"Please don't reply to email@example.com it goes to everyone"
Each person in the mail list is convinced they need to send a reply to that mail informing everyone that the others should not reply to this email address, otherwise how would everyone know they're not supposed to reply to that email.
Each person who would send a reply-all does it in response to SOME message. If it happens to be your BCC, their message doesn't perpetuate the storm.
The BCCs would act as a kind of neutron absorber to dampen runaway reactions. Or like a trap-neuter-release program for cats.
When you receive mail that you've been BCC'd on, it does attempt to figure out what address was used to get it to you, and displays that as a BCC (useful if it came to you via a mailing list that was BCC'd), so perhaps you're confusing that for showing the addresses of everyone to everyone, which isn't the case.
My favourite is when people reply-all with “please remove me from this list”
Just saying in case anyone wasn't already aware.
I wonder how many unfinished messages I’ll send before my muscle memory remembers I’ve switched?
Has been very useful so far.
The following is from https://ws.engr.illinois.edu/sitemanager/getfile.asp?id=540 , [U of I] Department of Computer Science, Alumni News, Winter 2001, Vol 2 No 7, page 14. Judy Tolliver editor. The winning google search was "illinois.edu" molly guard ibm button.
Mollyguard? - Ed Krol explains
Ed Krol explains the origins of the word Mollyguard, which dates back to 1982, like this: “I was concerned with the Cyber [mainframe], and right behind the Cyberconsole was an IBM 4341—a nondescript, singularly unimpressive, desk-sized grey machine. The only thing about it was that on one side was a big red switch—kid-sized, about 2 inches wide. The switch was like the emergency OFF switch, and if you pulled it you actually had to call an IBM engineer to come in and reset it. There was some crisis on the Cyber, and I was babysitting that day, and so I took my daughter Molly in to work with me. I said, ‘You play with your trucks on the floor while I work,’ and she saw this amazing big red thing and gave it a yank and turned it off. You weren’t supposed to do that to those big machines at the time. Our computer center director then had little plexiglas flaps installed so that you had to lift the flap up before you could pull the switch. Charley [Kline] named them Mollyguards to protect them from Molly. It was a funny play on words, too, because molybdenum is a slippery element and there used to be a grease called Molygard.”
Krol, BS 73, is now assistant director of CCSO, and Kline, BS84, MS 86, who was a student hourly at the time, is now principal research programmer at CCSO. Molly Krol is a senior at Luther College in Iowa.
It was Kline who submitted the word Mollyguard to the Jargon File, a collection of computer slang from various technical cultures begun by Raphael Finkel at Stanford in 1975. Here is how it appears on this list, mirrored on many Web sites:
molly-guard /mol’ee-gard/ n.
[University of Illinois] A shield to prevent tripping of some Big Red Switch by clumsy or ignorant hands. Originally used for the plexiglass covers improvised for the BRS on an IBM 4341 after a programmer’s toddler daughter (named Molly) frobbed it twice in one day. Later generalized to covers over stop/reset switches on disk drives and networking equipment. In hardware catalogues, you’ll see the much less interesting description “guarded button.” n
(It wasn't the launch button; it was the emergency shutdown button, which would have cost them an hour to restart everything. When they're there on a Saturday. I was exiled to the parking lot for the duration.)
Apparently large bright red button and 3 year olds don’t mix.
Much fun was not had.
I was left by myself for a bit and went across to look at the server and open the door - only after I pressed the button did I realise that it was the on/off switch rather than a door open.
I hastily switched it back on and made it back to my seat before before anyone came to the room to check what had happened to their server!
Edit: this is back when on/off really meant on or off with respect to power :)
Apparently two dimwits from another tenant were onsite tending to their rack when they saw the big red buttons on the wall spaced ten feet apart, and wondered what they would do when you held them down simultaneously.
Turns out, they did precisely what the not-so-little signs said they would.
I think USSTRATCOM could benefit from the same policy.
On the third hand, having a very young child anywhere near my work computer unsupervised would be the stuff of nightmares..
Smashing keyboard is great fun.
One of my kids new favorite thing is to sneak into office and stay hidden. Usually I notice right away, but not always.
I worked in far less sentitive settings, but all these IP policies pretty much engrain this in my mind. Locking before moving away from my desk is muscle memory by now.
A second child is my guess. Or they were still in the room but inattentive. That kind of muscle memory would trigger when you're leaving your work area, and when working from home that would probably expand to your whole office.
Surprised those devices aren't in more widespread usage.
Productivity is not a concern for many IT security managers.
Then I had an ex-girlfriend get quite upset with me for always locking my computers when I was away from them.
I’m not arguing against it, but it’s one of the earliest deep feelings I had about office policies.
Locking the screen in a high trust environment communicates and disturbs the vibes. Should work be high trust? Plenty of people would leave my body in a dumpster for saying yes. I’d trust a co-worker before a girlfriend though (ie. Pre-marriage, non-contractial partner). I can follow policy as it relates to contractual home partners.
In our office it is encouraged because we work on projects for multiple different clients. In some cases competing clients and we are required to partition the knowledge internally. Even if it isn't quite that serious we try to keep detailed information about the project inside the project team.
Making sure I follow. You're saying 'trust' within your team meaning they have all good intentions and 'trust' meaning they never overlook anything or make a mistake.
So as a result you don't do PRs?
See it all the time on public transport ;)
This is for initial login, once you are in you should be using a password manager, but until you type that initial password you can't get to the manager. (Never put work logins into your personal password manager!)
Toddlers are truly keen observers. You think they're just trying to smash a toy or eat their picture book, but they're constantly watching everything. In the recent months I had a whole lot of stories that follow the pattern of "how in hell did you know these items belong together?!". There are moments when I wonder if toddlers have a secret worldwide community, and communicate with each other while parents are asleep...
(Also our cat learned to use our daughter as a distraction sometimes, making her noisy so that we vacate the kitchen, while it runs in to snatch our dinner...)
Do share! This is interesting for two reasons: how adult and toddler perception might differ, and how we design everyday objects to be maybe discoverable to a toddler.
So, for instance, my daughter figured out twisting and untwisting of bottle caps in a manner of days, and it was a clear progression from observing us handling various bottles, trying it on the same bottles she saw us use, and then picking up on some pattern (round shape? grooves?) and trying to unscrew new things - but only ones that fit the pattern.
Or the other day she escaped into the kitchen while my wife was unloading the dishwasher, silently grabbed a fruit peeler and an apple, approached my wife and tried to peel the apple herself. We've maybe ever used the peeler once in our daughter's presence, but that was enough for her to both associate the two objects and remember how one is operated on the other. I'm not sure if this was goal-oriented behavior (i.e. whether she wanted to eat an apple) or just "look at me, I'm doing the same as you".
Toddlers are preternaturally patient - they will try all possible combinations of push, pull, bite and/or throw until they find a combination that works.
Also, they can easily transfer skills that may not be seem related to an adult - I encouraged a toddler to understand how carseat buckle works (they wanted to "help"): unfortunately, those skills are directly transferable to defeating buckle-based child-proofing products <facepalm>
That's some Garfield quality action right there!
 It was a little different. I set the screenshot as the background and hid everything and removed all panels and whatnot.
This is just the 21st century version of governments communicating via newspaper, radio, and television.
Yes they should. Much more official than a 'Twitter account'.
Ignorance of the law does not excuse one from its consequences. For such a serious violation of 18 U.S.C. § 1030 I fully expect the child to be put in solitary confinement for the entire duration of nap time.
But joking aside, I doubt this was an actual password. Too many repeating characters and characters grouped close together. Like "ssaw" and that ";l;;". And no uppercase as some people have mentioned. Who mandates special characters but not uppercase or numbers? I've never seen a password policy doing that. Usually numbers and uppercase come first before specials are considered, due to regional keyboard differences that make special characters hard to find. Really sounds much more like a toddler at work to me like they say.
And really, this is twitter. Not a serious government system. Even if it was a password, people sending tweets tend not to be the ones pushing red buttons. Obligatory XKCD: https://xkcd.com/932/
If it’s a request without privilege risk, workloads aren’t crazy and the requestor writes them well, same day service happens.
Writing these things is like a grant, there’s an art.
They realized that this is a press story about to blow up, and that if they don't make a statement the press will just write "USSTRATCOM TWEET RAISES HACKING FEARS. WERE WE ONE KEYSTROKE AWAY FROM GLOBAL THERMONUCLEAR WAR?" with a "We contacted USSTRATCOM but did not receive a response [in the 3 minutes between asking and posting]" so they made a statement.
Response in scribd PDF form: https://www.scribd.com/document/500831873/FOIA-U-S-Strategic...
twitter took focus when he typed the password and enter did send it. Everyone knows it.
take a look at some footage of my workplace:
Turns out it's a "he", so if we are focused on technicalities I should have used that, but for some reason I can't edit the comment.
The information is not just for the press and the public — every part of the government and the military not directly connected to STRATCOM would believe that the public explanation is correct, which is the last thing you'd want if there really were a security breach.
If their database later leaks and shows that they had more info, they're in a world of hurt. The DPA will already be looking for an excuse to punish them (having a breach isn't punishable in itself), so they'll nail them to the wall for this.
Maybe those accounts should have a triple check password warning before they clumsily or have your child mistakenly tweet such things online. Unbelievable that Twitter still doesn't even have a check such as that for high profile accounts.
Downvoters: So we should not have extra tweet checks for high profile accounts who may have children or others clumsily or mistakenly tweet gibberish or nonsense on Twitter especially from an account that is responsible to '...deter strategic attack and employ forces, as directed, to guarantee the security of our Nation and our Allies.' 
Care to explain your reasons why for very important and verified official accounts part of the US Department of Defense or any other account that has a government-level responsibility 'thIs iS aLL coMPleTEly fINe'?