Just after lockdown, our boss sent an important message in our general chat, tagging everyone with @channel. While reading the message one of my cats jumped on my keyboard and managed to spam '+enter maybe fifty times to all 400+ currently reading the channel in a few seconds. Don't think Slack has any kind of rate limiting..? It was also impossible for me to delete the messages, as they jumped up and down when people started reacting, making me misclick loads of times. It was funny.
Each person in the mail list is convinced they need to send a reply to that mail informing everyone that the others should not reply to this email address, otherwise how would everyone know they're not supposed to reply to that email.
Changing the send action to Ctrl-Enter (or maybe it was Shift-Enter?) helps with this. It also helps prevent accidental yubikey posts and is good for when you need to write up multiline posts.
Reminds me of Molly guards. I would dearly love to track down who it originated from! Internet lore stops at referencing a programmer whose young daughter Molly kept pressing the on/off button. http://www.catb.org/jargon/html/M/molly-guard.html
> Reminds me of Molly guards. I would dearly love to track down who it originated from!
The following is from https://ws.engr.illinois.edu/sitemanager/getfile.asp?id=540 , [U of I] Department of Computer Science, Alumni News, Winter 2001, Vol 2 No 7, page 14. Judy Tolliver editor. The winning google search was "illinois.edu" molly guard ibm button.
Mollyguard? - Ed Krol explains
Ed Krol explains the origins of the word Mollyguard, which dates back to 1982, like this: “I was concerned with the Cyber [mainframe], and right behind the Cyberconsole was an IBM 4341—a nondescript, singularly unimpressive, desk-sized grey machine. The only thing about it was that on one side was a big red switch—kid-sized, about 2 inches wide. The switch was like the emergency OFF switch, and if you pulled it you actually had to call an IBM engineer to come in and reset it. There was some crisis on the Cyber, and I was babysitting that day, and so I took my daughter Molly in to work with me. I said, ‘You play with your trucks on the floor while I work,’ and she saw this amazing big red thing and gave it a yank and turned it off. You weren’t supposed to do that to those big machines at the time. Our computer center director then had little plexiglas flaps installed so that you had to lift the flap up before you could pull the switch. Charley [Kline] named them Mollyguards to protect them from Molly. It was a funny play on words, too, because molybdenum is a slippery element and there used to be a grease called Molygard.”
Krol, BS 73, is now assistant director of CCSO, and Kline, BS84, MS 86, who was a student hourly at the time, is now principal research programmer at CCSO. Molly Krol is a senior at Luther College in Iowa.
It was Kline who submitted the word Mollyguard to the Jargon File, a collection of computer slang from various technical cultures begun by Raphael Finkel at Stanford in 1975. Here is how it appears on this list, mirrored on many Web sites:
molly-guard /mol’ee-gard/ n.
[University of Illinois] A shield to prevent tripping of some Big Red Switch by clumsy or ignorant hands. Originally used for the plexiglass covers improvised for the BRS on an IBM 4341 after a programmer’s toddler daughter (named Molly) frobbed it twice in one day. Later generalized to covers over stop/reset switches on disk drives and networking equipment. In hardware catalogues, you’ll see the much less interesting description “guarded button.” n
At our workplace it is standard & strictly enforced (called out) policy to lock your screen before leaving your computer unattended. For me this has become an automatic action.
I think USSTRATCOM could benefit from the same policy.
We have the same policy, but I must confess to not follow it when working from home. On the other hand, I live alone and all entrances to my home are always locked.
On the third hand, having a very young child anywhere near my work computer unsupervised would be the stuff of nightmares..
Assuming it's a toddler, it's not at all a given that they were far enough away that it'd have made a difference. The keystrokes in that tweet are mostly clustered relatively close together in two groups - this looks like a kid got both hands on the keyboard and hammered a couple of times. Might well have e.g. just been lifted up on their parents lap for a moment, only for the parent to get e.g. distracted by a phone call.
That is the first thing I thought, if we are to trust this info then the issue that stands out is not that a toddler did it, it's why the hell wasn't it locked in the first place.
I worked in far less sentitive settings, but all these IP policies pretty much engrain this in my mind. Locking before moving away from my desk is muscle memory by now.
My local credit union uses a USB device (IR sensor?) that detects how close to the computer the user is, if they walk away the computer automatically locks.
Surprised those devices aren't in more widespread usage.
Yes, but this is human factors, isn't it? Logging out and back in has friction. It's natural that people will do it [EDIT will not log out or lock when needed]. We need a lower friction method to log off and in again, or to at least lock the computer for a few minutes.
For years, this was the case for me under penalty of termination. Now I always lock my screen although I work from home and nobody except me has physical access to my computer.
People might balk, but it's no joke how many actions a toddler can trigger on an unattended Macbook. They have a preternatural ability to drag, delete and find the text inputs.
My wife recently left the computer unattended and the chair unflipped for 30 seconds. I come into the room and see our almost-2yo daughter handling the keyboard and the mouse like a pro. Despite never doing anything with a computer before.
Toddlers are truly keen observers. You think they're just trying to smash a toy or eat their picture book, but they're constantly watching everything. In the recent months I had a whole lot of stories that follow the pattern of "how in hell did you know these items belong together?!". There are moments when I wonder if toddlers have a secret worldwide community, and communicate with each other while parents are asleep...
(Also our cat learned to use our daughter as a distraction sometimes, making her noisy so that we vacate the kitchen, while it runs in to snatch our dinner...)
Beware of young children... and facetious colleagues. Have been the victim and perpetrator a few times. My favorite was to change the screen saver to a BSOD screenshot and watch the reaction of the colleague when he walks back to his desk.
It's funny how serious twitter and facebook has become even for governments. In my location, highest order politicians use it as a channel to provide important declarations/news and the media cites those in serious tone. Shouldn't governments use their own web sites and services for all official communication?
> Turns out their Twitter manager left his computer unattended, resulting in his "very young child" commandeering the keyboard.
Ignorance of the law does not excuse one from its consequences. For such a serious violation of 18 U.S.C. § 1030 I fully expect the child to be put in solitary confinement for the entire duration of nap time.
This actually highlights one of my griefs with the twitter webclient: hotkeys without modifiers keys. E.g. on twitter.com, "n" opens the popup to create a new tweet. I'm not sure if there are valid accessibility reasons for this (in this case, all is fine), but at least I found this behaviour more annoying than useful.
It is not due to accessibility as far as I know. It might be useful for people with bad hand mobility, but it is annoying for screen reader users, because SR-s have different input modes and this works in only one of them.
But joking aside, I doubt this was an actual password. Too many repeating characters and characters grouped close together. Like "ssaw" and that ";l;;". And no uppercase as some people have mentioned. Who mandates special characters but not uppercase or numbers? I've never seen a password policy doing that. Usually numbers and uppercase come first before specials are considered, due to regional keyboard differences that make special characters hard to find. Really sounds much more like a toddler at work to me like they say.
And really, this is twitter. Not a serious government system. Even if it was a password, people sending tweets tend not to be the ones pushing red buttons. Obligatory XKCD: https://xkcd.com/932/
Legally they have to reply in 20 days, though that's not exactly well enforced. One day is still quick, they were likely looking for a good outlet to announce what happened.
In this case, they sent a "press statement" response instead of a "FOIA response". The FOIA response would have been just the "there are no written records" part plus the boilerplate.
They realized that this is a press story about to blow up, and that if they don't make a statement the press will just write "USSTRATCOM TWEET RAISES HACKING FEARS. WERE WE ONE KEYSTROKE AWAY FROM GLOBAL THERMONUCLEAR WAR?" with a "We contacted USSTRATCOM but did not receive a response [in the 3 minutes between asking and posting]" so they made a statement.
The lack of a number or upper case letter means that it'd basically need to be an internal password, meaning US Strategic Command has some terrible security. I wish that made me think it was unlikely.
[+] [-] matsemann|5 years ago|reply
https://i.imgur.com/Sznqb4t.jpg
[+] [-] dmingod666|5 years ago|reply
"Please don't reply to [email protected] it goes to everyone"
Each person in the mail list is convinced they need to send a reply to that mail informing everyone that the others should not reply to this email address, otherwise how would everyone know they're not supposed to reply to that email.
[+] [-] gnrlst|5 years ago|reply
[+] [-] jrootabega|5 years ago|reply
Just saying in case anyone wasn't already aware.
[+] [-] kebman|5 years ago|reply
[+] [-] foobarian|5 years ago|reply
[+] [-] mncharity|5 years ago|reply
The following is from https://ws.engr.illinois.edu/sitemanager/getfile.asp?id=540 , [U of I] Department of Computer Science, Alumni News, Winter 2001, Vol 2 No 7, page 14. Judy Tolliver editor. The winning google search was "illinois.edu" molly guard ibm button.
Mollyguard? - Ed Krol explains
Ed Krol explains the origins of the word Mollyguard, which dates back to 1982, like this: “I was concerned with the Cyber [mainframe], and right behind the Cyberconsole was an IBM 4341—a nondescript, singularly unimpressive, desk-sized grey machine. The only thing about it was that on one side was a big red switch—kid-sized, about 2 inches wide. The switch was like the emergency OFF switch, and if you pulled it you actually had to call an IBM engineer to come in and reset it. There was some crisis on the Cyber, and I was babysitting that day, and so I took my daughter Molly in to work with me. I said, ‘You play with your trucks on the floor while I work,’ and she saw this amazing big red thing and gave it a yank and turned it off. You weren’t supposed to do that to those big machines at the time. Our computer center director then had little plexiglas flaps installed so that you had to lift the flap up before you could pull the switch. Charley [Kline] named them Mollyguards to protect them from Molly. It was a funny play on words, too, because molybdenum is a slippery element and there used to be a grease called Molygard.”
Krol, BS 73, is now assistant director of CCSO, and Kline, BS84, MS 86, who was a student hourly at the time, is now principal research programmer at CCSO. Molly Krol is a senior at Luther College in Iowa.
It was Kline who submitted the word Mollyguard to the Jargon File, a collection of computer slang from various technical cultures begun by Raphael Finkel at Stanford in 1975. Here is how it appears on this list, mirrored on many Web sites:
molly-guard /mol’ee-gard/ n.
[University of Illinois] A shield to prevent tripping of some Big Red Switch by clumsy or ignorant hands. Originally used for the plexiglass covers improvised for the BRS on an IBM 4341 after a programmer’s toddler daughter (named Molly) frobbed it twice in one day. Later generalized to covers over stop/reset switches on disk drives and networking equipment. In hardware catalogues, you’ll see the much less interesting description “guarded button.” n
[+] [-] nullserver|5 years ago|reply
Apparently large bright red button and 3 year olds don’t mix.
Much fun was not had.
[+] [-] karlerss|5 years ago|reply
I think USSTRATCOM could benefit from the same policy.
[+] [-] eCa|5 years ago|reply
On the third hand, having a very young child anywhere near my work computer unsupervised would be the stuff of nightmares..
[+] [-] vidarh|5 years ago|reply
[+] [-] DoingIsLearning|5 years ago|reply
I worked in far less sentitive settings, but all these IP policies pretty much engrain this in my mind. Locking before moving away from my desk is muscle memory by now.
[+] [-] eldelshell|5 years ago|reply
[+] [-] DoubleGlazing|5 years ago|reply
Surprised those devices aren't in more widespread usage.
[+] [-] DanBC|5 years ago|reply
[+] [-] aspaceman|5 years ago|reply
Then I had an ex-girlfriend get quite upset with me for always locking my computers when I was away from them.
[+] [-] 29athrowaway|5 years ago|reply
[+] [-] chasd00|5 years ago|reply
[+] [-] dmingod666|5 years ago|reply
See it all the time on public transport ;)
[+] [-] gorpomon|5 years ago|reply
[+] [-] TeMPOraL|5 years ago|reply
Toddlers are truly keen observers. You think they're just trying to smash a toy or eat their picture book, but they're constantly watching everything. In the recent months I had a whole lot of stories that follow the pattern of "how in hell did you know these items belong together?!". There are moments when I wonder if toddlers have a secret worldwide community, and communicate with each other while parents are asleep...
(Also our cat learned to use our daughter as a distraction sometimes, making her noisy so that we vacate the kitchen, while it runs in to snatch our dinner...)
[+] [-] cm2187|5 years ago|reply
[+] [-] christophilus|5 years ago|reply
[+] [-] DoubleGlazing|5 years ago|reply
[+] [-] sto_hristo|5 years ago|reply
[+] [-] kube-system|5 years ago|reply
This is just the 21st century version of governments communicating via newspaper, radio, and television.
[+] [-] rvz|5 years ago|reply
Yes they should. Much more official than a 'Twitter account'.
[+] [-] koolba|5 years ago|reply
Ignorance of the law does not excuse one from its consequences. For such a serious violation of 18 U.S.C. § 1030 I fully expect the child to be put in solitary confinement for the entire duration of nap time.
[+] [-] temp8964|5 years ago|reply
[+] [-] flohofwoe|5 years ago|reply
[+] [-] gostsamo|5 years ago|reply
[+] [-] christophilus|5 years ago|reply
[+] [-] qPM9l3XJrF|5 years ago|reply
[+] [-] globular-toast|5 years ago|reply
[deleted]
[+] [-] 0x008|5 years ago|reply
[+] [-] globular-toast|5 years ago|reply
[+] [-] jaywalk|5 years ago|reply
[+] [-] GekkePrutser|5 years ago|reply
But joking aside, I doubt this was an actual password. Too many repeating characters and characters grouped close together. Like "ssaw" and that ";l;;". And no uppercase as some people have mentioned. Who mandates special characters but not uppercase or numbers? I've never seen a password policy doing that. Usually numbers and uppercase come first before specials are considered, due to regional keyboard differences that make special characters hard to find. Really sounds much more like a toddler at work to me like they say.
And really, this is twitter. Not a serious government system. Even if it was a password, people sending tweets tend not to be the ones pushing red buttons. Obligatory XKCD: https://xkcd.com/932/
[+] [-] everly|5 years ago|reply
[+] [-] Spooky23|5 years ago|reply
If it’s a request without privilege risk, workloads aren’t crazy and the requestor writes them well, same day service happens.
Writing these things is like a grant, there’s an art.
[+] [-] boomboomsubban|5 years ago|reply
[+] [-] tgsovlerkhgsel|5 years ago|reply
They realized that this is a press story about to blow up, and that if they don't make a statement the press will just write "USSTRATCOM TWEET RAISES HACKING FEARS. WERE WE ONE KEYSTROKE AWAY FROM GLOBAL THERMONUCLEAR WAR?" with a "We contacted USSTRATCOM but did not receive a response [in the 3 minutes between asking and posting]" so they made a statement.
[+] [-] danso|5 years ago|reply
Response in scribd PDF form: https://www.scribd.com/document/500831873/FOIA-U-S-Strategic...
[+] [-] EdwardDiego|5 years ago|reply
[+] [-] mindwok|5 years ago|reply
[+] [-] ultrasuperstar|5 years ago|reply
[+] [-] boomboomsubban|5 years ago|reply
[+] [-] mabbo|5 years ago|reply
[+] [-] nullserver|5 years ago|reply
[+] [-] justin66|5 years ago|reply