The Bastard goes email snooping

Easy if you try


Episode 12 BOFH 2002: Episode 12

"But how do we

KNOW

that they're not reading our email?" a geeky type from payments asks The Boss over an evening beverage at the company bar.

"Because the software doesn't let them" The Boss replies, dipping a tentative toe in technology for a second.

"Yes, but how do we know that they don't change that software to allow them to do it anyway?" he persists.

"Numbers," The PFY chips in sagely.

"Numbers?"

"Yes. There's what, 600 people working here - all getting email from people all over the country and the world. To look at their email, we'd have to go through each and every mailbox checking all their messages. We just wouldn't have the time to do it!"

"Yes, but you could if you only wanted to read ONE person's mail."

"Well I suppose we COULD, but we'd have to have some sort of reason. You know, something that would make us wonder what a person is hiding..."

"Right, yes, OK! Well I suppose that covers it! Drinks anyone?" he responds hastily.

***MENTAL NOTE TAKEN***

... The next day dawns, and even The Boss is showing an interest - wanting to know if the person in question has a skeleton or two in the closet...

"..and what you're looking for is files which look like they should be there, but really are out of place. Like.... THAT ONE!" The PFY explains, pointing at a folder on the screen.

"PAYSHD.ZIP! Won't that be a Pay.... Schedule file or something? Hardly worth looking into.."

"That's just what he wants you to think..," The PFY murmurs disparagingly. "But your average beancounter doesn't even know his trouser zip exists, let alone Winzip. No, this is progress! 20 megs of premo smut I'd wager!"

"You don't know that!"

"Know it - no. But after a while you get a nose for these things. That baby is just out of place. But don't take my word for it >clickety< >click<. Ah-HAH!"

"What? It's just an encrypted zip file?"

"Yes indeed, and encrypted file, full of smut!"

"It could be ANYTHING!"

"Yes, you're right. Our user has an encrypted ZIP file, which contains an encrypted zip file - and there's nothing suspicious about that..."

"He might just be being cautious."

"Oh, I think you're right there. But lets just see. First, unencrypt the contents >clickety< using his >clickety< NT password."

"I thought passwords were stored encrypted!!!"

"Normally, yes, but for our users, no,"

"Why not?!?"

"It'd make their using their email harder for a start."

"You login to their accounts and read their email!!!?!?!"
.
"Of course not!"

"Oh!"

"No, we use the ADMIN tool to read their email - it's much faster."

"So how having their password it make email reading easier?"

"Oh, well, we can login as them and SEND email - you know, to get more email to read. For instance, I might send one from you to that woman from personnel you were chatting up last week - suggesting a quick candlelight dinner somewhere."

"YOU SENT EMAIL FROM MY... What did she say?"

"No no, I was just using it as an example."

"Oh."

"Mind you, I wouldn't develop a nervous twitch in your eye when you're talking to that big bloke from stores as he's definitely... not interested."

"!" he half gasps.-0

"Sorry about that, just testing the interface."

"But my email is electronically signed with that key you got for me!"

"Indeed it is, but THAT key in turn is signed by an authority just a whisker away from being what's known as a 'trusted' authority."

"A whisker?"

"Well.. more like a beard."

"Which company was that then?"

"Trusty Amal's Key Registry Services. Two quid for a 64-bit key issued for 50 years!"

"Isn't 64 thingies a little bit.. insecure?" The Boss asks remembering something from technology nursery school.

"In the banking world, yes, but for your correspondence, no."

"Why not?"

"Well it's a risk reduction thing."

"How does it reduce risk?"

"You don't have to take the risk that someone will torture it out of you some day. Sort of a proactive escrow."

"So you were thinking of me the whole time?"

"Of course."

The Boss decides to cut his losses here and move on.

"So why are we continuing looking through this user's files if we've found something?"

"Well, it was too easy. And when you're a sad beancounter type, you're sort of expected to spice up your life with a couple of pictures of Barbara Cartland taking on a midget wrestler or two. No, this guy's really hiding something.."

"Like what?"

"Oh something that he doesn't want anyone to know about. Cutting Edge Porn, Dirty Stories, A Train Spotter mailing list!"

"Isn't that illegal?!"

"I don't know about the first two, but I'm fairly sure the last one is, and we should be able to find out.... >clickety< veerrrry shortly, as he's used the same password twice."

"What is it?" The Boss gasps.

"It's a pay Schedule file - amounts, people, etc. What a bust."

"So what was he hiding?"

"Well there are several different train timetables in his inbox.." I murmur.

"I'll call the cops!" The PFY says.

Two hours later the police have left, after being most unhelpful. Of course they questioned the bloke concerned, but with the liberal laws these days, people can get away with trainspotting without charge. Personally, I blame the government.

Still, The PFY and I while away the intervening hours thinking up ways to cement The Boss's relationship with that bloke in stores, while the bloke concerned (after the first message anyway) whiles away the hours thinking up ways to cement The Boss in stores.

It's a funny old world. ®


Other stories you might like

  • Despite global uncertainty, $500m hit doesn't rattle Nvidia execs
    CEO acknowledges impact of war, pandemic but says fundamentals ‘are really good’

    Nvidia is expecting a $500 million hit to its global datacenter and consumer business in the second quarter due to COVID lockdowns in China and Russia's invasion of Ukraine. Despite those and other macroeconomic concerns, executives are still optimistic about future prospects.

    "The full impact and duration of the war in Ukraine and COVID lockdowns in China is difficult to predict. However, the impact of our technology and our market opportunities remain unchanged," said Jensen Huang, Nvidia's CEO and co-founder, during the company's first-quarter earnings call.

    Those two statements might sound a little contradictory, including to some investors, particularly following the stock selloff yesterday after concerns over Russia and China prompted Nvidia to issue lower-than-expected guidance for second-quarter revenue.

    Continue reading
  • Another AI supercomputer from HPE: Champollion lands in France
    That's the second in a week following similar system in Munich also aimed at researchers

    HPE is lifting the lid on a new AI supercomputer – the second this week – aimed at building and training larger machine learning models to underpin research.

    Based at HPE's Center of Excellence in Grenoble, France, the new supercomputer is to be named Champollion after the French scholar who made advances in deciphering Egyptian hieroglyphs in the 19th century. It was built in partnership with Nvidia using AMD-based Apollo computer nodes fitted with Nvidia's A100 GPUs.

    Champollion brings together HPC and purpose-built AI technologies to train machine learning models at scale and unlock results faster, HPE said. HPE already provides HPC and AI resources from its Grenoble facilities for customers, and the broader research community to access, and said it plans to provide access to Champollion for scientists and engineers globally to accelerate testing of their AI models and research.

    Continue reading
  • Workday nearly doubles losses as waves of deals pushed back
    Figures disappoint analysts as SaaSy HR and finance application vendor navigates economic uncertainty

    HR and finance application vendor Workday's CEO, Aneel Bhusri, confirmed deal wins expected for the three-month period ending April 30 were being pushed back until later in 2022.

    The SaaS company boss was speaking as Workday recorded an operating loss of $72.8 million in its first quarter [PDF] of fiscal '23, nearly double the $38.3 million loss recorded for the same period a year earlier. Workday also saw revenue increase to $1.43 billion in the period, up 22 percent year-on-year.

    However, the company increased its revenue guidance for the full financial year. It said revenues would be between $5.537 billion and $5.557 billion, an increase of 22 percent on earlier estimates.

    Continue reading

Biting the hand that feeds IT © 1998–2022