Yet another, the more you know.
Some stories I will never tell. But, I think this one is ok:
IT (Information Technology) departments have an awesome responsibility to make sure the commercial software they are in charge of does not get abused at least in terms of software piracy (illegally copied). Sometimes it can go too far. Let me say that I did work in IT for more than ten years and it is really hard for me to tell this story. Since I have been on both sides of the fence so to speak.
One semester, I had to teach a class where I was unfamiliar with the software applications to be used in the class I was supposed to teach. I asked the head of the department whether I could get a copy to use at home. She said it would be alright, but just get the IT lab people to do it for me. So far so good. I went to the IT people and asked them for the software. For what ever reason, they would or could not get it for me. I asked if I could get it myself and they said no and that it was so secured that I could not get at it anyway. Time was at a premium and the classes were going to start within days. I did not want to go back to my boss who was already so busy that she did not need any minor issues.
Telling me that I could not get to the software was like waving a red flag in front of a bull. I was determined not to let anything get in the way for me to have the software. Back then, computer programs or software was all in one directory for MS/PC-DOS (disk operating systems). So basically the only issue I had was getting to where the software was on the standalone system. I went over to the campus where I was to teach and surveyed when the computer room would not be used so as to have a good time to get the software I needed.
Back then most IT people prided them self on using very complicated software to be able to use computers. They underestimated what can be done by someone who knows how to use simpler software to do more complex tasks. So the IT team hid all the more complicated software so nothing important could be done on the computer or so they thought. But they left a program called gwbasic.exe generally re-guarded as simpler software where it could be easily seen. I knew this because I looked around the system to see what was available.
Since computer systems organize storage systems into directories it should be easy to find the software I needed. Well the IT people being as smart as they were named the directories with what is known as unprintable characters. So that a user could not easily see what the name of a directory was and therefore could not enter the directory. Sometimes those directories were known as hidden. To get to the directories you have to use what was known as batch files. Batch files were just a set of computer instructions that ran automatically to let users run the software they needed without having to worry about getting into directories.
With a trick I know I was able to stop the batch files with the commands that ran automatically. I then went and ran the gwbasic.exe so I could put in a set of instructions that would read in the batch files with the hidden names and then extract the names of the hidden directories so I could get access at the software I needed. Pretty cool. I had hacked into their system. Since I had prior permission to use and get the software, there were no issues. But I did sort of feel like it was not such a right thing to do even though it was ok. Anyway I was able to get into the directories to get to the software I needed. I then backed up the software to multiple floppies to take home for use on my own system. (I did buy the software as soon as I could).
Now, I had the software I needed and had installed it on my own system where i could develop my lesson plans and lectures. The class was able to go on. I still was a bit upset at having to do that. The IT people should have helped me do my job. In any case, my knowledge about that computer system gave me the power to do what was needed to be done and take care of the students who were our customers. I do not advocate doing what I did, but back then things were a lot simpler. If I had to do it all over again. I would have gone back to my boss to have her resolve the issue.
Later on I did leave a file that the IT people would know was not supposed to be there. In the file I left them a message that their system that was impossible to break, had been compromised. Knowledge is power when it is used to solve problems in the right way. The next time I saw my boss, I think she knew what happened because she just smiled. One last thought, never underestimate the knowledge of your opponent.
IT (Information Technology) departments have an awesome responsibility to make sure the commercial software they are in charge of does not get abused at least in terms of software piracy (illegally copied). Sometimes it can go too far. Let me say that I did work in IT for more than ten years and it is really hard for me to tell this story. Since I have been on both sides of the fence so to speak.
One semester, I had to teach a class where I was unfamiliar with the software applications to be used in the class I was supposed to teach. I asked the head of the department whether I could get a copy to use at home. She said it would be alright, but just get the IT lab people to do it for me. So far so good. I went to the IT people and asked them for the software. For what ever reason, they would or could not get it for me. I asked if I could get it myself and they said no and that it was so secured that I could not get at it anyway. Time was at a premium and the classes were going to start within days. I did not want to go back to my boss who was already so busy that she did not need any minor issues.
Telling me that I could not get to the software was like waving a red flag in front of a bull. I was determined not to let anything get in the way for me to have the software. Back then, computer programs or software was all in one directory for MS/PC-DOS (disk operating systems). So basically the only issue I had was getting to where the software was on the standalone system. I went over to the campus where I was to teach and surveyed when the computer room would not be used so as to have a good time to get the software I needed.
Back then most IT people prided them self on using very complicated software to be able to use computers. They underestimated what can be done by someone who knows how to use simpler software to do more complex tasks. So the IT team hid all the more complicated software so nothing important could be done on the computer or so they thought. But they left a program called gwbasic.exe generally re-guarded as simpler software where it could be easily seen. I knew this because I looked around the system to see what was available.
Since computer systems organize storage systems into directories it should be easy to find the software I needed. Well the IT people being as smart as they were named the directories with what is known as unprintable characters. So that a user could not easily see what the name of a directory was and therefore could not enter the directory. Sometimes those directories were known as hidden. To get to the directories you have to use what was known as batch files. Batch files were just a set of computer instructions that ran automatically to let users run the software they needed without having to worry about getting into directories.
With a trick I know I was able to stop the batch files with the commands that ran automatically. I then went and ran the gwbasic.exe so I could put in a set of instructions that would read in the batch files with the hidden names and then extract the names of the hidden directories so I could get access at the software I needed. Pretty cool. I had hacked into their system. Since I had prior permission to use and get the software, there were no issues. But I did sort of feel like it was not such a right thing to do even though it was ok. Anyway I was able to get into the directories to get to the software I needed. I then backed up the software to multiple floppies to take home for use on my own system. (I did buy the software as soon as I could).
Now, I had the software I needed and had installed it on my own system where i could develop my lesson plans and lectures. The class was able to go on. I still was a bit upset at having to do that. The IT people should have helped me do my job. In any case, my knowledge about that computer system gave me the power to do what was needed to be done and take care of the students who were our customers. I do not advocate doing what I did, but back then things were a lot simpler. If I had to do it all over again. I would have gone back to my boss to have her resolve the issue.
Later on I did leave a file that the IT people would know was not supposed to be there. In the file I left them a message that their system that was impossible to break, had been compromised. Knowledge is power when it is used to solve problems in the right way. The next time I saw my boss, I think she knew what happened because she just smiled. One last thought, never underestimate the knowledge of your opponent.
Comments
Post a Comment