back to article Sysadmin's PC-scrub script gave machines a virus, not a wash

Welcome again to “Who, me?”, The Register’s confessional column in which readers reveal their mistakes*. This week meet “Chad”, who told us that “Very early in my career, while I was still in community college, I worked as a computer lab assistant at the school.” His assistance was needed because students did all sorts of …

  1. 45RPM Silver badge

    When I was at Uni, there was a Mac SE FDHD installed as a gate guardian at the entrance to each computer room. No keyboard or mouse was connected to it and the idea was that you’d insert your floppy disk into the Mac, it would scan the disk (for DOS and Mac viruses) using I don’t know what AV package, and then return your cleaned, safe, disk for you to use in the lab.

    For all I knew, it did nothing but provide a false sense of security. But it provided that false sense of security very well - provided that there wasn’t a queue of students waiting to use it. If that happened we all had a sense of the fsck-its and it’s amazing that we didn’t have an epidemic.

    1. Anonymous Coward
      Anonymous Coward

      A security point that everyone trusts and uses is the perfect target to try to compromise.

    2. Korev Silver badge
      Mushroom

      We used to have McAfee on our Uni NT4 machines, it used to slow the PCs down so much that most people just disabled it (I have no idea how/why this was possible).

      We need a John Mcafee icon, ideally one from his uninstall video with the guns, girls and "bath salts" (NSFW).

      Until then we'll just have to use this -->

      1. Anonymous Coward
        Anonymous Coward

        "We used to have McAfee on our Uni NT4 machines, it used to slow the PCs down so much that most people just disabled it"

        Safe mode > Right Click > Delete*

        Yes it was that easy in those days.

        *Sometimes you could even just delete it without safe mode booting, or even just kill the service.

      2. Wade Burchette

        "We used to have McAfee on our Uni NT4 machines, it used to slow the PCs down so much that most people just disabled it."

        So, just like modern McAfee then. It is nice to see that McAfee hasn't abandoned their glorious time-honored tradition of slowing computers down to a crawl.

      3. Anonymous Coward
        Anonymous Coward

        We need a John Mcafee icon, ideally one from his uninstall video with the guns, girls and "bath salts" (NSFW).

        I have that video on my desktop. I play it now and again when the McAfee Encryption software that we forced to use is being uncooperative and ruins my day. It never fails to cheer me up!

    3. Nimby Bronze badge
      Facepalm

      a Mac SE FDHD installed as a gate guardian

      That would have scared me! Old Macs had serious floppy spin speed inconsistencies, so that taking your floppy from one Mac to another could fail to read, or worse, destroy it if you write. Writing papers in a Mac lab I must have carted around 5 floppies, all identical duplicates, and still some days I would lose everything.

      1. 45RPM Silver badge

        Re: a Mac SE FDHD installed as a gate guardian

        @Nimby, I’d say that your Uni’s Macs were in bad shape then. The spin speed ‘inconsistency’ was normal functionality since Macs used CLV floppy drives (the disk passes by the head at the same speed regardless of where on the disk the head is positioned) rather than the CAV floppy drives fitted to PCs. By using this technique, the Mac could store a little more on a floppy disk than a PC could (although the amount extra, about 10-20%, was disappointing given the extra effort and cost required to make it work).

        Personally, I’ve never heard of loss like that - and certainly not from reading a disk (which is all that would be necessary if no infection was found). I’ve been using Macs for nearly thirty years now, and I’ve had no more failures writing disks on my Macs than I have on my PCs. Even today, on my ancient Macs, I sometimes have cause to use the floppy drive rather than the network - and still those ancient drives read and write my ancient diskettes perfectly happily and safely.

        /snopes-mode

        1. Anonymous Coward
          Anonymous Coward

          Re: a Mac SE FDHD installed as a gate guardian

          "so that taking your floppy from one Mac to another could fail to read, or worse, destroy it if you write."

          "Personally, I’ve never heard of loss like that - and certainly not from reading a disk"

          Having been in desktop support back in the day, I can safely say this was not as uncommon as you may think on PC's (I can't comment on Macs). I remember Sony drives being a fave for knackering disks from other makers.

          And then there were the slot loading CD-Rom drives that would gouge the disk so badly they became unreadable after a few uses...looking at you Compaq.

        2. heyrick Silver badge

          Re: a Mac SE FDHD installed as a gate guardian

          "Mac could store a little more on a floppy disk than a PC could (although the amount extra, about 10-20%, was disappointing given the extra effort and cost required to make it work)."

          DOS - 720K, RISC OS 800K

          DOS - 1.44MB, RISC OS 1.6MB

          Same disc hardware, same discs. Just a format that wasn't as crappy as FAT.

          1. 45RPM Silver badge

            Re: a Mac SE FDHD installed as a gate guardian

            @Heyrick

            Yeah, but RISCOS, and the Archie in general, was awesome.

          2. Lennart Sorensen
            Happy

            Re: a Mac SE FDHD installed as a gate guardian

            The amiga got 880k and 1.76MB, so there. Of course while it could read floppies from other machines, no one else could read the amiga ones because they had no sector gaps.

          3. ChrisC

            Re: a Mac SE FDHD installed as a gate guardian

            "DOS - 720K, RISC OS 800K

            DOS - 1.44MB, RISC OS 1.6MB"

            I see your Archie values and raise you the 880KB / 1.76MB of an Amiga ;-)

            1. Prst. V.Jeltz Silver badge

              only coppy on a floppy.

              Back when i worked in a college , all the students would store everything on a floppy , and regularly lose it due to the well known durability of floppies , of any format.

              When asked why they didnt have a copy of this important work on their home drives on the network they would say "Teacher told us to store our stuff on these disks"

              When the teachers were asked why they told the students to use floppy disks they said:

              "Its on the syllybus that students need to know how to use a floppy disk".

              I think we can all see the numerous facepalms and ironies here.

              I suggested the teachers inform the students what a Home Drive is , and that they should use floppies for transferrring files they had other copies of on the network or at home"

              That was the start of nobody ever listening to my ideas no matter how sensible. Not much has changed.

  2. Anonymous Coward
    Anonymous Coward

    Back when I was a student.....

    Around 1988 and before such things as AV software were around. I wrote a little startup routine that drew a smiling face on the screen and wished you a nice day before existing and booting as normal to the DOS prompt. I can't remember why I wanted to write it, but for some reason I did, and it was for other computers, rather than the college ones. I tested it sometime in the morning, then spent the rest of day doing normal student things before returning to the computer lab later in the afternoon to complete some proper lab-work. I was rather surprised to find the lab was locked with a sign on the door saying "closed until further notice", as was the other lab on another floor.

    The next day all classes that had access to the lab were asked to present our floppies for inspection and testing, and it was at that point I asked the lab tech what the problem was....

    "We had a virus outbreak in one lab. We spent the afternoon and into the evening checking all the other machines and all the floppies in the department. Now we need to spend the whole day checking all the students floppies. It's going to take forever, and we've lost lots of teaching time already"

    I then commented that it must be a terrible infectious virus but it was better to be safe than sorry. At which point the tech mentioned "yes, the virus even wishes everyone a nice day with a smile as it spreads and deletes files. It's not been a very nice day or evening for any of us".

    Guess who forgot to remove my little routine from the machine I tested it on? And no, it had absolutely no mechanism to spread or delete files, but hey, what's wrong with a bit of over-reaction? I never did tell anyone until now........

    1. hammarbtyp Silver badge

      Re: Back when I was a student.....

      In the early PC days, we were all trying to learn about these new-fangled machines, and if you was something cool you wanted to re-create it.

      At that time there was a famous virus called cascade which has the fun effect of dropping letters one by one to the bottom of the screen. Of course being inquisitive little blighters we wanted to know how it worked, so developed our own version (without the virus parts of course).

      Unfortunately it was left running on a machine where a passing member of IT from their rare ventures from their bunker saw it. He then initiated a full lockdown of the company and quarantining of all machines.

      It took about 3 days to find out why and sort out that we were just messing around and as far as we knew there was no virus.

      1. Prst. V.Jeltz Silver badge
        Flame

        autoexec.bat

        Back in the days of win3.1 , dos 6.22 I started work at a college. They had just started "getting organised" cos 'puters were a thing now that everbody needed , not just tech students , so , very forward thinkingly , they centralised things and divided the IT staff into server and desktop ( IT / grunts ) and put a wall between them . So the job went from a groovy chilled "hey! try this" , "learn about that ... " , "heres a new thing we bought - youre the one to master it" to:

        "Stick this floppy in and reimage it" . I was on the wrong side . I should have left a lot earlier (did 8 yrs).

        Now in my corner of the college , the PCs were booting up , and then failing to "Find the network" quite often , but not all the time .This didnt seem to unduly bother the only people with the ability to do anything about it - the server boys , as they dont face the ire of the users. A fact still true today at most places. And so this went on for months. with much , quite justified , complaining from the users - at me.

        In desperation i re-rewrote the autoexec.bat so that when it had loaded the multiple files necessary to connect to the network (novell) it checked if it had worked , and if not loaded them again. This worked as a workaround , but performance still bad.

        One day one of my higher-ups and betters was passing through , sees the problem , looks at the switch up in a cab in the corner that we had No Access To and says "Ooh , look , this is all set up to be as shit as possible - its all 10mb half duplex , no wonder its slow ...

      2. Anonymous Coward
        Anonymous Coward

        Re: Back when I was a student.....

        Back when i was a student .... about 92 , when logging in meant running login.exe on the already mapped F drive ....

        I wrote a false front end console app to collect passwords . I could do it a lot better now in hindsight .. but it worked . Just in the spirit of adventure and exploration y'know? nothin malicious .

        Source code was found in my home drive (mistake 1 of many) and a written warning issued.

        One of my proudest moments. I keep it in the same folder i keep the certificates I gained at the end of the course!

        i've stopped short of putting it on the CV though :)

  3. Wolfclaw Silver badge

    The wife too caught a nasty virus from a floppy, doctor gave us a shot of penicillin and I had a lot of explaining to do.;)

    1. 45RPM Silver badge

      A floppy?

      1. Andre Carneiro

        Well, 4 out of every 10 men have issues at least once in their lives...

        1. Jeffrey Nonken Silver badge

          I'd rather have a 3.5 inch hard one than a 5.25 inch floppy one.

          1. Anonymous Coward
            Anonymous Coward

            To continue a theme...

            Blame Mr. Wang for us all not having 8" hard (sectored) ones

      2. HmmmYes Silver badge

        Its age.

        Or drink.

        Or both.

        1. Korev Silver badge
          Joke

          A stiff drink?

    2. Dave K Silver badge

      Maybe she borrowed a floppy from work? One that had been shared around a lot? Finding the source of the infection is just as important as treating it...

    3. Symon Silver badge
      Headmaster

      Penicillin doesn't clear up viral infections. It only works on bacterial diseases.

      1. Anonymous Coward
        Anonymous Coward

        Wow you must be a real laugh at a party.

  4. Rich 11 Silver badge

    Horrible memories

    “It was so bad we had to stop every student at the desk and have them surrender their floppies for scanning before use in the lab.”

    Been there, hated that.

    If we got the lecturers to tell all their students they risked losing their work, the office would be packed full of panicking students waving disks in the air. If we didn't, and just put up notices saying it made sense to have their disks checked as they came in, most couldn't be arsed. As it was, some brought in all their old disks and one introduced another virus which our AV didn't know about. Not fun.

  5. PickledAardvark

    File size weirdness on a 486

    My problem was reported by an alert Chemistry lab technician looking after a handful of student PCs (386 PCs from one manufacturer and 486s from another) all running MS-DOS 5. He'd experienced usual glitches and subsequently observed that the reported file size for some COM files was different depending on the PC; some of the 486s reported differently from ostensibly identical models and from all of the 386s. Naturally he suspected a virus but all of the PCs were running the same AV product, VIS Utilities which had been updated at the same time. And he'd nailed it down to some of the 486s.

    I struggled to diagnose the problem before observing that some COM files changed size when copied to a floppy disk and examined on "good" and "bad" PCs. Then I turned off the AV software, VIS Utilities. And the problem went away. The "virus problem" was anti-virus software.

    My guess at the time was that the identical 486s had a motherboard revision or cache/RAM from different manufacturers.

    1. Anonymous Coward
      Anonymous Coward

      Re: File size weirdness on a 486

      Didn't some of the AV software of the day used to write stuff to the HDD, some sort of chksum data?

      1. Anonymous Coward
        Anonymous Coward

        Re: File size weirdness on a 486

        "Didn't some of the AV software of the day used to write stuff to the HDD, some sort of chksum data?"

        Yes, some AV software used ADS* on NTFS to write checksums and last scanned date/time info etc.

        The file would be unchanged to the original s/w.

        You could have a 2k file that took up 2MB space !!!

        Was very popular as a means to infect files until it became common knowledge and the AV vendors started scanning for ADS on files.

        * Alternate Data Streams

  6. PickledAardvark

    Just how many disks can you infect?

    I popped in one day to see former colleagues at a market research company I'd left a few years previously. After I'd left the company had deployed new computer aided interview software which ran on PCs -- blooming expensive Toshiba T1000s or similar. A floppy disk could record dozens of interviews but interviews were expensive to collect. After a disk had been used 10 times at most, it was duplicated twice and one copy was sent off for processing.

    A former colleague showed me a cabinet containing thousands of floppy disks infected with ONE boot sector virus. There were two cabinets at different sites containing backups of the infected disks. Ouch.

    The virus had little or no impact on a laptop used to conduct interviews, or on the PC used transfer files to a minicomputer. It was only spotted when a PC used for number crunching became infected.

  7. Nick Kew Silver badge

    Perspective

    So Chad expected his career to be over. It wasn't: he was the very junior bod, and his boss (presumably) took the view "these things happen" and "we should've taken more care over what he was expected to do". I expect he learned from his experience.

    The real career-killer for a junior would've been to take a more cautious approach. You get seen as slow, lazy, and useless.

    1. Symon Silver badge
      Devil

      Re: Perspective

      Slow, lazy and useless isn't so bad; fast, eager and useless is far more dangerous!

      1. Nick Kew Silver badge
        Facepalm

        Re: Perspective

        Heh. So that's what was wrong with my career.

        1. Anonymous Coward
          Joke

          Re: Perspective

          " fast, eager and useless is far more dangerous!"

          I think you'll find the correct terms are "Agile" and "Disruptive"

      2. Spanners Silver badge
        Alien

        Re: Perspective

        I have always aimed at "constructive laziness".

        In a previous job, my manager explained it to his boss something like...

        "Because he is lazy, he doesn't like to get called back to the same job over and over if possible. To stop that he prepares more and takes longer to do some things."

        It seems like a good M.O. to me!

        1. Anonymous Coward
          Anonymous Coward

          Re: Perspective

          "In a previous job, my manager explained it to his boss something like..."

          Early in my career my boss said that he really should fire me because I was so slow in my software development. He then went on "The problem is that when you have finished - it does what it should".

          1. Mine's a Large One

            Re: Perspective

            My boss regularly used to comment on how it took me longer to package software ready for deployment than the other team members. So I asked him whether he'd prefer me to take longer so everything worked properly at every stage, or whether he'd prefer me to be as fast as them, but then also repeatedly spend the extra time they did afterwards sorting out the issues they had cos they'd not done a proper job.

            And then I did it my way anyway cos... well... personal pride in a job well done.

          2. Anonymous Coward
            Anonymous Coward

            Re: Perspective

            Early in my career my boss said that he really should fire me because I was so slow in my software development. He then went on "The problem is that when you have finished - it does what it should".

            Fast - Cheap - Good

            Pick any two, and it won't be what's left.....

    2. tfewster Silver badge
      Facepalm

      Re: Perspective

      > "we should've taken more care over what he was expected to do"

      "we should've had anti-virus software before. It was just a matter of time, and no fault of Chads"

      FTFY

  8. ZPO

    Blame my ex!

    She opened up an email containing the "I Love You" worm and infected a moderately sized military base.

    I asker her how many emails she got with "I Love You" in the subject line that weren't from me.

    1. Jeffrey Nonken Silver badge

      Re: Blame my ex!

      Yep, but that Trojan often used your contacts. I once opened one from my father.

      ... Immediately realized that it was out of character* and took steps to disinfect. But yeah, I've been caught by the I Love You Trojan, if only for Long enough for a cleanup.

      * We're not a demonstrative lot. It wouldn't have been beyond the realm of possibility, but unlikely.

  9. Herring`

    No virus required

    I may be remembering this wrong, but it was sometime in the mid 90s - around the time of the "Good Times" hoax. One zealous person from PC support had read something about a virus traveling in Word macros and so put together a long document with screenshots and things. I weighed a few MB - which was big in those days.

    He then emailed it to the whole company. The old MSMail thing we were using seemed to make a copy for every recipient so soon all the mail servers we had were falling over run out of disk space. We also had a lot of separate offices and, well, considering we barely had 10BaseT inside the office, the WAN wasn't up to much. So all the mail servers were dead, the WAN was totally overwhelmed and the poor guy in the Caribbean office with his 2400Baud modem (really) was stuck downloading this thing. Then someone decides to "Reply All" expressing scepticism.

    It took more than 2 days to get everything running smoothly again. And for the biggest irony of all, we hadn't yet upgraded to Word 6 and so weren't vulnerable to this "virus" (if it existed).

    1. Anonymous Coward
      Anonymous Coward

      Re: No virus required

      Had a similar problem at the last place I worked at; We had a large quantity of remote sites, all on dialup, and a smaller set of area offices which were all connected via broadband of some form, ranging from a 384 frac-T to full T1. Some of the remote sites (if they were lucky) got 28.8k on a good day.

      One of our office managers was fond of sending out massive MS Publisher files, which choked the living daylights out of their dialup connection. Even worse, I got the blame because of it.

      Glad I'm not there anymore.

    2. Tom 13

      Re: No virus required

      Bhah! That took a whole email system.

      At my second real job, I routinely crashed the network all by myself just by sending a 20+ page print job. It was an early Novel network with an inadequately sized print spooler, which apparently was on the system volume for the network. I was the Desktop Publishing Specialist using Ventura Publisher. We managed a number of technical documents which imported HPGL files converted them to GEM format and then sent them to the printer in postscript.

      On the bright side, it led to my career in IT. The third time I did it, the network manager made me a printer queue manager and showed me how to print the files to the storage volume in small batches, then add them to the printer queue and watch to make sure there was sufficient space to add the next job. Between that and playing around with DOS and Windows for our DTP and graphics software, when I wound up at a company with no real IT staff, I was the only person not afraid to reboot the crashed novel server. The wife of my future boss thought I was a genius and talked me up to her husband. So when my current boss finally honked me off in a power pissing contest, I had an IT job waiting for me.

  10. Dodgy Geezer Silver badge

    Alan Solomon (of blessed mamory)...

    ... used to have a story about the impact of making infecting a work machine a sackable offence, as it wa sin the early days...

    He tells of someone working late, trying to make a deadline, who transfers some files off a floppy and infects his machine.

    Ten frantic minutes later he has failed to copy clean files from the print server next to him, and he now has two machines with the virus on them. A little while later, after an attempt to download a cleaning tool from the office internet machine, he is no further forward, and now has three infected machines...

    At this point he realises that his problem is not that he has a machine with a virus on it. His problem is that his is the ONLY desktop in the office with a virus on it......

    1. Stevie Silver badge

      Re: Alan Solomon (of blessed mamory)...

      Remarkably similar to the EDS Headcrash Cascade story found reported as "happened here" in every mainframe shop in the 70s.

    2. drsolly

      Re: Alan Solomon (of blessed mamory)...

      I remember that!

  11. Anonymous Coward
    Anonymous Coward

    I can't forget some AV package...

    ...that claimed that a recently formatted PC was infected. It was formatted from a bloody hologram-printed, legit, Microsoft Windows CD, so it couldn't possibly be infected. Indeed, the AV package said the MS-pressed CD was infected as well.

    False positives were not a thing back then... The AV package issued a fix that cleared the problem... who would you sue for spreading viruses? Microsoft? Good luck with that!

    That one saved my face, when I proved the AV package claimed the freaking original MS CD had a virus and we all knew it was impossible, because the entire planet using a Windows 95 would be aware of it by that point.

    1. Tom 13
      Facepalm

      Re: I can't forget some AV package...

      On the bright side, it was only one PC AND it was only a warning.

      Some years ago while working in a government office the McAfee software on the network got updated with a bad set of signatures. It detected the OS com file for connecting to the network as infected and quarantined it. This resulted in about 1200 computers in the office being unable to connect to the network. Which also meant that even after the vendor fessed up and sent out updated files, they couldn't be fixed from the network. So we would up with some CDs walking around to each system, booting into safe mode and updating both the AV and com file. EXCEPT, per government regulation we were updating the local admin password every 90 days. Except the update didn't always work. So we had a list of the previous 3 years of admin passwords to work through to log into each machine. WORST! THREE! DAYS! OF! MY! LIFE!!!

    2. Robert Carnegie Silver badge

      Re: I can't forget some AV package...

      Microsoft surely has sent out a virus on discs sometime. Maybe in the "TechNet" support package. And that's if you don't consider Windows itself or the Office talking paperclip to be viruses.

      Not to mention hoaxes like: (safe, probably.... you trust me don't you??)

      https://www.snopes.com/fact-check/jdbgmgrexe/ "(Teddy) Bear Virus"

  12. JJKing
    Coat

    I'm leaving; I've cum too early......again!

    The wife too caught a nasty virus from a floppy, doctor gave us a shot of penicillin and I had a lot of explaining to do.;)

    Maybe if you had a hard drive she might have cum right.

    Mines the one with the expired, unused prophylactic in the pocket. :-(

  13. Anonymous South African Coward Silver badge

    Your PC is now Stoned.

  14. Anonymous Coward
    Anonymous Coward

    Should I be admitting to this?

    Anon for a reason.

    Should I be admitting to this? Well it was over 20 years ago in the 90s, surely nothing can come of it now.

    Was on an IT course back then and enjoyed it. Never really took in the networking side for some reason, considering I enjoy it now. Anyway. The one thing I had notice was the way we'd login to the network. Boot the PC to Dos. Switch from C drive to F drive (can't remember exact letter). Type Login and press enter. Then you'd put in your login details and password. You were now logged in with your network account. Now type WIN, to start Windows 3.1

    Interesting (it was relevant). During this time we were being taught programming in Pascal. I loved it but turned out I was crap at programming. Anyway. One day while playing with Pascal at home I discovered a bit of code in the help file that taught you how to write what was input on screen to a file.

    So a plan appeared in my head but purely for education use only. I knew I wasn't great, I thought surely it wouldn't actually work. And I'm being honest about using it for education only. I coded what turned out to be a sniffer program. I had noticed so many people in lessons would type Login when on the C drive. So I made my program, called it login.exe and dumped it on the root of C on a few PCs in class. Told a few friends about it but told them NOT to abuse it. We would then collect the assignment.doc later (the file where all logins and passwords were getting stored from my program). Because people had a habit of saving their college work on the drives as well. I never could work out how to make the password appeared starred out on screen though, that was one flaw.

    I only remember we used one login that actually worked and was in that persons account. I was amazed. Not knowing enough about network at the time and amazed my program had worked. I do remember to this day for some reason, the password was masterofpuppets. Once in the persons account we never did anything, I insisted we never did anything, I'd just created it to see if it would actually work. And that was it.

    Later said idiots I told got caught messing around with animation software and pressing reset on PCs when a lecturer was near (that was banned because it meant if you pressed reset, you were up to something)

    Lucky for me I was off sick the infamous week or just couldn't be bothered to go in, I can't remember which. They got pulled up for the animation stuff (they were creating animations being derogatory to the staff) but also I think one of them got caught with the login program. As I told them at the time, if you ever abuse it and get caught, you know nothing about the author. I was lucky they stuck to this code as in their "interviews" they kept quiet. They were told "Whoever created this program is really good. Tell us what you know". I knew that was bullshit, the college hoped they'd boast. It wasn't good code, it was code taken from the Pascal help file. Two got kicked out and the other one was allowed to stay. There was also a big "talk" about it in the hall. It was weird sitting in a hall having a "security talk" about how "serious" it was and knowing it was me and that no one else in the room knew it.

    About a year later I found an article in the 2600 magazine talking about very basic encryption for Pascal. So I added that to the sniffer program. So now, if you found the assignment.doc file it looked all scrambled instead of being obvious was it was.

    Never did anything with it after that. The talk successfully scared me off doing anything else. I wonder if that's where my interest in IT security came about.

    1. Anonymous Coward
      Anonymous Coward

      Re: Should I be admitting to this?

      Luckily you no longer need a program.

      Just run an audit on your Windows domain to see how many failed login there were.

      You would be surprised how many passwords you turn up against failed login names.

      Tie that up with a successful login against a PC name and bingo...user name and password.

      I would guess thats the same for almost any User name / Password set up.

      Apparently...although I've never seen this in real life....but thats what a bloke in the pub told me.

    2. Herring`

      Re: Should I be admitting to this?

      It was a well known thing for Netware that logging in ran Login.exe. If you created a login.com (as a hidden file) and that was somewhere on the path, that would be executed preferentially (unless you specified the extension). Dead easy way to harvest passwords.

      The more significant vulnerability was in the crappy mail directories. That's where the login scripts for users were stored and all users (including guest) had create rights to all other user's mail directories. So if a Supervisor login script hadn't been set, it was easy to create one with a "GRANT ALL TO <user> IN <directory>"

    3. 2+2=5 Silver badge
      Joke

      Re: Should I be admitting to this?

      > Should I be admitting to this? Well it was over 20 years ago in the 90s, surely nothing can come of it now.

      > Was on an IT course back then and enjoyed it.

      Pervert!

      1. Robert Carnegie Silver badge

        Re: Should I be admitting to this?

        One of my old favourite newspaper quotes from BBC radio's "News Quiz" (listen tonight for extended programme):

        "Asked if she had anything to say before sentence was passed, Mrs Buckingham told the court: 'I have worked for British Rail for fifteen years. I am very sorry and ashamed.'" - Yorkshire Post

  15. Version 1.0 Silver badge

    I didn't infect anything ... but everyone screamed

    The wife had people passing around .exe files at the school she taught at - the principle told them to stop it and everyone ignored him so I gave here a file called australia.exe that flipped the screen upside down. She forwarded it to everyone and the school went to pieces because everyone ran the thing and then panicked. They stopped passing around executables after that.

  16. Shadow Systems Silver badge

    My dad had fun with Intel...

    Back when I was a wee lad no taller than a cricket wicket, my dad did work for various corporations like Intel. They would send him some software, he would write a user manual for it, then he'd ship the whole thing back so they would pay him.

    My dad being the crotchety old fart that he was, he used a non-IBM-compatible computer for all his work (A Commodore PET if I remember correctly) & a bit of software shim so his machine could read/write to their desired floppy disk formats.

    One day he gets a call from his contact at Intel advising him "you have a virus on your PC. The disks we got from you were all infected." Dad politely tells him "That isn't possible. Perhaps you might try disinfecting the virus scanning computer?" The Intel guy is adamant that it's *got* to be my dad's fault. Dad is adamant that it can't be. The Intel guy offers to send a tech to my dad's office, scan his machine, & *prove* it's my dad's fault, to which dad smugly agrees.

    The next day the Intel tech arrives, dad shows him to the office, & the tech starts to get out his virus-uninfected boot floppy... only to freeze in his tracks as he realizes my dad doesn't have an IBM compatible into which he can put it.

    "Where's your computer?" he asks incredulously. Dad points at the C= PET & says "Right there." The tech stammers "I can't do anything with that, it doesn't take IBM formatted floppies!" Dad smirks & replies "It can read & write them, but it doesn't boot to them. There is no known IBM compatible virus that can survive on my machine, especially after I reboot it. Now, please tell me again how it's *MY* computer that's given you folks a virus?"

    The tech had to go back to Intel & tell them my dad was right, then initiate a witch hunt for the actual source of their virus.

    Meanwhile my dad doubled his rates to Intel for having called him a liar.

    Moral of the story: Sometimes it pays not to be running the same stuff everybody else is using, especially when virus' are a concern. =-)p

  17. ShelLuser

    But the best feat of them all...

    Those virii could also override the write protection tab on a floppy with ease. That was the scary part because, until I learned otherwise, I always thought that the readonly tab would trigger a routine in the drive itself which would then make it refuse to do anything.

    Well.. that's not the way it works and you can actually bypass all that. So much for floppy security...

  18. Velv Silver badge
    Boffin

    Trigger Happy TV

    My favourite sketch. Dom Jolly in full yellow HazMat suit carrying a PC into a PC repair shop, putting the box on the counter and saying “I think it’s got a virus”

  19. vincent himpe

    Root filesystem takeover panic

    Windows 95 plugged to a network that had Solaris servers running Samba.

    In windows 95 you could bypass login by hitting escape and then create a new user. I had created a user called 'root' with a blank password and full privileges.

    When transferring files from the win95 machine to the Solaris server these were written from user account 'root' so nobody (except) could access them. IT was puzzled who the hell had the root password... they changed their root password multiple times, yet somebody always seemed to guess it.

    Things got worse when , using windows file explorer directories were cut and pasted .. and changed permissions to 'root'...

    Finally this was found out to be a bug in samba.

  20. DButch

    Valentine's day virus

    One day I got to work, fired up my computer, and got my first message: "I love you man!" From my boss (a VP). I thought: "Yeah, cute." Then my antivirus said it had blocked an infection. Then I got messages from all the VPs and Senior VPs in engineering, some of the board, and about half my colleagues. Pop-up messages from the anti-virus product filling my screen as fast as I could close them. At that point, it was officially creepy. A lot of the engineers weren't running with any protection.

    1. Robert Carnegie Silver badge

      Re: Valentine's day virus

      My boss got the ILOVEYOU e-mail - or something similar - and it did cross his mind that it could be a virus. So he didn't open the attachment. Instead, he forwarded it to me, to ask my opinion. Which was that he was out of his league. Also, out of his mind.

  21. J. Cook Bronze badge

    Fond memories...

    Quite some time ago when I was between jobs, I got called by one of the local slave traders (aka temp agencies) who were looking for *all* the available IT talent they could get their claws on.

    seems one of the local aerospace companies had severed all the interconnections to each of their offices world wide, and were decontaminating them one at a time after an executive had brought in a laptop with Code Red/ Nimda on it, which proceeded to spread like wildfire through their infrastructure due to (you guessed it) a lack of upkeep on patches. (this was also during the Bad Days of Windows 9x, NT 4- WSUS didn't exist, and SCCM was known as SMS and was even more terrible than it is now.)

    I spent about 50-60 hours there over a week and a half going through one of their larger facilities with a team of ten-fifteen others with a minder for the group and a couple burned Cd-R discs with the patches on them hitting up every machine we could easily patch, and flagging those we couldn't for the 'corporate' boys to visit later on.

    I noted with some amusement and irony, that a CNC machine the size of a small house that milled blocks of titanium worth more than a Cadillac being kept from running because the $50 CD-ROM drive on a $700 compaq deskpro had failed due to being crammed full of metal dust.

    Fun times, especially going through the R&D portion of the facility (no cameraphones!) and seeing my first 3d printer, which was something novel for that time period. (~2002)

  22. Anonymous Coward
    Anonymous Coward

    We got a call one day from one of our customers, panicked because one of their vendors sent out a product data disc that had updates for all their software, as well as a nasty virus. Their network was air gapped, but not sneaker ware gapped, and we ended up racking up some nice service charges to bring all their systems back from zombie land. The disc came from an international company with thousands of distributors - I can only imagine how much they spent on that little error paying back said distributors.

  23. OzBob

    Farwwell message that became a virus

    Had an application support engineer transfer (he got shuffled around the various IT divisions of this multinational for reasons that will become obvious) so he wrote a farewall message on the OS login script for the application userid, but made it so the text file added to the login message was tar'red without a ".tar" format. Two problems

    1. He did not revert back to the old login script, but kept adding the message to the end of the login script EACH TIME IT RAN! (cue 10 screens of output each time you stopped and started the application)

    2. He put it into multiple applications, so when country A and B went down, and USED THE SAME TEMPORARY FILENAME for building the login message, we had 2 country A systems running and no country B.

    We made the company fly him back from Country C to remove this virus. (I found the cause quickly but made him come back to confirm it). I last heard he got transferred back in after I left, god knows what the systems look like now.

  24. Anonymous Coward
    Anonymous Coward

    high school in the early eighties

    computer studies were available as a one unit subject, but not testable as part of the Higher School Certificate at the time.

    Had a couple of apple II+ computers as hardware, from reading magazines I found where and how apple dos stored its commands on each floppy. As a piece of pure juvenile thoughtless vandalism, i essentially changed the "init" command - which formatted the disk and wrote the copy of apple dos in memory, onto the disk - to go off on the letter "p". Apple basic at the time ignored spaces, and processed dos commands ahead of other basic commands.

    The command to read a disk, and load its version of dos onto the computer happened to be "pr#6" ... so when the next user came to the still running machine, inserted their floppy, and attempted to fire it up -it wiped and corrupted the disk.

    The next user was one of the maths teachers, not a bad one at all, and it wiped the year 9 half yearly test results.

    As a virus, it was too destructive to survive, and easily countered. More of a proto-virus.

  25. ICPurvis47
    Happy

    Virus attack thwarted by crashing the network

    When I was Deputy IT Manager for a Technical Publications company near Birmingham (UK), the IT Manager and I instigated a procedure whereby every incoming and outgoing floppy disc was run through a virus checker (I forget which one) on a sandbox machine that was not connected to our office network before being allowed to be used on site. This procedure was supposed to be used across all eight sites, no exceptions. One afternoon, as I was checking the outgoing discs for that day's production, I suddenly received an alarm that one of the discs was infected. I rang the IT Manager, who was at a different site that day, and he basically said to stop anyone using floppies until he got to our office. I disconnected the Thin Ethernet cables at the back of my computer, thereby freezing the entire network, and stood up on my desk to make the announcement. I then had to go round every computer, armed with the Silver Bullet disc to check them for infection, and also run everyone's discs through the sandbox computer. It turned out that only one computer was infected, the user was from another of our offices (Coventry), and had thought that, as he was still inside our organisation, he did not need to have his floppies checked (oo-er missus). I then phoned Coventry office to inform them that they were the source of the infection, and the IT manager went there next day to help their Deputy sort it out. I then reconnected the Thin Ethernet at my computer to bring the network up again. Earned my salary that day.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019