June 10, 2019 By King
Who, Me? Ah, the sweet, sweet smell of Monday. What better way to start your week than combining it with the latest confession of wrongdoing from The Register readership in the form of our weekly Who, Me? column.
Today’s blast from the past comes from a somewhat unrepentant reader we shall refer to as “Charles”.
Take yourself back to the 1980s, the derring-do of Vulcan 607, Peter Davison as Doctor Who and a period when mainframe time at UK establishments of higher learning was a precious thing.
Young Charles was a first year student, studying Computer Science and, by all accounts, a bit of a bright spark. Perhaps a tad too bright.
He’d completed his assigned coursework in no time at all, “leaving,” as Charles put it, “plenty of time to think of things I probably shouldn’t have thought of.”
The Devil makes work for idle hands and all that.
Charles’ educational establishment had a bunch of green screen terminals scattered around the Computer Science building attached to a mainframe. Rather than hitting the student bar, Charles occupied his downtime by tinkering with code, “including a small program emulating a login screen, that dumped the entered username and password in a file in my own home directory”.
It’s good to know that almost 40 years ago, miscreants were spoofing login screens to catch unsuspecting users.
Charles told us: “I ran it one night, got hold of one user’s details, and then ran it from that user’s account, dumping the login details into a file in his home directory, accessible by everyone.
“And then ran it from about 10 users’ accounts, doing the same thing.”
Charles had, up to this point, been merely curious. While the japery had worked well, “I had absolutely no intention of doing anything bad with any of these accounts and forgot about them for a while”.
However, there are few things more dangerous than a geek with time on their hands, and Charles began looking into the world of scripting, coming up with three lines to strike fear into the heart of a BOFH.
Charles hit go, expecting the OS to call a halt to his shenanigans: “I didn’t expect it to actually carry on running, creating nested directories thousands deep, but it did.”
Oops. Deleting the things took over an hour after the script had been left to run for a minute or so.
We’ll leave the next bit to Charles: “Then the evil demon in me appeared and suggested, ‘Wouldn’t this be fun if you ran it from 20+ user accounts at the same time?'”
The demon won and Charles unleashed the horror before rapidly exiting the Computer Science building. He passed the establishment’s crew of BOFHs and PFYs “running full pelt to the terminal room I’d been in”.
The result of Charles’ prank? “They had to take the whole system offline, and sorting the mess out took many, many hours.” To further rub salt into the IT department’s wounds: “System processing was leased out to customers, so they must have been happy too.”
Overjoyed, we suspect.
In an unusual turn of events, Charles was caught and a suitable punishment administered.
As for what happened, well, what would you have done with a student who managed to take down the mainframe?