back to article Prisoners built two PCs from parts, hid them in ceiling, connected to the state's network and did cybershenanigans

We are impressed by five prisoners in the US who built two personal computers from parts, hid them behind a plywood board in the ceiling of a closet, and then connected those computers to the Ohio Department of Rehabilitation and Correction's (ODRC) network to engage in cybershenanigans. Compliments are less forthcoming from …

  1. TRT Silver badge

    Hats off to them...

    That took some balls, and skillz.

    1. Anonymous Coward
      Anonymous Coward

      Re: Hats off to them...

      No doubt they were listed as model prisoners too, being quiet and that.

      At least they weren't hard to lock up :)

      1. Triggerfish

        Re: Hats off to them...

        If they put that much effort in a legit job to keep a network up, they would be bloody good sys admins.

        ..............possiby till the payroll dissapeared, but still.

    2. Anonymous Coward
      Devil

      Re: Hats off to them...

      i'm not even mad, that's amazing!

      1. bombastic bob Silver badge
        Facepalm

        Re: Hats off to them...

        well, bored hackers with nothing but "down time" and access to spare computer parts...

    3. Crazy Operations Guy

      Re: Hats off to them...

      They weren't really good at it, just slightly better than the Prison's staff. Something as simple as implementing port-lock-downs, 802.1x or just keeping ports unplugged unless actually needed would have stopped them cold.

      A prison is unique in that the IT staff would be aware of every single MAC address of every machine that should be on the network, at least in the areas where prisoners might be. They should be setting up a monitoring system that screams in their face every time the MAC changes on a port, and if it isn't tied to a work order, someone should go investigate.

      Setting something like that up is fairly trivial, I did it in a weekend using FreeBSD, nagios, and radiusd on an old Pentium-3 system that was rusting away in a closet. I get an email every time a machine is plugged into a different port, or a new system is added to the network, even over wireless. Any new device is dropped onto a non-routing VLAN and can only access a read-only ftp server hosting OS install files, patches, and some packages (FTP is in read-only mode, files are modified via rsync on another interface). It wouldn't take much more for the prison's IT staff to do the same.

      1. Anonymous Coward
        Anonymous Coward

        Re: Hats off to them...

        "They should be setting up a monitoring system that screams in their face every time the MAC changes on a port"

        Because spoofing a MAC address is impossible right?

        1. Crazy Operations Guy

          Re: Hats off to them...

          "Because spoofing a MAC address is impossible right?"

          They'd have to spoof an authorized mac and somehow get the real system offline (Otherwise the systems would just start throwing errors and effectively disconnect themselves), and even then, they'd have to get around the fact that the switch would still yell at the admin about the fact that it is on a different port. So even if they do duplicate both the mac, and somehow connect it to the same port, someone is going to notice that their computer no longer has connectivity.

        2. Shovel

          Re: Hats off to them...

          Remember when the Chinese cloned one nic card 20 years back, then copied and sold about 2 million of them back to the rest of the world? That was a fun year in paradise.

      2. razorfishsl

        Re: Hats off to them...

        yep and your little system fails on 2 counts:

        1. Mac spoofing

        2. Current trend for devices to randomize the MAC.

        1. Crazy Operations Guy

          Re: Hats off to them...

          "yep and your little system fails on 2 counts:

          1. Mac spoofing

          2. Current trend for devices to randomize the MAC."

          I take it you don;t know how 802.1x actually works... Reason 1 would be prohibitively difficult to pull off without anyone noticing. As for the second one, if a device pops up on a network that doesn't possess a valid token, the device will be quarantined until the device receives a new token by way of an Authentication back-end. Granting of the token by the authenticator can be done on something as basic as mac address (by far the most common on wired networks) but can be based on any authentication mechanism that the connecting OS has a supplicant for and the switch is able to relay back to the authentication server. I've implemented 802.1x using everything from basic mac address to usernames/password to certificates to manual approval by an authorized admin.

          The switch doesn't care what is used to authenticate the conencting client, so long as the authentication server responds back with an AUTHORIZED packet, and expiration for the authorization, and an optional VLAN assignment that the client belongs on. Otherwise the systems is just left on a quarantine VLAN that, usually, doesn't route to anything (Some places allow packets to route out on that VLAN to build a 'guest network' without allowing the system to see packets from secured networks, obviously a prison wouldn't allow that). So if they do implement something a little more than mac based auth, then the system will be sitting there with nothing to do but talk to the authentication server (until an admin notices a weird machine on the network and kills the system).

          A place like a prison, where security is key, it would be likely that they'd use the mac to authenticate the system to the network, but would only get them access to the authentication network until their system can convince the authentication server to grant them greater access.

          1. Anonymous Coward
            Anonymous Coward

            Re: Hats off to them...

            https://www.defcon.org/images/defcon-19/dc-19-presentations/Duckwall/DEFCON-19-Duckwall-Bridge-Too-Far.pdf

            Nice post bro, but what about that?

          2. martinusher Silver badge

            Re: Hats off to them...

            The problem with 802.1x is that a surprising number of sysadmins seem entirely ignorant of what it is, how it works and how to use it. Although the protocol was originally designed for wired switches, as a way of verifying that the computer connected to a switch port is the correct one, it got adapted for use with wireless networks, employing a users' login credentials to clear a particular machine for use on the network (and issuing it with an appropriate key). Its seamless, reliable and pretty bulletproof...but people are still messing with MAC addresses and the like.

            What's a bit sad about this article is that all this effort and expertise were used to get Internet access and the puerps used it for illegal/shady activities. That's obviously why they're in jail in the first place -- misplaced talent.

      3. SEDT

        Re: Hats off to them...

        Crazy Operations Guy

        You are, of course, a genius. Which explains the arrogance, perhaps

      4. Anonymous Coward
        Anonymous Coward

        Re: Hats off to them...

        You seem to forget management. Your ideas are good, but when management don't give you the time to do such things and ignore you when you point out security issues, then you can only do what they allow you to do. If the business decides it wants all ports available so they can easy plug in a device, then you make them all available. Its what you're paid to do. If you don't like it because it's a security issue, then you leave and go elsewhere, hopefully in a copy where management actually respects IT.

      5. bombastic bob Silver badge
        Devil

        Re: Hats off to them...

        "Setting something like that up is fairly trivial, I did it in a weekend using FreeBSD, nagios, and radiusd on an old Pentium-3 system that was rusting away in a closet."

        exactly. Yet, THE PRISON WAS USING A MICROSOFT "SOLUTION". While THAT was in place, the cybercrooks "got away with it".

        And the offenders were THEN DETECTED AND CAUGHT when that Micro-shaft "solution" was swapped out for a (apparent) REAL one.

      6. jbbbarr

        Re: Hats off to them...

        They would have had to splice into the cables, as the pic alludes to, port should have flapped or went down temporarily, unless they possibly rigged clips that could bite thru each 1 of the 8 wires after they carefully stripped it back? Either way I'm pretty sure they did not just plug into p16, the security would have shut down a rouge mac immediately. I would love to see the log from this switch, it should speak volumes of the red flags that were glazed over.

    4. Aus Tech

      Re: Hats off to them...

      It does take some balls. It only takes one person with the knowledge to build the computers. All that is needed is the Case, M/B, CPU, RAM, a network cable, a hard drive, and the means to install the O/S. Everything else is already available on the M/B.

      Given that the prisoners were already disassembling computers, reversing the process to build them is simple. Getting access to the network switch to do the deed is about the hardest part, or it should have been. That suggests that there was a network physical security failure, and that somebody's posterior should have been very sore from the punishment inflicted.

      1. keith_w

        Re: Hats off to them...

        you don't actually need the case, just the power supply and the on.off switch.

        1. Anonymous Coward
          Anonymous Coward

          Re: Hats off to them...

          Don't forget the Turbo button!!

          1. Montreal Sean

            Re: Hats off to them...

            Turbos are too laggy.

            I've got a supercharger button!

      2. Wayland

        Re: Hats off to them...

        USB sticks would be easy to smuggle in. Even small mobile phones with rounded corners but a motherboard, I don't think so.

        1. Anonymous Coward
          Anonymous Coward

          Empty minds, busy hands.

          You did read the bit about their prison job was disassembling computers?

          All they needed - except the network switch - was ready to hand.

          The means to do it was provided by the prison's IT staff with their laid-back cushy job attitude, that figured we built it so "What could go wrong?"

          I'm guessing that had they not been so greedy, they'd still be at it. I suspect that was the character flaw that got them in there to start with.

        2. Mahhn

          Re: Hats off to them...

          lol " but a motherboard"

    5. Scorchio!!
      FAIL

      Re: Hats off to them...

      They are probably the kind of asshat that breaks into innocent people's bank accounts and other facilities. So no, and I hope the people concerned pull their act together and protect at least people like me (for you the salutory lesson of losing all of the money in your bank account will be good) from these creatures.

      It is not funny. It is not admirable, and I'd like to know what the offender profiles are for those concerned.

    6. JCitizen
      Pirate

      Re: Hats off to them...

      What a bored prisoner can't do when motivated by pure boredom!

      1. SEDT

        Re: Hats off to them...

        "What a bored prisoner can't do when motivated by pure boredom"

        Absolutely anything. WW2 prisoners in Colditz cut through the iron window bars, with razor blades FFS

  2. Redstone

    They would have got away with it if they hadn't indulged in the twin pillars of getting caught: they got cocky and they were greedy..

    1. Mage Silver badge

      Re: They would have got away with it

      and if the IT hadn't migrated from MS Software!

      The Inspector General was alerted to the issue after ODRC's IT team migrated the Marion Correctional Institution from Microsoft proxy servers to Websense. Shortly afterwards, on 3 July 2015, a Websense email alert reported to ODRC's Operation Support Centre (OSC) that a computer operating on the network had exceeded a daily internet usage threshold.

      My emphasis.

      Don't buy all your SW from one source, choose the most suitable packages.

      1. Anonymous Coward
        Anonymous Coward

        Re: They would have got away with it

        Don't buy all your SW from one source, choose the most suitable packages.

        That's far too sensible. It's more fun to observe that abandoning Microsoft clearly has advantages whatever way you look at it, and if you want to pour some lighter fuel on the debate you then express a preference for one alternative. Do it in all caps and then sit back.

        (no, I can't be asked right now, but be my guest)

        :)

        1. jonfr

          Re: They would have got away with it

          Anything server from Microsoft is useless in my view. I only consider them good for Desktop and I only consider Linux* (*Your distro of chose) good for server work as it does what is expected of it**.

          ** Also applies to *BSD (FreeBSD, NetBSD, OpenBSD and so on).

          1. Anonymous Coward
            Anonymous Coward

            Re: They would have got away with it

            Anything server from Microsoft is useless in my view

            Aww, come on, is that the best you can do? WTF happened to a good old rant, the sort of all-caps-with-foam-dripping-from-the-mouth stuff we could have a good laugh at? Where have these people gone? Or can't they handle being part of the entertainment.

            Honestly, kids these days ..

            :)

            1. jonfr

              Re: They would have got away with it

              I've never been the caps lock type, too much time on the IRC in the past where such behaviour got one banned from the channel from hours to days.

              Those people you speak of have left the internet to do other things. I think it's mostly cocaine and opioids and other such things if they do drugs at all (many don't). Some return, most don't return I guess (there is no study into this, so guesses go wild).

              Some views on this subject are interesting.

              https://www.dailydot.com/unclick/i-quit-the-internet-for-4-years/

            2. razorfishsl

              Re: They would have got away with it

              **Example of a professional Microsoft rant....**

              I have a very nice email from microsoft tech support explaining why they have DELIBERATELY changed the 2016 office software to loose attachments.

              Double clicking on a word attachment in outlook opens the file in word, but puts the file in a temp directory .......8 levels down.

              so when you do a save , guess where it goes?

              and when you quit outlook...... guess what happens to the "temp" folder.

              the explanation goes on to point out,.......

              but notice how we have made the "one-drive service" very easy to use for saving your documents., the functionality is by design.. Please use one drive.

              1. Anonymous Coward
                Anonymous Coward

                Re: They would have got away with it

                I have a very nice email from microsoft tech support explaining why they have DELIBERATELY changed the 2016 office software to loose attachments.

                Oh my gosh, and did you lose the grammar checker too? I feel for you, honest.

          2. Dagg Silver badge
            Unhappy

            Re: They would have got away with it

            Anything server from Microsoft is useless in my view.

            Me thinks you are a tad arrogant, I have a mix of Windoze and linux at home and I've got a problem

            My broadband maxed out, first thought was one of those bloody windoze systems has "got" something. But after disconnecting the various system it turns out the culprit is my Debian video recorder.

            So careful who you blame...

            1. jonfr

              Re: They would have got away with it

              @Dagg, I've come to the conclusion that Linux isn't for Desktop. That's just my view after using it as such for 14 years. During that time the progress has been painfully slow and it is now good five to eight years behind Microsoft Windows and Apple MacOS. The reason why it isn't popular is clear, it isn't competitive as a desktop Os on the market. If it was, it would be used.

              Mobile is different thanks to Google (Alphabet).

              I was speaking about Microsoft Windows server. I don't know for sure how progress has been going on it for the past 14 years, but I don't think its an ideal environment to use due to how its structured on the system level (with hard drive a:, b: and so on). Servers need a different set-up since they are doing a different thing. I guess in all Microsoft environment it can be useful, unless you use something else for a gateway and firewall to connect to the internet.

              I have found that Microsoft Windows 10 is highly useable as a Desktop (but I'm no fan of it). But I'll keep my server FreeBSD or Linux, that's not going to change.

              Hat tip: If you are using Microsoft Windows shared folder network (also known as samba) you can access remote computer hard drive by typing in ${drive letter} into the address bar on that computer. Example; \\192.168.0.4\F$ - Type in user and password and you got access to all the files, read-write access included.

      2. Griffo

        Hang on, they were using What?

        The article and report say "Microsoft Proxy Server". The last version of MS Proxy 2.0 was released in... 1997. Maybe they meant ISA? Or TMG? Either way, all are old products, and none of them has built in per-use quota management, which is really what caught the perps, so I'm not sure you can have a dig at Microsoft.

        1. Amos1

          Re: Hang on, they were using What?

          My thoughts precisely.But it's a government, one that has people's tax returns so you know that data security is of paramount concern to the State. Hahahahahahahahahahaha!

        2. Anonymous Coward
          Anonymous Coward

          Re: Hang on, they were using What?

          I'm not sure you can have a dig at Microsoft.

          You must be new here. You can ALWAYS have a dig at Microsoft, justification doesn't come into it.

          :)

      3. jelabarre59

        Re: They would have got away with it

        That was a major point I noticed. The MS software was (as usual) unable to detect a security hole (likely because it's own internal functionality needs the same holes, die to sloppy coding on MS' part). Immediately upon switching to a competent product exposed the security violation. There's an important lesson to be learned here. The prison could only have done a worse job by running IBM software/systems.

    2. Michael Thibault

      "they got cocky and ... greedy"

      Under the circumstances, "impatient" would sew things up nicely. A hobby is a good thing to have.

    3. Shovel

      I guess they got tired of their usual cocky

    4. bombastic bob Silver badge
      Trollface

      "They would have got away with it if they hadn't indulged in the twin pillars of getting caught: they got cocky and they were greedy.."

      and those meddling kids

  3. Anonymous Coward
    Anonymous Coward

    The Shawshank Connection

    That is all.

    1. Anonymous Coward
      Anonymous Coward

      Re: The Shawshank Connection

      The Great Itscape.

      The green bios mile.

      Stalag Port 17

      or my personal favourite,

      Midnight PCI Express

      1. Anonymous Coward
        Anonymous Coward

        Re: The Shawshank Connection

        Alt+Esc from Alcatraz

        1. Anonymous Coward
          Anonymous Coward

          Re: The Shawshank Connection

          Click'n'Run

          Prison (Page) Break

      2. VanguardG

        Re: The Shawshank Connection

        Hogan's Hackerz

      3. AceRimmer1980
        Big Brother

        Re: The Shawshank Connection

        Escape LAN.

        1. Anonymous Coward
          Anonymous Coward

          Re: The Shawshank Connection

          I'm looking forward to the names of their prison memoirs:

          "Hard Timesharing"

          "Intel Inside"

      4. diodesign (Written by Reg staff) Silver badge

        Re: Re: The Shawshank Connection

        * Escape From Alcatel

        * Jailhouse NoC

        * Man In The Iron Subnet Mask

        * Con Air Gap

        * O Brother Printer, Where Art Tho?

        C.

        1. Anonymous Coward
          Anonymous Coward

          Re: The Shawshank Connection

          The count of Monte Cisco.

        2. Anonymous Coward
          Anonymous Coward

          Re: The Shawshank Connection

          Jailhouse Hack

          Escape LAN

          Auschwitch

          LAN served over the convicts nest.

          Harry Potter and the Prisoner with ExtraLAN.

          1. Sgt_Oddball
            Devil

            Re: The Shawshank Connection

            Escape from LA(N)

            Prisoner memory block H

            Cool SPAM Luke

            Old bit

            Ok I'm done...

            1. Anonymous Coward
              Go

              Re: The Shawshank Connection

              The Rowcount of Monte Cristo should also be acceptable

        3. Shovel

          Re: The Shawshank Connection

          You ain't kidding about Alcatel. I ended up with one by misfortune, worst smart phone ever.

          1. Sir Runcible Spoon

            Re: The Shawshank Connection

            Perl Harbor

            Server Blade Runner

            50 First Data

            StarTrek: Into DarkNet

            1. Anonymous Coward
              Anonymous Coward

              Re: The Shawshank Connection

              @Runcible Spoon

              I think we want IT-themed bastardizations of well-known prison movies though.

              Is there an IT-themed version that someone can suggest for "Caged Heat"?

              1. Chris 244

                Re: Marketing Hack / Caged Heat

                How about:

                Faraday Caged Heat

    2. Chemical Bob
      Devil

      Re: The Shawshank Connection

      I'm surprised no one already submitted this:

      The Cisco Kid

      1. Anonymous Coward
        Anonymous Coward

        Re: The Shawshank Connection

        Because I can't resist revisiting this thread to see the bad puns and this one came to mind:

        NAPillion

    3. Adam 1

      Re: The Shawshank Connection

      The Dot Matrix

      1. Adam 1

        Re: The Shawshank Connection

        Edward SCSIhands

        The FireWire

        The Li Ion King

        The Switch

        The Terminal

        Frozen

  4. Your alien overlord - fear me

    Did they need "screws" to put the computers together?

    1. Anonymous Coward
      Anonymous Coward

      No but they did need roof level priviliges.

    2. David 132 Silver badge
      Coat

      Did they need "screws" to put the computers together?

      Dunno, but what tipped off the IT department was finding a lag on the network.

      1. David 132 Silver badge
        Facepalm

        Oops, I see others had already made the "lag" pun on page 2 of this thread - that'll teach me to be slow. Don't upvote me, spend it on people who are more original instead :(

        1. Doctor Syntax Silver badge

          "that'll teach me to be slow."

          You were lagging.

  5. Natalie Gritpants

    Odd that there were network ports available inside the secure area

    WiFi I could understand as it is hard to block completely but any ethernet ports should not be there or be routed only to the CCTV recording machines.

    1. Goldmember

      Re: Odd that there were network ports available inside the secure area

      The quote from the report:

      "They narrowed the search area down to the switch in P3 and the PC was connected to port 16. I was able to follow the cable from the switch to a closet in the small training room."

      So it wasn't simply a port; they managed to run a cable directly from a switch somewhere. Maybe a comms cab in a cupboard, locked door but accessible from the ceiling? I've not had time to read the report yet but will later to see if there's clarification.

      One thing I'm wondering though; how did they manage to sneak out an entire monitor or 2 on which to use said PCs? You can cobble together the other parts and sneak them in pockets (with the exception of the mainboard, but that is thin so can fit down pants). You don't need a case for the PC to run. But how did they get a screen out?

      1. TRT Silver badge

        Re: Odd that there were network ports available inside the secure area

        And the switches weren't on 802.1X? Or were they and they had some stolen credentials?

      2. VanguardG

        Re: Odd that there were network ports available inside the secure area

        The closet was in a training room - perhaps the training used isolated computers? Convince someone the monitor was "bad", get a replacement from the recycling place, and quietly shift the "bad" monitor up into the hidden site, and convince the guards that it'd been removed already. Guards would see one working monitor per computer, no extra gear laying around, and conclude that the information was valid. Schedule it for a shift change and the guard near end of shift would see the monitor come in, but, hey, its almost time to go home, he wouldn't follow the prisoner to ensure the bad one was swapped out properly..he'd tell his replacement. Replacement comes on duty, and he's told "we took the bad one out already, you must've still been at your shift briefing", with some forged documents...they know the guard isn't going to follow up - what use would a monitor be without a computer, after all?

        1. keith_w

          Re: Odd that there were network ports available inside the secure area

          it was mentioned that the parts were obtained from the computer recycling business that was operating in the prison. Perhaps the monitor(s) were obtained from that supply.

        2. bombastic bob Silver badge
          Pirate

          Re: Odd that there were network ports available inside the secure area

          don't need to schedule for guard shift changes. just have something to blackmail the guard with.

          I worked with a guy who was an X prison guard once. He told me about the kinds of stuff prisoners will do to the guards. One example, a prisoner begs a guard to mail something to his nephew, like a birthday card, "I want to get it to my nephew before his birthday and the prison mail system is too slow." The guard is suckered in, does a one-time favor, and mails it outside the prison. Just a simple birthday card, right? Well, it got a cancellation mark from OUTSIDE the prison on it during the mailing, and it was quietly sent BACK to the same prisoner, who now has PROOF that the guard did something that could get him fired... and the next request is "get me some booze" or "get me some drugs" or "look the other way while we XXX" because it's the guard's F'ing JOB on the line, now...

          so yeah, how do prisoners get away with this stuff? Well, it's like *THAT*

      3. jeffdyer

        Re: Odd that there were network ports available inside the secure area

        Remote desktop access from a mobile?

      4. Doctor Syntax Silver badge

        Re: Odd that there were network ports available inside the secure area

        "You can cobble together the other parts and sneak them in pockets"

        Is that a PSU in your pocket or are you pleased to see me?

      5. Anonymous Coward
        Happy

        ...But how did they get a screen out?

        It's thought that prisoners spent six or so months smuggling out pixels in their underwear.

      6. Stoneshop
        Pirate

        Re: Odd that there were network ports available inside the secure area

        One thing I'm wondering though; how did they manage to sneak out an entire monitor or 2 on which to use said PCs?

        Headless systems that they could connect to from the inmate area? The systems were in a false ceiling, not a place where you would usually be able to go and sit to view a monitor. For the system in the inmate area they would initially probably needed just Putty to get to their hidden systems. And apparently they had found some of the tools they needed on disks of systems they were taking apart, so that they could bootstrap their toolkit.

        1. Anonymous Coward
          Anonymous Coward

          Re: Odd that there were network ports available inside the secure area

          Thank you, Stoneshop. Indeed, why would you park a monitor in the ceiling when you would have to sit on a ladder, or get into the ceiling, to use it?! Far more likely the remote access, or a mobe, but also consider a secret KVM cable drop from the illicit host and you use it from the keyboard, screen, and mouse of the nearby "legit" system? Guard coming, switch to the safe host, once clear, switch back. So easy and cheap.

          And as to the network connection; if those are home runs from a router, then you can piggyback any number of extra hosts on that wire, no problem, other than having your MAC addr and traffic view-able from any monitoring of it, or if the connections are individually secured. It also would have been safer to host a WiFi hotspot in the overhead, with remote power or a timer to keep it offline while not in use. If not, then you could hijack two spare pairs of wires in an Ethernet run (many have four pair, but only use two), and have it double back several times in another area so you can have time to spot anyone searching for your rig via the wiring. Still, what a great hack!

      7. razorfishsl

        Re: Odd that there were network ports available inside the secure area

        LCD monitor & clowns pocket comes to mind.

  6. Anonymous Noel Coward
    Coat

    The hard part was fitting the parts into the condoms...

    1. Anonymous Coward
      Anonymous Coward

      "The hard part was fitting the parts into the condoms..."

      I would have thought the hard part was what came *after* putting the parts in the condoms?

      1. Stevie

        Yes, that was implied in the original post.

        Why do the cleverati feel the need to spell everything out? Is it because they assume no-one else sees the joke, or is it OCD- driven behavior?

        1. JetSetJim
          Coat

          > is it OCD- driven behavior?

          where "OCD" is "Obsessive Compulsive Disorder", naturally...

          1. Stevie
            Pint

            Have a beer JetSetJim. Ooh, is that the new Doctor hailing a cab? [points, and as JetSetJim turns for a gander, drops palmed Alka-Seltzer tab into beer]. No. My mistake. Drink up!

  7. Doctor Syntax Silver badge

    What next?

    A rehabilitation programme that involves taking old guns to pieces for recycling?

    1. Patched Out

      Re: What next?

      Well they certainly can't have them taking computers apart anymore, so you have to give them something to do....

    2. Dagg Silver badge
      Trollface

      Re: What next?

      Nah, the next rehabilitation program will be the stripping and recycling of nuclear weapons....

  8. PNGuinn
    Trollface

    Computers hidden in the ceiling void ...

    So, difficult to access.

    3 guesses what os they were not using ....

    I wonder where they hid the keyboard and mouse? OUCH.

    1. Roland6 Silver badge

      Re: Computers hidden in the ceiling void ...

      >I wonder where they hid the keyboard and mouse? OUCH.

      Cortana...

  9. ElReg!comments!Pierre

    2 PC's what?

    So, they hire greengrocers as PR people now?

    I should of none anywho, 'uge savings there, the 'ugest.

    1. wheelybird

      Re: 2 PC's what?

      At school I was taught to use an apostrophe to pluralise initialisms. I suppose it came from the now near outmoded practise of using an apostrophe to abbreviate words (although some examples are in common use, e.g. "it's" as in "it's hot today").

      I'm not saying it's correct, it's just that that's what we were taught to do back then, so I have a lot of tolerance for that type of apostrophe usage.

      1. Doctor Syntax Silver badge

        Re: 2 PC's what?

        "I'm not saying it's correct, it's just that that's what we were taught to do back then,"

        O'T'O'H' we don't write P'C's.

        1. Hans Neeson-Bumpsadese Silver badge

          Re: 2 PC's what?

          Glad to hear somebody else who was taught about using apostrophes when pluralising capitalisations. I was taught this at school, but none of the youngsters here seem to have heard of that.

          I was also taught to use full stops after each letter in an abbreviation, but this seems to be almost universally outmoded practice nowadays.

          Nowadays, I would just write "PCs in the ceiling", but when I was at school I would have written "P.C.'s in the ceiling" (and then the teacher would have asked me what a PC was, because they weren't even a thing when I was at school)

          1. Doctor Syntax Silver badge

            Re: 2 PC's what?

            "Glad to hear somebody else who was taught about using apostrophes when pluralising capitalisations."

            We were also taught that a billion was a million million. There are things that we're better off for having left behind.

            1. VanguardG

              Re: 2 PC's what?

              Lovely...here in the states, a "Billion" is actually 1,000 million...or 1 to the 9th. On the other side of El Pondo, its 1 to the 12th, which to Americans, is a trillion...but, a trillion in the UK is..1 to the 18th, putting us further out of sync. As if we don't already argue over "color" versus "colour"?

              1. Doctor Syntax Silver badge

                Re: 2 PC's what?

                "Lovely...here in the states, a "Billion" is actually 1,000 million...or 1 to the 9th. On the other side of El Pondo, its 1 to the 12th, which to Americans, is a trillion...but, a trillion in the UK is..1 to the 18th,"

                Cough. 1 to the 9th, 1 to the 12th & 1 to the 18th are all 1.

                1. John Brown (no body) Silver badge

                  Re: 2 PC's what?

                  "Cough. 1 to the 9th, 1 to the 12th & 1 to the 18th are all 1."

                  Maybe he's taking about Trumps weekend golf achievements?

          2. Anonymous Coward
            Anonymous Coward

            Re: 2 PC's what?

            but when I was at school I would have written "P.C.'s in the ceiling"

            Incorrect. At best ambiguous - the apostrophe there is indicating the absence of the letter I.

            If per se, I know a man named Peter Chris Zumble, and he likes to be called by his initials, and he is hiding in the ceiling, then "P.C.'s in the ceiling" makes sense, otherwise it does not.

          3. ElReg!comments!Pierre

            Re: 2 PC's what?

            PCs, but b's and c's was what I was told. Apostrophe only acceptable when absolutely necessary to avoid confusion, young lad! But perhaps your teachers were not as snob.

          4. Anonymous Coward
            Anonymous Coward

            Re: 2 PC's what?

            > I was taught this at school, but none of the youngsters here seem to have heard of that.

            Possibly because the school of thought and prevalent practice on that one has changed in the meanwhile. Some people argue that the apostrophe is redundant as the initials already imply missing characters, and it causes confusion with the possessive case, which does use an apostrophe (although that wasn't always the case, as wasn't always the case that the apostrophe replaced a missing letter, usually 'e' in the possessive).

            Either way, both PC's and PCs are correct plurals. I prefer the latter, although personally I tend to avoid pluralised acronyms in the first place so I would have just written "computers" or so.

            1. cosmogoblin

              Re: 2 PC's what?

              The worst recent change Imo is capitalising only the first letter of acronyms, which I first noticed on the Bbc. Idk why they do that.

              1. Anonymous Coward
                Anonymous Coward

                Re: 2 PC's what?

                I will have to agree with that. Plus do not get me started on El Reg not capitalizing Internet, when you bloody well know that it is the correct usage. There, I removed any apostrophes from my text.

                Also, might I take a moment and mention that my most favorite Frank Zappa work is Apostrophe ('). Thank you, and have a great googly moogly day!

          5. Glenturret Single Malt

            Re: 2 PC's what?

            When I were a lad, P.C. stood for Police Constable as in Dixon of Dock Green.

            1. Sir Runcible Spoon

              Re: 2 PC's what?

              I think they might have meant 1*10^9 etc.

      2. Anonymous Coward
        Anonymous Coward

        Re: 2 PC's what?

        At school I was taught to use an apostrophe to pluralise initialisms..

        Well, you were taught wrong. The Apostropher Royal will get you if you keep this up.

        I suppose it came from the now near outmoded practise of using an apostrophe to abbreviate words (although some examples are in common use, e.g. "it's" as in "it's hot today")

        Those are called contractions, and nowhere near "near outmoded", they're used all over the place!

  10. Korev Silver badge

    VLC?

    In addition to the above, the forensics team found "self-signed certificates, Pidgin chat accounts, Tor sites, Tor geo exit nodes, ether soft, virtual phone, pornography, videos, VideoLan, and other various software" in addition to evidence that malicious activity had been occurring within the ODRC inmate network.

    I'm really not sure how videos, VLC, chat accounts are evidence of wrongdoing; there are plenty of legitimate uses.

    1. Alexander J. Martin

      Re: VLC?

      This is an American prison, though. Legitimate uses for us free folk are going to be some kind of infraction or another for the incarcerated.

    2. SolidSquid

      Re: VLC?

      US prisons have an incredibly strict lock down on outside communications, at least in part because of the money they make off of phone calls home through the prisons systems. As far as the prison is concerned, pidgin and voip is probably more serious than the porn or a lot of the actual crimes as far as they're concerned

      1. Rusty 1

        Re: VLC?

        SolidSquid, there have been heated discussions around the use of apostrophes upstream, and you come out with "off of"?

        Christ on a hover donkey, have you no sense? That's just not cricket. The English language is robust, but give it a fighting chance of survival dear fellow.

    3. Dan 55 Silver badge

      Re: VLC?

      I think VLC is technically illegal in the US because it plays DVDs with DeCSS.

      When VLC is outlawed then only outlaws will have VLC?

      VideoLan could safely make a no DVD version since that's another thing that's been dropped in the endless quest to make laptops paper thin (and cut costs).

      1. Mark 85

        Re: VLC?

        I guess I must go turn myself in to the Computer Police. I have VLC here in the States with no issues getting it, updating it, or using it. I've not seen anything such as "WARNING... if you are in the States.."

        1. Dan 55 Silver badge

          Re: VLC?

          Link

          Only I got it a bit wrong, it isn't DeCSS, it's libdvdcss.

    4. allthecoolshortnamesweretaken

      Re: VLC?

      "... and other software used for various types of malicious activity."

      IIRC that's LEO slang for Excel.

  11. Florida1920
    Holmes

    Typical greedy crims

    Should have stuck to watching cat vids.

  12. Anonymous Coward
    1. Mike Moyle

      Re: I TOLD you ..

      I'll see that and raise you:

      https://www.youtube.com/watch?v=i9flhhwkTTA

  13. Anonymous Coward
    Anonymous Coward

    Prisoners

    486 and 386, report to the Governor...

    1. Mephistro

      Re: Prisoners

      Hmmm... two members of the infamous X86 gang. It seems that X64 is winning this gang war!

    2. TRT Silver badge

      Re: Prisoners

      I am not a number, I am a free man!

      1. Doctor Syntax Silver badge

        Re: Prisoners

        "I am not a number, I am a free man!"

        Peter Sage, is that you?

  14. Inventor of the Marmite Laser Silver badge

    Time doing bird

    Or Penguin?

  15. Anonymous Coward
    Anonymous Coward

    The real challenge is disposing of the waste soil - oh hold on that's a different sort of tunnelling.

  16. Jame_s

    i don't want a pic of the space it used to be in, i want a pic of the pc they cobbled together.

  17. Roj Blake Silver badge

    Porridge

    This was pretty much the plot of the one-off Porridge revival last year.

  18. kain preacher

    Imagine if the NSA used these folks to hack other nations.

    1. Anonymous Coward
      Anonymous Coward

      @Kain

      Not sure if they have network cables that long ;)

      1. jake Silver badge

        Re: @Kain

        Well, AC-2 is about 7,000km ... and THAT is a short run!

  19. phuzz Silver badge
    Happy

    Reminds me of when I used to work at Evesham Micros (remember them?).

    In one corner of the warehouse where all the computers were assembled, there was a trio of guys who built the images for each different configuration. As part of that job, they had their own ADSL connection, and agreed to give us a cat5 cable connected to it. Myself and a few friends then cobbled together a computer from spare parts, which I'll admit is pretty easy when you're right next to a warehouse full of them (with practically no inventory control), and hid it behind a desk. Then, in between testing servers going out to customers, we could surf the internet, and watch films when the bosses weren't looking.

    It slightly mitigated the soul-crushing boredom of the job.

    1. Doctor Syntax Silver badge

      @phuzz

      Upvote for that blast from the past.

    2. David 132 Silver badge

      @Phuzz - Indeed I remember them. Visited them a few times in a professional capacity. I worked closely for years with Robin D, a very smart chap indeed. Upvoted for the happy memories.

    3. Pedigree-Pete
      Facepalm

      Evesham Micros....

      ..."virtually no inventory control" I wonder why they went out of business? PP

  20. Wupspups

    Careful users

    I'm impressed that the builders of these PCs even had anti-virus software (clamwin) installed. Oh that other users were so diligent.

  21. Tom 7

    The raspberryPi zero is going to bugger things up

    if you'll excuse the image.

  22. Martin 66

    they had some network issues...

    Lots of lags apparently

    (i'll get my coat).

    1. Sir Sham Cad

      Re: they had some network issues...

      It's because of where they keep hiding the packets.

  23. Sir Sham Cad

    I bet they got a lot of

    Lag

    Not sorry.

  24. astounded1

    Top Notch Prison Training

    Using fragnets to build a think boxes: first rate

    Using think boxes to hack into prison net: crafty

    Using prison net to commit financial crimes: ironic

    Defeating moron prison IT admins: simple

    1. DNTP

      Re: Top Notch Prison Training

      Its typical American prison-for-profit management mentality:

      1. Treat people (prisoners and rank-and-file employees) as animals

      2. Internalize that they are not dealing with real people

      3. Cut every kind of service and security to maximize profit

      4. Shocked, shocked to find that thinking human beings can defeat their lemur-proof security systems

  25. Jamie Kitson

    Rehabilitation?

    > a programme that enslaved prisoners by getting them to break down old PCs into component parts for recycling.

    There, fixed that for you.

    1. ScottAS2

      Re: Rehabilitation?

      Au contraire. While things might well be different on the other side of the pond, when my parents were in HMP Shotts (for work, not at her majesty's pleasure) one of the guards explained that prisoners wanted to work, and not allowing a prisoner to do so was one of their most effective sanctions. The reason's simple: if you're not working, there's fuck all to do in prison; it's boring staring at your cell wall all day.

      Again, while things might be different in the 'States, the prisoners at Shotts were paid for their work (making roadsigns, incidentally). Nowhere near a living wage (after all, they're getting bed and board provided), but some "pocket money" that went into an account that could be redeemed at the prison shop, mainly for things like more luxurious toiletries.

      1. Uncle Slacky Silver badge
        Stop

        Re: Rehabilitation?

        Things are indeed different on the left side of the pond, the 13th amendment specifically allows for slavery in the context of criminal punishment:

        "Neither slavery nor involuntary servitude, *except as a punishment for crime whereof the party shall have been duly convicted*, shall exist within the United States, or any place subject to their jurisdiction."

  26. AfternoonTea

    I'm curious as to how they got two motherboards past inspection, I mean a hard drive is gonna be one hell of a stretch in the first place. A CPU cooler is just too uncomfortable to think about.

    1. tweell

      The inmates put together and tested 2 working machines in the salvage area, then moved them to the lab under a pile of rags and garbage in a cleaning cart. They then had an unsupervised afternoon to hook them up, get power to them and set them up for remote access. The IG report is full of FAIL, no one (but the inmates) comes off as being even marginally competent.

      1. Jay 2

        Hmm, that does sound like a fair amount of fail. Especially the unsupervised bit!

  27. Eponymous Bastard
    Coat

    Nice pun

    "meaningful and rehabilitative programming". Were they going to learn Fortran?

    1. Someone Else Silver badge
      Coat

      Re: Nice pun

      Downvoted you for the FORTRAN reference. Yes I know it was a joke, but some things are just not funny!

    2. allthecoolshortnamesweretaken
      Coat

      Re: Nice pun

      “When you call me that make fun of FORTRAN, SMILE!”

      (Mine's the one with the copy of "The Virginian" in the pocket.)

      1. Someone Else Silver badge
        Happy

        @allthecoolshortnamesweretaken -- Re: Nice pun

        Is this good enough? ---->

    3. John Brown (no body) Silver badge

      Re: Nice pun

      I was more surprised to learn that US prisons even pay lip service to rehabilitation. My impression is that it's all about revenge and punishment.

      1. Anonymous Coward
        FAIL

        Re: Nice pun

        from drc.ohio.gov --

        Mission: Reduce Recidivism Among Those We Touch

        that's a $5 word and I'm pretty sure they're doing it wrong. I kinda hate this state, or maybe I just hate being here.

  28. Someone Else Silver badge
    Devil

    Organized crime!

    {eom}

  29. kmac499

    Sequel Time

    Time for Cliff Stoll to dust off his typewriter and do a sequel to the Cuckoos Egg.

  30. Korev Silver badge
    Coat

    OS?

    No mention of the os, did they run BSD? If so then the prisoners would be expert in Jails

  31. AxeMan15
    Facepalm

    How many prison IT admins spit out their Diet Cokes and scrambled to the log files after hearing about this?

  32. thondwe

    Microsoft Proxy Server

    A real MS Proxy Server from like 1997? Still any proxy isn't really the same as a Websense Box is it? Something else to ask "why" about along with 802.1x etc.

    1. Amos1

      Re: Microsoft Proxy Server

      802.1x on Windows is a massive PITA. Anyone who promotes it probably has never done it in a Microsoft environment. We had so many problems with it on Windows 7 that we set a Scheduled Task to reboot one PC every five minutes so we could get MS enough data so they could then create a hotfix which you later had to know about to ask for. The PC went into thermal overload after the first week because it had been rebooted so many times. Why every five minutes? We had branches where PCs would suddenly fail 802.1x, had to be rebooted and then would work for a week. It was happening to hundreds of them every week but only once per week. And they were all shut off each night so it wasn't an uptime or heat thing that caused it. Turned out to be a race condition. When we started testing 8.1 the same thing happened and 802.1x left the buildings.

      1. kain preacher

        Re: Microsoft Proxy Server

        wow according to Wikipedia using 802.1x in windows xp - windows 7 is at your own risk and has major issues.

        windows 10 is no better.

  33. TreeFrog

    Ceiling tiles ..?

    Why ?

    They're only to hide stuff, which can only benefit those with stuff to hide ...

    1. kain preacher

      Re: Ceiling tiles ..?

      Well when you are not build stuff to code why not. The titles are hiding a junction box witch is a no no. I'm willing to bet that electrical junction box is over crowed too. I know in my home state of California if you run cat cable that is hidden by those types of ceiling titles you need cable trays. Some counties require the cat cable to fire rated if going through ceiling titles like that.

      Also looking at that picture it looks like it had a more permanent type of fixed ceiling that was hiding the electrical junction box which is an automatic fail of the of both Canadian and US national electrical code.

  34. Jedit Silver badge
    FAIL

    Nobody ever asks the important questions

    OK, we know how the inmates got the parts. We know how they got them into the ceiling. We even know how they got the PCs rigged up to a display. But nobody - NOBODY - has asked the most important question of all:

    Can it run Crysis?

  35. Tom Paine
    Devil

    "As far back as I could remember, I always wanted ta be a sysadmin."

  36. Pedigree-Pete
    WTF?

    Separated..

    "Ultimately, five inmates were identified as being involved with the hidden computers, and have been separated and moved to other correctional facilities."

    I predict in a fairly short time there will be 25 inmates of US correctional facilities with these skills, rising exponentially. :) PP

  37. polanve

    In what way would taking apart old PCs be rehabilitating? More likely it was a prison labor program.

  38. Jake Maverick

    awesome, inspiring stuff...and ***** websense :-(

  39. Anonymous Coward
    Anonymous Coward

    Pesky Websense... if only they'd stayed on shitty Microcrap

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like