I’m a security-minded guy, that probably comes as no surprise. Other people – not always so much and as a result you inevitably see a lot of unattended, unlocked Windows desktops around the place. Naturally the responsible thing to do when seeing such risky behavior is to help the victi.. uh, I mean “individual” understand the risky nature of such behavior.
Having recently observed such a situation I thought I’d reach out and ask for some guidance on how one might deal with it:
It turns out that my followers are devious misfits who had some truly insightful suggestions. Here are some of the best:Non-damaging humor
This will cause minor frustration to the amusement of observers around this. There’s no destruction and a minimal loss of productivity followed by a mild degree of sheepishness.
- Take a screen shot of the desktop, set it as the wallpaper then hide the taskbar and all the icons and see how many times they reboot to try and fix it
- Change the wallpaper to a Blue Screen of Death image and hide the icons; again, count how many reboots it takes to figure it out
- Add a very subtle image to the wallpaper (i.e. a small animal somewhere) then continue to add more on subsequent unlocked occasions
- Complete wallpaper change – not subtle but sometimes appropriate (depending on content)
- Invert the entire desktop (look for options in the video drivers)
- Combine the previous point with the first one (rotated screen but rotated wallpaper image as well so everything looks upright whilst actually being upside down)
- Switch the mouse from being right-handed to left-handed
- Perform some goating
- Write yourself an email from their PC on a random topic then reply tomorrow and leave them wondering what they were thinking the day before
- Leave an embarrassing message in their Facebook status box but don’t submit, just let them ponder the consequences…
- Change the mouse “pointer” icon to the “busy” icon
- Leave inappropriate pages open in tabs that aren’t in the forefront and wait for them to switch over to them
- Remap the space bar to type “SPACE” every time it’s hit
- Leave some very officially titled documents on the desktop with “creative” contents
- Set the screen saver to lock after one minute of inactivity
This will either seriously mess with productivity, take extra effort to track down the source or extend the scope of the victim’s security laziness to other people. It might not be destructive but it’ll blow time and fire up those with a short fuse.
- Change the machine language to Turkish (only really effective when the target individual is not Turkish!) and see how hard it is to change back
- Write a background process to randomly lock the machine throughout the day
- Install a custom theme – this one came highly recommended plus there’s always computerunlocked.com
- Change the screen saver to The Blue Screen of Death (yes, that’s a real screen saver) and see how many reboots you get out of it
- Change the keyboard layout from QWERTY to Dvorak
- Install this amusing version of Clippy
- Send an email to the team with an offer of free cake or to buy lunch (or other offers of an inappropriate nature)
- Customize the sounds for common events (choose the level of inappropriateness of the sounds)
- If the email client supports delayed delivery, write up something to be sent to a large group when you know they’ll be back at their desk
- Send out meeting invites at inconvenient times and with creative titles
- Change Microsoft Word auto-corrects, substitute them with foreign language equivalents for extra creativity
- Open the user’s Facebook and surreptitiously change their birthday to tomorrow
- Configure the scheduler to randomly launch various apps or open documents at different times (be creative!)
- Change the path of various shortcuts to point to other apps
- Reverse the buttons on the mouse
- Write a “creative” out of office message and turn it on
The title says it all – significant impact on data or career prospects! Only to be used in times of absolute necessity.
- fdisk – say no more
- Create a command file to shut down the machine on boot
- Send a resignation email to the boss
- Install Windows Vista
- LOIC (no really, don’t do this!)
There were some goodies here that’ll work even when the target has done the right thing and locked the machine, let’s not have them go to waste.
- Switch keyboard and mouse between two co-located machines so that each person is controlling the other’s PC (works best when they both arrive back at the same time)
- Add an additional mouse or keyboard that you control then give it small adjustments while they’re working
- Leave a Linux Live CD in the drive which will boot them into a foreign OS when the machine is next turned on
- Tape over the sensor on a laser mouse
C’mon, this is far from exhaustive! Comments below.