Slashdot Mirror
2.5 Years in Jail for Planting 'Logic Bomb'
cweditor writes "A former Medco Health systems administrator was sentenced to 30 months in federal prison and ordered to pay $81,200 in restitution for planting a logic bomb on a network that held customer health care information. The code was designed to delete almost all information on about 70 company servers. This may be longest federal prison sentence for trying to damage a corporate computer system, although Yung-Hsun Lin faced a maximum of 10 years." How long before the disgruntled sysadmin replaces the disgruntled postal worker in the zeitgeist?
Attempted Physics? I think not!
They replaced everyones desktops with a picture of Xeno's paradox?
Knowledge is power. Knowledge shared is power lost.
Never ask for directions from a two-headed tourist! -Big Bird
How long before the disgruntled sysadmin replaces the disgruntled postal worker in the zeitgeist?
:D
Maybe then they'll fear us MWUAHAHAHAHAHHAA
This is the sig that says NI (again)
Ehm, I don't think the disgruntled sysadmin will ever really enter the zeitgeist. If a company has good IT policies and practices in place, the disgruntled sysadmin really isn't that big of a problem.
In my mind, this means that you should always have more than one admin, never giving anybody absolute authority over ALL systems. With offsite backups and redundant systems, the damage any single admin could do would be minimal. Maybe costly in terms of downtime, but nothing that's going to grind your business to a halt. Just as in government, there needs to be checks and balances. Giving a single admin too much power is a very bad idea.
What I want to know is: Why would a sysadmin do things like planting a logic bomb anyway? I mean, we're talking about your PROFESSIONAL REPUTATION here. This guy's never gonna work in IT again.
My blog
Why so destructive? I would be way more effective to place a "corrupter" on the network. Instead of destroying the data, let it gradually corrupt the data. Way more damage, and probably much harder to recover from with backups.
so would everyone in the blast radius of this 'logic bomb' be hit with a blast of reason and common sense?
would those affected begin acting rationally?
maybe the courts would wake up and start letting the common people win for a change.
i think we need more of these logic bombs.
live long and prosper, logic bomber...
-I only code in BASIC.-
...part of a sysadmin's job description?
GetOuttaMySpace - The Anti-Social Network
We all have thought about planting a Dead Man Switch. The difference between us and this guy is the same difference between saying you want to kill someone and actually doing it. This guy sucks and deserves prison and to be banned from the workplace. As a Unix Engineer who has survived and been part of layoffs in the past, this type of person is not fair to the rest of the team. If you aren't gonna be the best, don't put scripts in place to punish the people that are.
The saving grace in this case was not the guy who found the script(he of course milked it for what it was worth), but the fact that this guy did things half-assed. His original script had a bug in it(not tested)... these are the same reasons that he probably lost his job to the better people on the team when the cuts came.
Label me a troll if you want... but this guy was trash and is where he belongs.
Of course only if the gulty one is not a company.
:wq!
It probably does exist, but then you get people like you coming along and posting off-topic that ruin it ;)
which is totally what she said
I would like to give this admin credit for not just walking into the place with a high-powered assault rifle and shooting at random.
I've heard some tales of the disgruntled from back in the day. The most common "I quit" sabotage was taking the reel-to-reel's from the library and dumping them in a sink with water. But the worst worst worst one I heard of, one that could even be an urban legend because of how evil it is, it was the revenge of an angry admin who wanted the company to pay dearly for the evils visited upon him. He sets up this program that doesn't run until several months after he leaves the company. Note, this is back in the days of tapes and computer operators who worked the night shift and moved the tapes from one drive to another, 1970-somethings. Anyway, what his program did was step through EVERY tape in the library. He shuffled it in a random order so nobody would become suspicious. The operator just follows the prompting on his terminal, never the wiser. By the time the sequence is complete, every tape has been erased. As the story goes, the company had no offsite backups and was ruined.
Revenge fantasies are fun but seriously, a job is a job. If you go out in a blaze of glory at one, it will make finding the next one a lot more difficult, especially with a felony on your record. But I guess if he was thinking clearly we wouldn't be reading about this in the first place.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
"How long before the disgruntled sysadmin replaces the disgruntled postal worker in the zeitgeist?"
First, people would need to know they exist. Second, they'd need a vague, rudimentary knowledge of what a sysadmin does.
So, probably never.
I'm an anesthesiologist. It's virtually impossible for judges and the lay public to determine, really, whether I committed malpractice (absent blatantly criminal acts). In fact, most doctors would probably need a fair amount of exposition to determine whether or not I committed malpractice (as I would, in turn, if faced with a case from another specialty). And yet we are judged by twelve people who could not escape jury duty. Yes, I'd prefer if I were judged only by my colleagues, and so would you. But if that were the case, nobody would ever trust us. It's the price you pay for having a society.
Yes, but in this case, we are talking about dead people.
The result of the bomb on the server infrastructure would have caused patients to not have their life-saving prescriptions delivered thus putting their health at risk. So, if it had gone off, it is possible there could have been deaths due to his actions.
because you didn't submit the story when it was hot
ITSALLYOURFAULTFUCKER
"""
Liebermann noted that if the bomb had taken down Medco's network, people using a Medco prescription card would not have been able to fill any new prescriptions. "That could be very serious, maybe even life-threatening, depending on the need for that medication," Liebermann said.
"""
So what happens when they have a network failure for some other reason? Bad hardware, power outage, building fire, comet impact...
Faulty DRM and "software activation" schemes are logic bombs, too.
There is of course a a very important difference, in that they are not intended to do anything but enforce the bombers' legal rights. Or, at any rate, what the bombers credibly believe to be their legal rights.
But when a malfunctioning Microsoft server trips the "kill" switch on legitimate copies of Vista, I think it's fair to call that a logic bomb of sorts.
No, I don't think Bill Gates should do 2.5 years of jail time, but it is disappointing that Microsoft was not held accountable for this beyond a few weeks' of mildly embarrassing publicity.
"How to Do Nothing," kids activities, back in print!
What, sysadmins show up with with a flash drive instead of a firearm?
What?
On a separate subject entirely, that ComputerWorld web page is exactly what's gone wrong with the web: The content I wanted to see (the article) is spread out over three pages, and each page only contains approx. 10% of the content I want to see. The other 90% of the page contains shit, and probably blinky shit if I wasn't using Firefox and Adblock Plus. I don't know why web sites do that. Do they actually think they're adding value? Another one on the list of web sites to avoid...
A clever person solves a problem, A wise person avoids it. -Einstein
Fear and appease the mighty systems administrator, lest he make thy coffee holder retract at random and spilleth thy coffee all over thy desk and thy pants, causing much consternation and stains that are really hard to get out.
Floating face-down in a river of regret...and thoughts of you...
IANAAIAAC (I am not an anesthesiologist, I am a cardiologist), and I agree.
There are things that you really need a great deal of training to understand, that expert witnesses cannot really stress to a jury. When I get sued for malpractice, I would much rather have a jury of my peers and a physician-judge than 12 guys that were picked up off the street, with jury selection involving a prosecuting attorney that wants to get all the educated individuals eliminated from the jury pool.
Help! I'm a slashdot refugee.
"How long before the disgruntled sysadmin replaces the disgruntled postal worker in the zeitgeist?"
Well, I think first a sysadmin has to, you know, kill someone. This incident does not even remotely compare with postal shootings. I'm all for hyperbole, but, fuck, it has to be within a couple of orders of magnitude.
--J(K) DOS is like Unix in exactly the same way that a pinto is like an aircraft carrier.
Insightful? Pah!
I'm a sysadmin and I came to become one after working as a developer for a good many years.
There are the same interesting bits involved being a sysadmin, along with debugging plus you get to have a hell of a better budget!
The best part is I can still write code to automate jobs across the machines I maintain via puppet/cfengine..
I say that and yet I feel for the guy. I've been disrespected by suits and have gone to sleep fantasizing about wiping a system. It felt good. But in the morning, I got up and went to work to get a job done.
Many in IT are bitter for good reason. Most of the IT in my area was layed off 9/12/2001 and a week later offered their jobs back at half what they were making. A few of my friends have trained their Indian offshore replacements. I see jobs advertised that want 5-7 years expert experience in 12 different programming languages, 10 different platforms and a four year degree with a starting salary less than a manager at McDonnalds would make.
What do you do... We're a new profession with growing pangs. It took a centry for doctors to fight off the mid-wife. Eventually, the world will come to accept that computers are important enough that they want the best people and will treat the Admin with the importance that work entails. It's starting. Google does it. Others do too. We'll get there.
-[d]-
I once worked for a guy who had to maintain some code that a consultant had written several months before. (Ironically this was at a place that handled medical records.) He stumbled across a logic bomb in the consultant's code that hadn't gone off yet. I forget the details but he said it was some sort of obfuscated routine that used a number of inputs, including the timestamp, to produce its outputs, and the timestamp was a legitimate input needed by the routine for real reasons. It was being manipulated with some goofy number in some way to cause an overflow on a certain date, which was still several months away.
So he figures, oh, it's a logic bomb, and not being terribly intrigued by it enough to study it, he just kicked up the number to push the deadline back by a century and left it at that.
Three or four days after the bomb was set to go off, they got a phone call from the guy asking if they had any work for him.
The real panic for the public happens only when individuals fear for their lives.
This is basically the exact reason that Homeland Security is the biggest terrorist organization in the US.(The news media is right up there though...)
But I agree with you, I was a CS graduate that decided to head for the Network Engineering/Sys Admin field because the work was more interesting to me. Not saying that dev work isn't interesting, it is just not my cup o tea.
Every once in a while I consider heading back to dev work when I get tired of everyone watching every thing I do and having an opinion on it. Devs seem to have the enigma feel in the departments I have worked in. No one really knows what they do on an hour by hour basis except for their peers, they get to test things before they are live and if they make a mistake it is just considered standard debugging. Whereas as a Sysadmin, if someone's e-mail gets routed to junk mail you get put on the most wanted list for months.
CS: It is all sink or swim...oh and did I mention there are sharks in that water?
My guess is you're a very good cardiologist, because otherwise you'd know that malpractice is a civil matter and that a prosecuting attorney is not involved in your case at all (at least in the United States).
Or, you're a really bad one, and your malpractice rose to the level of criminal negligence, which is when a prosecutor would get involved. :-P
As an anecdotal counterpoint to your jury selection process: I was on a jury for a medical malpractice case against the surgeon (an appendectomy that went wrong), and the jury selection process definitely went in the opposite direction. All nine of us (8 jurors, one alternate, which was the standard for Ohio civil suits in 1997) were educated professionals, including a JD, and someone who had some advanced medical training (though admittedly not a doctor). I was actually one of the LEAST schooled members of that jury, with my little bachelor of science degree, and a semester of graduate CS classes. I'm not one to get out of jury duty unless I have a REALLY good reason to, and my employer paid for jury-duty, and even if they didn't, I had more PTO banked up than I could possibly use, anyway.
We also found that the surgeon was not responsible for the problems. If anyone was responsible, it was a radiologist who did a follow-on procedure to drain an infection, and I doubt he did anything wrong either (but that wasn't our job to determine). I felt really bad for the plaintiff, but I think all that happened is that no surgical procedure is risk-free and she rolled snake-eyes. She spent the better part of a year in convalescent care.
We spent a week in court, and it was basically 5 days of nothing but expert testimony, and it was little different than going to class. We had so much knowledge crammed into us during that period that at the end of it I felt that in a worst-case survival scenario, I could've done an appendectomy myself if there were no qualified doctors available.
An apt metaphor given that crap that most programmers produce. For every 1 decent program there's a few thousand "code monkeys" randomly banging on keyboards until something that passes QA lurches out. Sysadmins are they ones stuck figuring out how build adobe houses out of what they produce.
I know I'm feeding trolls, but it seemed such an apt metaphor, sysadmins cleaning up the crap programmers produce, and the code monkeys thinking that makes them better than the zookeepers.
This is kind of like the difference between blue-collar and white-collar crime. If I physically break into your house and steal a thousand dollars of property, it's blue-collar. If I intentionally falsify tax documents and earnings statements in order to pump up my company's stock value, then cash out for millions of dollars while you and the other stockholders are left holding the bag, it's white-collar.
Both are crimes. The first appears more "meatspace" than the second, but the consequences of the second are much broader and longer lasting -- even in the physical world. If I lose thousands of dollars in investments, it's as good as you stealing it out of my house. If I die because you destroy my medical data, leading to some kind of fatal treatment, you might as well have shot me. And even if nobody would have died, there are still other Very Bad Consequences, like patients becoming developing new conditions as the result of wrong medication (possibly leading to lifelong problems). And there is the small issue of all the MedCo employees losing their jobs, and thousands of hospitals and clinics become snarled up in treatment schedules. This one little thing could easily impact millions of people overnight.
I agree that planting a logic bomb is not the same thing as shooting somebody. It is a different thing; in fact, it's a new kind of sinister that was not even possible a hundred years ago. But it might be just as bad as "going postal."
$nice = $webHosting + $domainNames + $sslCerts