The April Fools joke that might have got me fired

In high school, we had a Netware 3.12 environment, and the Guest account was enabled, albeit with very limited privileges. But for some reason, Guest could still use NET SEND, which popped up a little message in the bottom row of the destination machine's display.

The whole district shared a T1 connection to the internet. Which was more than plenty for email, but as this world-wide-web thing started gaining traction, it became quite the bottleneck. And as some of us had discovered mp3 files, the slowness simply would not do.

One day there was some severe weather and a power hiccup during school hours, and every station got a message from ADMIN informing us that the server room was running on UPS power and we should save our files and log out immediately.

Hmmmm.

A few weeks later, one of the bright sparks in the technology program realized that having everyone log off would free up some bandwidth. So he logged onto the next machine over as GUEST, and used a NET SEND ALL "SERVER ROOM POWER FAILURE - 11 MIN OF BATTERY REMAIN - SAVE FILES AND LOG OFF" and sure enough, within about a minute, the whole T1 was his. Did what he needed to do (i.e. leeching an entire fserv) for about 8 minutes, then NET SEND ALL "POWER RESTORED - RESUME YOUR WORK".

A few weeks later some hot commodity had just dropped and he repeated the drill. It still worked.

Nobody noticed that these messages came from GUEST, even the district administrator, who eventually called an electrical contractor to figure out why the power in the server room was so flaky. Someone eventually pointed it out to him, which got a very red-faced "that's really clever but please knock it off", and no further punishment. The next day, the Guest account had a lot fewer privileges.

In high school a friend figured out you could map any network drive to your desktop and access it (Windows XP), and since everyone in the entire school district had a username of {last name}{first initial}, you could gain read/write access to anyone’s network drive (essentially “home folder”). He used it to get test answers from teachers, I used it to create (empty) folders named “porn”, “porn 2”, et al.

Anyway when he was caught (a fellow classmate ratted him out) he got 10 days out of school suspension. The VP threatened to call the police… for what offense I’m not really sure. There seems to be a fundamental misunderstanding of cybercrime and cybercrime laws. I mean was it really unauthorized access (they called it “hacking” of course) if his user account literally had permission to map network drives?

They removed the ability for student accounts to map network drives, but the district IT guy was not fired. I really don’t get that. Maybe the union saved him… but dog, everyone knows you can map network drives by right clicking on the desktop. I never thought to try it, but that doesn’t mean the district’s IT SME gets a pass.

Is it really breaking and entering if they left their key under the flowerpot and you found it?