Slashdot Mirror
Study Show Link Between IT Sabotage, Work Behavior
narramissic writes "According to recent research by the U.S. military and CERT, workers who sabotage corporate systems are almost always IT workers who are disgruntled, paranoid, generally show up late, argue with colleagues, and generally perform poorly."
Interesting article. Unfortunately since most companies never wise up about security, its probably in the companies best interest to recognize the needs of IT workers instead of being even more paranoid about them. I used to work as a system administrator at a company where most of us where disgruntled due to the lack of progress of the company and poor leadership, then things got worse when the new owner of the company stopped trusting the admins for no good reason. This created a situation where long time employees started taking the attitude of "This company wouldn't survive for a month without me here". Amazingly, companies like this do survive the departure of their best employees.
I think that this 'study' needs to be included on this list.
There are shills on slashdot. Apparently, I'm one of them.
workers who sabotage corporate systems are almost always IT workers who are disgruntled, paranoid, generally show up late, argue with colleagues, and generally perform poorly.
Maybe they just want their red stapler back.
The theory of relativity doesn't work right in Arkansas.
So fired...
Trouble making decisions? Just flip for it.
*Cough* IT people are also likely to know *how* to properly sabotage computers for the maximum effect....
There has been certain studies linking the existence of certain celestrial bodies to the general lux levels observed on the planet during what people would refer to as 'day'.
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
I think what this article is saying is that they're not laymen who are satisfied, confident, punctual, amiable, and good workers.
Let's see... the study shows that people who are fired generally are considered by their employers to have performed poorly...
This is groundbreaking!
"In God we trust, all others we monitor." -- Unofficial NSA motto
Wow. That's odd. I would've figured IT workers who sabotage corporate systems would be the workers who are happy, secure, generally show up on time, work well with colleagues, and generally perform superbly. Goes to show you that logic doesn't always pay off. (I'm ready for the Troll/Flamebait mod guys :)
but I also happen to be far too lazy to do any of that shit.
Doesn't it make sense that these would be the people who would "sabotage corporate systems"? Let see, they work with corporate systems and know a lot about them. And by that criteria, are not very happy.
Who else would you expect?
Angry workers more likely to sabotage systems...
News at elev...whenever I feel like it, get off my back!
Error 407 - No creative sig found
>>who are disgruntled, paranoid, generally show up late, argue with colleagues, and generally perform poorly
WTF!!!
Thats sounds exactly like the CEOs/executives at the last few places I've worked. When in doubt, always blame the little people, same as it ever was.
Careful, making cynical comments like that may negatively affect your career prospects. Don't want to get labled as a whiner, people might think your planning to nuke the servers and fire you. Oh wait.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
I think the point of this study is that management doesn't have to be paranoid about normal IT people abusing the trust the organization has placed in them. The people truly likely to cause harm will broadcast that fact clearly in advance through egregious behavior.
org.slashdot.post.SignatureNotFoundException: ewg
If they'd turned up on time, were cordial with their colleagues and performed better, they'd never have been caught.
Disgrutled = Forced to install Notes
Paranoid = Forced to sit next to Notes Server all day waiting for the memory leak to take over
Late = Due to sleep deprevation from having to go in at 2am to reboot the Notes Server
Argumentative = Caught whispering "Exchange, bitches." under his breath
Poor Performer = Changed Cert ID password to "Fuck Notes"
Whats not to understand?
Um, wow.. These people get paid for doing what? I could have told you that for a cheese steak.
The flip side is that the fastest way for management to make a worker into someone who's disgruntled, paranoid, shows up late, argues all the time and performs poorly is to treat them like a potential problem. You're giving people privileged access, either you trust them and thus don't need to worry until after they start showing obvious signs, or you don't trust them in which case why are you giving them privileged access in the first place?
To be honest, I think if you have to worry about abuse of privileged access after termination then you have a more fundamental problem that no access-management system will solve. After all, if you can't trust someone to behave professionally after you've given them their 2-weeks' notice then what makes you think you can trust them to behave professionally before that?
The openly disgruntled will cause trouble when they leave.
the quiet meek ones will come in with automatic weapons and start "cutting expenses" when they leave.
I fear the quiet meek ones. They frighten me.
Do not look at laser with remaining good eye.
Well, I think those are just symptoms of some nasty disease. If you've got people like that onboard - it's important to find out the causes and do what can be done to improve their workday.
I had a boss at (insert large corporation) who disrespected me, never allowed me to be challenged, set me up on a doomed project on my second week of work with people who didn't understand the business - and generally pissed me off. I was cussed out by the CIO and his Italian mobster friend who claimed to be a business manager.
After the second month I would have fit into most of those categories - simply because of the experience I'd had. I decided that my boss didn't deserve anything other than what was in my job description. I proceeded to immerse myself in the codebase, business, and financials. After a couple of months I was answering questions in meetings which the original developers didn't even know.
There on out, I involved myself in other projects, got involved in design and generally worked my way past my boss - though he was still my boss until he was layed off.
In the end, I was one of the architects. All the people who made my life miserable were fired, left, or otherwise shown the door. They caused millions of dollars in losses - and I made the company millions.
Moral of the story: Sometimes it's management.
I said no... but I missed and it came out yes.
If you ever worked with Notes, you would thank Microsoft everyday for Exchange.
Only someone on the verge of committing such acts would even think of them. Just what are you planning, Hal_Porter?
As for the actual article, take out the IT parts and it's just common sense. Maybe keep an eye on the shabby looking guy in the corner mutterring about how he's going to "show them all one day".
Dammit! I had a good one.
There are some IT people, mostly those who are uncertain about their job, their skills, or their life in general. This is not simply symptomatic of IT- this happens everywhere in life.
No matter where you are, there are people with anxiety and mood disorders as well as a lot of depression. These people must be cared for carefully.
Most of them just need positive reinforcement that what they are doing is good work. That improves their moods, and in turn they work harder. If management does not give any positive feedback at all and takes a laissez-faire attutude toward any employee you are going to run into problems.
Sometimes it is just the person, too. Each case is different, but the majority of workers just need to hear a few positive comments and they are more efficient.
You know the rest.
Geez. I argue with my boss on a regular basis. I cannot count the times I have argued with a coworker over this or that. We do it constantly. Sometimes I win, sometimes I lose.
There other signs but arguing is not one of them.
Note to self: update resume...
Crap. There goes that ten years.
qz
The place where I work was severely damaged by a psycho nutcase who soured our relationship with our best customers. I like to think it was deliberate sabatoge but maybe the guy just couldn't help himself. In any event, there are precious few positions where someone can't do serious damage to the company. I used to think our purchasing agent was deliberately stupid. I once put in an order for five gallons of de-ionized water from the local soft water place. The purchasing agent got de-ionized water all right; scientific grade at $200/liter. I wonder how much money this person cost the organization over her thirty some years of employment. She'll probably go to the grave laughing about the stuff she pulled on us.
... now multiply by millions ... the mind boggles.
Think of Wally in Dilbert
The last few paragraphs of the article are more-or-less unedited PR hype from a vendor:
"According to security management vendor Calum Macleod of Cyber-Ark..Macleod's solution is password management....'If privileged password management is not on your shopping list in 2007 it may already be too late.'"
This is preceded with a 'people who say you shouldn't buy my product may already be criminals':
"'if anyone of them disputes this, remember that arguing with colleagues was one of the clear signs of an impending attack.'"
I can't believe this ran! This reporter was shockingly lazy.
I believe we've all seen this recent memo from HR, to all IT department staff: 'Floggings will continue until morale improves!'
But seriously, you could swap IT for any discipline and come up with the same bullet-point: "Study Shows Link Between Grounds Keeping Sabotage, Work Behavior" - so what's the point? Just because I hold your entire work history in my shaky, sweaty hands doesn't mean I will automatically go postal and cause trouble for you and your unborn grandchildren. A cafeteria worker can spit in the soup. A parking security wanker can key your new Astro. A disgruntled department head can arbitrarily black mark a borderline performance appraisal.
Screw this generalized dust-kickup of a 'study' and go talk to anyone you think just needs someone to listen. If they tell you they "can't talk...busy...voices said time to clean my guns", then you might want to restrict their security access for a while. Otherwise, treat them like humans and stop watching for signs the sky is getting ready to fall.
Fired employee disabled an error reporting module for a particular billing program. Finally noticed a couple years later ... figure the total missed revenue was a little over 2 million. CIO swept it under the rug out of embarrassment.
It seems a defensive reaction to being indirectly labeled a crook by your boss would be natural, even for honest employees. How about skipping the threatening rhetoric, and just implementing an automated password management policy. If your IT folks are worth their salt, they'll "get it" without having to be called criminals. If you skip the indirect threats, and they argue against an automated password management policy alone, then maybe you should worry.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
Yeah, but on the other hand, I match this profile, but have no interest in sabotaging the company. I already get to come in late, bitch at my co-workers, and perform poorly, and get paid well for the privilege. Why would I want to ruin a good thing by committing crimes?
Any sufficiently well-organized community is indistinguishable from Government.
And I said, I don't care if they lay me off either, because I told, I told Bill that if they move my desk one more time, then, then I'm, I'm quitting, I'm going to quit. And, and I told Don too, because they've moved my desk four times already this year, and I used to be over by the window, and I could see the squirrels, and they were married, but then, they switched from the Swingline to the Boston stapler, but I kept my Swingline stapler because it didn't bind up as much, and I kept the staples for the Swingline stapler and it's not okay because if they take my stapler then I'll set the building on fire...
You know, after I left my old department I instructed the manager to assign a new local admin, and to have that person remove my access to the NetApp and server.
:-)
Two years later I get to thinking how I never got an e-mail from anyone...
log into the server and presto! access. Well, I think, maybe they left my user rights because I have a homedir there... Nope! I can still access admin and privileged functions. I have to admit that the thought occoured to me to drop the ACL for everyone and claim ignorance, or even better subtly change all their data and bury the logs...
didn't do it, but I did indulge in a daydream about it
-nB
whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
According to the research, 86 percent of those who committed cybercrimes held ...
That's nearly useless information. By analogy, nearly 100% of rapists are male, yet very few males are actually rapists.
poorly performing people get stuck in unsatisfying and frustrating jobs, while the strong performers find satisfying and fufilling ones.
Your story somewhat reminds me of a businessweek article (from a month or three ago) about revenge in the workplace & how it drove some very high level achievers to retaliate by succeeding.
Those people (you) aren't the kind of person that TFA is describing.
The point of TFA is that there is a certain subset of people whose psychology will push them to become aggressively hostile to their employer in response to the types of pressure that you faced.
[Fuck Beta]
o0t!
What about workers who are routinely abused? Workers who are pushed to make themselves desperate (financially desperate, usually) to keep the job so they can be treated like slaves, and who are then forced to work long hours for no extra pay because they're salaried, constantly threatened with termination, blamed for problems but denied power to deal with them, and so on, did the study account for that? Doesn't look like the study did. Study talks about "work behavior" but not "work treatment", as if companies have no effect on whether a worker would want to sabotage something.
Ignoring signs-- signs such as a person coming in late who had always come in on time in the past-- is a sure invitation to trouble. People who feel they can't communicate one way will communicate another way. Maybe before concluding that someone who is causing "trouble" better be escorted off the premises in handcuffs before they can do real damage, management ought to try a few other things first. Like, listen in such a way that workers feel they can speak openly. And removing the temptation. If a nuclear missile could be launched with the push of one button, it probably would've happened. Good thing the missiles require several keys, codes, and such like.
This study strikes me as narrow.
Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
IT worker - check disgruntled - check paranoid - not so much generally show up late - double check argue with colleagues - when neccesary generally perform poorly - check Sabotage the IT system? HELL NO! Theres no way I'd work against a system I've put so much bloody time into getting damn near perfect. Thats my reputation right there, and my reference, and the only thing I can point at and go "I built that." The only people that would sabotage a system they were responsible require one further classification; Fucking stupid - check.
Those who are capable of wrecking systems thoroughly are usually also smart enough not to show signs that they are willing to do so... The ones who grumble and complain need to be shown the door before they wreak havoc or, pacify them. It's the non-complainers you need to make sure are really happy because if they're not...you could be screwed.
I reserve the right to think for myself. Others' opinions are optional. Puppy on lap = typos...not illiteracy.
BEDEVERE:
Quiet! Quiet! Quiet! Quiet! There are ways of telling whether she is a witch.
VILLAGER #1:
Are there?
VILLAGER #2:
Ah?
VILLAGER #1:
What are they?
CROWD:
Tell us! Tell us!...
BEDEVERE:
Tell me. What do you do with witches?
VILLAGER #2:
Burn!
VILLAGER #1:
Burn!
CROWD:
Burn! Burn them up! Burn!...
BEDEVERE:
And what do you burn apart from witches?
VILLAGER #1:
More witches!
I got pissed off with what someone said so I deleted that blue 'e' on my computer. Now the whole internet has been destroyed.
Engineering is the art of compromise.
This one deserves a +5 funny I wish there were a way to mod the articles themselves.
No really, what immensely priceless wisdom is impart4ed here. People who sabotage (IT) systems are disaffected
and hate your guts. But tBig Brother and Landru be thanked there is a real simple way to detect these terrorists.
They don't borg-smile when they pass you in the hall.
People will just have to learn to pull the plug with a smile.
As opposed to the nice, kind, helpful ones? This is why studies like these strike me as silly. Of course the disgruntled employee is the saboteur!
--"And automate the whole process. If privileged password management is not on your shopping list in 2007 it may already be too late.""
All that is missing in this FUD piece is of course the obligtory
"We happen to have a solution, btw, give us a call."
Gdisk -dodwipe is a beautiful thing....
"...a civilian some of the time, a soldier part of the time and a patriot all of the time." -Brig. Gen. James Drain
Next we'll be hearing that workers who sabotage a company's reputation with its clients are invariably salespeople, or that workers who embezzle money are invariably accountants or working in financial control.
j'ai découvert une démonstration vraiment admirable (de ce théorème général) que cette si
Superior attitude! I commend you. You are among those who provide value by working around problems with the goal of doing the right thing for your employer in mind. And why should you not have that attitude? It is normal. After all, whenever we work for an employer we make a contract with them that we will provide services in exchange for money. It is our duty to honor that contract by providing the best work we can while we are there. And if we don't like it because we feel that the management or conditions render the situation unworkable, we have, thank God, the right, in this country anyway (America), to find another job, or better yet, start our own businesses. I feel the same way, and also provide value to my employer, despite the Dilbertization of the enterprise over the years. I'm a fan of 'The Tao of Programming'. Thank you for raising this perspective to our attention. Carry on.
FTA: "86 percent of those who committed cybercrimes held technical positions and 90 percent had system administrator or privileged system access."
Ever think maybe us S.A's are just naturally vindictive, evil bastards that just don't give a rats ass, hell, we know the in/outs of every system we touch, have the power to do as we please and have no one notice.
Paranoid? Hell yeah, just as the company has to trust us with the systems, we have to trust them with our personal info on their laptops, on the front seat of the car while they're in the bar for the 5 hour lunch.
Bottom line, you get what you give, end of story.
As a sysadmin/webmaster at a small company I was involved in the infrastructure and in daily stuff that made money, like doing websites for the company's customers.
At one point I was drawn into an "argument" with colleagues over two things:
1) they needed a new box to run the firewall on. Owners wanted to postpone indefinitely. Sysadmin pressed his point. CEO suspected sabotage or other agenda... in spite of having had a prior avoidable firewall failure take down the network. He decided the sysadmin was crying wolf, or worse.
2): graphic designers and marketing people had proposed, priced and designed a website concept without consulting the guy who was going to code it. There were problems in the executability of the design and an underbid situation.
A technical problem that could be solved with a technical approach, if there were trust. Once again, sysadmin/webmaster "argued" for another approach on technical grounds. Answer: defenses, emotionalism, circle the wagons.
Net result of both contentions: emotionalism, accusations; sysadmin forced to resign.
The firewall did have a hardware failure after about six months; the website proposal flopped and the company lost their major client's web work. Satisfaction for the sysadmin? H**l no. There are no winners in something like this. You need to work with people you can trust and who trust you. This untrusted crap is destroying the very idea of "a good job" and consuming businesses and relationships from within.
You have to be able to air the relative merits of various technical approaches in a respectful, professional way so that what's rational and feasible emerges.
If this is "arguing with colleagues", resulting in an immediate security red-flag and dismissal... how can you have peer review or objective discussions? Worse still, it means we've descended into a totalitarian workplace.
Parent is disagreeing with the guy quoted in the article. According to the article, this argumentativeness makes the parent poster a prime suspect!
Sheesh, and believing that you aren't an alcoholic proves that you *are* an alcoholic, too.
The article is just an advertisement for a "privileged password management" product. If your IT staff say this isn't a problem, then it's REALLY a problem!! If you don't have our product yet, it may ALREADY BE TOO LATE!!!
Let's see... the study shows that people who are fired generally are considered by their employers to have performed poorly...
... I have yet to meet a "gruntled" IT professional.
This is groundbreaking!
And while we're at it: How many employees who do NOT sabotage corporate systems "are disgruntled", "are paranoid", "generally show up late", and/or "argue with colleagues"?
Last time I looked:
- A large fraction of the best IT people often work late, for any or all of several reasons: They prefer it, they need to work when load is light to minimize impact on business processes, fixing what the users broke during the day skews the time of their peak workload to later than that of the mainstream users, etc.
They often work more than a normal workday - but they'd have to work two shifts every day and only take time out for sleep, in order to come in bright and early to impress the suits who read this "study". But any sane IT professional will take advantage of flex time and come in late instead.
Programmers and other IT professionals coming in late has been a stereotype since computers used vacuum tubes. (I know because I was there and was one of many who created it. B-) )
- "Argue with colleagues"? Maybe yes-maning works in the executive suite. But when a crew of experts is chasing down a problem there will be a slew of hypotheses tried and discarded, with different workers coming up with different hypotheses and evidence to falsify them. To an outsider this looks like an argument, when it's actually progress. Experts will also often have differing opinions and will discuss them - ditto.
(I recall one company where upper-level executives quietly added themselves to an engineering internal mailing list. There we discussed the latest problems - often heatedly - until they were solved. When one was solved the traffic on THAT problem stopped cold and another would take its place. To the suits it looked like a disaster, when in fact the project was on time, within budget, exceeding targets, and still looked like it would have been a quantum leap when delivered - if the company hadn't suddenly shut it down...)
- "disgruntled"? With the continuing budget shortfalls, IT resource expansion always lagging company growth, lusers opening virus email,
- "paranoid"? (I presume we're talking the folk etymology, not clinical paranoia.) IT, like other forms of engineering, is an exercise in staying at least one step ahead of Murphy's Law. If an IT professional isn't "paranoid" he's not doing his job.
Watch the suits who saw this start canning their best IT people - zero-notice style. (That's where the employee arrives at work to find his cardkey doesn't work his passwords are rescinded, and he is escorted to HR where he is handed two weeks pay in lieu of notice, a box containing anything from his desk that the company didn't think was theirs, and a threatening document in lawyerese, and then kicked out of the building.)
And of course the fired employees will be blamed when the network starts to go to hell when the remaining people can't apply duct tape and chewing gum fast enough or the next rash of malware gets past the firewall.
= = = =
This reminds me of the "profiles" of school-age mass-murderers: They're always described as loners and introverts who don't get along with others in their school. In other words, just like all the nerds who get pounded on by the jocks and snubbed by the cheerleaders and queen-bees and react by withdrawing from contact with the "beautiful people" cliques. And every time one of these "studies" come out the administrators (generally former "beautiful people" themselves) dump on the nerds and side with the jocks that much more...
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Of course the IT guys are going to be the ones breaking the IT systems. It's axiomatic.
Typically your moles are the best intelligence agents you have. That's why it's hard to find them.
"almost always IT workers who are disgruntled, paranoid, generally show up late, argue with colleagues, and generally perform poorly."
Disgruntled = Management listens to outside consultants and does random IT stuff instead of listening to our advice? Check.
Paranoid = Teaching outside consultants every detail about my job. Check.
Late = Stay up late playing computer games. Check.
Argumentative = Learned about this one years ago. No Check. WHEW!
Poor Performer = Sarbanes Oxley procedures in place lowering performance by 75%. Massive audits for 1 line changes. Check.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
They also sweat profusely throw chairs.
Friends don't help friends install M$ junk.
shush you, you'll blow my cover
- Disclaimer: Information in this post deemed reliable but not guaranteed.
Sometimes the best solution to morale problems is just to fire all of the unhappy people. -E.L. Kersten http://www.despair.com/demotivation.html
Careful, making cynical comments like that may negatively affect your career prospects. Don't want to get labled as a whiner, people might think your planning to nuke the servers and fire you.
Especially if your bosses who are disgruntled, paranoid, generally show up late, argue with colleagues, and generally perform poorly.
Oh no!
This story really needs to be filed under, "The best way to improve moral is to fire all the unhappy people."
Friends don't help friends install M$ junk.
didn't do it, but I did indulge in a daydream about it :-)
People who act like assholes, eventually, are surrounded by the same. The result is disaster. Incompetence is self sabotaging, the problem is they are always looking for someone else to blame.
Next time, make sure they remove your access and then never look back.
Friends don't help friends install M$ junk.
A little heavy handed perhaps? ... this guy sounds like a power tripping fuckwit. Tell a subset of your workers they the greatest risk to the security of the company then monitor them to see which ones react badly?
No Shinola, Sherlock!
"Anybody who disagrees with me is a threat to the company who should immediately be fired."
Even a PHB should be able to recognize THAT one.
But watch the ones who don't see through it start hamstringing their IT departments, firing their best IT people and executive-suite sanity-checkers, and then think the former employees sabotaged things when their IT infrastructure starts to rot without the "late-arriving disgruntled, argumentative, paranoids" around to maintain it.
Fortunately it's to SOME extent self-correcting, as the companies who fall for this fad lose ground to competitors who don't. But meanwhile a lot of good IT people are going to get hurt.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
as opposed to the armies of users that "sabotage" the desktops and network resources on a daily basis? sure... the IT guys are the problem.
Only when the IT guys chose software that's easy to "sabotage." Are 25% of your desktops part of a bot net? Do you blame your users for that?
Friends don't help friends install M$ junk.
I just show up late (but I stay late too). Ok, that and the gun I keep in my desk.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
Had there been a failure, the only competent person (aka Mr. Moody) would have been blamed.
Friends don't help friends install M$ junk.
Angry workers more likely to sabotage systems...
That or those who let it show are more likely to be caught or blamed.
Friends don't help friends install M$ junk.
Automating and using just passwords and user accounts to control the access of IT staff is largely insufficient. A *REALLY* disgruntled IT admin could easily plug in another network card to the server before he tenders his resignation, in addition to a thousand other backdoor possibilities. If the organisation's policies call on IT admins to check on one another, it may result in an atmosphere of fear in the IT department, further hampering progress and productivity. The only feasible solution is purely human. By fostering good rapport and relationships with not only their IT staff, but all their staff, managers and executives can build the network of trust that is so essential for continued good functioning of a company.
- xuanyou
"Where quality is like a dead stinking rat - you just can't miss it."
I just wandered into our server room and checked the Notes (6) server for uptime: 130 days 5 hours 10 mins 15 secs. Coincidently there's about as many users as the number of days the server has been up - one thing we do have is mail file limitations, so there's nothing larger than a few GB, and only a handful are actually over 1GB.
Boolean logic: True, False, and File not found.
This was all done because I "don't work well with others" Translation: I felt more responsible to the company itself than to management's whims, and had, like most in my field, a somewhat aggressive personality about it. Unfortunately I reported to an operations group (no conflict of interest there, nosir), not the CIO, as I should (the last reorg resulted in this nonsense).
This could have been handled much better. I fully understand the need to eject me without letting me touch a computer. No worries there. It is the best protection for both them and me. But they crossed the line messing with my personal stuff without my consent. I should have demanded that I take everything on that day and never come back. But there's that whole money issue. *sigh*
The hidden assumption in the article is that most acts of sabotage can be definitively traced back to an individual... from what I've seen this is rarely the case.
If you reject this assumption then the article is really about who gets blamed by management of sabotage (or random failures perceived as sabotage), it's no surprise that management would be quick to blame underperformers who are overtly hostile towards mgmt and/or their peers.
In the second half of the "article" the advertiser seems to be advocating breaking the one to one relationship between a user and their privileged actions, something that is absolutely required for meaningful audits. This suggestion is idiotic on its face and reflects a lack of understanding about the analysis required after an incident.
No.
Do you blame your users for that?
Not within my organization, but at home? Sure. There's no *reason* for a Windows machine to be compromised other than by failing to patch it or simply being stupid.
You seem to be all over the place on this article. Are you one of those non-productive people I've fired from IT? Because you sure sound like one.
You're making the unwarranted assumption that you can tell the difference between the two categories.
Sounds like most of my prior bosses.
Slashdot: Playing Favorites Since 1997
As long as you treat your staff as the enemy, they will be... http://www.accel-team.com/human_relations/hrels_03 _mcgregor.html
The contest for ages has been to rescue liberty from the grasp of executive power. -- Daniel Webster
Funny, but I had to scroll up to see if I was reading Jon Katz. Lucky for me, I wasn't; but you may have a /. editor roll to add to your resume soon.
put the what in the where?
Research discovers that asshole managers lead to pissed off employees who end up not doing their jobs as well, or with as much loyalty as those who have managers who actually treat their employees with respect.
Cure - kill the asshole managers. (Remember, the study was sponsored by the Military - that is their typical response to a problem isn't it?)
Who is general failure, and why is he reading my hard drive?
At the risk of being obvious or redundant--
Aren't the IT people the only ones who smart enough to sabotage IT systems?
I mean, those smug assholes up on the 42nd floor don't give a shit about how hard we work just to help them print their e-mail. We'll see how smug they are when....
oh...wait...
[BOFH]
I might know what I'm talkin' about, but then again, this is Slashdot...
Cool! A valid conclusion!
;)
Unfortunately, I have a hunch that managers fall broadly into two categories:
- Those that have both the critical thinking skills to draw that conclusion and the management skills to keep their employees happy so that they don't need it;
- Those that, like "Calum Macleod of Cyber-Ark", draw a conclusion with the cause and effect the wrong way around, _and_ bring it to their employees in the form of an ultimatum!
' Macleod concluded: "So as far as doing the right thing, I'd suggest that you start from the basis that your IT staff are the biggest risk to your organization's security, and if anyone of them disputes this, remember that arguing with colleagues was one of the clear signs of an impending attack." '
Nope. The ones who make it out of the rank of 2nd Lt. usually get promoted to at least the rank of Col. over time.
Sometimes General, but I believe that takes congressional approval now.
Everything I need to know I learned by killing smart people and eating their brains.
Only skillful sysadmins can screw up your systems beyond recovery. Backup exclude files, su hooks, backdoors, scheduled jobs, compromised scripts and apps - the list of options goes well beyond what your standard password management can control. A smart disgruntled employee prepares his revenge ahead of time, not when they kick him out and cut his access. And if a system is compromised by an experienced sysadmin, the only person who can detect a potential problem would be... well, another experienced sysadmin. But, of course, if your company treats sysadmins like shit, chances are, the last smart guy to leave the building will clean you out and leave you with no recovery options.
THIS JUST IN...
... well, to actually, uh, "come around", as we say amongst ourselves here in the lab. Come to think of it, they could use this expression in the world at large. Perhaps this study will break new ground in this respect."
A new expensive study has pinpointed the ultimate fate of a substance called "What". According to Professor Hobb V. Eskin-Clusion, "as this highly theoretical substance goes around the universe, it would have a tendency, as time approaches infinity, to
NEXT AT 11: MASSLESS DIET TRIALS END IN TRAGEDY
- "Argue with colleagues"? Maybe yes-maning works in the executive suite. But when a crew of experts is chasing down a problem there will be a slew of hypotheses tried and discarded, with different workers coming up with different hypotheses and evidence to falsify them. To an outsider this looks like an argument, when it's actually progress. Experts will also often have differing opinions and will discuss them - ditto. (I recall one company where upper-level executives quietly added themselves to an engineering internal mailing list. There we discussed the latest problems - often heatedly - until they were solved. When one was solved the traffic on THAT problem stopped cold and another would take its place.
Great observation.
Obviously they can only speak to the ones who were caught, you can't know if a sabateur is surly unless you know that they are a sabeteur. This is also incidentally true for dragqueens.
From the article it appears that they are only talking about IT systems.
Well obviously most of the people who sabotage IT systems will be disgruntled IT workers.
Most of the people who sabotage sales relationships will be disgruntled salespeople and most of the people who sabotage marketing campaigns will be disgruntled marketing folks.
You have people with the ability, opportunity and motive to hurt the company. Hiring unqualified people would get rid of their ability but of course it would hurt more than help. Locking them out of their own systems would remove the opportunity but it would prevent them from being able to do their jobs effectively. So you are left with keeping morale up so they don't have the motive.
It isn't a technical problem, trying to find a technical solution will fail.
You guys _all_ fit the profile!
This is just a general statistics, based on exposed crimes and detected offence, i.e. something solved, when you have cleared cases.
No doubt, there is self-evident correlation between bad behavior and much higher probability in some point (layoff?) to get the burst of extremely bad behavior in relatively short period of time ("event").
Still, I think that the most dangerous employees are the people with imperturbable common sense and brain of encryption calculator, and they are never ever exposed any bad behavior. Still they did work the greatest mischief, and not in state of some emotional outburst at all. Plus, they continue to work, and are promoted on the regular basis.
There is no ground excuse for any illegalities, but people have healthy emotions, and it could be that some outbursts are caused by the fact that boss does not treat them fair at least on 85%.
Sometimes it is better if employee can express the negative opinion and does not fear and does not need to hide his emotions (we're not talking about the total psychos here). Is not it better to understand the more or less open and visible problem(s) than be dumped by some sneaky insider who commits crime and never being caught.
Sometimes the bad guy is such insider, sometimes it is your boss. Very often a bad employee is the product created by bad working process. Sometimes the analytical researches of such problems are too generic and just confuse thermometer with temperature.
in general, they are the ones that have access to the IT resources and the knowledge necessary to clean up their footprints afterwards. In which form this is news? And please note, US military has been well feed for so long. I wonder how was the cost of this study. And for what the f* military needs it.
This 'virtuous cycle' is a good reason to stay out of corporate IT at American companies.
If you're with a rare IT group that has good relations with the business unit, and can collaboratively prioritize projects so you're not reacting all the time, stick with them, and let them know why. Otherwise, find a company who directly sells your software product, or services around that. Firms that only indirectly depend on you will screw you every time.
Corporate IT is just a cost center, at most companies, and the CIO will never get adequate resources if they report through Finance. This problem is especially bad in health care and insurance firms.
Consider corporate management, who generally didn't have either the inclination or the intellectual capacity to get a REAL technology degree, and don't get ongoing technology training. They secretly resent that they are dependent on "technology folks" - who they don't understand - for the companies operations (and survival, when things go wrong).
And now, imagine you're a company like TJX (parent company of TJ Maxx and Marshall's), who have inappropriately retained credit card numbers, then had a security breach. They have NO IDEA how many people's numbers were lost.
It's natural to look to IT as a scapegoat, when it's their own boneheaded prioritization that put information security last.
"IT espically, they are a dime a dozen andthere is 6 of them out there waiting to take the one job."
That's because people go into IT because "they heard it was a good field to get into".
The people who are good at IT are hard to replace and are usually rewarded that way. There's no doubt that when you break into the field it's rough. But that's when you distinguish yourself. Your hard work didn't stop the day you graduated from a university... oh wait... you didn't go to a University?
Okay, let's start at the beginning:
1) The IT field is littered with has-been's, wanna-be's and never-was-es. Don't be one of those. How?
2) Show a commitment. Get a degree from a University. Doesn't matter what it is; if you're smart, you turn that to your advantage. If you want to be involved in the business, get a degree in business with a lot of programming courses. If you want to be involved primarily in the bits and bytes, get a degree more closely related to Computer Science. Information Management can be useful too, although the too are not at all similar. I have a computer science degree, my wife has an information management degree. I'm the director of architecture at a fortune 1000, she's a program manager at a fortune 2000.
3) Where's the Sysadmin paths? Unfortunately, the days of the Unix Admin with infinite knowledge have all passed. Well, not all. There are a few old timers left. God bless them, love them to death. They're really smart, and those last few guys get paid a lot. The rest? A dead end job. It puts food on the table. It's better than working at Wal-Mart.
4) All the good jobs in IT require that you start as a programmer. No exceptions. If you're not good at programming, you don't belong in IT.
5) Set your sights on moving up. You don't want to be the 45 year old programmer. Not unless you're so good that people just leave you alone to develop. If you're not sure you're that good, then you aren't. If you are that good, you can tell because your boss never hassles you about your hours, or anything. They let you alone because you're the goose laying the golden egg. God bless you. You are the heart and soul of this industry.
6) You've got to pay your dues in IT, and you may move around some. Changing jobs every 9 months guarantees you'll be a 50 year old programmer some day who knows VB6 really well and suddenly finds themselves without work.
7) Get better all the time. Read read read. Be energetic.
8) Understand the business you're in. Unless you aspire to #5. Push for ways to improve the business. And that doesn't include suggesting changes to the SCM.
9) Develop a 6th sense about what will help your career. Usually that goes hand in hand with helping the business but not always. When the two diverge, it might be time to leave. You don't want to be the 60 year old programmer who is good at FORTRAN on VAX. If I have to explain this to you, then you shouldn't be looking for a job in IT.
10) If you don't love this field, if you don't go into work in the morning because you can't imagine not doing it, then you don't belong in this field.
They could just post complaints on slashdot. But seriously, I don't know why more attention isn't payed to managerial malice. How many companies have we seen suffer because leadership knows long term problems are irrelevant as they plan on using their golden parashute before then?
And for the IT thing again though, it's not a good idea to commit crimes when you are one of only a few with capability, oppurtunity, and motive. So the hands of your average IT worker are generally pretty tied. Hence the slashdot posting.
Relax I just want some peanuts.
..we must be working in the same company!? What are the odds!
Here I thought that:
So most good IT people fit the profile, but maybe the last point is valid. :p
I do not fail; I succeed at finding out what does not work.
Fine!! I'm taking you all with me!!!!
Mwuhahahahahahahahahahahaha!!!!!!!!!!
Warmest Regards,
Joe
A goal is a dream with a deadline
> IT workers who are disgruntled, paranoid, generally show up late,
> argue with colleagues, and generally perform poorly.
In other words, all of us. I thought this was an unwritten part of every IT job description?
A few years back, I went back to my home stomping grounds to settle the estate of me recently deceased mother. One of the things I had to do was market and sell her home. We got a family friend, who owned a realty in on it. Turns out, a high school classmate of mine was working for him - one of the "jocks". This guy had girls dripping off of him back in the day. These days, however, he's middle aged, bald, and hoping to eventually get his realtor license so he can sell homes too. He asked me if I made the last high school reunion. I told him I hardly get back to this area anymore and had, in fact, just gotten back from Malaysia where I was overseeing structural mods to a fleet of Boeing 767s for Malaysia Airlines. Oh, and the "Hard Rock Cafe" in Kuala Lampur was pretty cool.
I suppose I could have gloated, but I kinda felt sorry for him.
A goal is a dream with a deadline
To truly conceal your feelings or intent is extremely difficult, the only possible advantage you might have is that people wont see it because the "don't want to", or just aren't looking for it.
Maybe, for a day or two, you could pull it off, but every day....day-in...day-out...having to pretend that you're happy and everything is fine...the stress of even attempting to do so could be what sends some people over the edge.
A goal is a dream with a deadline
_If_ he's a sociopath (you can't diagnose that from just one message), it just doesn't work that way. You're making the usual mistake of assuming that all humans are essentially, well, equally human and you only need appeal to someone's humanity/feelings/moral-sense/flash-of-enlightenm
Sociopathy is, simply put, completely lacking the empathy and connection to other humans. It's being the only human in a single-player world full of generic NPCs. They're not your peers, they don't matter, their feelings don't matter, they're there just to be used, abused, manipulated, lied to, whatever gets you closer to your objectives.
Think of your relationship to NPCs in a computer game. Do you really care what that generic NPC in Oblivion or GTA feels or thinks? Do you care if he/she had a bad day, or if his/her kid is sick? Would you feel any sense of accomplishment of having him/her as a friend? Would you feel bad for clicking on a complete lie dialogue choice just to finish a quest? Would you even really think of them as a "he" or a "she", or more along the lines of "it"? I mean, don't be silly, it's just a game and just a scripted NPC. Right?
Well, in a nutshell that's the kind of world that a sociopath lives in. You can't even be seen as a friend by one. You're at most a sucker to be used for a purpose, even if that purpose is a few minutes of entertainment.
So expecting that one would wake up one day and think "man, I wasted my life, I should have made friends" is naive. That's the kind of notion that doesn't even compute in their world. Or not for the same meaning of "friend" that you'd use.
A polar bear is a cartesian bear after a coordinate transform.
Well this is always the problem with social research. Everybody thinks he knows better by common sense.
You research something: Result is in concensus with your common sense, feelings: you get tagged "[+] captainobvious, duh, obvious"
You research something: Result is contrary with your common sense, feeling: you get tagged "wrong, stupid, this cannot be true".
--
Karma 50, and all I got was this lousy T-Shirt.
I know that a lot of you out there will be thinking, "hell ya, it is managements fault we are treating like this so lets get back at them but destroying their systems."
Believe me guys that is not the case, the only people you hurt are your co-workers. I joined a company where a lot of the Admin stuff were fired. Some of them left nice little surprises that went off a couple of days later. Guess who was there until 3am in the morning putting everything back together? I can tell you it wasn't the managers. I can also tell you that those guys that got fired lost many good friends the day they did that and a lot of hard earned respect. Most of them are still looking for jobs a year later as NO ONE from their previous job (which many had held for 6+ years) will give them a good reference anymore because of their actions.
So my point is that if you are pissed off at management then complain or leave. Don't destroy things as it only hurts your co-workers not management.
It said "windows 98 or better" so I installed Linux
"start from the basis that your IT staff are the biggest risk"
Sounds like someone is paranoid...
"if anyone of them disputes this"
Well, that's certainly one way to squelch the arguments with colleagues. Another messianic complex?
muggers usually wear cheap black knitted hats
accurately define good according to a criteria and seek it out.
I have this idea of "Management makes a difference". I worked for managers that I liked and respected. For those people, I went out of my way to help them out and to make them look good. I had a few managers that were total jerks and I would only put in the minimum necessary.
My line of work is being a Unix Sys Admin. One of the jerks was so bad, I was responsible for many different things but yet, I was not permitted to make the decision to decide the course of the outcomes. My hands were tied so his favored boys can look good. They could do no wrong. I had to constantly deal with their screw ups.
My last several months in the place got so bad that when I went to go to the bathroom (#2), when I get finished, I get hassled such as being asked, "where were you". It was then followed by, "let me know where you are at if it is more than 5 minutes and I want to know what you are doing". I basically told him it was none of his business when I went the the bathroom. I then said, "do I need to raise my hand like in grade school so I can go take a dump ?"
I had an opportunity to interview at a different job, same company, I took a Thursday afternoon off. We have flex time. He found out and mentioned to me that I had to ask his permission to take time off for the interview. When I got an offer, I was out of there ! Right before I left, he tried to sabotage my departure. A "contact" told me that he tried to find some adverse paperwork on me. The paperwork was luckily withheld.
The gist of it was, why didn't I pull something like this ? Well, there is integrity even dealing with the biggest asshole manager. I respected my co-workers and didn't want them to have to deal with a mess. When I left, I mentioned to my co-worker that if he needed anything, give me a call directly and not go through my former manager. I told him if my former manager wanted anything, his request would be flatly be denied.
1: Rent the re-release of Office Space. Re-watch it a few times to appreciate the humor that more than likely mirrors some epoch of each of our lives.
2: Watch the all-too-brief overview with Mike Judge and many of the (other) actors at the beginning of the DVD. Stephen Root will even explain where the squirrels being married line came from.
This one I've never understood. Why is the default and nearly universal choice to work late as opposed to early? When I need to minimize my impact on business services, I come in at 4AM or some such time. Of course, some of my bosses (not the current, but occasionally in the past) are horrified when I walk out the door at 3:30PM, so I guess you can't win no matter how you approach the problem. Still, early works much better for me; I wonder how much of a minority I'm in regarding this.
Sure if you're talking about sabotage as in taking time to plan out something that causes harm to the system, you probably have to be in IT and pretty smart, or you can take a basic approach. You know that owner/supervisor or whatever higher up that thinks that they are so important that they need full system access...give it to them. I've had to recover a system after one of the higher ups decided that they didn't need want a system directory folder anymore and decided to delete it. Needless to say after that an audit was performed on the system to see who had rights to things that they shouldn't have, and I finally had the approval to apply the restricted rights policy that I'd been advocating for months.
Mention thier behavior to HR, that they are not following company policy and creating a hostile environment. At that point the career prospects of said manager with the company will be limited as they have 'hostile environment' associated with them. It would also be good if several colleges come forward with similar information to back you up.
putting the 'B' in LGBTQ+
I think given the statistics on how grossly under-reported computer crime is today this report might be somewhat suspect. You can conclude that the people who report these incidents are also keeping tabs on bad workers. Perhaps they suspect the workers of wrongdoing all along and are collecting information on them? However, I don't think you can draw conclusions to 'cyber crime' in general, these findings only relate to reported computer crime, which is only a small percentage of the total. Not only that, but these statistics only apply to the perpetrators who were *caught* so you've got an even smaller sample.
Retaliate by succeeding indeed. Worked my way out of a moron-level job, to find I now had a much harder, if more satisfying one and a bonus PHB. Ok, back to work. Sidestepped said PHB in another year's worth of efforts, finally on the right track to a posting that fits me and executive benefits. Then, just as things started to look up, a reorganisation comes from On High (with no rhyme or reason, as these things usually go). Got sidelined as a result of the fact that the new boss can't trust anyone - that's three years of my life down the drain. Trust me, nothing is worth giving some job more than your cursory interest and whatever effort is needed to get to the next paycheck. Want the satisfaction of growing as a professional? Work freelance.
Something bad is coming when people are suddenly anxious to tell the truth.
Boss: Pretend you're me, make a managerial decision: you find this, what would you do? "Jack": [pauses] Well, I gotta tell you: I'd be very, very careful who you talk to about that, because the person who wrote that...is dangerous. [Gets up from the chair] "Jack": [Talking slowly] And this button-down, Oxford-cloth psycho might just snap, and then stalk from office to office with an Armalite AR-10 carbine gas-powered semi-automatic weapon, pumping round after round into colleagues and co-workers. This might be someone you've known for years. Someone very, very close to you.
Don't blame me -- I voted for Roslin.
The Squirrels were merry, not Married. Think Robin Hood and his 'Merry Men'.
You are reading a copy of my copyrighted post.
- "disgruntled"? With the continuing budget shortfalls, IT resource expansion always lagging company growth, lusers opening virus email, ... I have yet to meet a "gruntled" IT professional.
"gruntled" is actually a bad thing -- "disgruntled" means, more or less, "extremely gruntled". It's not the same "dis" as in "dissatisfied" or something.
Now you know, and knowing is half the battle!
Quidquid latine dictum sit, altum sonatur.
As someone who 'fits the profile', I can only quip- "86 percent of those who committed cybercrimes held technical positions and 90 percent had system administrator or privileged system access." Duh... Does the phrase "crime of opportunity" mean anything to you? Likewise, I would advise any PHBs out there, that in addition to the wise strategy of not trusting a lone shady sysadmin, you ought to actually invest in the resources to implement at least a rudimentery transparent layer of best practices, so that there is never a situation in which you are even tempted to trust a lone shady sysadmin.
"I'd suggest that you start from the basis that your IT staff are the biggest risk to your organization's security"
Actually the people you should really watch out for are your own executive officers and your auditing company.
Top 100 Corporate Criminals of the Decade
davecb5620@gmail.com
They're also the most productive! http://seattlepi.nwsource.com/business/302397_grum pyworkers05.html
No comment.
There's a bit of trouble with that, I think. People perceive different things as creepy.
In my case I find my co-worker who is excessively quiet and guarded of any and all personal details to be creepy. She almost never speaks (or otherwise communicates via text message, email, post-it note) to anyone unless it's totally nessecary. She hasn't put a single personal item on her desk - as if she's prepared to leave at any second. She speaks up in meetings only because she was told to do so because the clients were complaining. At the office it's back to barely audible whisper-speak. She creeps in and out of the office without saying hello or goodbye to anyone and if she's leaving early she doesn't tell anyone (we're support analysts so someone needs to be on hand in case the app she supports has an issue).
Just describing this only gives a hint of the kind of tangibles that circle my gut feeling that she's creepy. Others don't really feel so creeped out, but they also haven't had to work directly with her. Either she's just a really super quiet person, or she's using the company to get her through the remainder of college (before she ditches with no notice), or she's planning on using the job for some other purpose.
No matter how many times I try to open up things or get a dialogue going, the psychological door is shut in my face. I'd defenitely feel like ass if I made a mistake in this, and so I'm afraid to act because I don't know how to act.
Wham, that punch know where it took. Mod parent up.. please.
Been writing code all day...
Man that sounds like the perfect women co worker to me! Maybe even the perfect wife! Quiet and reserved beats never-shuts-up about her inane life, everytime.
I'd ask her out. Shes probably absolutely violent in bed.
I'll just use my special getting high powers one more time...
Let's face it. The CMMI is dying on the vine and Carnegie Mellon is just putting feelers out for some new security model they can sell ya. If there is one thing Carnegie Mellon is good at its taking old common sense and repackaging it to sell back to you as a new essential paradigm.
Consider - a Security officer's actual JOB is to know all the weaknesses (risks) of the company who employs him/her. In other words, this person know in some considerable details where things may break if pushed.
You can break IT, you can mess with accounts, you can have fun with clients, but what if you upset a person who can do all three and knows enough to divert your attention and leave little trace (because he happens to know the audit cycle as well).
If a CSO goes rogue you're really, really in profoundly deep sh*t...
Example A.) Hotshot new company growing really fast decides that legal software is for losers. Earnest young employee (EYE) implores, over and over and over that they get into at least partial compliance, that this new thing called the SPA was hanging people out to dry, and that they were targeting companies just like this one. "Go away kid, ya bother me."
EYE leaves, sits down, writes up list, per station, in detail of exactly what software is on which station for about forty computers, waits a while, calls the SPA. Company goes bankrupt after receiving SPA injunctions.
Example B.) Major new office of database company (rhymes with clavicle) is set up as showcase of how badass they are, everything is state of the art, from the cpus to the variable setting halogen lights. EYE tells them that they're losing sales and vulnerable to hackers because they never configured their expensive new voicemail system, leaving everything in defaults with passwords of "password" and root access for acounts like "admin" with password "admin". The company bigshots' response? "Go away kid, ya bother me."
EYE leaves, and on his last day shuts down the ringers for every sales department phone so they don't even know that they're getting calls and changes all the passwords to something like "fixthistoday", puts a full explanation of how to fix it in his desk drawer and walks out.
Example C.) EYE at a consulting company is put in charge of revamping the training rooms but they refuse to tell him a specific budget or to give him permission to replace key equipment, expecting him to juggle the equipment around to keep the clients from discovering how little of what they're paying for actually works. Then, when a crisis comes, they always end up paying huge amounts to get it fixed right now. EYE begs the partners of the firm, saying that otherwise sometime soon the whole magilla will come crashing down, that band-aid approaches just make it worse, and that it's already costing far more to futz around then it would to shut down for a few days, strip it all out, and start fresh.
Response: "Go away kid, ya bother me."
EYE follows written instructions to the letter, taking as sincere instructions he knows he was supposed to blow off, and spreads resources out "fairly" instead of creating the Potemkin clusters his higherups want. Finally sends an email to everybody saying "either you pay attention to this and let me really fix it or I quit." and leaves to take sick days and try to calm down. Sure enough a heavy training day comes and the whole system collapses, EYE, when contacted, says, basically, oh, well, too bad, so sad. Gets "fired".
Lesson, if an employee keeps begging and begging that you fix what he or she says is a major problem, pay attention. Whether the assessment is accurate or not, it is worth your time to find out.
-Rustin
Data is the lever, rigor the fulcrum, brains the force that drives it all.
I have yet to meet a "gruntled" IT professional.
"gruntled" is actually a bad thing [...] Now you know, and knowing is half the battle!
(Like "flammable"/"inflammable" versus "nonflammable".)
Thanks. But I'm quite aware it was not the proper usage. (That's why it was in quotes.)
I was using a form of hacker slang for humorous emphasis: Deliberately over-applying a generalized rule to a word which is an exception to it. The conflict makes the unusual construction stand out and focuses the reader/listener's mind on the intended meaning. Meanwhile it tends to cause an extra pass of parsing, letting the point stay in the mind longer and sink into long-term memory better. (This works best when, as in this case, the conflicting meanings are nearly exact opposites.)
In addition to promoting communication, it tends to be fun for the listener.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
"disgruntled, paranoid, generally show up late, argue with colleagues" - that's everyone on /.
Now we all are going to be profiled =(
War isn't about who's right. It's about who's left.
"..IT workers who are disgruntled, paranoid, generally show up late, argue with colleagues, and generally perform poorly." First off if you populate your IT staff with prozac junkie yes men who always do what management thinks they want then you won't need to be sabotaged. But it is good to know that the problem isn't workers being screwed over by sleaze bag corporations with no real recourse. Apparently taking direct action against people who really do deserve every bad thing that can happen to a human being is the problem. You can't have the sheep standing on their hind legs. Maybe the real question is how we can get the social parasites out of the board room and into the cages where they belong. I'm probably paranoid .. I hope I'm paranoid enough.
I would like to see a study on how many companies who got sabotaged deserved worse than what they got.
If they government won't pull the corporate charter of sleazy companies then it is the right and obligation of people to crush these companies out of existence. Corporations exist for the common good as well as that of the shareholders. If you read the history behind why companies were granted these powers it's pretty clear that they are welching on the deal. It's not only unfair for the people victimized by these corporations but it is unfair for the honest companies who have to compete against them on unequal terms.
Statistics are like a bikini. What they reveal is suggestive, but what they conceal is vital. -Aaron Levenstein
Since this seems to be the 'cynical' thread, I'll add this here: But this only looks at the people who got caught. What about others who didn't get caught because nobody bothered looking at them because they didn't fit a preconceived notion of what a guilty person looks like? I think we need to ramp up our paranoia a bit more so that management can figure out how to piss everyone off so they'll get the whole demographic in and won't miss these cases.
-- I ignore anonymous replies to my comments and postings.
Thanks.
Also: The guy who's comes up with the most answers (often the one with the most correct solutions) will be the one who issues the most midcourse corrections. That means he will make the most statements that conflict with his colleagues' previous statements and ideas and will end up looking the most "argumentative".
Oops!
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Tyranny isn't the worst enemy of a democracy. Cynicism is.
Between dealing with "stand it up and it falls over again" software and anxious users and arrogant managers that want it working YESTERDAY it's no surprise that your average IT worker is disgruntled. How can they win when if things are working they're being lazy and sitting around doing nothing. Then when things come unstuck they can't possibly fulfill the expectations placed upon them.
Picture this scenario: You get a frantic call from an exec - "mail is down!" So you check the Exchange server. Oops; database is corrupted (again?) What to do? Restore from tape; that'll take 4 or 5 hours. Now, while that tape drive is grinding away you get to field dozens of increasingly frantic calls from management - it's your fault that the problem isn't fixed yet and if your company is typical you'll receive some pointed threats from management before that restore completes. Disgruntled yet? Tomorrow's another day...
Here's a tip - if you see an IT worker with a smile on his/her face, they've been on the job for less than 6 months.
And when that disgruntled IT worker leaves - they're not looking for revenge, they're looking to get away from the nightmare. The company can be as paranoid as they want but their ex-employees just don't care anymore.
Definitely pure PR hype: they're proposing a software solution.
The first law of security: UNRESTRICTED PHYSICAL ACCESS CAN OVERCOME ANY OTHER SECURITY. Encryption measures are the last to go, but even they can be surmounted. Password management does remove the threat from the stupidest employees, but not those who are angry, motivated, competent, and screwed by management.
I'll also note that I would appear to fit a large chunk of the proposed profile.
More exact profiling keys should be: disgruntled with their job; regards co-workers with unprovoked paranoia, distrust, and hostility; failing to work the expected number of hours (or hostile to working with other people); unable to express a logical framework or to reconsider his position when arguing with colleagues; and, yes, can't meet reasonable performance expectations.
In the end, it's a question of moral character. The answer is simple: character should be both demonstrated and demanded. After that, so long as you're smart enough not to confuse "conformity" with "character", your internal threat will be minimal.
//Information does not want to be free; it wants to breed.
IT workers who are disgruntled, paranoid, generally show up late, argue with colleagues
I'm more interested in the implication that there are IT workers who don't exhibit this work behavior.
Wow. I never really thought of myself as a sociopath. You really opened up my eyes. I can't explain why, but for some reason, I feel a lot better. Thank you.
Actually, while the Middle English root of disgruntle was negative, Meriam-Webster's gives the positive meaning that a hacker would sensibly expect. Evidently, the back-construction dates back to 1926 and now predominates. "Curiouser and curiouser."
//Information does not want to be free; it wants to breed.
Actually, while the Middle English root of disgruntle was negative, Meriam-Webster's gives the positive meaning that a hacker would sensibly expect. Evidently, the back-construction dates back to 1926 and now predominates. "Curiouser and curiouser."
Fortunately the "gruntle" formulation is sufficiently out-of-use that saying it still causes the mind-pop that makes the conversational hack work. B-)
There's actually a measureable pulse of brain activity that results from things like this - or from conversational non-sequiters - that occurs a particular number of miliseconds after the out-of-place word. It's named for the number of miliseconds (which I forget at the moment).
It's handy to do this in conflict situations, too, since it tends to paralyze a listener who isn't expecting it. (Very handy if he has a gun pointed at you. B-) )
"I'll have a sundae: chocolate and vanilla ice cream topped with hot giraffes."
See?
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Accused witch who weighs the same as a duck:
Well that's a fair cop.
-- thinkyhead software and media
'According to recent research by the U.S. military and CERT, workers who sabotage corporate systems are almost always IT workers who are disgruntled, paranoid, generally show up late, argue with colleagues, and generally perform poorly."'
Bloody Managers!
Sure enough, the cow costume was hanging up next to the superhero outfit and sailors uniform. (S,Spud)
judging from the responses to this study I would estimate that a number of people who have responded to this article are in the risk category.
There is a long standing argument for profiling. If a person fits the profile are they a guaranteed risk? No. Should HR, management, and security professionals pay attention? Yes.
I for one will use these tools to the benefit of my organization. If you fit the profile don't be afraid but we will be having a conversation.
I would have guessed that most sabatoge was done loyal, happy workers. Thanks US Military and Cert!