Slashdot Mirror
Author of Paper Critical of Microsoft is Fired
chongo writes "Daniel E. Geer Jr., one of the primary authors of a
report
Reliance
On MS A Danger To National Security,
was fired from @stake Thursday morning.
@stake said that 'The values an opinions of the
report
are not in line with @stake's views' and that Geer's
participation was 'not sanctioned.'
Microsoft, who has worked closely with @stake
in the past, denied that it was involved in @stake's
decision to fire Dan." There might not be anything fishy going on at all, but that's no reason to stop making perfectly good conspiracy theories.
Try talking bad about Linux on Slashdot and I bet you'll get banned from this place. Be pro Microsoft or anti Apple and people will want to burn you like a witch from Salem!
If you use Linux, please help development of Autopac
While the firing was unecessary and I don't agreee with it in the slightest. (How can your participation be 'unauthorized'?), it's the editorial tagline that really irks me.
You, slashdot editor, member of the press, are actually encouraging and suggesting that false and misleading information be interpolated from a small number of facts. Sure, a healthy skepticism and more investigation is required to determine why he was fired but i think an editorial remark with a message consisting of:
"This isn't really big news, but if we pretend like all sorts of mysterious things are happening that we don't know about, it will be."
Those sorts of things happen on their own more than enough as is; encouraging it is just unecessary.
-Ryan
AUWYHSTOT (Acronyms are Useless When You Have to Spell Them Out Too)
I find it rather disturbing that a company can fire you for something you do of your own accord.
So if I shit on the copier on my own accord I shouldn't be fired? The question is not whether this was company sponsored (which is wasn't) but whether he did it on company time and with company resources which is unclear in this article. Either way, depending on your contract, a company can fire you for almost any reason. It is then up to you to file an unlawful termination suit but a lot of companies can dredge up something to nail you with (like phone and website logs).
in the report. It doesn't state that "@Stake reports... blah blah" It states that "A leading panel of experts" who happened to be headed by a guy that worked at @Stake - released the report.
Personally I think Dan Greer should sue @Stake for invalid dismisal based upon personal opinions he expressed while not on company time.
Thanks to Google's cache, this is Dr. Geer's bio from @stake. I had the opportunity to hear him speak once, and he sounded about as brilliant as the following description would make you think:
Daniel E. Geer, Jr., Sc.D.
Chief Technology Officer
Daniel E. Geer, Jr., Sc.D. oversees the strategy and direction of @stake's approach to digital security. Over the last thirty years, Dr. Geer has led the application of technology in medical computing, distributed systems management, electronic commerce, and digital security. After fifteen years in the Harvard medical establishment, he variously served in senior leadership roles for MIT's groundbreaking Project Athena, Digital Equipment Corporation's External Research Program, Open Market, OpenVision Technologies (now Veritas), CertCo, and now @stake. His security consulting firm, Geer Zolot, was the first of its kind.
An expert in modern security protocols and business metrics, Dr. Geer has been called upon to testify before Congress on multiple occasions. Dr. Geer speaks and publishes regularly on a range of issues in digital security; his November 1998 speech, "Risk Management is Where the Money Is," has been widely quoted, warranting both reprint as a special issue of the RISKS Digest and prompting editorial comment in Wired Magazine. His bibliography is deep and continuing, and with Avi Rubin and Marcus Ranum, he is co-author of The Web Security Sourcebook.
He holds a Sc.D. in Biostatistics from Harvard University's School of Public Health as well as an S.B. in Electrical Engineering and Computer Science from MIT. His professional involvement includes a decade of leadership within USENIX, the advanced computing systems association, of which he is past president. He today serves as an advisor to the board of the Financial Services Information Sharing & Analysis Center (FS/ISAC) under the auspices of the US Dept. of the Treasury, as well as similar fiduciary and non-fiduciary roles for a select number of promising startups.
-- Brian T. Sniffen
There is no America. There is no democracy. There is only IBM and AT&T and DuPont, Dow, General Electric, and Exxon
I was watching a US House of Reps "Worms and cyber security" subcommmitee on C-SPAN the other day. Testifying before the Congressmen were the following - Microsoft Corp senior security strategist Philip Reitinger, VeriSign VP Kenneth Silva, Lawrence Hale, director of the Federal Computer Incident Response Center, Christoper Wysopal consultant for @stake Inc, some other Russian security consultant, and a few other random folks.
The chairman of the committee asked the Verisign PHB and the two consultants if there were any security benefits in running open-source software, and which was more secure, open or closed. I almost shat myself. Here was the perfect opportunity to hear some glowing reviews of open source. Instead the two consultants, who seemed decently knowledgeable, and long winded on all other issues merely said that there are flaws in all types of software, and they would "guess" that the frequency of security flaws were the same as for closed source. Although the guy from @stake did mention that the theory behind open source security was that "the more eyes, the better", he also countered it with noting that most users of open source wouldn't be able to fix the code when a vulnerability was found.
That was it. No detailed explanation about anything. Just a brush off that was not quite as long as their testimony on why ipv6 wouldn't offer any extra security over ipv4. Luckily the Verisign bastard was there to add his two cents. To paraphrase him - "I would agree with their, (the consultants) testimony, but I would like to add that often the people who write open source software are not professionals". Then he took another shot mentioning "that often worms affect open-source software too". Often... I wonder what he considers "often". How can he even trot out the word "often" to describe the frequency of worms that affect open-source software when there are millions of Windows boxes that are constantly being hit by worms. He then added - "We must resist the temptation to demonize software vendors and other members of the network community. The finger pointing is often misplaced and in most cases does more harm than good." It was quite the interesting hearing, and gives me a bit of insight into what kind of info our Government is getting about open source.
Anti-social? My code is just platform-specific.
...that he decided to list his company affiliation in the list of authors. Most companies require any paper that goes external to go through a review and approval process, which would catch any differences in opinion between the author and the entity which that author represents in title.
I personally agree with the paper, too bad @Stake lost such a valuable employee. OS diversity can be a great asset in system security, as it keeps an attacker on their toes. However, administration becomes that much more complicated of course : |
"Sed Quis Custodiet Ipsos Custodes?" -Juvenal
Interesting. Does that mean that employees should only issue statements in the course of their job responsibilities? Or that job statements must be objective, fact-based and truthful but personal statements can be whatever they want? This latter interpretation seems to conflict with their action.
I don't think Dan Geer will have trouble finding a new job. However, it is an interesting reflection of what @Stake has become. Look at their management team. Looks awfully VC to me.
It's a sad state of affairs, but not surprising. It's been a long time since the "CIFS is caca" paper, and I lost respect for the l0pht back when *hobbit* was edged out. Mudge became "Dr. Mudge" (as if), and they all started running after the limelight. Sad, really. The Hacker News Network is long gone, and mudge is Pieter. It sucks for Dan, but it's just more of the same for the rest of us.
It takes a lot of nerve for Chris Wysopal to issue his little statement. Weld Pond would never have said something like that. Man, it's been a long path from BO2K to appeasing Microsoft. What a long, strange trip it's been. Sigh.
The difference between a Miracle and a Fact is exactly the difference between a mermaid and a seal. (Mark Twain)
Leave it to the Mercury News to report with more sordid details.
What caught my eye...
The CCIA trade group also ran into trouble Thursday when it sought to send a paid announcement about its critical Microsoft report to 140,000 subscribers of popular trade magazines for chief security officers and chief information officers.
The publisher for CIO and CSO magazines, CXO Media Inc., offers such announcements ``to target a specific market segment of our audience by designing a list of prospects for direct mail and e-mail purposes.''
But in this case, the subject was too touchy.
``We find it is too sensitive of material to send out. I'm sorry to be the bearer of bad news, but I have to deny your request,'' according to an e-mail from the publisher obtained by The Associated Press.
``We need to try to provide some balance on these issues, and this seemed a little one-sided,'' CXO spokeswoman Karen Fogerty said.
Sheesh! The mags won't even report this story if you pay them!
---
Fight the Power!
There is no America. There is no democracy. There is only IBM and AT&T and DuPont, Dow, General Electric, and Exxon
Way back when I worked for IBM, there were very stringent rules about publishing anything even vaguely computer-related, and I doubt it is any better nowadays. Stuff had to be run through the Publications department, which sent it all over the company for approval/disapproval.
At one time I was working on my Master's degree, and the Professor to whom I submitted a term paper on "LISP on MicroComputers" suggested I submit it to a journal. BUT this was just before the PC came out, so I was using examples like PDP and TRS-80. When the paper got to the division that was preparing to release the PC, they vetoed it instantly.
Some people were so paranoid back then that they would "clear" a term paper through Publications before they dared to give it to the Professor!
So the answer is, "Yes, they can do that."
Teen Angel - a Ghost Story
I hate to say it, but if you marry the CCIA position stuff wrapped around the report itself, it sounds like CCIA is advocating for government mandated software regimes!
It's clear that in Agriculture a pure monoculture is a bad thing, but there the government has to step in and tell folks to burn crops. I _don't_ want my company's software crops 'burned' at government insistence. Nor do I want the government telling me that I must not buy BSD because it doesn't fit into their scheme of monoculture at the moment.
So monoculture may be bad in the computer world, but when you actually start talking about a government mandated or enforced or even promoted plan, I get far more nervous than I was from just MS.
It isn't the report's pie-in-the-sky vision of a 1/3 computing world, it's what CCIA, a lobbying group, would DO with that report.
Fear the Bureaucrat!
Of course he'll get a new job, probably a better paying one. @Stake, on the other hand... None of you will ever buy from them after this, right? They let their greed get in the way of their objectivity. Those insecurities earn them money, that's why they don't support his opinions. You can't trust companies like that to give you good security advice.
"Participation in and release of the report was not sanctioned by @Stake," the security and consulting company said. "The values and opinions of the report are not in line with @Stake's views."
What?! What exactly wasn't true about what was said?
Quote: Daniel Geer "As fast as the world's computing infrastructure is growing, vulnerability to attack is growing faster still"
Quote: Daniel Geer "Microsoft's attempts to tightly integrate myriad applications with its operating system have significantly contributed to excessive complexity and vulnerability. This deterioration of security compounds when nearly all computers rely on a single operating system subject to the same vulnerabilities the world over"
Quote: Ed Black "Microsoft's monopoly threatens consumers in a number of ways, it it's clear it is now also a threat to our security, our safety, and even our national security."
Quote: Bruce Schneier "The problem is that of monoculture. As long as all computers are running the same OS, they're all vulnerable."
If @stake is saying they don't agree with these statements, then their credibility as a security company is seriously in question. It's one thing to say they fired someone for violating professional protocol, it's quite another to terminate them because what they said was incorrect.
Everything said by Geer, Black and Schneier is correct. What does @stake not agree with?
Ruby on Rails Screencast
@stake, eeye, and iss have all agreed w/ microsoft not to release details of even potential exploits until the microsoft has had 30 days to "evaluate" them, leaving admins and the public unnecessarily exposed to vulnerabilities. This is completely unacceptable, and contrary to the scientific peer-review process of real science. If you know there's a problem, you speak out, suggest a fix, and hopefully the appropriate parties will be responsible enough to take action. Additionally, others have to be able to VERIFY and REPRODUCE findings, a critical part of *real* research. But microsoft's tactic is to force so-called security "research" companies (who are in it for money, not necessarily for altruistic research or making things more secure) into a lop-sided, biases "standards" NGO, the "Organization for Internet Safety" (OIS), which Microsoft is a member. (read this). What they are proposing is censorship, hiding information until they can find a fix, so that only the hackers will know what's broken. Talk about the fox guarding the hen-house!!!
Additionally, the director of research for @stake, Chris Wysopal, is effectively lobbying congress to give teeth to the OIS, and more power to microsoft and their buddies.
OIS = @stake, BindView, SCO, Foundstone, Guardent, ISS, Microsoft, NAI, Oracle, SGI, Symantec. sounds like the stone cutter's guild to me.
Eeye seems to be left out for obvious reasons, they oppose this secretive "research." Read eeye's Marc Maiffret's (chief hacking officer) thoughts on things to a congressional subcommittee here.
"windows corrupts, microsoft corrupts absolutely."
The biggest trick the devil pulled was letting lawyers become politicians so they can write the laws.
Its sad that @Stake would be so scared of Microsoft to fire someone for telling the truth.
I'm sure that some other company will be perfectly happy to snatch him right up, partly as a slap in the face to Microsoft and because he can obviously provide some valuable information about the security risks involved with Windows now and in the future.
Maybe even the CCIA might snatch him up? Personally, I think they owe it to him.
Volunteer Mozilla developer, RPI Student.
@stake has demonstrated that nothing, absolutely nothing, will get in the way of satisfying their clients. While this is admirable from a capitalist viewpoint, how much do you trust any information that they disseminate?
Thought so.
Tarring yourself as a Microsoft shill might be good for the bottom line but I doubt @stake's long term viability was helped by this move. Particularly since the point that Mr. Geer was making is patently obvious to anyone with a clue.
I'm sure going to tune out anything they say in the future.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
@stake's primary responsibility should be to secure their client's systems; prodding the players in the marketplace to produce more secure systems is their job. If I were a client of @stake I'd be very concerned that they placed a higher value on not offending a vendor than in providing security to their clients.
Enable 3D printed prosthetics!
First off, "they" wrote it. Each of the contributors listed their position and company with equal emphasis. No representations were made about the "official" positions of the respecitve and multiple companies listed.
Yes, we seem to be living in a world with increasing need to disclaim. In fact, we live in a legal claim/disclaim toxic environment.
If you were to global search-and-replace the company names with the names of universities; and likewise exchange the professional titles with academic ones; this paper would be perfectly kosher.
So now, apparently you can't publish a shcollarly work unless you *don't* have a "real job." How nice.
Remember: The great/golden age of the Arrab Empires collapsed because of one act. They closed their libraries. After that scolarship fell into disrepute. Then learning. Then knowledge. Then "not being an idiot" was against the social norm, and *poof* they lost the initiative.
Let's not repeat that debacle in our age, shall we?
Persons should enjoy the right to freely publish their thoughts and understandings of any issue with greater social ramafications.
Silence == Death... As a slogan it is applicable to far more than the AIDS crisis.
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
Actualy yes they are. Where I use to work, just being known to know too much about Linux would put a person on the layoff list. And when the company is laying off 40% of its workforce, little things like that are easy to hide. I would go into more detail on how this company is sucking bills fat FUD, but I am starting to get upset. Basical, in any MS controled company, knowing UNIX is a severe liability, regardless of how well one knows MS stuff. Unless of course, ones knowledge is absolutly instrumental in positioning the company infrastructure, in preparation for MSs penetration.
@Stake on the other hand...
This is probably going to be a bit of a nightmare for them. The firing is starting to generate a lot of attention in the press. People who may or may not have heard of @Stake before this are now going to remember them as "the company that fired a guy for dissing the security of using all Microsoft."
I for one wouldn't want to hire a company whose line of business is other people's security but who fired a guy for pointing out obvious and factual problems with the security of a major software vendor. It speaks volumes to whose interests they are going to represent if I were ever their client.
It wouldn't be mine -- it would be their own and any bigger client whose interests might run contrary to mine.
Quoth he
"It's all academic anyway..."
Please note that according to @stake Dr. Greer was not employed by them at the time he made his opinions public.
Therefore:
A)He was not actually fired for his public statement
B)At the time of the statement he clearly could not have been speaking for his employer, because he was unemployed and in much the same position as Ms. Welles
If @stake's position in this matter has certain legal implications, well, that's their problem I guess. They chose their actions and statements.
As for Dr. Geer's termination I covered that in my original post. I don't know the terms of his contract or their legality in his legal jurisdiction.
And neither do you.
Unless, of course, you're posting as an AC because you are an officer of @stake.
As for his collegues most of them probably share his opinion but keep private about it. Virtually every government is quite vocal about sharing the same opinion so it's not like it's a big secret or something.
It can be equally applied to nearly any other industry as well. A nearly universal reliance on Boeing for nearly all of our military aircraft would be a tragic mistake for national security.
I'd hazard a guess you could find a Boeing executive who would even be willing to state that for the record -- and not even get fired for it.
KFG
@Stake absorbed l0pht, which had serious hacker cred just a couple years ago.
Google suggests, for more background: this and this.
If you check the Google cache, you'll see that Dr. Geer was #2 two at the company. Whatever the cause, he was not fires by a "middle management type." He was upper management, so he must have been fired by more-upper management!
If they want MS as their sole client, that's one thing.
Their publically firing a whistleblower for being part of a group writing a negative article about MS software tells me that @stake can never be trusted again in any statement they make about MS software, operating systems, or security procedures. So what's the upside for a non-MS client to hire them?
Is anybody left at @stake from the old l0pht days?
Tech Public Policy stuff
CIFS=Common Internet File System. This is a reference to the security flaws highlighted by Hobbit (from memory it was defcon 5, back in 1997) in the microsoft SMB (windows networking) products. A copy is still available from here.
and I lost respect for the l0pht back when *hobbit* was edged out. Mudge became "Dr. Mudge" (as if), and they all started running after the limelight. Sad, really. The Hacker News Network is long gone, and mudge is Pieter. It sucks for Dan, but it's just more of the same for the rest of us.
L0pht Heavy Industries (creaters of the L0phtcrack suite Pwdump that allowed brute force cracking of windows NT user/passes) went though a period of internal discontent. I cannot provide any details on this. Basically the author seems to be trying to highlight the corporate yes-men culture that has permeated this sector and presumably led to this dismissal for speaking the obvious but unapproved "truth".
It takes a lot of nerve for Chris Wysopal to issue his little statement. Weld Pond would never have said something like that. Man, it's been a long path from BO2K to appeasing Microsoft. What a long, strange trip it's been. Sigh.
I have to admit this part has me stumped. I assume he means that Chris Wysopal of @stake would answer differently to Weld Pond of Lopht. Since they are one and the same person I assume he means to highlight the change over time in Chris's opinions/loyalties... not really surprising in the context of articles like this (para. headed Who's Who).
It has indeed been a long and strange trip... no end in sight yet.
Q.
Insert Signature Here
Microsoft hired @stake to improve security in Windows. In order to improve security (or most anything), you have to recognize what is wrong with that security. @stake just fired someone for publishing independent research related to what @stake paid this person to do: be critical of Microsoft Windows security. This firing leads me to believe that @stake wants it's employees to be critical --but not too critical-- of Windows. And while @stake can surely find people to fill this mediocre requirement, they probably won't find the "best" people. Indeed, there might be a quiet exodus of talent from @stake after this, and @stake might have trouble naming a replacement CTO that has the same level of competence in Windows security. Perhaps, an Anonymous Coward from @stake will update us on the chilling effects, if any, inside the company.
Sometimes I worry that I'll develop Alzheimer's disease, but no one will notice.
Sure wish I had seen this earlier instead of 300+ replies later. Oh well, I guess thats what happens when you stick your head inside a Hobbit hole for three years and don't come out.
I feel I must reitterate L0phT =! @stake. Please do not confuse what I consider to be the good work of the L0pht with the corporate nonense that is @stake.
As for Dan and everyone else that works there they should have seen the writing on the wall three years ago when they fired my poor ass. Remember me, Space Rogue? HNN? All Gone. Why? I can only speculate but I think they felt that a critical mouthpiece would not be a good thing. Sound familiar? Hard to get someone to sign a big contract if you might call them names the next day.
Dan is a remarkable person. His mind works like no other person I have ever met. Don't feel sorry for him. Trust me, he is in a better place now.
Microsoft has continued its embrace, extend and I assume, extinguish policy with regards to information security. How? By hiring several of the people who were critical of the organization. Yes, that means previous @stake, Guardent, Foundstone, etc employees. That also means hackers, all who now work for the Giant in Redmond. Keep your enemies close. What better way to silence your critics than to hire them. Then you can keep them silent until they no longer pose a threat and dispose of them quietly at a later time when no one is looking.
Oh well, life goes on, the Internet is as insecure as ever, companies are still able to hide thier vulnerability, risks are not taken seriously and hackers still roam free. Nothing has changed, and nothing will until such time that people stop trusting everything that is spoon feed by anyone looking to make a buck. Yeah, I'm cynical. Sue me.
- SR
I was the IT Specialist of The divisional headquarters of The Salvation Army in Cincinnati - the 'go to' guy for half of Ohio and Norther Kentucky. I was one of the 30,000+ people sending letters to the DoJ regarding Microsoft's anticompetitive pratices. (I shared account of how they tried charging us twice for Office licenses.)
Three months later, I had a four day vacation and when I came back, the locks on my office were changed and my personal contents were cleaned out. They gave me a "farewell interview" to express that their sole reason for firing me was "dissatisfactory performance," which is all their employment policy required. My ten year career with them was over, they would not give me opportunity to defend myself, and they wouldn't give me severance or unemployment.
(The Salvation Army, as a church, is not required by Ohio law to pay into unemployment. Compounded with losing my pension settlement for three months, I spent those months at zero income.)
I found out over a year later that Microsoft was behind it... It wasn't a local decision at all, but was enforced by Paul Kelly, IT Director of New York's Territorial HQ, along with policy banning Linux in our ten state territory! Paul normally has no direct dealings with me on the divisional level, but a contact in New York revealed how pivotal Paul considered me in that contraversy.
I haven't pulled together the witnesses and evidence to prove this in court, but the commonly held opinion is that Paul got the call from Microsoft which says "get rid of the problem, or we'll audit your business licenses."
So it seems The Salvation Army, a church, is also a wholy owned and operated subsidiary of Bill Gate's Evil Empire(tm).
Joel 'Twisty' Nye, MCSA, Linux+
Yes, a completely different issue.
There is no claim of trademark infringement against him here, because as you pointed out, he actually did hold the position he claimed to hold.
He does not have a claim for being illegally discharged.
He's not being fired because of his race, because he started a union, or because he ratted out the company for violating the law...
He's been fired for saying something that could potentially damage his employer's relationship with a major business partner, and that's proper in any state.
California has a right of free speech enforceable against private owners of property given to public use (e.g. shopping malls), but even California's legislature and courts would be hard pressed to justify an absolute right of free speech against an employer.
If that existed, you could have Apple executives running around on tv saying "Mac's suck" and Jobs wouldn't be able to fire them legally. (though he would have to do it anyway)
---
Any other whore in 2004!
I'm Jonathan Vos Post (but forgot my password). I was wrongfully terminated from Rockwell International in 1990, where I was a rather senior Software Engineer for the Space Shuttle. I am VERY published (Google me to find some examples) and in particular have at least 210 publications, presentations, and broadcasts about the Space Program (inclduing co-authorships with Sir Srthur C. Clarke, Ray Bradbury, Richard feynman, and others).
Problem was, I said things that Rockwell didn't like. Although I was already an internationally acknowledged expert on Space, and on Software, I was forced to submit EVERYTHING through their Publications office beforehand, including Science Fiction (I was and am an Active Member of Science Fiction Writers of America) and even Poetry.
I reported problems with personnel junior to me (who were plagiarists, liars, and committing scientific fraud). I reported problems with Safety on the Space Shuttle.
So they "laid me off" -- but when I got a lawyer, subpoenaed their file on me, I found over 400 pages of dossier on me, filled with ludicrous, absurd, impossible claims by the plagiarists -- which I'd never been told about. The file also stated that my "layoff" was a pretect, that I was never intended to be rehired.
This case went through the courts for almost 15 years, cost many hundreds of thousands of dollars, and eventually lost on Appeal, after the Appellate Justices could not find certain evidence that had been filed but which the clerks had lost.
I am effectively blackballed from aerospace employment, where I had made (corrected for inflation) over $120,000/year plus great benefits. I lost millions in estimated ongoing and future income. My reputation was blighted. I think you can see that I side with the expert, and not with the pseudo-criminals who fire the expert. But I cannot blithely recommend suing for wrongful termination slasnder per se, slander, libel, and intentional infliction of emotional distress (all the standard operative terms here). The employer will, as a matter of strategy, grind you down with their law department, try to wear you out, burn you out, bankrupt you, stress you, force you to commit suicde, or otherwise punish you for writing the truth and daring to defend yourself.
Sorry, but that's the truth, as I see it. There are two kinds of justice in America: justice for the rich, and justice for the very rich.
Sincerely,
Jonathan Vos Post
Professor of Mathematics, Woodbury University;
Faculty Pool for Computer Science, Cal. State L.A.;
former professor of Astronomy, Cypress College
It saddens me to see @stake doing this. Back when I worked for them, they were just starting up; the office was abuzz with energy and belief in what we were doing. There was talk from the l0pht guys about "making a dent in the universe", in changing the way things got done. There was a wall of pizza boxes near them -- these guys were dedicated and amazing.
Around late 2000, early 2001, though, the culture at the company changed. Although it's always been a place I'd have been happy to have gone back to, now I wonder about it. I remember when Mudge cut off his signature long hair and started going by his given name (Chris Wysopal). The office colors went from grey, red, and black, with a logo "Making the Impossible Possible" to teal and orange, with "Securing the Internet Economy". Where once we were given black shirts with "Hacker" written on them, now we had shirts I would never wear.
Corporate color and hair styling I can forgive -- @stake wanted to be a respectable company, and the hacker image might have stood in the way of that. But to think that they'd fire their chief technology officer because he pointed out something that we *all* once believed back when we were working there sucks. Nearly every one of us ran Linux; we were not a company that was beholden to Microsoft. Sigh.
We who were living are now dying
With a little patience
If the guy down the street who works for a Ford dealership tells me that he thinks Fords suck I too would have to be a moron to believe that was the official position of his employer.
Whether or not that might be legal grounds for firing said employee is another issue.
If I ran that Ford dealership, you can guarantee I would fire that guy or at least chew him out for telling you he thought Fords suck. No employer would be happy about an employee whose behavior undermines its ability to conduct business, whether that behavior involves personal opinions or not.