The whole district shared a T1 connection to the internet. Which was more than plenty for email, but as this world-wide-web thing started gaining traction, it became quite the bottleneck. And as some of us had discovered mp3 files, the slowness simply would not do.
One day there was some severe weather and a power hiccup during school hours, and every station got a message from ADMIN informing us that the server room was running on UPS power and we should save our files and log out immediately.
Hmmmm.
A few weeks later, one of the bright sparks in the technology program realized that having everyone log off would free up some bandwidth. So he logged onto the next machine over as GUEST, and used a NET SEND ALL "SERVER ROOM POWER FAILURE - 11 MIN OF BATTERY REMAIN - SAVE FILES AND LOG OFF" and sure enough, within about a minute, the whole T1 was his. Did what he needed to do (i.e. leeching an entire fserv) for about 8 minutes, then NET SEND ALL "POWER RESTORED - RESUME YOUR WORK".
A few weeks later some hot commodity had just dropped and he repeated the drill. It still worked.
Nobody noticed that these messages came from GUEST, even the district administrator, who eventually called an electrical contractor to figure out why the power in the server room was so flaky. Someone eventually pointed it out to him, which got a very red-faced "that's really clever but please knock it off", and no further punishment. The next day, the Guest account had a lot fewer privileges.
You mention Netware, but as I recall the Netware function you describe was just "SEND" and "NET SEND" was a Microsoft networking thing. (But maybe there was some integration between the two after my experience with Netware, who knows.)
I mainly wanted to say, as someone who used/abused a Netware network in high school, I disassembled the SEND program and discovered that the username included in the message is not authenticated at all -- the IPX (or NETX, I forget which) software interrupt just took a string, and the SEND executable formatted the username into this string. So by crafting your own SEND program that used the software interrupt directly, you could easily forge any username you wanted. So you could very easily send a message from "ADMIN". :)
This should not be construed as a confession of any network shenanigans that may or may not have occurred at my high school. ;) :D :)
It's entirely possible that it wasn't part of Netware, I don't remember the hard details as it was a very long time ago. However, it worked in DOS text-mode (we rarely ran Windows), and my impression was that Microsoft didn't do much network-aware stuff until well into Windows. So that's why I thought of it as a Novell thing rather than a Microsoft thing.
> the username included in the message is not authenticated at all
Oh.... oh dear.
A few days later the principal calls me in. "Did you tell him to do this?" "I didn't tell him to, we were just talking about how to do it." "... well, he's done it before. Don't do anything like this again. Dismissed." I still can't believe that I got out of it; petty tyrants love to flex their power.
I’m legit trying to figure out who your calling the petty tyrant flexing their power: - The principal which let off with a warning - The other kid, popping circuit breakers - Or you, ‘corrupting’ other young minds :)
Or... Maybe I was just 10 and hadn't really learned that lesson yet. ;-)
Made the mistake of telling a couple friends what happened. Said friends thought it would be hilarious to send swear words to the entire school (I was not there).
They played dumb saying they didn’t know what would happen and got off with one day each, I got suspended for three days.
I wouldn’t have minded so much except the next day was an inter-school chess tournament. Thankfully the sympathetic chess coach told me to wait behind the school the next morning and picked me up in the school bus.
Anyway when he was caught (a fellow classmate ratted him out) he got 10 days out of school suspension. The VP threatened to call the police… for what offense I’m not really sure. There seems to be a fundamental misunderstanding of cybercrime and cybercrime laws. I mean was it really unauthorized access (they called it “hacking” of course) if his user account literally had permission to map network drives?
They removed the ability for student accounts to map network drives, but the district IT guy was not fired. I really don’t get that. Maybe the union saved him… but dog, everyone knows you can map network drives by right clicking on the desktop. I never thought to try it, but that doesn’t mean the district’s IT SME gets a pass.
My expectation is that laws probably specify that gaining access that you know you’re not supposed to be able to get is probably illegal, but I get your point.
Reminds me, however, of the pen-testers that got hired to infiltrate a court system and got harassed by a prosecutor despite having explicit approval to conduct an audit.
https://darknetdiaries.com/episode/59/
Our judicial system is ludicrous.
The moral of the story, if there is one, is probably a cautionary tale about petty individuals prioritizing workplace politics over ethical integrity.
It may not pass as hacking, but it certainly was unauthorized. Network policy in software should reflect reality, but the source of authority comes from humans. Your friend literally was not authorized to access teachers' files, regardless of poor software configuration permitting the capability.
There is a social expectation that people can generally only enter your home with explicit permission, and so if they didn't invite you it's trespassing even if the door is unlocked. But maybe you have some close friends who you get used to coming over and just entering even if you may be out at the moment -- and then it's not trespassing anymore.
Remote computer access is a much younger phenomenon than people living in houses, and so social expectations aren't as established. There's a legitimate need for discussion there.
For example, if you have an open webserver that you want people to access, is it trespassing if people fiddle a little with the URLs and encounter documents that you didn't mean to put out there? I'd argue it would make for a healthier and more tech-savvy society if we didn't consider that trespassing.
If we try to push the houses analogy further, it's a bit like inviting people into your house for a big party, and then somebody enters a room that you didn't want them to enter. It's a faux-pas, but you'd probably also have a hard time if you tried to label it trespassing.
https://news.ycombinator.com/item?id=42314547
The site displays random, ancient videos uploaded from the early iPhone YouTube app, often without people understanding what they were doing.
I tend to err on the side of caution: I don't expect most people to be tech savvy, and I think those of us who are must exercise restraint to avoid trespassing.
Don't steal. Don't share embarrassing or humiliating information you may come across.
At the same time, there should be safety from prosecution overreach.
I ask for this mostly not for my current self but for "kids" (including young adults, e.g. college students) who are on a hacker journey in the original sense of the word. As a society, we should encourage rather than stifle that sort of exploration.
I got called into the police station, where a cop asked me, verbatim: "Son, did you copywrite them there CDs?"
That admin became my mentor and is now a lifelong friend.
The closest thing we had to a computer class was graphic design where you played with Photoshop and Premier for a year. God forbid we learned to write code or whatever.
In my school, some jackass kid made a photocopy of a $20 bill, on a little mid-1990s HP Officejet in the library. Even in those days, they were programmed to make bad copies of US currency (I think they were enlarged and the color messed up). It was more of an innocent “woah look at this thing”, there was no intent or effort to glue it together and try to use it.
The assistant principal, who was a petty drunk who was uniquely unsuited for her job, flipped out and called the secret service. The kid was arrested & had a lot of issues over nothing.
It always stuck in my mind and accelerated the development of my contempt for petty tyrants who experience joy from the pain of others.
Something about having healthy self esteem in childhood causes you to avoid education administration career paths.
Miss those days and also miss playing soldat on those crappy PCs.
Thanks for making such a fun game!
I'll check it out
As I said there, back in the day I wrote a C++ program that was basically an IM interface on top of NET SEND. Fun times.
Our computer lab had Novel Netware, I forget which version. Every once in a while, our regular programming classes (Pascal in first two years, C and Assembly Language in third year, Prolog and Theory of Relational Databases in fourth year) would be held in the lab, instead of the classroom, and we would get to put what we learned to use and do some actual programming.
Now, some of us had computers at home and had been using them since before the high school, so we tended to finish our work really fast and then get bored. And just like a lone sharpie cap is the most terrifying thing a parent can stumble upon, so a bored high school kid is the worst thing for your computer security.
Each student had their own account, but teachers shared a limited number of teacher accounts, with special privileges, such as monitoring other students' screens, having full write access to every student's files, etc.
For some reason, I don't remember why, teachers would occasionally go to a student's workstation and log in as a teacher there, to fix the problem. I honestly can't remember why, but it was a common enough problem that it wouldn't raise any brows even if one of us "advanced" kids did it.
So, of course, I eventually came up with the idea of writing a really small and simple program that would look exactly like the Netware login prompt, with one small difference: when you entered the password, it would write it to a file on the filesystem spit out whatever the "incorrect password, try again" reply was, and then execv the actual login program.
The ruse worked perfectly: I called the teacher, they tried to log in, thought they mistyped the password, tried again, succeeded, did whatever it was they were supposed to do, and logged out. Now I had the teacher account password, and so did my best friends in mischief.
We had some innocent fun by pulling a couple of very minor pranks on our fellow students that flew under the radar, so none of the teachers realized that the security was compromised.
But then the annual programming competitions came, and those went all the way from school level, to municipality, to city, to republic, to federal. I was one of the people who qualified to the city-level competition, and what do you know, that year it was hosted in our school's lab.
I finished all the problems with plenty of time to spare, which is how I came up with the "brilliant" idea of helping some of my peers by sharing my solutions with them using the teacher account. Now, one thing they neglected to teach us was the importance of testing, but I'll be honest, even if they did that, I was a typical teenage "gifted kid", which meant I was overconfident and lazy. As a result, everyone who I shared my solutions with happened to have the exact same bugs in them.
A few days later, they called me to the teachers' room in the computer lab, and said that they knew I cheated, that I was already disqualified, and that I should save myself some trouble and explain what I did. So naturally, I came clean and I thought that was the end of it.
Indeed, it was the end of it for me. Nothing else happened, at least nothing of consequence for me. Years later, I found out that I almost got expelled. They held a teacher assembly or conference or whatever it's called when you get all of them together to make a decision, and the decision was whether to kick me out of the school. Fortunately, they decided to let me off with a warning and the official reprimand from the headmaster.
My mom didn't think that was funny at all.
It's just such a great example of how people could react either with uproarious laughter or by feeling that some boundary has been violated and can think that either reaction was the most self-evidently obvious one in the world and the reasons for it were entirely contingent. It's something where you can only really witness the irrationality of it if you're in the author's position.
I once heard it speculated that philosophy might have emerged in Greece because the circumstances of being merchants engaging in interstate trade, you could see the way that certain things regarded as received knowledge were really customs, peculiar to certain cultures and locations. When you're the prankster and you can see different people reacting in different ways that seem to be tied to patterns of the circumstances of how they experienced it, you can kind of witness the contingency of those reactions playing out in real time.
Back in college, they cut access to the printers for users off-campus, which had previously been a feature. Someone I knew wrote a printing service script in AppleScript that, when fed a PostScript doc, would ssh into one of the on-campus terminals with the user's credentials and feed the doc to the printer. He got in a bunch of trouble because apparently, computer services had cut off-campus access for data-tracking purposes as prelude to an as-yet-unannounced shift to pay-per-page printing (i.e., they wanted to see how much inconvenience the student body would tolerate), and having the inconvenience routed around in software fucked up their numbers.
... now that I tell this story, it occurs to me that nobody ever called computer services on the whole "Running an unsanctioned social experiment on the faculty and student body" part of all this...
(p.s: I think, perhaps, computer services learned the wrong lesson here, because when they rolled out the program at a uni with a massive computer science program, the techniques the students invented to route around paying for print jobs were legendary. Things like "wrap the PostScript job in a detector that tells the daemon tracking pagecount 'I am printing one blank page' and tells the daemon that feeds the job to the printer 'here are the actual pages'". Perhaps their takeaway should have been "If you add friction and cost to the process, bored students will volunteer time to reduce the friction and cost").
The problem was, we were a Sun campus, and my tablet PC ran Linux. So I could SSH in, open up StarOffice, and hit Print on a document - all from the tablet PC in the crook of my elbow - then walk into the lab and pick the documents up out of the tray.
I never got in "trouble" for this, per se, but I did have a lab technician once look at me as if to say, "that's not allowed..."
One could easily argue then that Plato was essentially a prankster and what we know as western civilization is a consequence of his trickery.
In one particular European tradition, maybe? But elsewhere the trickster may themselves be a divine source of insight. Hermes in Greek, the Southwest American Kokopelli, etc.
My point is that the trickster as philosophical root is an idea that has tendrils far beyond a Western viewpoint. I cant find the ref now but IIRC some Native American traditions have the viewpoint that connecting to the divine cannot be made without first laughing, as that opens the mind to the new experience. Reminds me of some Far Eastern traditions where you need a sharp break from your normal world view to achieve an enlightening breakthrough.
i.e. I wonder about the gap between clever little prank and sending a dry email to everyone re: a new printing policy.
Much of this hinges on the gradient from the "uproarious laughter" they received from some, to the frustration from others...which I find hard to believe as self-reported, in what context would this be uproariously funny?
I see the value as a simplistic fable re: empathy, and in having it before, not after.
I almost feel like I missed something huge in the email that signals it's a joke, or adds another layer of humor, but after multiple readings, it looks identical to a janitor emailing everyone on campus to tell them keys will be required for bathrooms from now on. Although, that is significantly more implausible than the IT worker emailing everyone on campus to tell them there are charges for printing.
With so many people, you’d actually have to make the price ridiculous or something like that. Because some people, once they read that the printing is five cents, are going to be upset enough to not read the rest of the email.
I wouldn’t actually do this prank, but if I like had to, it would be more like the “charge” was to sing a song and the email would actually say April Fools in it. Maybe less funny, but a lot more easily seen as a joke. Makes handling the calls to the admins much easier, too.
And then extra value upon retelling all of the above to others.
"prank" = IT guy sent campus wide email saying some printers will now charge $0.05/page
"that they probably didn't see with their own eyes" = they did not check physically very every printer on campus to verify none of the printers had the characteristic, the only way to falsify what the IT guy said, that some printers had a characteristic.
"Plus the retraction, and 2nd retraction." = 3x the time wasted for everyone on campus
"And reactions of other staff who fell for it" = people who believed the dry email from IT
"(and caused chaos)" = chaos isn't funny
"And then extra value upon retelling all of the above to others." = It sounds like we're assuming the relayer would get value from relating this, but the extra value is to the listener, it'd only harm the relayer.
As a listener, now I know that I have to verify 100% of everything the relayer tells me. They think a good prank is when you leverage your professional role to lie and cause chaos, which is justified because those poor sheep were complaining about something they didn't even verify with their own eyes. i.e. thousands of people should have gone through an absurdly onerous verification rather than trust communications you make in your professional role.
7:28 New Campus Policy printing now costs 5-cents per page
8:34 Re: New Campus Policy - April Fools! Printing is free.
9:14 Re: Re: New Campus Policy - Printing is still free, for now.
* modulo marking the IT department as spam
Note that finding something amusing isn't necessarily related to whether or not you feel the perpetrator conducted himself appropriately.
You expanded my mind today, and I thank you for that!
FTA,
> Having sent this out, I fielded a few anxious calls, who laughed uproariously when they realized, and I reset their printers manually afterwards. The people who knew me, knew I was a practical joker, took note of the date, and sent approving replies.
I doubt a single person "laughed uproariously". Most often they probably rolled their eyes and gave a sympathy chuckle. The people who knew he was a "practical joker" understood how much of this guy's ego was tied to his inaner sense of humor and laughed along to get out of the conversation with him.
Some Fridays (once a month?) were casual dress days where you could wear jeans instead of slacks (this was the distant past, when most professional workplaces still had real dress codes). This was an IT/Eng-wide thing, so we'd get an email reminder about this from an admin person in the department.
One time, I thought it would be funny to send my own email announcing pants-less Friday. So I took a copy of the email this admin sent and adjusted it accordingly. I did of course specify that you still had to wear underwear. I'm not a monster. Because I had programmer privileges in Notes, I was able to forge the sender so that it appeared to come from the department admin person, not me.
I _meant_ to send it to the small email group for just the other tech support folks (around 15 people or so). But I accidentally (?) sent it to all of IT/Eng, around 200-300 people, IIRC. Oops.
Needless to say, my boss's phone started ringing off the hook. I immediately went over to tell him what I'd done. He wasn't pleased, but I didn't get fired. I did have to write an apology email.
Of course, many folks in the department later told me it was the funniest thing they'd ever seen happen.
Soon after, I moved to programming at a different company. I think this was a good thing for many reasons, but one reason is that it was more challenging, so I wasn't bored with time on my hands to do stupid things like send prank emails to my coworkers.
My condolences.
I didn’t use notes much, but it was a platform ahead of its time, that thanks to IBM’s… IBM-ness was ignored and allowed to rot.
At my previous job they had been using Notes since the company was founded in the early 90’s, meaning they lived through it being Lotus Notes, then IBM Notes and now HCL Notes.
Everything was deeply entrenched - email, warehouse inventory, ERP system, all documentation made in the entire company… just everything.
And this is for a scandinavian company manufacturing high tech devices for telecom and aviation, among other things.
It was… an interesting nightmare, constantly got in the way of any sort of productivity. Definitely contributed to me leaving early
I never had to program any of that, so can't speak to that side of it, but where I worked we used Notes to quickly build a lot of internal forms and workflows, and had some internal discussion forums and documentation in it, it all worked pretty well as I recall.
The one weird thing was we had to run it on OS/2. The only OS/2 machine in the server room.
We didn't use it for email though.
Maybe I'd have a different opinion now, but I remember it working pretty well for that purpose back then.
I feel like that's the most relevant thing here. Bored people do ~stupid pranks. And under-challenge leads to boredom
If toilet humor is your thing -- more power to ya! I just have a hard time reconciling it with "best joke ever".
That went wrong also, because my retraction said that campus administration was not considering charging per-page fees when in fact they actually were, so I had to retract it and send a new retraction that didn't call attention to that factPrank 1: In high school we wrote a fake DOS for our Apple II+. It accepted commands and ran them, but occasionally would reply with a snarky message. Our teacher was not amused.
Prank 2: This was the late 1970s/early 1980s when laser printers cost many thousands of dollars, and neither me nor my high school peers had ever seen one. I found some CGI images in a computer magazine and Xeroxed them onto pin-feed paper for dot-matrix printers. I showed them to my friends and convinced them that I owned a laser printer. The pin-fed holes just added to the authenticity, since they had no idea how a real laser printer worked.
Prank 3: My parents changed checking accounts and had a whole book of unused checks. I told my father I wanted to do a prank and he agreed to write one of those checks for $600. I showed the check to one of my classmates at the beginning of the day and told him I was going to buy a computer after school, and he could come with me. When school ended and my classmate found me, I took out the check, declared I no longer wanted a computer, and ripped it up in his face. He was stunned.
Prank 4: The local library had an Atari 400 with a coin-operated TV screen ($0.25 for 15 minutes). Without the use of the screen, I wrote a simple BASIC program to emit a beep randomly every few minutes, started it running, and walked out the door.
Corporate Prank #1: Back in the DOS days, when the standard office computer was an IBM AT with a small built-in speaker capable of being programmed to beep, I set up the autoexec.bat file for several workstations to play (quickly, and at low volume) the first eight notes from the melody from "Brazil." The movie had just come out, and I thought the tune would be a fitting commentary on the parallels to the corporate life.
Corporate Prank #2: Every year or so the cafeteria would print surveys on blue cardstock and put them on all the tables asking questions like "Were the cashiers friendly?" and "How was the temperature of the food?" My friend and I found matching cardstock and mocked up copies, but changed the questions subtly, e.g. "How was the temperature of the cashiers?" and "Was the food friendly?" and distributed them to all the tables. Never found out what happened, but I'm sure management wasn't happy.
Corporate Prank #3: One day I went with my friends "B" and "C" to a different corporate cafeteria where you paid a flat rate just before exiting. "B" managed to find an emergency exit door just before the cashiers which let him make his way to the elevators without paying. Now the setup for the prank: every few months one of the departments would distribute company-wide security memos (on paper) which would get distributed to every desk. Me and "C" mocked up one of those security memos (complete with a police artist style sketch of "B", who had skipped out without paying) which warned everybody to be on the lookout for the suspect who was last seen exiting the cafeteria through an unmarked door, and should be considered dangerous. We made photocopies and put them on every desk.
Some 15+ years ago ThinkGeek productized this as the Annoy-a-Tron, a small magnetic circuit board which could run on a coin cell for weeks. Tuck one of these into a well-hidden place and it will dismantle the sanity of anyone spending enough time around it.
Other more refined versions exist now from a plethora of vendors, I will refrain from linking them here.
At first he seemed mildly annoyed but mostly ignored it. You couldn't always hear it depending on what song was playing, so that helped keep it hidden for a while. Fast forward one week, we came back from lunch to find that the guy had disassembled almost everything in his cubicle before finding it. He angrily held up the radio and called us all jackasses. I have a little chuckle every time I remember this!
This post has been removed by Redact for HN.
edit: hey that doesnt look like stars to me
Warm regards,
To me your message appears as:
*******
edit: hey that doesnt look like stars to me(BTW I love bash.org!)
edit: What now?
<Replying to this comment requires a Hacker News premium account>
The funny part is that it wasn't actually an April Fools joke.
I discovered that I could access the Startup folder on other employee's machines on the network via Windows Explorer. I put a script in one of my very rule-following co-worker's folder that was something like: dir dir dir dir (x100) echo All files have been deleted.
I watched them from around the corner when they booted up, saw the flood of file names flash across the screen, and flipped out when they read the message at the bottom. They reached for phone immediately to call the IT admin and I rushed out from around the corner explaining the joke. Never got in trouble. Good times.
We copied their "Reserve a year book early poster and save". Then used photoshop to edit it to say "50% off your year books with this QR code". The QR code then linked to a gorilla eating a taco (google this its pretty funny), adding to confusion. The year book committee had a FREAK out and sent out a mass email that the QR code was fake and not to follow it and you COULD NOT GET 50% off a year book no matter what link you followed. Needless to say sparked more interest in said QR code and soon the whole school had loaded a gif of a gorilla eating a taco.
Some people get fired for making their bosses look bad. He screwed up by making them look good.
- Two of the VPs at the company were named Jim Collinsworth and Peter Sachs (not their real names).
- For reasons I can't remember, I was able to send emails through the company's Windows email server under any name that I wanted.
- So, I merged the two VP names and I sent an email blast to the entire company from "Peter Collinsworth" (just swapping first and last names).
- "Peter" Collinsworth's email said something to the effect of "In honor of the 765th anniversary of the establishment of the Exchequer and the signing of the Magna Carta, <biotech-startup-x> is declaring April as 'English Unit' Celebration Month. All laboratory generated results will be reported using the following units: Instead of mg/kg/day, we will use pounds/stone/fortnight ...." etc. etc. etc.
- Well, Jim Collinsworth (real VP) saw the email and even he thought that the email had been sent under his own name.
- So, Jim fired off an email blast saying, "I did NOT send this. I don't know what this is about."
- Everyone soon realized it was an April Fool's joke.
- Jim eventually made his way to my office to say ... "That was really funny. Don't EVER do it again."
I know of several fortune 100 companies that still allow this due to the way they set up email protection with o365 and Proofpoint, ironically. not naming them. I've done similar pranks and got by with the skin of my teeth but would not recommend people do this early in their career especially if leadership are sensitive to embarrassment.
Funny thing is that I cleared my prank with Peter Sachs because he was a bit of a stick-in-the-mud, but he told me to go for it and he thought it was hilarious.
I didn't clear it with Jim Collinsworth because he was a bit of a jokester himself so I (incorrectly) assumed he'd have no problem with it.
I had a CTO tell me to fill a cubicle with quick drying cement after a prank went wrong but I stalled him long enough to cool down. I knew the building management company would have been furious had I followed orders. The CSO had pranked the CTO with a dongle that opens excel and slowly types "I know what you were doing..."
next time recommend using expanding insulation foam instead, but first cover everything with big sheets of plastic. the victim will still have a hell of a time getting rid of the foam. that stuff hardens...
Or they don't want distractions that are too costly.
The glorious days of open relays, back when spam was in its infancy. Today it's mostly done on a whitelist basis to let tools like JIRA or Gitlab send notifications under the name of users themselves instead of some noreply address.
Kudos to this guy, at least his prank email was kinda funny.
Growing bored with playing Gorilla.bas, I wrote a program that let out a several second long, <100hz tone, a "Fart" if you will, and then printed "oh, sorry, I couldn't contain myself!".
I backed up autoexec.bat as autoexec.old, wrote a new autoexec that ran my program, deleted it, and then restored the original autoexec.bat to cover its tracks.
We weren't present when it did its thing, but the next day I was informed that if it happened again, I'd lose access, and that was it. No "hacking" accusations or anything.
I also remembered another detail: Apparently the same fellow, who had a reputation for smart but also extremely difficult to deal with (I wouldn't know, never met them) also had their fingers in one of the first dialup Internet services in the area, cleverly named DNIS (Desert Network Internet Service, I think? It was basically an Internet connected Linux shell if I recall) but everyone locally called it PNIS. Poor guy.
In middle school our entire school network was running some strange windows server p2p setup. What this means is that any computer could issue commands across the network to other computers, purely by knowing the name of the port. Luckily, every ethernet "outlet" had a label stating the port's name. This made it stupidly simple to issue a `shutdown \M <PORT>` in the middle of class.
We sat there and saw every computer at the school turn off with a custom message. Except his computer. He really looked dumbfounded.. I get a smile when I think of it.. it wasn't anything evil or bad, but just fun.
Good 'ol times. He didn't get into any trouble, just disciplinary extra curricular work. Which I think was good for that bully anways.. he was lacking behind.
Also I remember accesing everyone $C drive and copy a counter-strike map of the school I was modeling into. So, the next time anyone went to a LAN-Party (THOSE were GOOD Times), everyone would see the school name as a map and nobody would know who made it. Obviously no violence intended. I just wanted to play in an environment that I spent most of my day and have fun afterwards at they way we could have some fun. Asking everyone to download it would've just led to trouble. Of course I heard of school shootings, but counter-strike was harmless. Those who did think of worse had this in mind anyways.
(there's a photo of a Nokia "running" Linux in that album - https://www.flickr.com/photos/ruicarmo/16931940010/in/album-... - I got a lot of mileage out of that animated GIF)
I did this in the early 10s on a fleet of hateful HP MFPs at my first job.
I think it's the only way that people who get the "printer guy" label can stay sane in the office.
For a couple minutes observed people coming up to a terminal, trying a few things, and stepping away in frustration.
I sure hope administration did restart the terminals overnight to return regular function; normal users were unable to access the power & reset controls.
In the late '00s I was working at a small ed tech company that had recently moved into a nice new HQ with a large kitchen. They got this pretty fancy popcorn maker and the IT team put it together (I was a dev, so I was not on this team). People kept burning the popcorn, so it became the office/facilities manager, Tim's duty to make the popcorn (which he was not exactly happy about).
I was in the IT closet looking for some cables and noticed a bunch of spare networking equipment laying around. So I grabbed an old four-port switch, an external wifi antenna, and some cables, then I stayed late one night and "installed" them on the popcorn machine in a manner that was surprisingly convincing. IoT Popcorn machine before IoT was a thing.
I also wrote up a script that would connect to our Outlook server, and send an email to Tim, "FROM: TECH-POP <techpop-machine@companyname>" with "SUBJECT: TECH-POP IS READY TO BE REFILLED" and some techy-sounding status updates in the body of the email. I even kept track of the number of popcorn bags remaining in the cabinet.
Once every few hours, I'd run the script, and Tim would dutifully get up and make some popcorn. After about a day, I ran the script and heard loud, "GOD FUCKING DAMNIT", and the slamming of a chair. Tim went over and ripped all of the networking stuff off of the popcorn machine and threw it in the trash. He then paid a visit to the IT manager to clarify who it was that thought it was his job to "refill the fucking popcorn". The IT manager, with a completely straight face, gets up and I see them walking my direction.
They get to my desk, and the guy is coming down from being piss-pissed. His face is all red and eyes are watering. The IT manager tells him, "it was this fool's idea." They laugh and say it was a funny prank and Tim playfully grabs my collar and shakes me a little.
After that, I get a message from the IT manager to avoid pranking Tim in the future.
Let the 90's Unix flame wars begin!
Around '95 I spent a solid year setting up a pair of T520s worth about a million bucks, to be a HA cluster responsible for part of the billing process, which was being ported to Unix from the IBM mainframe by a team of 20 (mostly inept, a few smart cookies) programmers. Only to be cancelled at literally the last possible moment to keep on the mainframe. I highly suspect that it was all a ploy to get better mainframe upgrade terms.
Not on April 1st, but at one point management spent the last of their budget for the year on upgrading this pair of T520s from 2GB to 4GB of RAM. BUT they didn't buy extra drives to grow swap, and we were already WAY into the deployment so we couldn't just go repartitioning. HP-UX required all memory to be backed by swap to be able to use it, so the extra 2GB of RAM went entirely unused.
I admin'd some HP-UX machines for a hot minute in the early 2000s. It pretty much cancelled out any goodwill, but I do sometimes think back with nostalgia for the workstations.
oof
Does anyone remember the Informix / Oracle wars? What a time to be alive that was.
The power of being able to send this file via msn to a friend, convince them to open it, and then get a full message in capitals of "YOU HACKED ME! MY COMPUTER IS BROKEN!" Before watching them go offline (the script shut down their computer after 30 seconds) was a real heart racer. I am sure it contributed to my interest in computers in the following years.
This was a lot of fun to read and really tells the story well. I am thoroughly amused. Thanks for sharing this!
> start up BASIC
> PLAY "l16ecececececececececececececececec"
> thunderous footsteps as my dad RUNS to pick up the phone that isn't ringing
$ grep -q --binary-files=text ACCIDENT `which sl`
$ echo $?
0This sentence increases the likelihood that I have crossed paths with the author by something like a factor of a million, as I estimate that the number of people who have ever taken that class is certainly lower than 100k and quite likely lower than 10k.
I wonder if the joke would have gone over better with the higher ups if it didn't coincide with their plans to implement an actual pay-to-print system. I'm sure they were none too happy about having attention drawn to an unpopular change they were already planning.
"...and told me I'd better send a retraction before the CFO got in or I was in big trouble. That went wrong also, because my retraction said that campus administration was not considering charging per-page fees when in fact they actually were"
The email is what turned it from being a speed bump to a major impediment to people, at least mentally.
The physics teaching lab had a large number of BBC Micro computers, these were the precursor to the ARM RiscOS ones made by Acorn, and physics departments loved them because (a) they were full of ports that could be attached to experiments for data-gathering, and (b) they were easy to use and had a (for the time) fairly high-res screen for displaying results. One of those ports was the "econet" port, which linked all the computers together to a fileserver with (gasp) a hard disk on it, giving a primitive (by today's standards) networking ability.
So we were all given YR1.<letter><letter> usernames, and the letters more or less corresponded with our initials. I figured out that they'd actually just made all combinations of YR1.AA to YR1.ZZ, so I logged into a spare one for deniability using the supplied default password (it was a different age...), bought a copy of the "Advanced User Guide" and the "Econet user guide" and history was about to be made...
Myself and a couple of friends decided we'd write a networked virus - viruses weren't very common in those days, they mainly came on floppy disks for Amigas or Atari ST's and did something nasty to your computer. Networked computers were rare outside of government or big business, so the opportunity was there, and we took it :)
I probably ought to say that the virus didn't do anything destructive, it just appended "Copyright (c) The Virus, 1988" to the end of any directory listing (get a directory listing was one of the vectors).
[technical aside]
The BBC micro had two different "interrupt" type mechanisms ("events" and "interrupts"), and the OS was highly vectored (so on an interrupt or event, the 6502 would jump to the location provided by a table of 2-byte entries in RAM, with the event/interrupt being the index into that table).
Everything was vectored, "get a character", "write a byte to a device", "perform an OS call", ... And all the devices (floppy disk, network, ...) were implemented in a similar manner. It was a hackers dream of a computer, really.
[/aside]
What we also did was enable the virus from any event (key-press mainly) or interrupt (VBI, NMI,...), and the events enabled the interrupts, and the interrupts enabled the events. We also made it re-enable itself specifically when you typed "*." (which made the "get a directory listing on the current device" OS call) - this was sneaky, we thought, because if you'd somehow managed to disable the other code, you'd do a "*." to see if the virus was still there...
The virus wrote itself as !Boot in the root directory of the current media (and of course hid that entry from view, so you couldn't see it) which meant the next time you used that account, it would be activated on that machine.
Come April Fools day, we decided we were ready. We put the virus on one machine in the lab, one of the 10 machines that were in the "damn I need to get my lab-report written up" section that wasn't actually in the lab itself, but was still networked to your account.
We were sitting in the same section updating our own lab work, and heard the "WTF!" Students gathered round, the affected person logged out, went to a different machine (thinking there was a problem with the machine) and logged in there, infecting that second machine with the virus. Someone else logged into the first machine, and they were infected too... Since the !Boot file was on the account on the network server, turning the machine off/on and then logging in re-infected the machine...
It spread like wildfire.
We had built in a vulcan-death-grip-style "disable the virus" key combination, so we wouldn't be affected, and thought ourselves very clever. The idea was not to be affected, but soon after release it was necessary to ignore that because 3 accounts unaccountably (sorry!) uninfected would have stood out like a sore thumb.
A couple of days later, an all-students meeting was called. "Authority" was taking this very seriously, they shut down the network, turned off all the machines, and disinfected the network server by hand, removing the !Boot file from every account. They said something along the lines of "this was not funny, don't do it again or there'll be serious consequences". Everyone went back, and life went on.
About a week later, the virus again raced through the network, infecting every account in a matter of hours. We hadn't re-released it, and with some horror, realised what had happened - someone had done a "*." on their backup floppy disk, and then brought it back into the lab and booted from it, infecting the machine, and thereafter the network. The thing was too damn infectious for its own good.
If we thought "Authority" had no sense of humour last time, this time the meeting was very short, the message was "when we find who did this, we will expel them". Excrement and Fans were in close proximity. Hitting each other, one might say. We couldn't "own up", it was too late. We had no control over what people did with their floppy disks, and things had escalated way too far. We came up with a plan...
We wrote another virus. Hear me out. This one was silent, had a time-to-die (when it would delete itself) of about 2 months, and (virtually) "pressed" the key combination that deleted the old virus. We purposefully infected lots of machines with the new virus, waited, and prayed.
Things worked out fine. Everyone got infected with the new virus for a while, which destroyed the old one, without being aware of that fact, "Authority" thought they'd laid down the law and been taken seriously, and we managed to not get expelled.
And breathe
I have never written anything remotely like a virus ever since.
It makes a good story now, though :)
It's cool to do these to your friends in High school, but I once wasted a good amount of time at work because of an April's fool joke. I already didn't want to do the work so I got really upset to have wasted time doing something boring and useless.
Additionally, the scale of social media can create situations where it wastes everybody's time several times per day... Including on HN.
Feel free to prank your friends, but don't bring it to work or the Internet, please.
There are worse crimes in the world, but it is bad.
Bollocks, and bollocks to the parent hot take. Any moral framework that forbids fun, whether it's because it offends God or "causes people (a tiny bit of) stress", is repugnant to me
The reality of professional standards is we can't control what people feel or happens to them but we sure can put a good faith effort in to try and make the experience as neutral as possible. This April fools prank breached that standard in an unpleasant way. I hope there wasn't a student tired and on edge trying to meet a deadline. It'd feel awful to think the print system was out, spend a morning running around and then learn that some IT bloke was abusing his power out of a misplaced sense fun. It isn't a serious offence but it is bad behaviour.
That is the question.
You can't even make the (quite bad) defense that people should have known better and it's their own fault for falling for it. The message was 100% plausible.
Not the best way to measure time imo.
My employer gets about 40 hours/week of "work" from me, whatever that might consist of. I cost them $X every two weeks in pay and benefits. It's pretty reasonable to say my attendance in a one-hour meeting has a $X/80 cost to my employer.
You don't need to overcomplicate this. The employment relationship is pretty simple at its foundation: the employer buys the time of its employees.
Nobody says “you know boss, that two hour meeting today was a total waste of time, please deduct two hours worth of my salary from my paycheck”. So the company quite literally pays for everyone’s time who was at the meeting. And that is a function of who is present and how long the meeting goes. It is very much not a function of productivity/value.
And the point of having a, more often rethorical than real, taximeter showing the cost of the meeting puts this into perspective. The more people you invite the more the meeting costs. The longer it goes the more it costs. The goal is not to abolish all meetings, but to make people think if the bang to buck ratio of the meeting is right. To instill a culture where people prepare for meetings, they have concrete questions or decision outcomes they are looking for, and to criticaly think about the length of the meeting and right-size the invite list.
It's not fun when the corporate marketing team meets in September to start planning their April Fools jokes.
Hell don't even prank your friends, most of them don't appreciate it either.
The university-wide email was probably too much but displaying INSERT 5 CENTS on an HP LaserJet 4 for a day is great.
Imagine being one of the people who had to field all of those phone calls. Probably quite a few of those callers were quite angry. Imagine being subject to that anger because some moron in IT you never met thought it would be funny to play a prank that lands on your head.
For reference, see the HN thread from a few days ago: "How to write blog posts that developers read": https://news.ycombinator.com/item?id=43503872
Edit: A few section headers might help. For example, paragraphs 2-6 could be under "Background," then add a header "The Joke" before paragraph 7. "Aftermath" might be good towards the end, too.
---
BTW, taking a joke is an important life skill, too. The people who flipped out over a silly April Fool's email need to get a life.
Designing an AFJ is tricky, and the larger your audience the trickier it gets. Your friends know you're a jokester; they figure it out almost immediately. When you send it out to a bunch of people you don't know, somebody is going to forget the date and assume you're serious -- because it's supposed to look serious.
Further, if it looks like something that might be a problem they have to solve, somebody is going to start solving that problem immediately. You don't know what's going on in their day -- if they've already got six crises going, they're not going to "take a joke" well.
The wider your audience, the more obvious you have to be. Knowing how to deliver a joke is also an important life skill -- as is learning not to blame your failure on the target.