Slashdot Mirror
Before You Fire the Company Geek
An anonymous reader writes "A new 'insider threat' survey by the US Secret Service and Carnegie Mellon University finds that 82 percent of people who hack their company 'exhibited unusual behavior in the workplace prior to carrying out their activities.' A somewhat amusing writeup at washingtonpost.com points to a bunch of more interesting gems hidden deep in the study, including: 'Almost all - 96 pecent - of the insiders were men, and 30 percent of them had previously been arrested, including arrests for violent offenses (18 percent), alcohol or drug-related offenses (11 percent), and non-financial-fraud related theft offenses (11 percent).' The blog post also notes that 86 percent held technical positions at the companies: '...if you're going to fire someone (particularly company geeks who have the motive, means and access to inflict pain on your computer systems) make double sure you cut off their e-mail and network access at the same time you hand them their walking papers.'
- 96 pecent - of the insiders were men
:)
- The insiders ranged in age from 17 to 60 years (mean age = 32 years)
OSTG user statistics (Including Slashdot).
- 97% of OSTG readers are men
- average age is 29
Too bad OSTG doesn't have crime statstics for Slashdot readers
I think we should have this for our next poll!
Worst arrest of your lifetime:
1. Never. I'm a law abiding citizen.
2. Never. I run away.
3. A few misdemenors
4. Violent offense
5. Alcohol or drug-related offenses
6. Non-financial-fraud related theft offenses
7. I'm writing this from death row.
8. I stole the money, burned down the office and now live on a beach in Fiji with my red stapler.
94% of Repubs and 21% of Dems voted to renew the Patriot Act
The smart geek will keep an emergency back up admin account around. While it may sound like he's planning something evil with it (AKA fuck with me and I fuck you over, which it could be used for). He could also be making sure theres always a back up if things goto hell and someone tries gains access and tries to take out all the admin accounts.
It's like keeping a spare house key hidden in the garden or getting a second set of keys cut for your car and keeping them in a safe place.
I like muppets.
So 41.16 were acting wierd, 41.65 had grievances?
And 100% researchers show signs of random rounding up or down based on mood even within a single study.
If programs would be read like poetry, most programmers would be Vogons.
If you're firing a administrator you really have to go through the entire network they had access to and check every system for things like email responders, cron jobs, scripts. Ugh it's a huge task. It's really fairly simple to add a difficult to find backdoor to someones network.
Deleted
Not that I have ever been in that position of course :)
-=DaveHowe=-
It's not as simple as that. Most companies should run their systems with the mentality that everyone is out to get them. The goes double for bigger companies. Backups and security should be of great importance. Employees should not be given access to things that they should not have access to, especially if their activities are questionable. Passwords that that person had access to should be changed and memos should be issued informing everyone that person is no longer with the company. If access was gained through someone elses account that person must be disaplined. If there are known flaws in the system, fixing those flaws should be put as high priority. Never allow such a person to have a high level of access and never allow such a person to be the only person with root. Occassional check ups on what activities are going on and checking logs should be done.
The company should take some responsability to this as well, after all if the person has a history of violence, criminal activity and overall bad references, why the hell would the company hire them and think they would think about the best interest of the company?
These numbers also represent the population of the United states as a whole. Yes 30 percent of the US population has been arrested before. more than 20% have a felony on their record and so on.
I call BS on this one. Prove it.
I don't know what the actual numbers are, but I know you're way off. A good friend of mine was a police officer in an anti-gang unit in southern CA. Even within bad neighborhoods the statistics weren't this bad.
We don't need any more tools to spy. We need some fucking national legislation to curb the uncontrolled police state that exists inside the corporations of the world.
This is getting a bit off topic and political/philosophical, but this type of thing is why I've been advocating a system of law that holds all officially organized groups of people - government bodies, corporations, unions, same difference - to the same rules and standards. When we've got global corporations with as many people as some states or even nations, why shouldn't they be held to the same code of conduct as those states and nations? Give them the same benefits, require of them the same responsibilities. Historically, government bodies don't behave much differently than for-profit corporations anyway...
-Forrest Cameranesi, Geek of all Trades
"I am Sam. Sam I am. I do not like trolls, flames, or spam."
This sounds suspiciously like something that happened to my uncle when he got near retirement age. Some companies will (aparently) fire employees getting near retirement age so they don't have to pay the pension (or similar retirement plan). They say it is something else so they can have some reason to try to cover their asses legally. (Firing based on age is illegal).
Not sure if this was the case, but it seems similar.
Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars
Well, just pop in a bootable linux cd, reboot from cd, become root, mount hard drive, edit
This has saved my butt a few times when I've forgotten my root password on a machine I need to administer.
What changed under Obama? Nothing Good
Well, laws don't always make sense. In this case, it's not illegal to give a bad reference per se, but there are laws establishing the liability of involved third parties for lost business, employment, contracts, or the reasonable expection of such.
Had a realization about unintentionally creating a situation like that at my previous job.
All the department's partitions on the AFS and DFS servers were charged to my account--they had no way of assigning space to a group. It was 4:30 PM before a long weekend. Very few people were left in IT.
I suddenly realized what would happen to all the batch jobs when everything belonging to my account was locked out.
My manager was able to find someone in IT who could suspend the automatic lockout until they could reassign all the filesystem resources...
I experienced this a year ago from a large corporation
Sorry to hear how they treated you, but I think you said it right there. Large corporations tend to treat their employees with much less trust (from what I've seen).
I was laid off from a small company, but given a few days to close up my affairs. I even went back to visit a few months later; it was a different culture. I have, however, seen friends get walked out by security at other companies. Not much fun for anyone, even security.
Exactly. Knowing how the place works is as importent as knowing how the computers work.
The retailer I work helpdesk for (not disclosed for obvious reasons) supposedly has anti-virus and other tools in play. But we at the helpdesk know the server passwords, the network logins, the SQL DB passwords, not to mention how the terminals in the stores run. Bringing my entire company to it's knees would be trivial, were I, or ANY of us pissed enough.
Well... just look at Bayes Rule:
.82 (so, P(A|B) = .82). The probability of observing retaliatory hacking in individuals who commit unusual behavior is not .82 ( P(B|A) =/= .82 ). It's .82 * the probability of retaliatory hacks generally / the probability of unusual behavior generally.
P(A|B) = P(B|A) * P(A) / P(B)
The fallacy at hand assumes instead that:
P(A|B) =/= P(B|A)
The probability of observing unusual behavior in individuals who commit retalitatory hacking is
There are lives at stake here!
LOL I had the same thing happen. I had 2 weeks vacation so I gave them a 4 week notice when I was offered almost double current salary elsewhere. They sent me home and I had a nice paid month long vacation. Ahhhhh.
Two roads diverged in a wood, and I - I took the one the bus load of girls just went down.
One morning the dickhead supervisor told me "they're firing someone, please go to building B and see the PHB." I said I'm just getting off, can you send someone else? He said no, they're all busy--and short. I'm 6'7". For some reason the PHB was afraid of this employee for reasons never specified. I think he was just a wimp.
So I go to Building B and see the PHB. He asks me what happens when you do this? I said "I don't know, I'm grave shift. I've never done this before. I guess I'll stand next to you and look really, really big."
So we go around the corner to the employee's cubicle and he's not there. At this point everybody's groundhogging. I see all these heads pop up and down all over the place. (Did I mention I'm 6/7"? I have two feet over the cubicles. It looks like fucking whack-a-mole.)
We go to another cubicle and the fearsome firee is helping another employee into his wheelchair. I could not imagine a worse time to approach someone for termination: when they're being a good samaritan to a disabled fellow human being. It was awkward. He turned around and knew immediately what was going on.
The PHB took him into a conference room and I stood right outside with a stern look on my face. Finally, the PHB came out and said "everything's all right. You can leave now. He's not going to give us a problem."
You could tell the employee was more pissed off by bringing security into it, in front of everybody, instead of just talking to him privately.
Anyways, the employee was fired. I did some speed and went to class. Ahhh, college.
I've seen this more and more. Companies have a policy where the only information you are allowed to give out, as a current employee about a former employee, is start and end dates and last position held.
Had a guy long ago that I had to fire (was either sleeping or writing bad code or both at the same time). He asked if he could use me as a reference (should give you some indication of just how truly stupid this guy was). I didn't say no. I mentioned this to the HR queen bee as I was filling out some paperwork on the episode, and she told me about the policy.
I got a call a few weeks later from him asking if I could write a letter. I told him sorry, I'm only allowed to confirm your dates of employment, etc. I then got a call from an HR guy at another company looking to hire him. He said I was listed as a reference and could I tell him a little about him. I had to say sorry.
"Why, did something happen?"
"Uhh, that's just company policy."
"I'm sure it is, but people don't usually stick to that unless there was something wrong."
"I gotta go now."
There is much cruelty in the universe, John.
Yeah, we seem to have the tour map.
I once worked at a place that terminated me without cause. Within the week they underwent a denial of service attack on their DNS servers. I had nothing to do with it but the management was so positive it must be me that I got investigated for it. Later, I found out that I couldn't use that business as a reference for having worked there. Anyone asking for info on my work history there would be forwarded through to the corporate counsel who would then ask for a non-disclosure agreement before talking about me. Then they'd talk about how I had hacked them and done all sorts of other evil things that I never did.
Geezus.. as if I don't have anything better to do than waste my time with them. Hell, the whole reason I was let go was because I took vacation, had it OK'd by my manager, and my manager never bothered to realize that it coincided with an important conference. Imagine my surprise when I got back and found out I was terminated.
Funny thing was.. my vacation was to interview for a different position that I had accepted before I went back to find out I was terminated.
Soo.. it really doesn't matter if you're innocent.. you're still fucked if someone thinks you did it.
My wife works for [insert biggest pharma company in the world here], and has for about 6 years. I used to work for them as well for 5-6 years myself. They were good when I was in, then things got "International", and I resigned quick before the walls started coming down.
In my wife's department (Cancer Biology), there are people who have been there for literally decades. They're so entrenched, they know every system, process, procedure ever made there. If you want to know an answer to some complicated question, these people will know it... and if they don't, they definately know who WILL know.
One person in particular had been there for 34 years, 11 months.. and they were going around looking for ways to "cut costs" in her department.
When you retire at 35-years or more into $PHARMA, you get a nice fat severance. Something like $100k/year for every year there + your stock earnings and benefits cashed out, which amounted to over $1M for this person. That's $100k * 35 + $1M (that's over $4.5M total to retire upon).
They fired him...
...30 days before his 35-year anniversary with the company. He got $60k total as a severance. They didn't want to have to pay out his retirement and severance, so they let him go 4 weeks before he would have earned it. If he had known, he probably could have used up 4 weeks of his vacation to eat up the time instead, but he never saw it coming. Nobody did.
... after putting in 35 years with the company .
This kind of stuff sickens me.
In the final analysis, the only real thing an I.T. professional possesses is their reputation. Trash that, and you'll find it difficult to secure further employment.
... and I nearly fell off my chair. All working professionals in America (except the non-working or parasitical executive and management classes) are under a class warfare threat of wholesale disenfranchisement. I told her that whatever engineering her son does will undoubtedly be outsourced, nearshored, offshored, and in general removed from the control of her son, making him impoverished ... with big college debts to pay off, too!
... hence, experience is worth almost exactly FUCK ZERO. Now, if you can devalue experience to ZERO, what the fuck do you really think "reputation" is actually worth, hmm?
No, in the final analysis, your sloganeering is just propaganda. The only thing your American employer wants you -- the IT "monkey" (yes, even a "computer janitor" as I've been treated to recently) -- for is nothing. YOU are too expensive with your endless needs for money to make your car payment, house payment, insurance premiums, and entertainment expenses like going to a 9 dollar movie, etc. YOU are too expensive compared to a pseudo-slavery outsourcer, neo-slavery H-1B, and of course the actual slavery to be found in overseas labor.
Hence, a POSITIVE reputation is worth NOTHING. I have over 300 failed attempts to find employment since 1998 that PROVE that.
Now, a NEGATIVE reputation is worth a SLIGHTLY NEGATIVE amount. Compared to the damage you can do to a shitfuck employer who truly deserves it -- and their numbers are becoming legion -- the price you pay may well be worth it.
But you're hardly "unemployable" after that. Employers just don't care about the workforce anymore. They don't even care enough to identify the real troublemakers. Troublemakers and productive First World workers are ALL THE SAME to the class of hyper-capitalistic uber-greedbags who ONLY decide things on the basis of what makes the bottom line larger in the least amount of time.
A customer just today told me offhand her son is in college and is looking to get into IT. I laughed at that and advised her son to STRONGLY consider something else. So she said that her son was also interested in "engineering"
THIS IS THE REALITY. Reputation is now the new HR toilet paper. Resumes are the old HR toilet paper, and are now worthless, since HR departments are in almost total control of hiring and almost always choose on the basis of stupid fucking degrees and certifications
[You have a stable society when some nut guns down a schoolyard and the law doesn't change.]
The "geek" is getting smarter about the utterly vicious American management class all the time, hence he's catching on that documentation undermines his job security. If you want the job done, don't dare fire that guy Reggie in the back room ... since he's the guy keeping the servers running. It's all in his head. Remove him, and you remove the pillars underneath your datacomm.
And I've gotta say: FINE BY ME. Americans have trained their foreign replacements and have packed up their equipment for shipment overseas TO MANY FUCKING TIMES. It's long since time to assert the Power of the Worker.
[You have a stable society when some nut guns down a schoolyard and the law doesn't change.]
At a previous job, I was the only tech staff member who knew how to clear the transaction logs on MS SQL Server. It's not hard to do, but the network admin couldn't even be bothered to do backups more than once or twice a year, which was part of the SQL Transaction log problem.
When users started getting "transaction log is full" errors and they turned to me to have it fixed.
Once the error occurred while I was on vacation, and the server remained down for three days and a weekend until I got back. I was accused of hacking the system. I pointed out that I was in the Middle of New Mexico at the time, about a mile underground. Accusations of setting up a logic bomb (Not the phrases they used, but I'll skip the 20 minutes they needed to describe the concept) flew around for a while.
In the end, the company owner grudgingly admitted that it was probably a maintenance issue, and them reprimanded me for not "trunting the trees" before I left on vacation.
So for the remainder of my time there I just made sure to do a full backup and shrink the transaction logs every Friday. Automated backups were not an option, as there was never enough drive space for more than one or two backups, so I had to move the old ones to a USB 1.1 drive first.
And no, system level automation of such rudimentary tasks was not an option. Don't ask. It's a whole other story.
So I had no reason to hack the system. All I had to do was leave. Of course I documented everything, but I knew no one would bother reading any of it. This is the company that described programmers as "Glorified Typists."
I made sure to not even visit their web site after I quit.
I did however have social contact with a few of the non-it staff members. Seems there were a slew of problems with the servers, specifically with a cryptic error about a transaction log that no one in the company could understand.
In the end they paid a consulting firm to come in and fix the problem, which I'm assuming meant finally automating the backup process and transaction log shrinking.
"Live Free or Die." Don't like it? Then keep out of the USA
If I had to spend time documenting all the exceptions that exist in my company today, I'd never get anything done. This documentation thing is a case of overblown expectations, particularly since corporations are counting on replacing ANY worker when they start acquiring too much seniority (hence obtaining unearned stuff like longer vacations, sick time, profit sharing -- fuck, all the things that should be reserved for EXECUTIVES!). Documentation is just their way of getting rid of you as they are planning to do in each and every corporate boardroom across America today.
[You have a stable society when some nut guns down a schoolyard and the law doesn't change.]
How about "straw man"? I don't know any racists who claim that half of the black population are murderers, or any leftists who claim that 65% of gun owners are.
Then why do we have racial profiling and gun control?
What i'll point out below is not in any way meant as an guideline to criminal behaviour. It is meant to point out why I believe the Problem is not covered at all by the Study. The Study seems to concentrate on "stupid" former Emploeyes, whom I suppose to have no knowlegde about logging mechanisms or Fantasy. I believe that sabotage happens much more often than it is pointed out, because not all System Admins are stupid and not all Employers which to contact the police. The Point is: anybody sitting at a crucial infromation infrastructure Position is dangerous if you bring him up against you. It might be the your Secretary, the internal revision, the phone lady.
Taken into Account all the legal possibilities.....
0) It is very very very stupid to take revenge in any professional Relationship!
1) It is stupid to chrash the System which you maintained. You are the first suspect.
2) It is stupid to do anything which can be identified as "intention". It would be much more intelligent to construct a "logical bomb" not as a program but plainly by misocnfiguring a partt of the system in a way which COULD have been a non-intended mistake. I will not post any Ideas for that here, but the better Administrators will find a way. Luckily an "better" Administrator is usually intelligent enough not to do so!
3) If you are medium stupid and want to harm them and not do something like 2) just post system internals to an hacker mailing list in Russia.
4) If you are lighly stupid and really want to harm them, just give all the software Companies of which your former Employer runs "not fully licensed" software and hint about that.
5) If you are nearly not stupid and really, really want to harm them, leak Information to the Administration about everything you know how personal data is handled there in a wrong way (e.g. Hospital doctors taking data of the patients to private computers at home using floppy disks) or systematic violation of a certified toolchain (like "Programmers regularly use this small perl script to do something with the code" in an automotive supplier company.....- hmm this where just examples!).
Long story short: it is much better to take revenge (if wanted) legally than illegally.....
There are many cron jobs, but at our little patch of heaven we always talked in hushed tones about "THE CRON JOB". This was the blood curdling revenge that would be automatically be invoked for an unhappy firing.
...Oh... by the way Bob...you should log on to ADMIN123 and delete foo.sh....before midnight Friday."
Cancel passwords, take computers away, have security guards escort us out; it doesn't matter. THE CRON JOB will still wreak its heinous vengeance!!
Of course, if they treat you decently when you go you can always warn them. Like - "The severance check just cleared at the bank and
None of them can see the clouds; The polished wings don't care.
This actually happened to me once, a *long* time ago. About a year after I left this job, I got a call from old co. -- seems a system I worked on had started to crash regularly around lunchtime on Thursdays. They gently asked if I had inserted a time-bomb, which I had not (I'm not that stupid). I went in to take a look and found the problem for them. Turns out someone had changed the operations run-book to run the db reorg job weekly instead of daily. (This was on VSAM files, which had a nasty tendency to get clogged up, at which point they just stopped working). Moral of this story: "If it ain't broke, don't fix it." -- especially if you don't know what you're doing.
So they will accuse an innocent person, when has that stopped anyone?
There are lots of people in jail on evidence no better than that. Most of them are in fact guilty, but a fair number aren't.
a,e,i,o,u and sometimes w and y (at be if of up cwm by)
I lived this one out, years ago.... The beauty of it for many large companies today is, there's this expectation of meeting various quality standards (ISO compliance, etc. etc.) - and your employer can use that as a convenient excuse for why he/she is demanding that you "Document, document, document!" everything that you do.
Sure, these standards rules might dictate that "every procedure you do needs to be documented somewhere" - but where do you draw the line? If all your job really required was following a set of written instructions for each situation that occurred, the only job qualifications H.R. should ever need to look for are people who can read and follow a set of directions.
The stark reality is, they want you documenting your work primarily so they have free training materials handy for your replacement. Other than that, the only sensible documentation they SHOULD have you doing is taking notes for YOURSELF, so you don't have to keep looking the same thing up over and over, if you need to refer back to it for future troubleshooting.
As the old saying goes, "the most dangerous thing in aviation is the drive to the airport". On the road, I have to face the standard, poorly training American driver in an SUV who is Driving While Intoxicated/Yakking. No similar risk exists for flying.
It is true that the consequences of poor skill or judgement in the air are swift and severe, but I control my skill and judgement. On the road, I am pretty much at the mercy of other drivers.
It's Linux, damnit! Pay no attention to renaming attempts by self-aggrandizing blowhards.
Any IT professional should expect this type of treatment. It is not discourteous, it is professional and appropriate. People who get their feathers ruffled because of this type of thing should check their egos.
Since when is expecting courtesy having an ego?
Sure, if somebody threatens a coworker they should be escorted out by armed guards. Everybody expects that, and it is should be done for the safety of everybody else if for no other reason.
Otherwise, treating employees as if you don't trust them tells them that you don't trust them. It speaks volumes.
"Professional" does not mean impersonal, or treating employees as if they are nothing more than capital.
The funny thing is that companies could accomplish most of the security-related goals without destroying the morale of everybody who is left. How about this scenario:
1. Employee is called to his boss's office.
2. Boss explains that he has to be let go. Boss has HR present, but HR is presented as being present in case employee has questions, and generally lets the boss (who has a personal relationship) do the talking.
3. Boss takes employee back to desk for "emotional support" and to help him with anything he needs to carry out. Rest of group gets to say goodbye. It is a sad day, but there is some sense of closure. Everybody gets to say goodbye.
4. Atmosphere is designed to communicate that employee is not persona-non-grata, and that his coworkers shoud feel free to pass on job openings, and generally feel free to maintain contact. Boss can be a part of this as well.
5. Employee is walked to the gate, and helped with boxes to the car by boss for emotional support.
6. Boss tells employee to call him if he needs anything before waving goodbye.
The employee has been supervised the whole time, and doesn't have an opportunity to cause mischeif. Yet, the entire time he is treated personably, and would be somewhat inclined to accept an offer to rejoin the company.
Companies often underestimate the impacts that terminations have on the people who remain behind. Seeing their coworkers treated with dignity will go a long way towards discouraging people from jumping off the sinking ship.
Nobody expects to have free reign inside a company they have just been terminated from. On the other hand, you can at least be nice about it...