Don't Forget To Lock Your Computer

At my previous job we used to send out e-mails from unlocked PCs in huge pink letters saying stuff like george michael fan number one and such.
Until it got old, and then I introduced the un-goating. This is when you don’t do anything but warn the person (before they go back to the computer) as if you did. Then laugh as they rush to their place…

In college we were less prudent, often adding hard core pr0n sites to each other’s bookmarks (hotmale.com was a favourite)…

GoatSing, not that’s a whole different story :smiley:

Personally I remain a big fan of sending an email to the rest of the team offering to bring pastries the following morning. :wink:

Works like wonder

Here’s a really annoying prank to play that takes no time at all to do.

Just press ALT+SHIFT in any (windows) application that the person will be typing in and it will change the keyboard layout.

It only persists until they restart the application, or you press ALT+SHIFT again, but it will have them screaming at their keyboard for a while.

Because of the way I use the keyboard I used to do this to myself all the time. Had me scratching my head every time until I worked out how I was triggering it.

I’m a technician working in pharmaceuticals. Corporate policy is that we lock our computers when stepping away, even for a moment. (Not that my department deals with anything private or sensitive, but still.)

We do this all the time. Mostly we use the corporate instant messaging client of the victim to send a potentially embarrassing message to someone else in the department. (‘i luv you man!’ is pretty common. Or proclaiming the greatness of a sports team the computer owner hates.)

There are a few (previously) unspoken rules:

  1. Never send anything outside the department.
  2. Never, ever, ever send anything to the boss. (Like ‘I quit’, for example.)
  3. The message should be pretty obviously not sent by the computer owner.
  4. The message recipient should always pick on, make fun of, and generally ridicule the computer owner / apparent sender.
  5. Don’t do anything permanent, non-obvious, or difficult to undo.

As you can imagine, our computer security is considerably better now than before we started doing this…

1 Like

All these years and I’ve been pressing ctrl+alt+numpad del.

Using win+l means I don’t have to move my arms as much now!

I hadn’t seen the Clippy parody. I wrote a macro which I’d add to the default document template at unoccupied workstations with similar behavior - he’d pop up at random intervals and say “This document is no good.” Very rarely, he’d bounce around the screen, pong style, and cycle through random animations (and there are lots of them). I think I was the only one who was sad when Clippy was removed from Office, as that prank was now worthless.

A co-worker at an old job pulled a great goating prank - he installed a windows service which allowed remote control (via browser) of the audio playback volume. His cube was in the same room as the victim, who loved to listen to techno on his headphones. The perpetrator would slowly tweak the volume louder, louder, REALLY LOUD… then when the victim lowered the volume, he’d keep making it quieter and quieter. He had fun with that for months - when the victim figured that out, he hacked the other guy’s website. It was the start of an entertaining, sort-of-friendly-ish war.

Another classic is to create a transparent icon and then set this as the default icon for all mouse cursors.

I had a friend at work go through about 3 mice declaring them all broke last time I did this :slight_smile:

I can’t believe how seriously some people seem to take themselves. At our office you will generally just end up with a my little pony wallpaper or a very sentimental email going out to your team.

Also, to the guy who said they don’t need to worry about it because their office building has a lock on the door and former employees wouldn’t have a key card to get in, good luck with that. Given your attitude about locking your computer, I’m guessing you aren’t that well trained on not letting someone into the building because they happen to be walking behind you when you use your key.

I wonder how many of the same people here complaining that this practice is childish and pointless were also replying to some of the earlier security posts suggesting that people use custom hash functions or saying that it’s OK to store passwords in plain-text because people shouldn’t have access to your database.

Here’s what I have to say to you folks:

  1. Every company has at least one nutbar, or will soon. If you’re positive that it’s not any of your coworkers, then it’s probably you.

  2. Every company has several people who will fall for a social engineering stunt, whether it’s technological in nature (phishing) or personal (cable repair!).

  3. A security breach isn’t just a bug that you can fix later. You don’t get a second chance.

  4. Locking someone’s computer for them solves the immediate problem, but not the long-term one. Typical rookie mistake. You want to discipline people to lock their workstations, and doing it for them accomplishes the exact opposite! Pranks aren’t perfect, but they’re a lot better than heavy-handed reprimands or summary dismissals.

  5. Locking your computer doesn’t “waste time”. I can’t believe the people whining about how they’re only gone for 30 seconds. Who cares? It takes a fraction of a second to lock it, and maybe 3 seconds to unlock it, if you happen to be the slowest typist on the planet.

  6. Lighten up already. Yes, it’s childish - and yes, it’s funny. If 5 wasted minutes can ruin your whole day, you need therapy. And quite frankly, the people who are most “uncomfortable” (i.e. who completely freak out) when pranked are usually the funniest to watch. Like Jeff’s coworker who sent out a mass e-mail about Clippy.

And as for Sarbanes-Oxley, that’s exactly why you don’t hire finance guys to run an IT department. If you’re a public company and you’re forced to follow those inane rules, fine, but otherwise, who cares?

1 Like

Isn’t setting up the type of enviornment where everyone giggles when someone sits down at a machine they’re not supposed to be at and uses it for a few minutes a bad thing? Are you really saying that smart security concious people will let me sit down at an unmanned machine at your business and install a program from the internet? It seems like most of you think that as long as it has a silly and easily removed side effect like clippy there wouldn’t by any further questioning then ‘how do they turn clippy off?’

I’ve become obsessive about locking my computer every time I walk away from it at work. When I was in college, a few people in the computer lab thought it was “hilarious” to replace your desktop wallpaper with hardcore porn if you left your computer unlocked.

When I was still in the dorms, I had a friend that kept loading his pc up with spyware from looking at porn. After about the 10th time cleaning it up I installed a lemonparty org type screensaver, put a password on it, and put a shortcut to it in his startup folder. He couldn’t use his computer for several days until I gave in and removed it all. It didn’t help, I still had to clean his spyware infestations on a regular basis.

This is totally wrong.

A quiet word to a co-worker is one thing. Using their computer while they are logged on is quite different. Bluntly it is unethical and a breach of trust. It is identity theft.

If you send an email “I’ve been naughty”, or change my desktop, how do I know that you haven’t sent or read other email, or read (even changed) documents you had no right to access?

Jeff

Just a question. Is it bad that I created a Bluescreen Screensaver just so I can give myself a little laugh when someone walks by my computer and thinks that it just bluescreened? BTW my before anyone asks how I can tell the difference I use a different font, size and a custom message (which no one actually reads).

I think the Password Lock is very stupid and silly, and mostly, fake. Its very easy to bypass it, just power off and power on the computer! If you want to get into the user, put a keylogger to get their password. And I am also pretty sure that Microsoft Windows definitely has a trick to bypass the “rundll32.exe user32.dll” command,

Really, any ‘software locks’ in my opinion are fake.

after browsing about Tengwar, I found an idea: handicap font
A font with shuffled alphabets or even foreign writing systems that take up Latin alphabets. Dingbats are pre-installed, but you can try the Tengwar font: Tengwar Fonts | FontSpace

If anyone is still looking for a good solution. The GateKeeper will automatically lock/unlock your station. If the user walks away, the computer will lock. If the user returns the computer will unlock. It authenticates based on user presence.

I guess this story belongs here…

As far as “goating” goes, I had one coworker loooong ago who got SUPER angry when I installed clippy.exe on his machine. Like almost physically fighting mad. So I don’t do that any more, nor do I recommend it, unless you are very good friends with the owner of the unlocked computer.

As @Abraham_Kim pointed out, there’s a bunch of cool new options to automatically lock & unlock your computer based on the nearby presence of a smart watch or smartphone:

I don’t personally do this, I Win+L reflexively instead.

1 Like