Worker Fired For Running SETI On State-Owned PCs

Formica writes "A programmer working for the Ohio Department of Job and Family Services was fired for running SETI software on a state server. As quoted in this article, department head Tom Hayes says, 'I think that people can be comfortable that security has beamed this man out of our building.' More articles from Google."

Would you want to work for this guy?

[BWJones]

"I understand his desire to search for intelligent life in outer space, because obviously he doesn't find it in the mirror in the morning," Hayes said. "I think that people can be comfortable that security has beamed this man out of our building."

What an ass Tom Hayes is! Come on now, there is no need for personal attacks, especially because this statement was publicly released in a news interview and they have already fired this guy. I am half tempted to find Tom's email address and tell him just that.

So the issue is: Was there a policy that prohibited use of those systems for that purpose? Granted, since the machines were taxpayer funded, this should have raised some red-flags for Charles Smith (the fired employee), however...... immediate termination rather than a warning seems a bit harsh. Any time you are using publicly funded resources for personal use, there should be extreme caution, and my bias is to never, ever go there in the first place unless there is a prior agreement for reimbursement.

Of course we do not know all the circumstances, but Tom Hayes is still an ass for publicly attempting to humiliate this guy. Tom, whats wrong with you? I suspect you are a former high school football player turned college frat boy who has to put people down to make yourself feel better. Ass!

Re:Would you want to work for this guy?

[LooseChanj]

I get the feeling SETI was just an excuse. I've seen people fired for siller things.

Re:Would you want to work for this guy?

[Iron+Clad+Burrito]

As much as Slashdot readers name-call world leaders (and world-leader-wannabes) that they disagree with, there's outcry over an average joe getting insulted?

Re:Would you want to work for this guy?

[Halikar]

There is a world of difference between being of the public and commenting, and commenting publicly about a professional decision. What one person says about another is simply that, one persons opinion. When a boss or ex-boss says it publicly about a persons professional life, it is flat out wrong unless you are intentionally trying to get someone black listed and ensure they will never be hired again.

Re:Would you want to work for this guy?

[Fortissimo]

I agree that immediate termination seems harsh on the surface, but none of us know the back story on any of this. I've seen many times where an employee is perpetually abusive to the power they have and/or insubordinate or whatever, and management has been trying to nail them for a long time. Then, a dumb incident like this comes up and gives them the green light they'd been hoping for. Based on the situation and the harsh comments by Hayes, I think this smells suspiciously like one of those times. Seems highly doubtful that this was Smith's first offense.

Re:Would you want to work for this guy?

[genixia]

Why? The guy is 63.

Of course, one really has to wonder why he wasn't given a warning first. The offense for which he was fired sounds like an excuse to get rid of someone. Age discrimination anyone?

This is a lawsuit waiting to happen. And against The Department of Job and Family Services too. That's going to make the primetime local news reports and leave the department with a lot of egg on their face.

Re:Would you want to work for this guy?

[saden1]

The guy is 63. I don't think he has much of a career ahead of him. Getting fired two years before the retirement age sucks. I say sue the state, take whatever money you can and retire to the Bahamas.

Re:Would you want to work for this guy?

[Thomas+Shaddack]

Nobody would question his firing if he was using the state's computers to host a commercial website for his own profit.

That has a negative impact on the machine performance, as the requests come regardless of its load. SETI@home uses the computer only when it doesn't work otherwise.

However, using the same server for SETI@home is somehow better, right?

Yes. What is the real damage done here? If we stretch things a bit, we could get a minor potential vulnerability of running a third-party app taking data from a remote machine, but MSIE - even when fully patched - is orders of magnitude worse in this regard. Other possible damage is a minutely higher power consumption of the CPU - worth perhaps couple cents.

Really, would you think it would be discrimination if he decided to donate some of his employer's PCs to Goodwill and got fired?

That would negatively affect the employer's ability to use the PCs - while SETI@home software doesn't use the CPU when other apps need it.

More accurate comparison would be being fired for running a CPU-intensive screensaver.

This smells more like a dumb manageroid hating a specific employee (which would also explain his later remarks), and using the first excuse to get rid of him.

Basically, he was doing something that constitutes theft of service, with somebody else's computer.

If it was theft, where's the stolen goods missing from?

Re:Would you want to work for this guy?

[phreakmonkey]

hat has a negative impact on the machine performance, as the requests come regardless of its load. SETI@home uses the computer only when it doesn't work otherwise.

I'll address this. I'm a senior security engineer for a major corporation. We, too, have a policy against running any unapproved software on workstations owned by the company.

There are many, many reasons for this beyond just "negative impact." For instance:

What if a security vulnerability was discovered in Seti@Home (or any other unauthorized software) and it resulted in a compromise of (in this case) private citizens' data?

Who is liable if the software causes an outage on the workstation or the network?

Who is liable if the software causes a breach of security or corrupts the integrity of the data being handled by the state?

You see, in the case of corporate (or government) resources there is more at stake than just whether the software has a measurable impact on the performance of the machine. If the state wanted to run Seti@home on the machines, it would do the approriate dilligance to do so- including a risk evaluation and mitigation plans (like upgrades / patching / &etc) to do so. By running any unauthorized software, especially network software, without the knowledge of the owning party you are putting their property (and in this case the public's property) at an unneccessary risk.

I'm sure this is stated in their computer use policy, as it is in ours. Firing the employee was probably the correct action.

-pm

As a taxpayer...

[Power+Everywhere]

I have to agree with Hayes' decision (though not his commentary).

Wasting cycles looking for ET = wasting tax dollars.

SETI@Home: The next big threat

Because SETI@Home is such a security risk.
My mother works for the County Gov't, and I've seen some of the spyware infested cesspools that they call computers, and they fire this guy for doing what? Wasting clock cycles?

Re:SETI@Home: The next big threat

[aceh0]

there's a difference between installing crap on a desktop system and installing crap on a production server

Unauthorized software is unauthorized software

[Uhlek]

"Unauthorized software" means just that. Just because he was in the IT department doesn't give him free reign to do what he wants to with a production server.

Remember: Those servers, routers, switches, and workstations aren't yours, they belong to your employer. You're paid to do what your employer wants to them, and not do what said employer doesn't want. Nothing more, nothing less.

If you're stupid (yes, STUPID) enough to flaunt the rules because you think they don't apply to you, you deserve what you get.

Re:Unauthorized software is unauthorized software

[elmegil]

And if you're stupid enough to make publically humiliating statements about your (ex) employees, you deserve what you get too. I mean come on; how hard is it to behave like an adult professional and just say he violated policy and was terminated?

Stupid, stupid.

[Black+Parrot]

It's stupid to fire someone for running this on company/institutional computers (whatever happened to warnings?), but it's also stupid to just decide to run it on the assumption that your boss isn't stupid.

Meanwhile

[IvyMike]

The chick in HR who's downloaded the "kitty-cat screen saver" spam zombie is doing just fine.

you're not a sysadmin, are you...

[SuperBanana]

It's pretty clear you've never worked in a corporate IT department. So the issue is: Was there a policy that prohibited use of those systems for that purpose?

Any employer worth his or her salt has an item in the employee handbook that prohibits employees from installing stuff on systems without permission.

Furthermore, and I have to point this out to users ALL the time- the computer they use is not theirs. It belongs to the company, as does the telephone, the power that PC uses, and its internet connection.

Granted, since the machines were taxpayer funded, this should have raised some red-flags for Charles Smith (the fired employee)

That would be an understatement.

, however...... immediate termination rather than a warning seems a bit harsh.

Not if the employee handbook says that's the consequence. Not if Smith was doing other things deserving of termination. Not if his actions endangered adherence to security protocols, placed sensitive data at risk of disclosure, or caused a department to loose certification. As a professional system admin, the mere fact that he considered it appropriate to install stuff like that on government systems shows his judgment is impaired.

Any time you are using publicly funded resources for personal use, there should be extreme caution

I've been a sysadmin for years, and it's pretty much common sense, as in the "don't walk off building tops" kind of common sense, that you do not use your employer's systems for anything you haven't specifically sought authorization for. Reasons, off the top of my head:

• potential crashes
• potential security risks
• resource consumption (power and bandwidth)
• availability impact (ie, if that machine also happens to be a backup server, or a DB server...)

I can hear the kids yelling "but commercial software could be insecure too!" Well, that's right- but the difference is that if you're running something the IT department said was OK and the company gets h@x0r3d, they're the ones who take the heat. If it's because you were running some clownish search-for-ET thing or a program that puts a dancing ape on your desktop, well, then you get your ass canned so fast your head spins, and possibly get slapped with a lawsuit for damages as well.

Maybe the IT department has picked that official program because it's more secure, or has been certified by another government agency. Or they've actually tested/explored its security, or an outside consultant says it's more secure, or the maker of the software has signed agreements that their application meets security requirements of the government agency using the software.

Re:you're not a sysadmin, are you...

[Vellmont]

Not if the employee handbook says that's the consequence.

That's just ridiculous. I've seen "employee handbooks" before and they're not the final word on anything. A book means nothing, it's all about what the people in charge are saying.


Not if Smith was doing other things deserving of termination. Not if his actions endangered adherence to security protocols, placed sensitive data at risk of disclosure, or caused a department to loose certification.


Sure, but we have no evidence of that whatsover. That only exists in your imagination to justify the harsh treatment of this guy. Please stick to the facts and not what you imagine to be the case.

And yes, I _am_ a sysadmin. He shouldn't have been running the program, but based on what we know firing him and making assholish statements about him in print is going way to far.

Firing

[orange_6]

We fired someone over the summer for running Folding@Home on multiple computers. It wasn't because of what he was doing, but because he had installed and run software that was not approved by the university, and therefore considered a security breach.

I don't necessarily agree with the firing, but if the rules state explicitly that you can't do it, then don't.

quite wrong

[jeif1k]

There are, in fact, lots of different kinds of "unauthorized sofware".

There is the kind that introduces viruses, the kind that is used for trading porn, the kind used for trading Windows source code, the kind for sharing MP3's with a million of your closest friends, and the kind that people use for running a side business.

And then there is the kind that people use to contribute to a not-for-profit scientific effort at a public university for no financial gain, software that only uses idle cycles and is known not to interfere with anybody's applications.

Unauthorized use of sofware of those different kinds demands different kinds of responses. The use of the latter kind of software use warrants at most a warning.

Misuse?

[Quixote]

To those of you who say "public funds were being misused because SETI@Home uses electricity": should we start firing those who leave lights on at night? What about those who don't turn off their monitors? How about those who have their own coffeemakers/(insert appliance here) ? How about those who open their office windows in the dead of winter because their office is too hot (instead of calling the HVAC people to fix it)? How about those who turn up the thermostat in winter above the regulated 68F? Or turn it below 72F in summer?

Firing this guy is severe and unwarranted. A simple warning should have been enough.

Since he's a state employee, I hope his union takes up the case and files a grievance.

He'll get his job back if he files a Grievance.

[Mal+Reynolds]

Most state government employees can easily file a grievance to challenge any termination. No lawyers or representation is usually necessary, but just to be safe he might want some.
If this firing were challenged in my state, especially considering the derogatory and defamatory comments issued by this employees boss, a grievance committee would almost certainly give his job back.
I suspect this employee was given no warnings about the conduct for which he was fired. In addition, he probably wasn't violating any direct orders or specific policies. Sure, he was in violation of general policies regarding personal use of computers. But when his boss publically accused him of being crazy, he almost certainly overrode any minor policy violations by the employee.
In my state, the comments made by his boss would have violated any number of state regulations and policies regarding correct termination procedures. And considering that this employee could sue for defamation, I wouldn't be surprised to see his boss actually fired over this.
One might ask why he would want his job back? Certainly he wouldn't want to work for this jerk again. Because state governments are large, and he could immediately apply for a transfer to another agency. One where he would no longer have to work for the ignorant fool that is Tom Hayes.

Re:THE HORROR!

[Fubari]

Once upon a time, somebody put the seti@home screensaver on a box that was being used as a server to host a little web app. The client started getting customer complaints about timeouts, so I made a trip to their site because nothing funky showed up on pc-anywhere.

It turned out that when the seti screen server kicked in it starved out IIS. Maybe there are settings to say "run in nice mode" and so forth, but I was less than amused at the time.

Personal hardware, fine - knock yourself out. Server hardware, not such a good idea (unless it is _your_ server hardware).

Re:A post above said Hayes is retiring anyway, but

[LuxFX]

Dear Mr. Dachannein,
Regardless of how respected the SETI@Home project may be, those servers were purchased for a reason and running SETI@Home was not it. We find that the employee was vioating policy and his termination was appropriate.

Dear Governor Taft,
I am a taxpayer in your state and, therefore, partially responsible for the funding of this computer. I would rather this computer be used to its fullest potential, and I feel that whenever it sits unused, it is wasting tax-bought resources.

It is common knowledge that computers typically become obsolete before they actually stop working. Therefore, getting as much use out of them as possible before they become obsolete is important. It is the same principle as using any product to its fullest potential before its life cycle is ended. I would assume that, for example, your state cars are not retired while they are still in good shape.

SETI@Home, and other distributed applications, are a good method of using computers when they would otherwise sit unused. The applications are designed to benefit the public (ie, taxpayers), and is therefore a method where the taxpayer dollars are directly beneficial to the taxpayer. In my opinion, running such applications on tax-bought machines should be required.

Overreaction

[Sean+Clifford]

I've run an IT department in a large company in the "real world" for several years; I've hired, fired, and managed folks. Never would I have publicly humiliated a former employee like this.

If installing SETI@Home is all he did wrong, I wouldn't have fired him either. I would most certainly have disciplined him and reviewed his permissions/other boxes he's touched. However, I would not have fired him for just that. He made a mistake; point it out to him, admonish him for it, and move on. If he did it again, then I'd send him packing.

Treat those who work for you with respect, especially when you're disciplining them, and yes - even when you're firing them. They're people, goddamn it - treat them like you'd like to be treated.