I don’t know about you, but running into an unlocked workstation in the office is like finding a voucher for a free airline ticket and hotel stay at Vegas complete with gambling money. In other words, pure fun. (Ok, perhaps I overstated that a bit. I’d much prefer the free stay in Vegas. Anyone? Anyone?)
There are any number of interesting pranks you can pull, but my favorite continues to be to take a screenshot of the user’s desktop, and then move all desktop shortcuts into a backup folder. Also make sure to hide all the taskbars. Then find a decent inconspicuous vantage point and watch as the unsuspecting user flounders with an unresponsive desktop. That’s usually good for a few laughs.
Alternatives include replacing desktop background with embarassing images and changing all the sounds in the systems to embarassing sounds, or simply to sounds for other system functions. The last one is quite subtle, but can be quite confusing as it shows how reliant we can become on sound to navigate a computer.
In this installment, he highlights a fine piece of USB hardware, a wireless pc lock, used to automatically lock your machine when you are away. The hardware unfortunately comes with some lame software, so he proceeds to build improved software that can not only lock your machine when you’re away, but set your IM status to away (along with other functions and an extensibility model). That’s pretty sweet and all, but if this catches on, finding unlocked workstations could be a thing of the past (unless you happen to wander into the business or marketing department, the source of all email viruses in any company).
Well, I guess there’ll always the prank of stealing the USB dongle.
I am a little ignorant about how USB works, but one security question this raises is what happens if you walk away, and I put an intermediate USB device between the dongle and the computer, and record the data going back and forth. When the user returns, he or she is quite unlikely to notice if the dongle is in the back of the computer (think corporate workstation). How will this device and software protect against that?