Not getting a list of "safe" systems ahead of time would be the main fail there I think. Just assuming from random naming conventions is not a smart thing to do, as proven.
Sysadmin misses out on paycheck after student test runs amok
Welcome once more to the world of Who, Me? – El Reg's weekly trip down memory lane with our dear readers. This week, our confessional column is taking a trip back to a college in the late ‘80s, with “Bryan”. While Bryan was at college, he was simulating a communication channel for binary data, which he described thus: “Take a …
COMMENTS
-
Monday 17th September 2018 09:37 GMT GlenP
Why...
did a student have access to the admin system in the first place?
Back in the day when I worked at the local college we'd certainly have noticed the excessive CPU times almost immediately as we reported on the heaviest users and applications weekly*.
*By far the biggest application for page swaps was a simple game which the students must have been playing endlessly. It had been written by one of the programmer/analysts who'd subsequently left but I found that by moving a subroutine from a separate function to inside the main code it would run without swapping. The system performance noticeably improved.
-
Monday 17th September 2018 09:51 GMT big_D
Re: Why...
I agree with your first statement.
But it sounds like he only used the machine once and that happened to be the night the payroll was run... In which case, unless you were running Nagios or something and set it up to create an alarm for excessive CPU usage, you wouldn't find out until after the fact - depending on whether you had night shift operators or not; if there were night shift ops, they probably should have noticed something wasn't right.
-
-
Monday 17th September 2018 10:47 GMT big_D
Re: Why...
@GlenP, yes, he had run the program several times on other machines and he had permission to do this at night, but it sounds like he chose the machines randomly, based on name and happened to pick Ada at a critical juncture.
@ anothercynic, And yes, I know Nagios wasn't around then, I was pointing out how we could do it now. Back then, as said, unless there were night ops keeping an eye out for "rogue" processes on the machine, you wouldn't have known, until after the fact.
Edit: On rereading, I guess I didn't make that clear, my bad.
-
-
Monday 17th September 2018 10:04 GMT anothercynic
Re: Why...
No, he used it several times... but happened to assign a job to Ada the night payroll was running.
And you are talking about Nagios. You do realise that Nagios' predecessor was first released in 1996... Look at what the article says:
This week, our confessional column is taking a trip back to a college in the late ‘80s, with “Bryan”.
Back then, Nagios was not even a glint in its creator's eye, since he was barely in secondary school then...
Just sayin'...
-
Monday 17th September 2018 12:44 GMT Tony Gathercole ...
Re: Why...
Agree very much that access to administration systems should have been better controlled; however so rusty that I cannot recall if it was possible to restrict access to sub-sets of members of a single VAXcluster with a single UAF. I suspect that something could and should have been implemented to keep user accounts to their authorised systems!
Brings to mind a situation at one of what is now a Russell Group University back in the mid-1970s when parts of the student body took it into their heads to occupy the administration block over some political matter (Overseas Student Fees, if I recall correctly). Anyway, there we were in the middle of the night in various parts of the admin area (based in what was then said to be the longest corridor in Europe) when I realised that a small bunch of hot-heads had broken into the administration computer suite and were about to cause significant physical damage to the disc packs they found in the room (some variety of mid-sized ICL 1900). As a computing mainstream student I could see the potential for many types of 'own goal' if they went any further. Thankfully, with a bit of 'persuasion' I managed to get them to leave things alone and cause no further damage.
Spent the rest of the night re-fighting the Wars of the Roses (Kingmaker-plus) in the Vice Challencor's office - while carefully not inhaling the various substances being passed around.
-
Monday 17th September 2018 14:56 GMT Nick Kew
Re: Why...
(based in what was then said to be the longest corridor in Europe)
I suspect there are a lot of those.
I heard the claim made of Newnham College (Cambridge) when I had occasion to navigate it. I thought it a slightly dodgy claim: it worked by aggregating a lot of sections that wouldn't necessarily all be considered as a single corridor. Anyway, not a place I can imagine as a venue for what you describe, even if someone hadn't already outed you elsewhere :)
-
Tuesday 18th September 2018 11:11 GMT phuzz
Re: Why...
based in what was then said to be the longest corridor in Europe
I suspect there are a lot of those.
In much the same way that I know of at least two universities (Exeter and York), where a library was constructed without taking into account the weight of the books, and so the entire building is gently sliding downhill. I'm not sure if this is more than just a rumour at either though.
-
-
Monday 17th September 2018 18:53 GMT Anonymous Coward
This should have been an easy problem to solve
I cannot recall if it was possible to restrict access to sub-sets of members of a single VAXcluster
So you set up the system "login" script (whatever the VMS equivalent of /etc/profile is) to print out "this system is used for university payroll / administration, authorized users only" which would have been sufficient to stop this guy from trying to use it. Better yet, have it check against a list of users authorized for that payroll system and log off those who are not. I'm sure there's probably a way around that, but we're not trying to keep hackers out, we're just trying to make sure people don't accidentally do something they shouldn't.
-
-
Monday 17th September 2018 11:35 GMT Antron Argaiv
Re: Why...
When I was at uni (back when dinosaurs roamed the earth), the admin mainframe was in a subterranean fortress-like administration building and the student timeshare/batch mainframe was on the ground floor of the research center on the opposite side of campus.
They were, needless to say, completely separate operations and in no way connected. IIRC, the admin system was IBM, the student system was CDC.
// fortress-like, because it was the 70s and there was an unpopular war on
-
-
-
Monday 17th September 2018 10:32 GMT Clive Harris
At least it wasn't as bad as a place I worked at in the early 80's when one of the cleaners unplugged the PDP11 payroll computer half-way through its run, to plug in her vacuum cleaner. It took a couple of days to get that one sorted out. (There's a good reason why hospitals etc. have special sockets just for vacuum cleaners)
-
-
Monday 17th September 2018 11:29 GMT stiine
or in the case of a hospital
No longer allowing vaccuuming or buffing in the data center. hint, the bottom row of tapes on every rack were wiped by the buffer... it took about a month to discover this, and it was only discovered when the CE was in laaate at night performing maintenance when the janitor rolled the buffer onto the raised floor.
-
Monday 17th September 2018 12:11 GMT jcitron
Re: or in the case of a hospital
I had an issue with cleaners knocking a cable out of the back of one of the VAXs that connected to an LP27. I would come in on my shift and find the jobs stuck in the queue, and while troubleshooting the problem, before calling DEC for service, I found the loose cable. The problem was I wasn't around when the cleaners were there most of the time, and then one day we crossed paths and the problem was solved.
-
Monday 17th September 2018 18:00 GMT Anonymous Coward
Re: or in the case of a hospital
I worked at a place that had wonky mains. Turning on the floor buffer caused the lights to dim. They turned on 3 IBM servers and they had weird issues. first time they did not come on. To much current draw . Week latter they caused so much issues when the disk spun up they called IBM and demanded IBM came out and saw that they did not have a PDU cabinet that they fixed it. They told them that a proper licensed sparky would needed to fix the issue . Oh and your warranty is voided .
-
-
-
Monday 17th September 2018 10:33 GMT Sixtysix
Makes my errors look amateur...
Worst was realising at around midnight that my first application test run of my pride and joy - selecting jurors from electoral roll - had a fundamental flaw... and would keep selecting jurors forever as the test (have I reached EOF and do I have 20 jurors) was too specific. I leave that exercise...
Jumped in my car, drove 40 miles to office, pounded on random windows for 20 minutes until someone heard... and was told by the scary night shift operator that she'd assumed I'd made a balls up after it asked for the tape the third time and had killed it, and that she'd "deal with you in the morning".
Phew... sort of.
-
Monday 17th September 2018 11:35 GMT stiine
when I was running things in the 80's
We never let student or faculty jobs run at the same priority level as the SIS (student information system) or Accounting jobs. There were users in the physics department who's jobs would run for over a week because they ran at such a low priority that any (i hesitate to say 'real job') (ah!) university critical job, like payroll, grades, etc. always ran with a higher priority. That being said, from about 11:30 pm until 7:45 am, the physics department could keep all of the processors at 100% for weeks at a time.
-
Monday 17th September 2018 12:59 GMT Rich 11
Re: when I was running things in the 80's
That being said, from about 11:30 pm until 7:45 am, the physics department could keep all of the processors at 100% for weeks at a time.
They told you they were running fission/fusion simulations, but in reality they were rolling in from the bar and playing Trek all night.
-
-
Monday 17th September 2018 11:47 GMT Anonymous Coward
I didn't but my collegue did.
Some manual SQL interventions needed to payroll as lots of timesheet data was missing due to a related technical mishap, and change of legal entities doing the paying...
After payroll day was told, 2 people did not get paid at all. Colleague said, "Only two didn't get paid? That's not an issue." I did suggest he may have a change of attitude if he was one of the two...
-
Monday 17th September 2018 17:25 GMT John Brown (no body)
Re: I didn't but my collegue did.
"After payroll day was told, 2 people did not get paid at all. Colleague said, "Only two didn't get paid? That's not an issue." I did suggest he may have a change of attitude if he was one of the two..."
LOL, upvoted, but in his defence, he probably meant that dealing manually with only two payroll failures isn't an issue the way 20-30 or more would be.
-
-
Monday 17th September 2018 12:13 GMT Anonymous Coward
"Snoopy characters"
I've groaned. I know there are parts of the world where Peanuts is thought to be about a dog called Snoopy with some kids as supporting characters - but still. Charles Schulz would be rolling in his grave if he hadn't always had healthy distance towards his work and fame.
-
-
-
-
-
Tuesday 18th September 2018 14:00 GMT Robert Carnegie
Re: "Snoopy characters"
The star - or the would-be star - is the show's unique selling point, so you name it after them, and not a snappy title that the audience is still less likely to remember. In some cases, "The Name Of Leading Performer Show" also has a different setting and even cast each week, aside from that one constant element. "Hancock's Half Hour" for instance didn't particularly start like that but ended up that way.
It's also a case where the star plays a character with the same name, which could confuse a stupid person and worries me - although with "Hancock", the show tended to be about what the cast of the show got up to when they weren't performing the show... except that that was, in fact, the show. Even more confusing. But it did make sense for Mr Tony Hancock to appear as Mr Tony Hancock.
-
-
-
-
Monday 17th September 2018 13:53 GMT Anonymous Coward
Little Mouse Re: "Snoopy characters"
> Some ensemble or supporting characters sometimes just stand out and become the star, regardless of the creator's intentions:
True but you don't normally see people referring to "MASH" as "Hawkeye" or to "Happy Days" as "Fonzie", the equivalent of which ("Snoopy characters" rather than "Peanuts characters") happened in this article.
-
Monday 17th September 2018 15:26 GMT imanidiot
Re: Little Mouse "Snoopy characters"
On the other hand, peanuts wasn't really a thing in a lot of countries. Snoopy is however the most iconic of the Peanuts "cast" and thus for international readers Snoopy characters might be more recognizable than Peanuts characters. I don't think I've ever even seen a full Peanuts cartoon for instance.
-
-