Societe Generale and controlling access

Societe Generale, a European bank, reported in January of 2008 a trading loss of nearly 7.2 billion dollars, one of the largest trading losses in banking history. How did they loose so much? Apparently an employee changed roles within the company moving from compliance to trading. While he was given the new permissions associated with his new role the permissions associated with his old role were never removed. Using his extra access rights and his knowledge of how compliance was managed the employee was able to make high risk trades in amounts far exceeding what he should be allowed. The result 7.2 billion in losses.

Slow resoluton of user names in Windows XP

I recently had some trouble with a Windows XP machine which was being very slow resolving Secure Identification numbers (SID) to user and group names. The machine was a stand alone system with over 500 user accounts on it. The machine was a fresh install (user accounts were for a research project and were empty). Every time you clicked on properties for a file and looked at the file permissions for the file you would be presented with a list of SID numbers instead of a list of user names. Given enough time it would slowly resolved the SID numbers but it would take it forever to do so.

Turns out that it was trying to query a remote server to do the SID name resolution. Since there were 500 accounts this lookup was taking a very long time. To fix it I turned off the Workstation service. (Right click My Computer -> Manage, expand Services and Applications. Click Services and find Workstation Service. Right click Workstation service and select Properties. Under General click Stop which disables it till the next restart or select Disable under Startup type which will disable it until you expressly re-enable it).