that the top secret contents of memory don't get lost when we power off?"

    1. Loyal Commenter Silver badge

      Re: A similar story involving core store

      You may be surprised to hear it, but there was some research done a while ago about how long "volatile" memory holds its contents after being unpowered, and in many cases, it's long enough to take a RAM module out of the machine and plug it in elsewhere and read the contents. Cooling with nothing more than canned compressed air extends the read time, and something like dry ice or liquid nitrogen makes it last orders of magnitude longer.

      1. A Non e-mouse Silver badge

        Re: A similar story involving core store

        I've been told that high security facilities don't allow faulty kit to be taken offsite for repair for this exact reason. If it's broken, it's replaced and the old is thoroughly destroyed.

    2. An_Old_Dog Bronze badge
      Flame

      Beware Mixed Memory Types

      PDP-8e w/ASR-33 Teletype/paper-tape reader/paper-tape punch, 4Kwords of core memory. BASIC fits into 4Kwords with space left over. Then we got an upgrade: an additional memory board with 4Kwords of static RAM, and an upgraded BASIC. The new, extended BASIC does not fit into 4Kwords, so we leave the computer running overnight, with a large sign reading "!! DO NOT UNPLUG !!" over the power socket on the wall.

      Fuckwit janitor unplugs the computer, which was on a wheeled cart, every damn night, and we then spent 40+ minutes toggling in the RIM loader, reading in the BIN loader, then reading in extended BASIC at 10 half-words per second, every damn morning.

  6. chivo243 Silver badge
    Coat

    Manager and Cashier

    I wonder what their plan was? Just to nick the cabbage and have a nice vacation, or pull a Steve Miller classic, Billy Jo and Bobby Sue... oh oh take the money and run!

    1. Anonymous Coward
      Anonymous Coward

      Re: Manager and Cashier

      I'm not sure how much a 1980s bank branch float would be, but it might stretch to "new life" money, but that's actually pretty hard to get to.

      Places that don't extradite tend to be expensive to live in (especially if they know you're hiding), and people who come up with these Great Schemes tend to have issues with impulse control and managing money.

      I have a former customer (an IFA), wanted by interpol, happily living in Dubai. They 'only' nicked about £2m (a few years ago), so we're pretty sure they'll run out long before we forget about them.

      1. Wally Dug

        Re: Manager and Cashier

        When I worked in a bank in the early 90s, the ATMs alone held enough cash to buy a decent family home with change left over for a brand new car, especially if it was a bank holiday weekend when the two ATMs *had* to be stuffed full of cash and we still crossed our fingers that they wouldn't run out of cash.

        Add in the cash for branch business, plus foreign currency and travellers' cheques and it was a lovely sum.

        But... we knew that there were checks and balances (no pun intended) and that you would always, always get caught.

        Of course, it didn't stop some people trying and every so often we'd receive internal memos as a deterrent more or less naming individuals who had been caught pilfering even small amounts.

        So, a life-changing sum? Certainly - but life-changing in the sense of Her Majesty paying your board and lodgings for a few years.

        1. Doctor Syntax Silver badge

          Re: Manager and Cashier

          "So, a life-changing sum? Certainly - but life-changing in the sense of Her Majesty paying your board and lodgings for a few years."

          Or if you worked for the Post Office, no sum at all.

        2. JimboSmith Silver badge

          Re: Manager and Cashier

          Not one of my workplaces but someone entered a cheque deposit amount for a client into the accounting software. They missed off the first digit of the amount. Therefore £100k became £00k plus some pence and no one immediately spotted it. When they did the Sh!t hit the fan and an investigation was launched. On further inspection the “1” key was found to have an intermittent fault on that keyboard. Employee was partially* cleared but keyboard taken out back and shot. *partially because they should have double checked the amount.

          1. Not Yb

            Re: Manager and Cashier

            I'd love to have enough money that a £100k mistake doesn't get spotted immediately.

            1. JimboSmith Silver badge

              Re: Manager and Cashier

              It was a business client but I can’t be much more specific because I’ll identify someone.

        3. Anonymous Coward
          Anonymous Coward

          Re: Manager and Cashier

          I do wish I could talk about some of the things that happened in the retail business, but I don't want to put low-wage employees at risk by describing them in enough detail to be worthwhile.

          Also, I have this proof, but it's too small to contain in the margin.

      2. keithpeter Silver badge
        Windows

        Re: Manager and Cashier

        Wage packets?

        Some bank branches in the 70s, 80s and part of the 90s would pay out wages given the employer cheque - an early form of outsourcing.

        Couple of *large* factories locally?

      3. Dave314159ggggdffsdds Silver badge

        Re: Manager and Cashier

        Places that don't extradite are a poor plan. Well, unless you want to spend the rest of your life in e.g. Dubai and never leave. Much better to disappear somewhere nice, create a new identity, and launder the cash. Done like that you need much, much less to be life-changing. Move to the US, change your name, set up a small business with the cash you nicked and you won't need to work hard, for example - a lot better than being a branch manager.

      4. Terry 6 Silver badge

        Re: Manager and Cashier

        I've often wondered about this £1m+ sounds a lot to some idiot deciding to nick it and do a runner. But how far that much money goes on the run may be a different proposition.

        1. R Soul

          Re: Manager and Cashier

          OK, I'll take one for the team. Let me do a runner with £1M+ and find out how fr it goes.

          1. Terry 6 Silver badge

            Re: Manager and Cashier

            3 bedroom apartment in Rio would set you back half a million today. In the 80s a million would have gone a lot further..But this is hardly a mansion. Next you'd have to make the cash buy. safely. Then on top of that you'd need protection. Including paying off the police, I'd assume. Add normal day to day living costs for the rest of your life, with no pension, no NHS, so you'd better not get ill .£4m ( the value of £1m in today's values) isn't going to get you that much luxury living for maybe several decades.

      5. FILE_ID.DIZ
        Boffin

        Re: Manager and Cashier

        I don't know - $2M in a decent currency and you can live off the interest alone.

        3.5% = $71K

        5.5% = $112K

        7.5% = $155K

        9.5% = $198K

        1. Roland6 Silver badge

          Re: Manager and Cashier

          > $2M in a decent currency and you can live off the interest alone.

          Well that probably excludes Sterling and many UK banks, where the savings interest rate is circa 1.4%(*)

          1.4% on £2M = £28,000.

          (*)Okay some have managed to increase their savings rate to 3.5%...

          1. Norman Nescio Silver badge

            Re: Manager and Cashier

            Many years ago, I took the view that living off the interest was too risky*. So I decided that you needed to be able to live off the interest of the interest. At that time, savings accounts were generating roughly 10% per annum, so I reckoned on £4million being about right. 10% of £4 million being £400,000, and 10% of £400,000 being £40,000. Since that calculation, inflation has meant the starting capital should now be roughly £12 million.

            Unfortunately, I knew of no way I could get hold of the necessary amount (I am neither criminal- nor business-minded, nor play lotteries) so I've been a wage slave for longer than I'm comfortable with.

            It is certainly possible to live comfortably on much less, but I set my sights on a reasonably luxurious lifestyle - not needing to work being the greatest luxury. Of course, morally, living off the sweat of other people's brows would make me a parasitical rent-seeker, so I try to assuage my moral shortcomings by supporting policies that help the Gini coefficient for both wealth and income approach zero.

            *Essentially, by spending all the interest every year, you are eroding the value of the capital sum by the inflation rate each year (the real, inflation adjusted value goes down). At some point, that means the value of the interest is less than a comfortable annual income. That can happen surprisingly quickly. If you take the approach that the interest rate will approximate the inflation rate, then you preserve the real value of the capital sum each year, whilst 'creaming off' the interest on the interest. Eventually this strategy will fail, as interest rates lag inflation, but over a lifetime I reckoned that was a reasonable risk to take. If you have not lived with high inflation, you might not realise how nastily it bites. Of course, you can eat into your capital, but then you have to hope it lasts your lifetime.

            1. Stork Silver badge

              Re: Manager and Cashier

              This is much discussed in the FIRE circles and research (based on mainly US data) indicate that with a portfolio of 60% stocks (index tracker) and 40% government bonds, you can spend up to 4% of your total forever.

              Of course this is before tax, there have been periods you had to go to 3.5% (starting late sixties) and skips over the difficulty of investing a few million you got your hands on by unconventional means.

              1. jake Silver badge

                Re: Manager and Cashier

                Unconventional means?

                In what world is theft and trafficking in illegal stuff "unconventional"?

            2. Pascal Monett Silver badge

              Re: you needed to be able to live off the interest of the interest

              Not really.

              If you don't plan to have a family, living off the interest of the interest means that, when you die, there is big pile of money that will eventually be claimed by the State.

              I see no reason to let the State get the money - it wastes enough as it is.

              If you go to a place where your lifestyle costs you $5000 per month, you have twenty years ahead of you before having spent the capital. Interest comes on top, which will likely give you a few more months.

              Back in the day, your costs would likely not have been so high, especially if you move yourself to a country where the cost of living is much lower.

              Adjust your capital span accordingly.

              These days, the Euromillion lottery hands out a minimum of €18 million to the top winner. Even if I try and push my lifestyle to the €10K/month bracket (you can only eat one Beef Angus steak per meal, after all), that still gives me 150 years of capital.

              Forget living on the interest, you're just creating more problems instead of solving the most important one : having fun.

              1. jake Silver badge

                Re: you needed to be able to live off the interest of the interest

                "If you go to a place where your lifestyle costs you $5000 per month"

                You film it, put it on YouTube, and turn your small fortune into a large one by keeping the kiddies living vicariously through you furiously clicking away.

            3. rototype

              Re: Manager and Cashier

              This is only a reasonable issue if you expect to live forever. If you're reasonably young and expect to have another 50+ years to go then you'll need more, if you're closer to retirement and only expect up to 30 years you can run down the capital.

          2. Doctor Syntax Silver badge

            Re: Manager and Cashier

            "the savings interest rate is circa 1.4%"

            The story involves the 1980s when interest rates were a lot higher.

        2. FIA Silver badge

          Re: Manager and Cashier

          I was about to suggest there might be a '...and where did you get this from?' conversatoin.

          But I suspect if you've enough money that kind of inconvenient customer/banker interaction can be avoided.

          Also, if you've got a few mil, you'd probably pay a decent crooked accountant to invest the money. I expect it's only poor chumps like us that have to deal with bank interst rates these days.

          1. Stork Silver badge

            Re: Manager and Cashier

            I think you have to go to 10s of millions to be of interest for proper crook-enablers

        3. Terry 6 Silver badge

          Re: Manager and Cashier

          This only works if you don't have considerable up-front expenses. As in getting to a suitable safe destination, getting accommodation, covering your tracks and keeping them covered. Just for starters. And then there is the matter of your personal security.

        4. Anonymous Coward
          Anonymous Coward

          Re: Manager and Cashier

          (Same AC here)

          You're not entirely wrong, though the math is obviously going to vary a lot with available interest rates. However -

          People who nick $2m are rarely going to be able to do that. Not because banks won't deal with them, we know they will, but because they have impulse control problems that lead to them getting into fraud in the first place.

          They'll buy a nice house - cash, obviously - and then that's 500k gone on the principle. They'll buy a very nice car, then crash the thing. They'll buy a nice car for the spouse, and then one for their /other/ partner. They'll get suckered into a 'guaranteed winner' of an investment, buy a yacht, or get into Warhammer.

          Every thing they do cuts into that principle, and burns down their income.

          Because, end of the day, the smart money doesn't do illegal fraud, you find a nice legal one and just keep doing that.

          1. Mooseman Silver badge

            Re: Manager and Cashier

            "buy a yacht, or get into Warhammer"

            OK that made me laugh :)

            Mind you, £500 k will buy you a fairly small house around here. A standard 4 bed box is upwards of £850k

        5. Dave314159ggggdffsdds Silver badge

          Re: Manager and Cashier

          Where are you going to get interest of 3.5%? You'd be lucky to get that return (above inflation) from investments with significant risk, these days.

          1. jake Silver badge

            Re: Manager and Cashier

            "Where are you going to get interest of 3.5%?"

            Personally, I invested in land. Much, much higher than 3.5%

        6. Loyal Commenter Silver badge

          Re: Manager and Cashier

          Let's assume that you get that (frankly unrealistic) 3.5%, your $71K (around £50k) isn't going to be going up with inflation. With inflation at about 10% at the moment, the value of that £50k is going to decrease pretty rapidly, to the extent that in a decade or so, it's probably not even going to pay your rent (you didn't use that $2M to buy property, so you're on-the-run and renting).

          For example, even at 5% inflation, the real value of that £50K p/a is going to be a little under £30k after ten years. If you assume inflation goes down by 1% each year (currently at 10%, next year 9% and so on), which is an optimistic assumption, it's just over £28k in ten years time.

          Also, good luck finding a high-interest bearing account into which you can put $2M, no questions asked, and from which you can withdraw the interest with nobody tracking you down and freezing your assets.

      6. FIA Silver badge

        Re: Manager and Cashier

        It was the 80s.

        You move to spain and sit it out in the sun until Phil Collins makes a film about you.

        1. Anonymous Coward
          Anonymous Coward

          Re: Manager and Cashier

          Or worse. he moves in next door.

    2. Anonymous Coward
      Anonymous Coward

      Re: Manager and Cashier

      Or a dirty weekend in Vegas with a "plan" to win big & return the money before it was noticed?

      1. Anonymous Coward
        Anonymous Coward

        Re: Manager and Cashier

        A bank in Jersey (the sort that had numbered accounts and an understanding attitude) back in the day.

        One of the directors and the head cashier disappeared at the same time. So did a book of counter cheques.

        Cue interpol and an international manhunt. They turned up a week later after a relaxing bit of rumpy-punpy oblivious to everything. The cheque book had fallen down the back of the filing cabinet

  7. Anonymous Coward
    Anonymous Coward

    CEO investigation

    Anon, of course.

    Background was a 9BUSD turnover international company, publicly listed. The share, if I recall correctly was tanking to the point, after the facts, I remember it was almost every day claimed to be, depending on whether it was an odd or even day of the month, "the highest rise" or "the highest fall" of the index. LOL. Yes, share value was pure white noise, depending on a single investor's sneeze ...

    I was once summoned by top mgmt to investigate the CEO's email, for all backups in the past. A lawyer would come personally to pick up all gathered data.

    So I spent one month+ restoring every backup from years before, after rebuilding a mail system (complex feat, the solution was phased out for years).

    In the end, I was able to recover a fair share of data (50 %), but nothing was found that I heard of, by the lawyer.

    I had the time to briefly look at the emails, and saw this bollocks CEO was spending a fair share of time planning for his kids' career. Not really a surprise the company had done so bad during his 25 years tenure !

    Hopefully, the company is now mostly recovered, but this was a scary insight into some dodgy CEO life ... And I've stopped investing in any share ever since.

    1. Anonymous Coward
      Anonymous Coward

      Re: CEO investigation

      If you have "stopped investing in any share ever since" what are you doing with your pension saving?

      The last few months have kicked my pension pots and ISA around the park but I'm still in front of where I would have been with a cash account.

    2. An_Old_Dog Bronze badge
      Joke

      Re: CEO investigation

      ... but cryptocurrencies are a solid investment!

      1. stiine Silver badge

        Re: CEO investigation

        So is a rock.

  8. chivo243 Silver badge
    Trollface

    ahem...

    "You mean," came the horrified question, "when we press delete, the emails don't actually delete, they get saved to backup tape?"

    Being a senior manager, you did sign off on implementing this system, you read the documentation, did you understand it??? LOL

    1. Jeroen Braamhaar
      Pint

      Re: ahem...

      Two kinds of people:

      those that manage what they do not (want to) understand

      those that understand what they don't manage

      sometimes supplemented by the third kind:

      those that don't manage what they don't understand (but collect big consultancy fees for)

      1. KittenHuffer Silver badge

        Re: ahem...

        I could have sworn that CEO the 3rd kind was a film directed/written by Steven Spielberg in the late 70's!

      2. chivo243 Silver badge
        Pint

        Re: ahem...

        Well said!

  9. KittenHuffer Silver badge
    Holmes

    I once did ...

    ... some forensic auditing at a garage, following parts being ordered from suppliers, to receipt, and booking out to workshop or bodyshop jobs. And then proving that the parts were not for the make/model of vehicle in the workshop/bodyshop. This was then used in the court case of the mid-management employee that was ordering/stealing the parts to order.

    The system was old enough that it printed out an audit trail of transactions at the end of each day, so the actual w**k was wading through stacks of printouts taller than the PFY that I was.

    Eliminating the impossible! ----------->

    1. My-Handle Silver badge
      Joke

      Re: I once did ...

      And some of those middle managers can really be impossible....

      Sorry, just came from the BOFH thread.

  10. J.G.Harston Silver badge

    So, when they delete something, they want you to send a truck to the off-site storage, load it up with tapes, bring them back on-site, load each tape in turn,track down the file on each backup tape, and remove it, thereby changing history. What's his name, O'Brien?

    1. phuzz Silver badge

      It does make me wonder how to cope if you have data that falls under GDPR or similar laws. If a customer wants you to delete their account, do you have to go through all the backups and remove it there too?

      1. Killfalcon

        Short answer is that the answer is often yes, but sometimes no. And if your backups are only kept a short time before being replaced with newer ones, the issue is moot.

        Where it's a no, that's usually covered under "valid reasons for processing" - like "we can't use your data for anything right now, but there's a process to recover it if the police/HMRC ask for it, and we're required to be able to do that".

        Note that not everyone has those obligations - the rules for healthcare and finance are very different, f'rex. The GDPR is built to flex around such rules and laws.

        1. Eclectic Man Silver badge

          re: deleting data from backups

          Under UK data protection legislation, the data subject has the right for incorrect data about them to be corrected, or, if data is correct, but retention by an organisation is harmful or distressing, they can get it deleted. However, there is always a consideration of the effort involved in compliance. So data could be corrected or removed from online storage, but left in offline backup tapes, and only deleted from those were they to be used for a restore of data at some, unspecified, future date.

          Of course published data (such as newspaper articles) cannot be deleted or corrected in the original issue, so retractions and apologies are more appropriate.

          1. Anonymous Coward
            Anonymous Coward

            Re: re: deleting data from backups

            > left in offline backup tapes, and only deleted from those were they to be used for a restore of data at some, unspecified, future date

            Would they need to keep a separate store of all the data that needed to be deleted at that future date, so they knew what they were looking for?

            1. Phil O'Sophical Silver badge

              Re: re: deleting data from backups

              And wouldn't that data also need to be deleted, as being data about you that they asked you to delete?

              It's turtles all the way down....

              1. Anonymous Coward
                Anonymous Coward

                Re: re: deleting data from backups

                I had that request from a customer when GDPR came in; please delete all the data that you hold on me and this request once complied with. What could be so sensitive? The kitchen that we supplied to the builder of their 4 bed executive box on an estate somewhere. Sure pal, hang on while I destroy all my backups too...

                1. Eclectic Man Silver badge

                  Re: re: deleting data from backups

                  I hope you asked whether 'all the data' included the guarantees on the work and products, tax and excise paid etc.

                  I understand that HMRC is a bit touchy about people deleting financial information which is less than 7 years old.

                2. Roland6 Silver badge

                  Re: re: deleting data from backups

                  >Customer?

                  "The kitchen that we supplied to the builder of their 4 bed executive box on an estate somewhere."

                  Unless the customer (house purchaser) placed the order and thus was also instructing the builder, it would seem on what you say the customer (who brought the kitchen) was the builder. Not sure if delivery address, if that of a private individual, on a B2B transaction falls under GDPR.

                  1. John Brown (no body) Silver badge

                    Re: re: deleting data from backups

                    Possibly, but if "instructing a builder", then normally you go choose the kitchen and either buy it and have it delivered or "instruct the builder" to go buy what you have chosen, and he'll want the cash up front, ie is only acting as an agent.

          2. John Brown (no body) Silver badge

            Re: re: deleting data from backups

            "but left in offline backup tapes, and only deleted from those were they to be used for a restore of data at some, unspecified, future date."

            Assuming that the original removal is part of an accessible and usable transaction file ready to be run against a backup might be a bit optimistic :-)

            It may well be a required function, but I'd be willing to bet a lot of recovery strategies, disaster or otherwise, neglect that. There will most likely be an inherent assumption that there will be missing data, not additional data when restoring a backup.

            1. Doctor Syntax Silver badge

              Re: re: deleting data from backups

              "Assuming that the original removal is part of an accessible and usable transaction file ready to be run against a backup might be a bit optimistic"

              If, a big if in the case of email, but not necessarily so in case of ordinary transactional operations, if the data is in a good DBMS with a good DBA looking after it then it should be expected.

            2. Norman Nescio Silver badge

              Re: re: deleting data from backups

              Eee, when I were a lad, many aeons ago (before GDPR), we did some backups to WORM drives. Not easy to delete some records from them.

              As other posters point out, you can devise encryption schemes that allow you to 'forget' how to decrypt data keyed to an individual: assuming each individual has one or many unique IDs which have a list of encryption keys for the actual records linked to them, you 'simply' delete the list of keys, making all records inaccessible. The key management problems are not trivial.

              To be honest, I quite like immutable records. I don't want, for example, details of my pension contributions to vanish into the ether; or indeed records of entry to the UK on HMT Empire Windrush. What I don't want is people using them for nefarious purposes: the right to delete is solving the wrong problem, when what you want is to be able to trust people not to abuse personal information. Gaol terms for people/directors of companies abusing that trust, rather than fines that can be written off as 'the cost of doing business' might get people taking things more seriously.

        2. Doctor Syntax Silver badge

          With a good RDBMS with proper backup of transaction logs then a restore to as close as possible to the point of failure might initially restore the deleted record if it was on the primary tape but subsequent progress should replay the deletion.

      2. tip pc Silver badge
        Paris Hilton

        >It does make me wonder how to cope if you have data that falls under GDPR or similar laws. If a customer wants you to delete their account, do you have to go through all the backups and remove it there too?

        if its encrypted then can just delete the key and its effectively gone. no key no recovery, obviously don't backup the key, just keep a highly available process for duplicating the key with perhaps a 30 day delete life on all keys marked for delete before they are truly irrecoverable.

        1. SloppyJesse

          That would require a separate encryption key for each natural person. An interesting option to implement on a database system backup.

          As others have suggested, if a system contains personal data that can be removed as part of a GDPR right to deletion request then the restoration processes need to take that into account so the data is not subsequently restored and used.

          And to answer the argument "but if you delete all personal data you have to delete the deletion request", GDPR allows retention of personal data that you have a legitimate use for. An audit trail of requests processed is a reasonable reason to hold identifiers to ensure restoration processes are compliant.

          1. FIA Silver badge

            This.

            The problem with complex legislation like GDPR goes back to the manager issue outlined above.

            You have a complex legislation, requiring a reasonable amount of effort to read and understand, which has to be implemented before a deadline. You're the responsible manager, do you take the time to learn and understand it, along with your daily work, or do you just look at the headlines, and do the actions that you know will make you compliant even if they're actually pretty blunt. (Remember it's scarey sounding too, with words like 'legal' used a lot in conversations around it).

            Hence the 'delete everything' mantra.

            Similar thing with the cookie popups, as I understand it, the actual law mandates they're not obtrusive and are dismissable with a single click (equating to 'reject all), yet how many of them actually get further than 'show a cookie popup'.

  11. Steve Kerr

    Turning up at work to a bunch of police

    In a previous job turned up for a shift with a bunch of police that wanted to talk to me - scared the crap out of me.

    Turns out, they wanted to listen to a voice recording of a particular line (lots of dealer lines & also some switchboard lines were recorded) and management told that to come to the building and I'd do it but didn't tell me that they were arriving.

    These were analogue tapes that had something like 48 lines recorded and the tapes ran for 24 hours at a time.

    Anyway, I ran thru a tape over a time period for one particular external line whilst they listened (and obviously I did too).

    What transpired was there were some bomb threats being phoned in to reception, in listening to a scratchy recording, could hear a woman in the background and a child, it was one of the managers in the midsts of a mental breakdown phoning in bomb threats. Don't know what actually happened to him in the end. I was asked by the police about what I thought I heard.

    Have had to listen in to a bunch of other dealer conversations which included hearing the sex lives of several of the dealers - oops!

    1. Prst. V.Jeltz Silver badge
      Headmaster

      Context!

      you didnt really elaborate on what "Dealer" means in this case

      1. nintendoeats Silver badge

        Re: Context!

        I'm sure it's the kind that sells stocks to buy drugs, and not the kind that sells drugs to buy stocks.

        1. Eclectic Man Silver badge
          Facepalm

          Re: Context!

          People really should keep their work and private (sex) lives separate. One organisation was being sued and the consultants' work diaries were under legal disclosure obligation. Unfortunately one of the 'consultants' used it also to record his 'night time' activities, with star ratings and intimate details. So that had to go through a legal redaction process before release to the opposition's legal team.

          1. MiguelC Silver badge

            Re: Context!

            I implemented a chat logging system for dealing terminals used by our traders and had to go trough some real logs to get everything working correctly.

            The amount of futilities and all kinds of banter logged in those chats dwarfed real work by 100 to 1, I would say. Just confirms the saying that (most) traders are nothing but expensive desk jockeys!

            1. Phil O'Sophical Silver badge

              Re: Context!

              The amount of futilities and all kinds of banter logged in those chats dwarfed real work by 100 to 1

              I think you'd find much the same is true of most current Slack sessions.

              1. FIA Silver badge

                Re: Context!

                I think you'd find Ogg and Ugg spend far too much time drawing rude cave paintings when they should be out hunting wilderbeast.

              2. Anonymous Coward
                Anonymous Coward

                Re: Context!

                And an improvement on the signal to noise ratio in Teams/Zoom/Webex/Adobe Connect/etc sessions.

              3. dboyes
                Happy

                Re: Context!

                Sturgeon]s Law applies: 90% of EVERYTHING is crap.

          2. Hey Nonny Nonny Mouse

            Re: Context!

            They really should, I'm still wary of borrpwimg pens, whiteboard markers and other writing implements after having to dig through a pile of email for a fraud case.

  12. PickledAardvark

    You just never know...

    The day after the summer 2005 London terrorist bombings, many organisations were asked by the gentlemen in soft shoes to retain their email backups for the previous 30 days.

    Five years later on of our operators phoned the system team to ask if an old mail box could be restored. Not from last month, not last year but yonks ago. We found it, and we also established that the tape was still readable

    1. Anonymous Coward
      Anonymous Coward

      Re: You just never know...

      I remember a request from our support team asking if we could help a customer who was still using a very old version of our software, which required a license key, but after a hardware repair the system ID had changed and the license didn't work. We had long since dropped the licensing stuff and no longer had a license team to generate new keys.

      Digging back through email from 10+ years previously I was able to find both the license generation utility and the master key (which I shouldn't officially have had, but was given to do testing & filed away "in case it might be useful"). That earned me a beer or two.

      1. MiguelC Silver badge

        Re: You just never know...

        All knowledge you should not have but have because it might come in handy one day is priceless! You just need to be extra careful when and to whom you disclose you have it...

        1. Anonymous Coward
          Anonymous Coward

          Re: You just never know...

          >You just need to be extra careful when and to whom you disclose you have it...

          You also need to be careful about storage, particularly if the information just so happens to fall under some act of Parliament and so under different circumstances could earn you a vacation hosted by HMP...

      2. Doctor Syntax Silver badge

        Re: You just never know...

        filed away "in case it might be useful"

        "It might come in" (the "useful" is assumed) is my family motto.

    2. TSM

      Re: You just never know...

      I've had some old requests. One company wanted an explanation a couple of years ago of ~$10k of due payments that were showing up in a report as not having been paid; we had to restore a system we'd decommissioned in 2015 to investigate what had happened to them, but the payments they were asking about were from the 2008 kind of era, so you'd think they could have asked a little earlier. (The big one that was almost all the total was paired with an equal negative amount which was also showing unpaid; most of the others had been paid, but the invoice had been transferred to from a subsidiary to their main company, so it didn't get picked up properly in the data update that got the payment information out of the old system. I think in the end they technically owed us a bit, but we obviously weren't going to press them for it.)

      I was less successful when we had a legal request (for a court case) to recover all payments made to a certain vendor ever. We could give them back to ~2006 OK, but before that payment information would have had to be dug out of our (current - 3) system, which was an Access database with a custom front end. Which I was reasonably familiar with, and which I'm pretty sure were backed up to offline storage (they were backed up initially to our fileserver, and some years later we had a big push to archive unused stuff off the fileserver to offline storage), but neither I nor anyone else I asked who'd been around in that sort of era could work out where those archives actually were now, or if they still existed.

  13. Anonymous Coward
    Anonymous Coward

    Email is forever

    I once collated the email chain of an employee who was discussing, with a group of colleagues at other banks, how they could set up an insider trader ring, corner the market and make themselves lots of money. Part way through the discussion as they were getting into implementation detail one of them made the point that perhaps they shouldn't be discussing it using their work emails as they can't be deleted and would be the smoking gun. The others ignored this sensible suggestion and carried on while he tried to make out it was all a joke and seeking their mobile numbers so he could privately shut them up. He "might" have been the only one with a job the next day.

    1. Eclectic Man Silver badge
      Joke

      Re: Email is forever

      I've just watched a banking security documentary ('Chaos', Jason Statham, Ryan Phillippe, Wesley Snipes) where 'shutting people up' is done with high velocity lumps of lead and plastic explosives.

    2. nintendoeats Silver badge

      Re: Email is forever

      Presumably he kept his job because he demonstrated that he was the smartest of that group of criminals, therefore he was permitted to move on to the next stage of the "inner-circle" process.

  14. Boris the Cockroach Silver badge

    Reminds me

    one of our rivial companies had the company secretary divert funds from the company account to his personal one.. was a fairly large sum of money when he was found out.

    Walked away with about 80% of what he stole after the company dropped charges.

    Amazing what can happen when you alledgedly know about the owner's tax evasion scheme.......

    1. Anonymous Coward
      Anonymous Coward

      Re: Reminds me

      It's more likely the company couldn't face the humiliation of having their shoddy financial processes aired in open court. That's what usually happens in these sort of cases.

  15. Anonymous South African Coward Silver badge
    Trollface

    "Someone at the meeting seriously suggested that we add an extra button to the keyboard. One would be 'Delete, but I may want this back' and another would be 'Delete, now and forever'."

    It's called the Deleted Items in Outlook.

    1. Doctor Syntax Silver badge

      And other email clients. That collection is also understood simply as "Read" by some users.

      1. Norman Nescio Silver badge

        I have had to re-educate certain users that used 'Deleted Items' as their archive. Years of email. They only came to me because they had run out of disk space!

        1. Mike Friedman

          None of you has ever been yelled at because some stupid executive thought "deleted items" was his archive?

          That was fun.

  16. Arbuthnot the Magnificent

    Email backups

    I was sole admin for a sizeable manufacturer back in the early 00s, and one day I was "invited" to the boardroom to confirm to the directors that I couldn't read their email. "Of course I can," I said, "I'm the network admin". They were horrified. "But you don't have permission!" Who sets the permissions? I rejoined. After much huffing and puffing on their part I simply said "Mike, your best defence is that I don't think your email will be very interesting. But I'm starting to wonder if that's true..."

    1. Doctor Syntax Silver badge

      Re: Email backups

      That's where they learn the difference between permission and ability.

    2. hayzoos

      Re: Email backups

      My first job out of college involved a similar discourse, but at a smaller scale.

      I do not remember the specifics of the conversation now, but it involved the president/CEO, Senior VP/CFO, Controller, and VP of engineering, oh and my boss the director of IT. Whatever the specific question was, I replied I can access any and all information on the the network, it's my job to protect it. My boss confirmed and calmed the Cs concerns. After the meeting at a local watering hole, one of the Cs said something like "I can't believe we did not realise your level of access." to which I responded, I thought background checks were part of my hiring. Laughs all around, tab was covered by the CEO, I was invited to many more after hour meetings at the watering hole.

    3. David Hicklin

      Re: Email backups

      Similar when I was the site admin for *everything* and the MD asked that I configure things so that not even I could see his or his secretary's files.

      After carefully and slowly explaining how impossible that was he did back down but I still jumped ship not long after that. If they won't trust the site admin they are not worth working for.

      1. Terry 6 Silver badge

        Re: Email backups

        Either that or there's something so dodgy that you're best out of there.

        1. John Brown (no body) Silver badge

          Re: Email backups

          The "dodgy" was most likely the MD shagging the secretary and trying to keep it private :-)

          1. rototype
            Joke

            Re: Email backups

            When I first read that I read it as 'Doggy' not 'Dodgy' - probably the same anyways though..

    4. John Brown (no body) Silver badge

      Re: Email backups

      Apart from anything else, despite the metaphor of an "envelope" around an email, we all know it's more like a post-card and anyone with access, legitimate or otherwise, at rest or in transit, could read that email if there's no encryption. Most users have no clue how email works and are happy to send all sorts of confidential, sensitive or otherwise private details via email.

  17. Ian 31

    Used to look after a purchasing system for a major UK council back in the days when they had council houses and needed to maintain them. Mainframe system that just worked, raise the order, process the goods received notes, pay the supplier, off the lads go to fix what needed fixing. System was how all their tools, materials etc were sourced. However you could circumvent the system by buying something, up to the value of £100, from any available source, and then raising a local purchasing order afterwards. Idea was if the lads were, for example, fitting a new bathroom and halfway through the job dropped and broke the toilet cistern they could just grab a new one from the nearest DIY place and do the paperwork later.

    Turns out someone was using local purchase orders to buy electric showers which they then fitted as a cash in hand weekend job. Easy money. Until the business asked 'can you identify who has raised a local purchase order?'. Answer was yes, shortly after that someone was at best looking for a new job, at worst explaining themselves to the Plod. Never new exactly what course of action was taken, but I did get a very nice half case of assorted single malt whisky for Christmas that year. Apparently the local suppliers liked to drop gifts off with the purchasing manager when chasing contracts, and he wasn't a drinker. Lucky me.

    1. John Brown (no body) Silver badge

      "Apparently the local suppliers liked to drop gifts off with the purchasing manager when chasing contracts"

      LOL, that must've been a good few years ago! These days, that would be bribery and even the attempt must be disclosed if the intended recipient doesn't want to land in hot water :-)

  18. vapoureal

    Speak no evil

    The best misdeeds are planned by word of mouth, face to face.

    Uh oh Nixon tried that didn't he...

  19. hayzoos

    Assisted in a TLA investigation once.

    The machines were setup in the company's *********. There were a ******* of investigators from the ***** *****. I was there to ******* systems after ***** was ********. During the process ******* of the investigators ****** with *******. I "overheard" the ****** with ***** and suggested ****** to be able to ***** the *****. So to make a ***** story *****, I saved the *** by giving the investigators the **** they ******* to ********* the *********. These guys though just **** did not **** the way ***** blokes do. All I got for ******* their ***** was a *** on the ***** and a *****. I would tell more but the **** of **** prevents me from **** that *****.

    1. yetanotheraoc Silver badge

      Re: Assisted in a TLA investigation once.

      It's good form to be AC when not giving the sensitive details.

    2. Anonymous Coward
      Anonymous Coward

      Re: Assisted in a TLA investigation once.

      heuristics, and grammar rules (and more time than i want to spend) would allow recovery of those masked words. if you are going to redact, use a fixed length bar.

      1. John Brown (no body) Silver badge

        Re: Assisted in a TLA investigation once.

        How do you know s/he didn't use random length redactions? :-)

  20. Daniel B.
    Black Helicopters

    Heh. A classic.

    This is the reason why many "delete" functions won't actually delete data but only flag the record/email/whatever as deleted. Of course, this functionality is usually known only to certain parts of IT. Same with corporate shredders; some will not actually shred stuff but send it to a "secure" container which is checked before the documents are actually shredded.

    On the other hand: some companies have recently started to implement supposed "retention periods" after which all email gets auto-deleted. It's supposedly to avoid sensitive information leaks, but some suspect that the real reason is that having such a policy means that you won't be able to provide evidence that no longer exists.

    1. Anonymous Coward
      Anonymous Coward

      Re: Heh. A classic.

      > some suspect that the real reason is that having such a policy means that you won't be able to provide evidence that no longer exists.

      Courtesy of Gates' Microsoft after incriminating emails came up during discovering when they were being threatened with break up (it all eventually went away when they paid off the winning party at the best election).

      Gates was quite explicit about implementing the auto delete and the reasons why.

      1. Anonymous Coward
        Anonymous Coward

        Re: Heh. A classic.

        Looks like some people here were not around in the 90s. This is exactly what happened during the US DoJ anti monopoly proceedings.

    2. Paul Hovnanian Silver badge

      Re: Heh. A classic.

      "On the other hand: some companies have recently started to implement supposed "retention periods" after which all email gets auto-deleted."

      Yes. Because courts have held that going through your records and deleting/shredding old documents in the face of imminent litigation is itself an offense. However, doing so based on a previously established schedule is acceptable.

      1. Norman Nescio Silver badge

        Re: Heh. A classic.

        It's not good practice, but I have had to pull out emails going back years from my personal PST archives answering queries about the precise details of the set up of multi-year high-value contracts.

        As for why I had personal PST archives: the corporate email solution used centralised Exchange, with limited disk space. Auto deletion of email at the end of a retention period had been put in, mainly (as far as I could see) to control the huge amount of server storage being taken up by email. People were using it as a documentation archive. the official document management 'solutions' brought in over the years had all turned out to be uniformly dreadful, so people voted with their tried and battle tested approach: saving everything in email.

        I pointed out (using the ingenious argument of a previous somewhat maverick manager) that the cost to the company of my time going through my old emails pulling out relevant documentation and putting into the umpteenth revision of the centralised document mismanagement system was far more that simply letting me store some PST files on some (suitably encrypted) USB drives. So this was allowed, while other colleagues cursed the email retention policy.

        These days, corporate lawyers would put the kibosh on it: leaving potential evidence open to discovery is to be avoided. And GDPR regulations (if applicable) are clear on only keeping (personal) data as long as there is a good reason for it, and no longer. But my personal offline archive saved some corporate bacon on more than one occasion. I would certainly be a fan of a well-structured document/data management system with free text search (and regexes) but I must admit that going into my email archive and looking at all the emails to such-and-such a company in the specific time period leading up to contract signature, and emails to and from bid team members in the same period was very easy, and often enlightening. Internal emails also tended to be informative regarding why certain contentious clauses were written the way they were.

        This was many years ago, and things are done differently now, often with good reason, but future historians will probably curse us for deleting the good stuff.

        NN

        1. Fred Daggy Bronze badge
          Big Brother

          Re: Heh. A classic.

          I think that that highlights one of the problems of Exchange. It is so often used as a substitue to do "X" where "X" is some sort of records keeping system, or documentation system.

          Our entire sourcing department used to use their Exchange mailboxes to store ALL their interactions with suppliers. Massive trees of folders that would more often than not cause Outlook to fall over. Massive problems with covering holidays and personnel changes as huge (for the time) data sets were moved.

          This one department used about 80% of the Exchange space with 2% of the personnel. We started recharging departments by weighted mailbox size, at which point they moved the mailboxes to the local hard disk (PST files). Exchange problem solved but another nightmare scenario presents itself.

          The correct solution is of course a CRM or SRM product. We even had JDE modules for this.

          IT was nearly as bad but we adopted Wikis, then Confluence as the tool of choice for the documentation task as soon as they became moderately viable. The rest of the company is moving over to Sharepoint online. However, mostly they just use word files and convert to PDF and publish that. Not realising that these could be all versioned properly with an audit trail - or perhaps that is what they DON'T want.

          (Need Riker and Picard double facepalm here)

        2. Antron Argaiv Silver badge
          Thumb Up

          PST files

          I always kept my old emails. I would save a PST yearly, with all my sent and received emails for the year. My boss asked me questions often enough, which I was able to answer by going back to my archived emails, that I felt the practice was worth continuing (even though the process is fairly cumbersome).

          Corporate "retention" policies are fine, but personal archives can be quite useful, so I look out for myself first.

    3. John Brown (no body) Silver badge

      Re: Heh. A classic.

      On our email system, the default retention period is 7 years. Other stuff, in special categories has longer or "never" retention periods depending on the legal rules surround the data. 7 years for "everyday" non-sensitive emails seems more than long enough and is most likely a legal minimum.

    4. Doctor Syntax Silver badge

      Re: Heh. A classic.

      "the real reason is that having such a policy means that you won't be able to provide evidence that no longer exists."

      This is not terribly well thought out.

      If A has retained their copy of the exchange and knows that B has a retention period which has now expired A has B on toast if so needed. There's no way that B can ascertain for themselves whether what A presents is a true copy let alone contradict it if need be.

      1. A.P. Veening Silver badge

        Re: Heh. A classic.

        This is not terribly well thought out.

        If A has retained their copy of the exchange and knows that B has a retention period which has now expired A has B on toast if so needed. There's no way that B can ascertain for themselves whether what A presents is a true copy let alone contradict it if need be.

        That is a problem for the legal eagles, not for the bean counters.

  21. Anonymous Coward
    Anonymous Coward

    Logs

    Not me directly, but, 1990s, one of my colleagues got called into a customer who were having some severe stock problems. Customer was a building supplies firm that also had trade counter. The problem was profits were down, sales were showing down, staff were sure stock was going missing as they were buying more than they were selling, but a stock take was not showing anything missing, and the cash in hand was balancing up.

    The system we had supplied was a standard sales order processing system, not designed for retail use. For the trade counter, they were raising an order against a dedicated account (unless the customer had their own account) then printing the invoice immediately, which the customer would take to another window with a cash till behind to pay it and have it stamped before being allowed their purchases.

    The tills audit roll was jammed, but no worry, they knew how much was supposed to be in the drawer because the end of day report from the SOP system indicated totals by payment method.

    After some diagnosis, my colleague worked out what was happening.. One particular user would make sales as normal, then later when it was quiet, go back into the system, find a cash sale, cancel the order, and destroy the copies of the invoice and picking list. As a consequence, this would remove the value from the day's cash total, and he'd go to the till and remove that exact amount. The reason he'd not been caught earlier was he'd also been going into the stock system and writing off the relevant stock as damaged. So, everything tallied up, and none of the usual daily and monthly reports indicated how much stock had been written off..

    What nobody at the customer knew, including our thief (whom helpfully did all this whilst logged in as himself) was that the system had an activity log file. Normally it was ignored, not being business critical, but in this case proved invaluable to identify exactly what had been happening, in what order, and by whom. And despite being purged, their regular backups provided plenty of older copies to show it had been a problem for a while.

    My colleague got a day in court as an expert witness, and the thief got his dues..

    Customer also got the till fixed, and ensured they checked the audit roll totals matched what the computer said they should have..

    AC because I think he was asked not to tell..

    1. OhForF'

      Re: Logs

      They were already looking for something dodgy going on with their inventory but nobody bothered to ask why the amount of stock marked as damaged (by a specific user) was unusually high and needed their IT supplier to look at the audit logs?

      1. John Brown (no body) Silver badge

        Re: Logs

        Most probably because the amount of "damaged" stock wasn't in the main reports and not looked at very often because it's normally quite low and after all, who would steal the damaged stock? The waste skips would have been the most obvious indicator of an increase in damaged stock, and obviously that wasn't changing in a noticeable way. It was quite a clever fraud really and may not even have been discovered if the thief had kept the "damages" lower. But, of course, greed. It works, so let's take even more!! The downfall of many thieves and fraudsters.

        1. Terry 6 Silver badge

          Re: Logs

          It's interesting that so many stories that come to light seem to feature people who didn't stop while they were (well) ahead. Until eventually something caught them out.

          1. PerlyKing

            Re: Logs

            We're only getting the stories about the people who got caught....

      2. Doctor Syntax Silver badge

        Re: Logs

        It's surprising how bad things can get before a small business realises something's wrong. I vaguely remember one occasion when the owner was called, either by his bank or his accountant and told just how bad things were. This was a small supermarket. Hidden CCTV was installed. It showed at least one till operator not ringing up purchases, covertly rolling pound notes (before the pound coins!) on her thigh and passing them on to another member of staff.

        1. Anonymous Coward
          Anonymous Coward

          Re: Logs

          Ha. Yes. I had a relative who ran a cafe. He was always having money troubles, could never seem to make a profit. We looked into it... He didn't even have a till, just a cash drawer. His entire accounting process was to count up the cash at the end of the day, and he let anybody take payments whilst he was in the kitchen... I'm surprised he had anything in there at all by the end of the day. We offered to buy him a till, install cctv, anything to help, but no, he trusted his girls... Wouldn't even keep hold of the order slips so we could try to start to work out what was going missing. He went bankrupt eventually, lost the cafe, the staff lost their jobs, and his wife left shortly afterwards. Bloody idiot.

  22. Ken Moorhouse Silver badge

    Netware

    I customarily used to setup Netware so that Filer could retrieve deleted files. One evening one of my clients was ringing me asking to run a restore on a backup as they had deleted some crucial file or other. I always went for the Filer undelete option first because successful restoration of a backup is, of course, dependent on when that backup was taken. Knowledge of the application used to update or delete was also necessary. For instance, if this was a database of some sort then potentially other updated files had to be recovered too. In some cases the detective work involved wasn't worth the effort.

  23. Ken Moorhouse Silver badge

    Ever turned your IT skills into weapons for crimefighting?

    Quite often I've been asked to write financial applications where some kind of solid baseline is needed to anchor the figures in order to cover my backside. An example was a client who had bought an American* accounting system. They often complained that it had no bank reconciliation feature, so I volunteered to write one. I searched in vain for an audit trail within the package to base my calculations on, but there was no such thing, so I had to generate one from scratch every time and compare with the previous one prior to any reconcilation that was needed. Any disparity and my utility would refuse to run. After this system had been up and working for a while they came up with the dreaded data inconsiustency message. Turned out that they had deleted tranactions in the accounts package, and my software had detected this. No criminal intent here, I must emphasise, but I had to amend my software to roll back, report telling the operator that a transaction that impacted a reconciled transaction had occurred, and that everything subsequent to that transaction had to be re-reconciled.

    Which took me back to the client's original request for a reconciliation facility. "So THAT explains why sometimes the totals that did match up no longer don't." Basically anyone in the organisation could delete a transaction, and there was no record of it anywhere.

    * I doubt whether this could be marketed in the UK with this kind of vulnerability to undetectable deletion. Surprised the IRS allows it though.

  24. gnasher729 Silver badge

    I’ve seen a complete delete feature twice: One, Apple’s “Time machine” allows you to remove a file from all backups. Two, Perforce, the source code control system, has a command “obliterate” if I remember right, that will remove a file completely from source control. Very useful if you commited all your passwords by mistake, or if you have a megabyte video and someone checked in the 4GB original.

  25. Dyspeptic Curmudgeon

    Re; Ahem and Re: I once did

    Re: Ahem: There is a third (or fourth) group. Those who manage but have no understanding of what it is that is being managed.

    Which leads to :

    Re: I once had a file ( a prospective lawsuit) where the clients owned 50% of the shares of a restaurant business which was actually run by the owners of the other 50%. My clients Group 1, put up 80% of the original investment. Group 2 ran the place. Group 1 lived in Vancouver, BC. The restaurant was at York University near Toronto, so Group 1 had little hands-on capability. Group2 consisted of dad, mum, 2 adult sons and adult daughter.

    Since Group 1 was so far away and "'did nothing to run the place", Group 2 decided that they did not have to treat them fairly or account properly for the operations and could rip off the business. In part, the ripping off was an income hiding scheme.

    Group1 was suspicious but did not know quite where to start. We started with disclosure requests under the Shareholders Agreement, for an accountant to look at things. They basically had no choice but to co-operate with us in disclosing the financial documents, cash transactions and credit transactions. We actually used a guy who had been a trouble-shooter and forensic manager for a couple of fast food chains. We told them he was an accounting student/intern. In fact he knew more about the business than any of the actual accountants.

    We found out that students could use their student ID card as a credit card (about 60% of weekday transactions and 80% of Sunday morning events.

    We soon determined that group 2 had been substituting in a 'spare' cash register on Sundays. The cash sales from that register did not appear in the account system, and we were told that the place was 'not even open' on Sunday mornings (which was a lie).

    They had NO idea that every student id transaction run through the card reader was recorded with the University and, of course, easily recovered. (The University effectively operated as the merchant service provider for the cards as well as the issuer.)

    They had NO idea that the cash registers produced a 'z-tape' recording *every* transaction. They had NO idea that the student ID card transactions were also recorded in the register as credit transactions (as would Visa/Mastercard transactions).

    Since they had NO idea, they had boxes and boxes of old z-tapes (think: the equivalent of backup tapes). The registers were quite sophisticated for the time, so the z-tapes recorded that the order was a burger at $x or a cheeseburger at $x+1. It also broke down the 'combo' orders into the constituent parts (for inventory purposes).

    And so we knew that the steaks which were ordered every week, NEVER got sold to a customer.

    They had some idea that they needed to balance the cash deposits at the bank, so the Monday morning deposit only included Saturday's cash. Sunday did not exist. It turned out that Dad had a separate account at a different bank which got the skim. (No idea what story he told them there about the cash he deposited. Would likely ring money-laundering bells today.)

    They could not hide the cheques from the University paying off the student credit card amounts, but claimed that the extra was Sunday afternoon and that, because of staffing problems, they did not take cash on Sundays.

    In the end we never did issue a Statement of Claim. We reconstructed the financial history as best we could for the past 2 years and figured out roughly how much had been skimmed and inventory stolen. (Oh yes, son #1 was selling stuff out the back to another restaurant for his own skim. Mom and Dad did not know about that. And I think that daughter was blackmailing her brother for a cut!)

    And then, we had a Sunday meeting where we laid out our (reconstructed) history of their frauds. After a while we left to let them talk. We were four walls and 3 doors away and could hear the kids at Dad: "We told you it wouldn't....". And Dad "But I don't understand...How did they know"

    It was the only time in 40 years where I heard the opposing lawyer tell his clients to settle *in my presence* or he was going to ditch them.

    A settlement satisfactory to my clients was soon reached and there was an entirely new crew in place on Monday and my clients ended up owning 100% of the shares. I got an entirely satisfactory bonus.

    Takeaway: A manager who does not understand what he is managing is a disaster waiting to happen.

    Secondary takeaway: That keyboard with a key for every item on the menu, is NOT there just so 'Mister-Want-Fries-With-That?' can actually serve you, but more importantly, so the franchisor knows exactly how many orders of fries were sold. Any efficiencies in order transmittal to the kitchen, and service delivery are merely nice adjuncts for the franchisee. Follow the money.

    1. Terry 6 Silver badge

      Re: Re; Ahem and I once did

      A manager who does not understand what he is managing is a disaster waiting to happen.

      In management circles there is a belief that management is a profession in its own right. So, explicitly they don't need to know anything about what-ever-it-is that the people they manage are doing. I know this because a well regarded management consultant we used to have meetings with told us so with pride.

      My late father otoh worked his way up from a machinist to managing a factory and could do anything from the accounts to quality control. I know which I'd trust to run a business

  26. RobDog

    One for me, one for you

    When I worked on the employee service desk for a large British retailer, I was once asked to remote in to a IBM 4680 terminal and watch the transactions go through, whilst CCTV observed the same terminal. A certain shop worker was making refunds, but to balance the cash drawer, she would slip herself a £10 or £20 here and there during a real transaction, and slide a Polo mint (‘Lifesavers’) from one pile to another to keep track of her gains. By making refunds, and sliding then Polos back to pile 1, at the end of the day they all had to be back there to balance the drawer.

    1. Ken Moorhouse Silver badge

      Re: A certain shop worker was making refunds,

      Sounds like she was making a mint.

      Sorry... best i can do on a Monday morning.

  27. Mike Friedman

    I was once the IT manager of a now defunct taxi company in New Orleans, USA.

    One day I got a call from a police detective on a Monday afternoon, enquiring if he could look at the tape of our outside security cameras on the side street. Someone had been murdered a block away the previous Saturday night.

    I said "sure," and arranged for him to come down. When he arrived, I pulled up the footage, only to discover that the cameras did NOT HAVE INFRARED. So about 10 cameras were taking video all night. Of nothing. The previous IT manager was apparently a total idiot.

    I had to replace all of the outdoor cameras, which involved climbing a 20' ladder. Did I mention that I REALLY don't like heights. Yeah. It was a fun job.

  28. adam 40 Silver badge
    WTF?

    Backups?

    Where you could actually retrieve the data?

    Never heard of them. No IT department in any company I've worked for has ever successfully retrieved me a deleted file.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022