Slashdot Mirror
Disgruntled Engineer Hijacks San Francisco's Computer System
ceswiedler writes "A disgruntled software engineer has hijacked San Francisco's new multimillion-dollar municipal computer system. When the Department of Technology tried to fire him, he disabled all administrative passwords other than his own. He was taken into custody but has so far refused to provide the password, and the department has yet to regain admin access on their own. They're worried that he or an associate might be able to destroy hundreds of thousands of sensitive documents, including emails, payroll information, and law enforcement documents."
With backups no data will be lost. Oh, those are encrypted?
...you disable his account *before* you tell him he's fired.
TLR
A man no more knows his destiny than a tea leaf knows the history of the East India Company
Next thing you know, we'll have some dinosaurs on the Presidio.
We all dream about doing this to our ex-employer, but he's the one who's had the balls to do it!
Give me my job back and you get your passwords, otherwise I'll just post how I did it on slashdot
oh, sorry! I will leave now.....
oops! wrong website :)
Laters Sol "Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"
I mean, is there any SysAdmin who didn't think of doing just that?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
With the correct knowledge, it should not be too difficult to get back door access to their system again.
This seems to be more of a PR excercise on making an example (as they should) of this guy.
More and more reasons why people like us should have a recognised code of ethics.
Eagles may soar, but weasels don't get sucked into jet engines
Idiotic new law in 5...4...3...
If he met the same kind of problems I did when I worked in public sector and tried to push changes that would prevent this kind of idiocy in the first place only to be ignored because policy and process changes for better security and general good practice improvements meant management actually having to do some work then well, good on him for having the balls to do it.
Certainly in the UK in public sector those who work hard get shit on because those who refuse to do any work or could care less about a good job own the IT departments due to nothing more than hanging around for the job long enough that everyone higher than them dies/retires. As there's no accountability in local government and most other public sector these people can't be sacked or disposed of in other ways so they just hang around until they are 65.
Live Free or DIE HARD baby!!!
Seriously. Why are these systems not using proper, redundant, and backed-up RBAC?
"Childs has worked for the city for about five years. One official with knowledge of the case said he had been disciplined on the job in recent months for poor performance and that his supervisors had tried to fire him."
How the hell do you "Try to fire" someone .. either you do it or you don't.
(And please .. no Yoda BS. If you go back and look at when Yoda was first introduced as a character he didn't do that cutesy backwards sentence construction. That came later. So I put it in the realm of Jar Jar - obnoxious character development)
I am Slashdot. Are you Slashdot as well?
this is not exactly the bullet point you want on your resume when looking to find a new $125,000 it job.
frog blast the vent core
Such a thing is incredibly easy to do, and frankly, I am shocked it does not happen more often. Truth is, most jobs, utilities, or companies operate a fine line between working, and being brought down. Imagine, if you will, a guy having his car towed due to a paperwork error, then the towing company charging him for the inconvenience. If he snapped, walked in and went all "Falling Down" on the place, who would be the victim in the situation?
To me it looks as if the city either was wrong about the firing, or dead-on accurate on him needing to be let go, but sloppy in the execution. He would have snapped either way, they should be thankful he did not do more damage.
This is why the boss of any company needs to be technilogically savvy, and not just rely upon his subordinates.
Karma Whoring for Fun and Profit.
He was arrested AFTER he disabled everyone else's account.
What do you recommend they do next time, use a crystal ball or ouija board to predict who's going to pull such a stunt?
Enlightenment? It's just a flush in the pan.
There was an unsuccessful attempt to fire him. The article also mentions that he was essentially spying on people to learn things being said about him.
Especially when it makes a crime a Felony. That is one of the four felonies charged to him. The other three are all related to tampering with a computer network.
While this guy is obviously an idiot for thinking he could blackmail a government entity I am quite pleased the security on the system is sufficient to make it hard to get into when strong security is put into place. In other words, nothing annoys me more than so called secured systems having some means of password decryption, let alone the ones that allow admins to see them plain text.
what is going to interest me is how many years they will attempt to land on him. Just how offensive to society is this type of crime versus murder or rape. It seems that every new crime invented by the government gets stronger penalties than existing ones; if only to make it appear more valid. After all the penalty wouldn't be so severe if it were not really a crime now would it?
* Winners compare their achievements to their goals, losers compare theirs to that of others.
Is what I say ...
we should allow the government to beat people with wet noodles.
Large municipal department of technology seeking software engineer for a multimillion-dollar computer system. At least 5 years of previous experience required. Must be able to gain administrative access to a system where the password is not known. Hiring immediately!
I guess he doesn't want to work in IT any more. Pulling this kind of stunt means sabotaging any hope of working for the city ever again *and* ensuring that nobody in IT ever hires him.
ok, you're mad at your employer, perhaps there reasons for firing you are invalid
but taking it out on third parties, such as with locking up law enforcement documents that might decide the guilt of hardcore criminals: you're a selfish asshole for setting up that scenario
maybe you didn't deserve to be fired
but now you deserve to rot in jail for how you responded to your firing
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Number one rule in IT. If i have PHYSICAL access to a system i can get in. Some way, some how.
There Can Be Only One...
Socialist city? WTF? Why does an issue like this have to become another talking point for your tiresome ideologies?
If we can put a man on the moon, why can't we shoot people for Apollo-related non-sequiturs?
get the admin account back?
Several options:
* boot from the install media
* restore from backup
* mount disk on other system
Atari rules... ermm... ruled.
Noodleboarding...
"Kill 'em all and let Root sort 'em out"
I guess he was pretty happy, until he was fired.
Palm trees and 8
Well, he's on 150K+ and he's pissing around laying booby traps for his employer. That doesn't sound like a very well-adjusted fellow to me. I find it very irritating that amongst computer professionals, being an antisocial jerk is all too often treated as a badge of honour and expected qualification, rather than the enormous character flaw that it is.
Bring in the developers who can go into the database and reset the passwords. It's probably only a hash of "username password salt" at the very best anyway, so easy to calculate new values.
Even if he was the DBA, there will be bypasses that don't involve him, such as getting the developers to bypass the database checks for user authentication with something different for now.
It's not so much destruction of sensitive documents you have to fear, it is the spreading of those documents on the web that should make you shudder.
I would unplug some network cables...
FTFA:
"At a news conference announcing Childs' arrest, District Attorney Kamala Harris was tightlipped about what his motive may have been."
I think there's more going on here than we're being told.
That director over there, he gets a golden handshake as he goes out the door... You want to keep him sweet because he knows where all your dirty secrets are and could cause all sorts of trouble for your operation.
The sysadmin, youre going to kick out the door becuase hes blue colar... Oh, wait a minute... He really does know where all your dirty secrets are and really can bring your operation to its knees. In fact hes far more dangerous going out the door than the exec... pity you didnt think of that.
Execs are heaved out the door all the time for being incompetent, but its done with kid gloves because theyre deemed to be potentially damaging... And they wear a suit.
Word of advice: if youre sacking somebody who can bring your operation to a grinding halt, make sure you you keep them sweet, regardless of the job they do for your organisation. Its simple business.
Man, I hope he knows that they are going to send him to REAL prison. Not any white collar, low security, picket fence prison. But a wash room intercourse, shank in the rec yard, guards are going to torture you prison. Being it's San Francisco, he'll go to San Quentin. Hope it was worth it.
Thats why you run unpatched windows, it will take only 4 minutes to get access.
log in in init 1 (runlevel 1) and change the root password or;
/etc/shadow change this:
in
root:$2$3bJ7DS4R$rV45lDlqNsfDRntfO1NCk0:14069:0:::::
look exactly like this:
root::14069:0:::::
this and you can log in to root without any password
maybe other *nixes are close enough to do the same (BSD or solaris)
on ubuntu the root shadow is a little differrent since it is disabled with an asterisk:
root:*:14069:0:::::
just remove the asterisk
Politics is Treachery, Religion is Brainwashing
That'll teach'em to fire engineers! I hope he holds out or even manages to delete the files. Serves'em right, they treat their employees like garbage. SF is getting no sympathy out of me, it's about time the workforce fought back!
And if he does manage to delete the files, it means more work and $$$ for the rest of the workers to recreate and work around those lost files. I say he should do it.
Number one rule in IT. If i have PHYSICAL access to a system i can get in. Some way, some how.
Government Agency rule number one: If I have PHYSICAL access to a criminal, I can get information. Some way, some how.
"City officials said late Monday that they had made some headway into cracking his pass codes and regaining access to the system."
Yeah, they tried all the single character passwords and are moving onto the two character passwords. Good fucking luck.
Unless they are actually using a program such as John the Ripper, in which case they already have physical access, and why can't they just re-install over the top?
And the article is a bit light on details, he is being charged with *four* counts of "computer tampering", why four, why not one? I suspect they couldn't come up with anything and are just trying to blackmail him to plead guilty. (Yes, cops will try and blackmail you by charging you with more things then you would ever get convicted of, yes I have personal experience of this. I got off, because I wasn't guilty of anything, but I know folks in the same situation who plead guilty to the lesser charge to get three other charges dropped.)
Anyway, as others have said, this is the sort of thing you sometimes dream about. Setting up a time bomb in the system that requires re-setting, or whatever.
But you would have to cover your tracks well, or something like this could happen...
I wank in the shower.
There are 2 easy ways I can think of to recover at least someone's password.
1) Backups
2) Linux boot disk, reset the local admin password then use a couple tools available for free from Microsoft. See these articles for more info:
Windows 2003 domain
Windows 2000 domain
From TFA: "Prosecutors say Childs, who works in the Department of Technology at a base salary of just over $126,000"
No wonder he was disgruntled, that's not even a living wage in San Francisco.
stuff |
Hey, calm down. If you havn't noticed, american isn't going to be top dog for much longer without their 'war'... and so its ideology is going to fall along with its economy.
I guess the GOP moral righties were right. Gay marriage really does cause a lot of problems for society!
"Officials also said they feared that although Childs is in jail, he may have enabled a third party to access the system by telephone or other electronic device and order the destruction of hundreds of thousands of sensitive documents."
Or maybe he hasn't. He might have done a lot of other things as well. A few of them are worth investigating but speculating publicly makes them sound a little hysterical.
Poor soul. All pissy over a job that pays 150K/yr? This guy lacks perspective, huge. If incarceration and bankruptcy don't help him figure things out - perhaps a stint delivering pizza or a cardboard sign at the offramp.
Childs, according to payroll records, earned $126,735 in base pay in 2007 and additional premium pay of $22,534, for a total of $149,269. Vinson said the extra money was apparently compensation for being on-call as a trouble-shooter.
I was thinking if he could create the trouble...then shooting them by himself.
"the department has yet to regain admin access on their own"
.. ?
This is obviously a joke, isn't it. I mean any competent techie with physical access can got root in about ten minutes. What *are* they teaching them in tech-school nowadays
davecb5620@gmail.com
Been around since the time of Juvenal's Satires (which would be the third or fourth century AD, I think, unless someone wants to look it up and correct me).
Think for a moment. If you are a senior IT administrator or a senior programmer, unless you're in a very rigorous environment, your actions are most likely not subject to peer review. No-one has time. Right?
How many times do we see the argument "it's open source, anyone can read the code" immediately presented with "but who does"? Now consider that there are millions of people using Linux who potentially could read the code and who are likely working with it because they have a personal passion; but a handful of people who potentially could review your work, but are unlikely to have any deep yearning to do so because, well, they've got their own work to do.
In this kind of situation, you either have to have a mandated peer review regime (time consuming and expensive) or an independent audit (ditto). Both of these are, for reasons of practicality, likely to hit only subsections of what needs to be reviewed.
It's a trust thing. If you can trust your admins. And if you can't...well, who admins the admins?
because
They're worried that he or an associate might be able to destroy hundreds of thousands of sensitive documents, including emails, payroll information, and law enforcement documents.
Yes - that's the reason.
Not because he showed up their complete incompetence and made them look like fools and now they want retribution. Protecting the public's right to privacy - yes, that's the reason.
Genesis 1:32 And God typed
If it's Windows, why don't they just get that USB stick from MS that pulls admin user/pass and other sensitive information straight out of the system and provides it in a handy to read format?
Yeah, even windows has Administrator password recovery boot cds...
with linux all i need is a fedora or centos rescue cd or knoppix.
Somehow I don't think they'll appreciate it if you walk in with a crowbar and say "I can get into that system, with some physical access".
Unless everything is encrypted.
None of us know all the facts of the situation, but I think it's pretty obvious that this guy was just trying to maintain his livelyhood through a misguided attempt at job security. If we had an IT Union looking out for our careers that gave us some sort of protection against the arbitrary whims of upper-management, then maybe this wouldn't have happened.
As for the idea that the guy might have shared his password with some unscrupulous feind... how many of you, had you actually been given admin access to SAN FRANSISCO would really share that password with anyone? Drastic, misguided, sure... but stupid? Come on, there had to be a reason he got the job in the first place.
"Knock the stones together, guys!"
Actually isn't that more of a theory than a rule. Or maybe it's more of a hypothesis or a law.
I will shred my adversaries. Pull their eyes out just enough to turn them towards their mewing, mutilated faces. Illyria
...waterboarding works pretty good.
Use your head, can't you, use your head,
You're on earth, there's no cure for that - S. Beckett
I didn't actually intend to. This was about 15 years ago. I got hired to take care of payroll at a warehouse, which was a completely paper-based process. I suggested that I could transfer the whole operation onto a computer and be more efficient. They said go ahead, but for security be sure to password protect it.
It ended up taking me only a couple of hours to do what had been an all-day job, and naively I told them this and suggested that there were other areas of operation in the plant I could similarly improve. Instead, the next day they canned me - they wouldn't say why, only "It just isn't working out."
The day after that I was glumly poking through the classifieds when I got the call
"Hi, how are you doing?"
"Well, I'm unemployed. That doesn't help."
"Ah, yes... well. Say, you know your payroll system? It's password protected."
"Yes, I know. You asked me to do that." A little bubble of joy started in my chest.
"Well, could you tell me what the password is?"
"I could... but I don't work for you any more, do I?" Then I hung up.
Oh, all the raw data was still available on paper, but I'll bet it took them weeks to straighten it all out completely.
"going municipal"?
bickerdyke
That's what encryption is for.
I can't think this would be an issue at all if there was no encryption to worry about; practically everyone knows how to access a unix/windows machine when given physical access.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
If he was smart, he would be sipping margarita's on a beach somewhere, instead of rotting in a jail cell.
1. Take over computer network
2. Frame disgruntled employee so it looks like he did it.
3. ???
4. Profit!
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
Well, he sure proved them right, that guy's way too unstable to employ. Too bad they didn't realize that and fire him long ago.
Modding Trolls +1 inciteful since 1999
Not if the file systems are encrypted.
Not if the file systems are encrypted, the machine is off, and the RAM is clear.
The masses are the crack whores of religion.
The moment he changed the passwords he financially and professionally ruined himself for the rest of his life.
(FTA)He initially gave pass codes to police, but they didn't work.
Any bets the passcodes worked just fine, just not in
the manner they expected.
Perhaps, data deletion begins in 48 hours....
From TFA "Officials also said they feared that although Childs is in jail, he may have enabled a third party to access the system by telephone or other electronic device and order the destruction of hundreds of thousands of sensitive documents.
Authorities have searched Childs' home and car for a device that could be used in such an attack, but so far no such evidence has been found."
Hey PHB's! It's called a....Laptop.
And yes, I think they are that stupid. /this one really needs the Fark Ha Ha guy too
He will go to a nice prision when the rapist goes to the pound me in ass one.
Yet another "Engineer" with a bizzare sense of entitlement.
-No Ethics
-No Responsibility
-No Morals
Here it takes real training to become an "Engineer", it's not something any simple programmer or College dropout can do.
Charged with a crime like this? You will never work in "Engineering" again.
I'm not saying ethics and morals can be taught, but at least there is a direct reporting structure, and a board of ethics that can impost additional penalities, besides the obvious civil ones.
Revoke a simple programmer's license? yeah , right, in 1-2 years he can pull this stunt again, somewhere else.
Hint to you IT "Engineering folks", it's not "your" network, "your" PC or "your" data, it's the companies. Don't like the policy? GO work else where.
Come on, you all know you were thinking it. ;-)
ORLY? Even if it's an essential system that cannot be stopped or rebooted at all? And has multiple redundancies that make modifying just parts of it useless?
i ate crayons when i was a kid and now i have two braincells and the blue ones taste nicer
Seems kind of funny that the article reports the DA is "tightlipped" about his motive. Makes me wonder if he is 'disgruntled' for a reason that would embarrass the agency if it got out.
Also pretty funny that they go into great detail about his salary, which seems kind of low to me for the area or at least average. Sounds like they are trying to make him seem unsympathetic in the public eye.
When information is power, privacy is freedom.
Firing someone for poor performance (as opposed to firing someone for a single unacceptable action) takes time....and MUCH coordination...at least everywhere that I have worked.
In a decently managed environment, the employee knows in advance that his management views his/her performance as unacceptable since the manager has discussed it with the employee and laid out a plan for improvement. Even an average employee could see the writing on the wall weeks/months in advance...but this individual was also using his administrative access to monitor related email messages.
If his group comprised even a moderately-sized MIS group, you could pull his admin responsibilities and transfer him to a role with lesser rights during the period of performance review and monitoring...but this individual was most likely hired to do this very specific job...and there may not have been another position in to which he could transition naturally...even temporarily.
My question - where are the backup tapes? Pull the tapes from a date prior to his manipulation of the system. Presumably, it should not be that long ago if they were ensuring that at least one other admin had routine access to the system. In such a case, they should have known within 24 hours that he had done something. If, on the other hand, he was a one man show, then I think that they are screwed until he gives up his password...which he will. Mark my word.
Why has this been modded funny? It really isn't...
Word verification: "hostage"
> on any Linux system you can log in in init 1 (runlevel 1)
Anyone with even the slightest bit of security concern would put a restricted flag in the boot loader to prevent this sort of thing. The boot loader will then ask for the password to alter the boot command line. See RedHat docs for a howto.
But the fucker also changed my password of my /. account!!!
When you shoot a mime, do you use a silencer?
Can you get into a system that has intentionally been locked off? And can you do so in a way that you're sure won't set off any little surprises that will, say, overwrite all backups with Star Trek Furry fan fiction, change who owns which files, e-mail/post confidential medical/legal data all over the interwebs, change data in a harmful way (switch names on booking records, for instance) and/or destroy all the relevant data?
Their safest bet short term might be to not try to access the system at all really. Pull the storage media and hope its not encrypted.
Now, we have no information indicating he's good enough to pull off some kind of massive lockdown in less than three weeks (even if he had planned something like this). But while you can always get access to a system if you have physical access, that doesn't mean you can get access with zero damage to the system.
In this case, it isn't even anything sinister. Basically they get a court order compelling him to give up the password. If he refuses, he's in contempt of court and they'll lock him up until he does. If that's for the rest of his life, well then that's how it goes. He has no grounds at all to challenge such an order so any appeals will get shot down.
Basically they can just keep him in jail until he decides to give up the password. Most likely, this wont' be long at all. Sounds like this guy isn't a hardened criminal, just an asshole with an over inflated sense of self importance. I'm guessing after a few days he'll realise how much this sucks, and his lawyer will explain that he is in fact just going to sit here until he gives it up, and that the ultimate sentence he'll get will only get worse the longer he stonewalls.
Of course, if we all had wings, we'd fly. Then reality sets in. Can't change the past.
I'm sure he was plenty stable until he became disgruntled, otherwise he wouldn't have ended up with the admin passwords, no?
Anyone who'd be an asshole like this, doesn't deserve to be in a position of responsibility. Anyone who would do something like this, regardless of the work situation, doesn't deserve a job that has that kind of responsibility. While your situation at work may suck, your boss may be an asshole, etc, etc this sort of thing is just unacceptable. Goes double when you are in the public sector and you will be screwing over people who have nothing at all to do with the situation.
The system probably runs on Intel CPUs.
The article mentions early on that he's a "computer engineer", then mentions he's a systems administrator. Nowhere does it say he's a software engineer.
Those are very very different things. Even when programmers call themselves software engineers, it isn't always accurate. But rarely do I ever hear of admins calling themselves that.
Maybe he read too many episodes of BOFH. :)
My beliefs do not require that you agree with them.
a slashdotter with a 5 figure user ID
I'll see your hokum and raise you a boondoggle.
I'd have modded you funny or insightful. Guess offtopic is now equivalent to "I don't understand".
Get fucked, asshole. The last thing this country needs is for butthurt pussies to define another ordinary crime as "terrorism" because they think a particular perp should be punished more "as an example" or because they're afraid.
This is not terrorism. It's an act of sabotage by one individual (who should undergo a psych eval) who should be prosecuted to the extent of the law, and to a lesser extent it's a failure of leadership for his bosses.
Hail Eris, full of mischief...
E pluribus sanguinem
LMAO!
Awesome!
For those who wonder what kind of working environment DTIS has:
PeopleSofts HRMS 8.x application software.
PeopleTools 8.4x, PeopleCode, SQL, SQR, COBOL, Application Engine, Oracle and HP/UNIX.
IBM hosts and DB2
Microsoft SQL Server 2000
Just look for open positions and you know what they are running.
Someone has beaten me to it, but I'll expand: the more complicated the combination to a vault, the greater the incentive to torture the person who knows it.
I can very easily imagine that if torture should become normalised for actual terrorists*, there will suddenly be a growth industry in referring to anyone we'd find it convenient (or just would like to) to torture as a "terrorist" of some sort...this guy would be a simple case, it's already easy to refer to his actions as "hijacking" (I'm not criticising, I probably would have used the same term).
Banned drugs dealers? Of course they're terrorists. Counterfeiters? Terrorists. DMCA violators? They strike at the foundations of our society---terrorists. People who torture and wiretap? Upstanding citizens....
PILT: "Person I'd Like to Torture"
.
*and suspected actual terrorists, and guys who were sold to us for a bounty as part of fighting an inter-clan feud, and people who happened to be handy....
...moron
I predict the Bush Administration will step in and he'll get water-boarded until he talks.
at least fires are easier to control.
Step 1: make bomb
Step 2: go to spice market
Step 3: asplode self and random shoppers
Step 4: Prophet
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
I followed /. protocol and didn't RTFA, so I don't know for sure that 'Engineer' and 'sysadmin' are not being interchanged here.
But seriously, engineers do not need root on production systems.
Forget pirates versus ninjas, now itâ(TM)s all about nerds versus hippies.
That's for the OS. We know nothing about the security mechanisms in place at the application layer.
Backups may be the key to unlocking the admin functions, but now you're talking about bringing up a second instance of the entire core system. You certainly don't want to restore over the existing/current data.
going to a disproportionate response is the fault of the one doing the disproportionate response
because we are dealing with human beings
not shark attacks or lightning strikes or animals in cages
don't you think it is condescending and patronizing of you to compare the palestinians to animals in cages?
i see a human being when i look at a palestinian. as such, i expect of them responsibility for their actions, and i grant unto them the freedoms i enjoy
if those freedoms are abridged by someone, then they have a right to respond in the name of justice, but they also have a duty not to be disproportionate
a disproportionate response is never validated or acceptable. ever. to go down a path in your mind justifying a disproportionate response is to leave the path of justice yourself. to leave the path of justice, in the search for justice, is not only logically incoherenty, it is to hobble any sympathy one would have for your cause, and to doom it
if you don't know how the palestinians can have their grievances addressed other than disproportionate violence, then that is a logic failure on your part. i would direct you and them to martin luther king or mahatma gandhi for some guidance
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Screw all this administrative expense. Lock the engineer in a room with a couple of goons and waterboard him until he comes up with the password. It won't take more than twenty minutes. If I was President, I'd be on the phone to S.F. extending a pardon and offering the CIA to the locals if they need it. I'd say, "I got some dudes to get your passwords back.."
Then, I'd let the guy go. He did a bad thing, but he got tortured, fessed up, no harm no foul.
This is my sig.
When I was still in college I had heard of a programmer at one of the nearby companies had rigged the payroll system she wrote. I guess they hired her on little more than a vocal agreement and fired her after they thought the job was finished. Oddly enough she thought she had a long term job, go figure. Anyway, her payroll system was setup to payout $100,000 checks to every employee on payday one month after her name was off the rolls. Suffice it to say they had to hire her back with real terms of employment and she made them follow through with their previous agreement as well.
Just remember, capitalism is a dog eat dog system. If you don't protect yourself, no one else will. Business and government are notorious for screwing people when its convenient and even when its not, even those they depend upon. Just remember, even if you have a glowing employee record, there's always going to be some prick above or even below you that can intentionally or unintentionally mess things up, that's when you don't do it yourself.
Are they nuts? They could've hired a competent nice guy for less :)
Well, I know a place that has an opening for a well paid network admin. Sending my resume right now.
Stuff like this is not gonna help the debate in Texas where they want to pass a law requiring I.T. people to have a Private investigator license.
that deserve to be screwed over?
if you do a great job and they fire you, you say you have a right to retaliate
ok
wll what about bad employees who don't do a good job, do they have a right to retaliate?
i'll let you in on a little secret: its the bad employees who do the retaliating when they are fired, not the good ones. because the good ones have enough human decency to do a good job in the first place, and therefore have enough human decency to move on and get a better job
its the lazy useless sacks of shit who want to retaliate
anyone interested in retaliating after getting fired tells you something about the lowness of that person's charcater, and therefore their unworthiness to continue holding the job anyways
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Kinda like how most doctors are arrogant assholes?
Certain jobs attract certain personality types. If you fired every arrogant doctor and antisocial programmer then there wouldn't be enough people left to do the job!
Plus, just because you're an arrogant doctor does not necessarily mean you are no good just like being an antisocial programmer does not necessarily make you a bad person that would do something like this guy did.
The ratio of people to cake is too big
I used to work at a bank. I was the "cash control teller" which means that I counted every single cash shipment into and out of the bank branch. Sometimes 1/2 million dollars.
You know what? It isn't worth it. It isn't enough to live a good life on. If you get caught, the benefits do not out weight the risks.
The same thing with this sort of hack. The guy screwed himself. He's ruined and will serve time in prison. "Everyone" (with any skills) knows you can get into any system you can physically touch.
What is he going to get for his trouble? Will they pay him off and set him free? HA! no way. The worst that will happen is that they'll employ someone's 12 year old nephew to crack the system. Pay him off with a couple XBox games or a new PS3.
I thought most systems behaved like Linux and Windows, where if you have physical access, you can install the drive in another machine and edit the password file. It's surely not a mission critical server, and could easily handle a few hours downtime at the weekend. After all, surely the system was designed to allow upgrades.
While it's possible that there are further booby traps, this seems unlikely. Could always mirror the disk and check it for gotchas before changing anything.
So what's the worry. What am I missing? How are these systems likely to be different?
I've got a few parking tickets/speeding tickets that need to 'go away'.....
I first read that as "Disgruntled Emperor Hijacks San Francisco's Computer System". Now, that would make the story a hundred times more interesting.
If you mod me down will I even notice
Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.
That depends. Are we talking about physical access to the computers, or physical access to the ex-sysadmin? :)
If you need a recognized code of ethics to tell you that sabotaging your ex-employer's system isn't right, then no code of ethics can help you.
Integrity and reputation is typically more profitable than malice and destruction.
I've been in the business a few years, and as you get older, you acquire positions of trust. You have too, you can't be "starting out" your whole career. This sort of behavior is a deal breaker. No one will hire him.
When laid off or fired. Collect your stuff, shake hands with your boss, tell them what is left to be completed, politely and with insight, try to be constructive with any discussions on the exit interview. Even a complete moron will leave a better impression than the greatest genius.
Once out, have a beer or two. Calm down. If you'r any good at all, when they are picking up the pieces of the layoff, they'll remember you attitude and professionalism and probably pay you contractor wages to do stuff while you collect unemployment and look for a new job.
Back in the 80's I had an analyst working for me that seemed to become more unstable as each day passed.
We had a big project that he was working on and making great progress but then he started feeling like the software he created was his and not the company's.
I talked it over with the regional VP as we did not have any reason to fire this guy but yet feeling more flaky with him all of the time.
Plus replacing him would set the project back months.
So I went in each evening (only lived a mile from the office) and made a backup of the files just in case.
The project was successful and in retrospect making the backups kept me sane and kept the pressure off of him that he would feel if I was nervous or watching him too closely.
It seems we attract those things we fear.
Dealing with brilliant but somewhat unstable (supposedly) individuals is a tricky balance and occasionally the situation can tip in the wrong direction.
Sounds like this case in SF tipped all the way.
And in the end, the love you take is equal to the love you make
You may have to wait until P=NP is proven.
more than 20 years ago. Computer systems of TCSEC Division B2 or higher http://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria#B_.E2.80.94_Mandatory_Protection/ do incorporate 'checks and balances' that would have prevented him from doing this.
(not that anyone uses the Orange Book models as-is anymore, but the point is DoD mapped it out decades ago)
He should be waterboarded. He'll give up those passwords REAL quick.
I'm sure he was thought to be plenty stable until he became disgruntled, otherwise he wouldn't have ended up with the admin passwords, no?
FTFY.
God invented whiskey so the Irish would not rule the world.
09F911029D74E35BD84156C5635688C0
It seems somehow...familiar.
Number one rule in IT. If i have PHYSICAL access to a system i can get in. Some way, some how.
To an insecure system, yes. To a basic, simple, primitive system, like your average desktop machine or "enterprise" server, yes.
To a high-security system: No. Simple harddisk-encryption will stop you.
Assorted stuff I do sometimes: Lemuria.org
Doh, I hope they took away his iPhone or other cellular PDA. :)
Cum catapultae proscriptae erunt tum soli proscript catapultas habebunt. (When catapults are outlawed, only outlaws will
LinuxConf is next month, you will have a critical mass of geek in the area; perhaps they could lend a hand. :D
Offer Pizza and Bawls and you will have them lining up around the block.
A computer once beat me at chess, but it was no match for me at kick boxing. Emo Philips
is that San Francisco seems to have figured out how to store data now, that is news!
If you had an IT Union looking out for your career then you'd be making $25.000 max, and you'd have to go through huge discussions to get a pay raise next year. And if you happen to be better than the next guy then, well, tough sh*t, as he will be making exactly as much as you do.
To Terminate, or not to Terminate, that's the question - SCSIROB
Did you say "water board"?
Virgil's famous quote had very little to do with Alan Moore and Dave Gibbons. It was a satirical reference in his play to a certain young woman of easy virtue and began 'Pone seram cohibe' (restrain her in her room) and he was worried that one would never find enough young sentrys capable of not yeilding to her charms 'So, whose going to stop her getting laid?' I can think of a response to this (better guards, gay guards) but I don't even have enough time to note it in the margin.
... noui
consilia et ueteres quaecumque monetis amici,
"pone seram, cohibes." sed quis custodiat ipsos
custodes qui nunc lasciuae furta puellae
hac mercede silent? crimen commune tacetur.
... I know
the plan that my friends always advise me to adopt:
"Bolt her in, constrain her!" But who can watch
the watchmen? They keep quiet about the girl's
secrets and get her as their payment; everyone hushes it up.
The original (if it is!) is even funnier, even in English:
This is of course straight out of wikipedeia http://en.wikipedia.org/wiki/Quis_custodiet_ipsos_custodes%3F and I should imagine is far closer to what will be the eventual outcome of the business with the 'engineer'
Posts, MyBio or Sig, may contain satire, sarcasm, bolded nouns be sardonic or even witty & be Church of SD
For cases like this one there is the shared secret technique. It is possible to distribute a crypto key among n people so that any k of them (but not less than k) can retrieve the key.
"I'lllllllll take you home Eilleen......" Remember, you'll need 30 minutes to restart the servers, unless you implode the hard drives - but that would be crazy.
/LabMonkey09
Now if I had prefixed my statement with "I know my karma's going to burn for this, but ...", I'd have gotten a +5 Insightful.
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
It's just not that easy for a sysadmin, especially a major one. For myself, I've got passwords, SSH-keys, and many other access points everywhere in my company. It's not because I want to screw with them, but because they tend to call me at all sorts of different times and I never know if I'll need secure access to the server.
So, routing rules from home. Public SSH keys on various border-servers with my USB-drive having the private keys, etc. They're all used for doing my job, and if I'm fired (not sure why I would be though) I'll just move on to the next one without tainting my career and doing something stupid to burn bridges. However, I could see a *bad* sysadmin using these same tools and more to entrench himself so deeply that you'd almost have to rebuild the entire infrastructure from scratch to find all the back-doors.
If this guy was a real dick (but a clever+smart one), knew it, knew he was going to be canned, and prepared for it... then how are you going to know that your authentication methods, your binaries, or even your kernels haven't been messed with in some way? MD5 sums only go so far when you have hundreds of systems tied together.
rand, the bitch who perfected the philosophy of selfishness
basic altruism trumps genius
every time
a solitary selfish genius is routed by a coordinated effort of retards working for the benefit of the group, every time
rand loses. her philosophy is inadequate to survive in this world
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
It seems to me that just having access to a machine where a lot of the information is is encrypted by means that the superuser cannot override doesn't do much good. If a pass phrase of a few lines is required to decrypt even brute force could take a while no? Perhaps you could even encrypt your binaries and require them to be executed through some kind of decryption parser before it feeds the decrypted code to the kernel for execution. I am just a lame user and I can dream up all kinds of ways to defeat your Kung Fu, given access and time.
...and this is why firms have severence packages... I got fired from a 3 year stint in a high paying position. Between my severence, unspent vacation, and current payroll, I had 16 weeks full pay with which to find a new job, plus unemployment on top of that. I found a new job in 9 weeks (at an even higher salary) and pocketed a nice chunk of change. I had NO had feelings about being let go.
Had I been fired without that package, I'd have likely lost all sense of reason. I'd just moved cities a month before, was paying for an apartment and a house, and had a baby due in 3 weeks... If all i had was unemployment to fall back on, I'd likely have lost the house to foreclosure, and had my credit ruined for years. with the access I had there, it's very likely I would have caused a lot of problems, the least of which would have been a lawsuit. I didn't have admin level access, but I did have access to a few key systems through test accounts they forgot to disable. I could have easily brought down their helpdesk system, possibly their phones.
Severence packages... For employees with critical knowledge and any form of system admin, look into adding them to your HR process! A typical package is 2 months pay plus 2 weeks for each year beyond 3 they've been with the company. Well worth it compared to the risks.
There is no contest in life for which the unprepared have the advantage.
The sysadmin that's enough of an asshole to get himself canned in this way (and in many cases, it's expected that sysadmins be somewhat antisocial, so you need exception jerkdome) is enough of an asshole to build tools-for-revenge [tm] into the system when the time comes, or spy on his boss.
There's a joke letter that's circulated sometime about a *good* sysadmin being fired by a bad boss. Many of us chuckle over it but there is some truth to the extent that you must trust your admins. I'll see if I can post it in a reply to avoid slashdotting the parent site(s).
Here it is...
Dear Mr. Baker,
As an employee of an institution of higher education, I have few very basic expectations. Chief among these is that my direct superiors have an intellect that ranges above the common ground squirrel. After your consistent and annoying harassment of my co-workers and me during our commission of duties, I can only surmise that you are one of the few true genetic wastes of our time.
Asking me, a network administrator, to explain every nuance of everything I do each time you happen to stroll into my office is not only a waste of time, but also a waste of precious oxygen. I was hired because I know how to network computer systems, and you were apparently hired to provide amusement to your employees, who watch you vainly attempt to understand the concept of "cut and paste" as it is explained to you for the hundredth time.
You will never understand computers. Something as incredibly simple as binary still gives you too many options. You will also never understand why people hate you, but I am going to try and explain it to you, even though I am sure this will be just as effective as telling you what an IP is. Your shiny new iMac has more personality than you ever will.
You wander around the building all day, shiftlessly seeking fault in others. You have a sharp dressed, useless look about you that may have worked for your interview, but now that you actually have responsibility, you pawn it off on overworked staff, hoping their talent will cover for your glaring ineptitude. In a world of managerial evolution, you are the blue-green algae that everyone else eats and laughs at. Managers like you are a sad proof of the Dilbert principle.
Seeing as this situation is unlikely to change without you getting a full frontal lobotomy reversal, I am forced to tender my resignation; however, I have a few parting thoughts:
When someone calls you in reference to employment, it is illegal for you to give me a bad recommendation as I have consistently performed my duties and even more. The most you can say to hurt me is, "I prefer not to comment." To keep you honest, I will have friends randomly call you over the next couple of years, because I know you would be unable to do it on your own.
I have all the passwords to every account on the system and I know every password you have used for the last five years. If you decide to get cute, I will publish your "Favorites," which I conveniently saved when you made me "back up" your useless files. I do believe that terms like "Lolita" are not viewed favorably by the university administrations.
When you borrowed the digital camera to "take pictures of your mother's b-day," you neglected to mention that you were going to take nude pictures of yourself in the mirror. Then, like the techno-moron you are, you forgot to erase them. Suffice it to say, I have never seen such odd acts with a ketchup bottle. I assure you that those photos are being kept in safe places pending your authoring of a glowing letter of recommendation. (And, for once, would you please try to use spellcheck? I hate correcting your mistakes.)
I expect the letter of recommendation on my desk by 8:00 am tomorrow. One word of this to anybody and all of your twisted little repugnant obsessions will become public knowledge. Never f*ck with your systems administrator, Mr. Baker! They know what you do with all that free time!
Sincerely
David Blocker
Network Administrator
Box in the warehouse has a bios boot password. It is clearable, but there's a problem, the hard drives are 'locked' and are only unlocked by a code stored in the bios during later part of boot. And clearing the bios boot password also clears the lock code.
The guy who set it up drove his car through a red light and got his neck broken. He apparently didn't write down this password.
They ended up sending one set of the mirrored drives to a data recovery house.
Fortunately it was not mission critical, merely 'important' data.
So I'm sure it's doable to make the situation untenable 'on purpose'.
who guards the guards?
What I'm more concerned about is who guards those who guard the gaurds?
And the government ASSURES us that they can gather all our data and keep it safe from compromise, misuse, or abuse.
Riiiiiiiiiiight.
For a small amount you can own the only password to SAN FRANSISCO computer systems.
starting bid: $500,000.00
According to the Untied States Supreme Court in Doe v. United States, 487 U.S. 201 (1988), a defendant's right to remain silent means that a defendant cannot be compelled to provide a combination to a safe, even though he could be compelled to turn over a copy of a key to a lock box. I wonder if the court in California will follow this or will he be compelled to divulge the password.
If someone says he and his monkey have nothing to hide, they almost certainly do.
I wouldn't even have withheld the password if they didn't have the ability (i.e. the paper records) to do the payroll manually. Inconveniencing them after they treated me shabbily is one thing, but I wouldn't have wanted to actually hose up people's livelihoods, even so. In the end all I deprived them of was the convenient system I'd set up for them. At worst they'd have just had to hire another temp to catch the paper system back up to date.
It's a serious crime because it might mask other criminal acts, or at least make them unprosecutable. We can't go by what they're publicly saying since the city will legitimately want to keep that information quiet.
As a loose analogy, look at the recent case where a couple burglarized a house, then put a "everything free!" posting on craigslist to hide the crime. That 'prank' suddenly became a very serious effort to cover their felony.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
Well, he's on 150K+ and he's pissing around laying booby traps for his employer.
I don't get why everyone is so concerned with his salary. He accepted the job for it; how should it change the ethics of what he did? No one is alleging that they did something like halving his salary or holding something he holds dear hostage. The ethics should be the same for a minimum wage worker and the highest paid executive.
i know this is /. but straight from TFA, one of his supervisors tried to get the guy canned, and Failed, from there on, he had a couple weeks with his usual permissions, and he set up a program to check what people were reporting about him, as well as set (obviously) a time bomb that would only go off if he didn't have access to reset the time bomb that would make him the only guy with a working password.
I think ironically, that someone working there, Disabled his Password (he reportedly gave one to police) then his time bomb went off leaving the system with NO passwords at all,
and to compound things, they've been using the system 'as-is' because they need it desperately, to do daily jobs. what's going to happen when they find out the whole setup was left password less, the past month of data encrypted and irretrievable, and the only way for admins to work on it is by losing a months worth of data?
and here's the thing, TFA is completely tainted with 'worst case scenarios' they totally assume he gave them wrong passwords (ignoring the fact that it might have been a 'time bomb' leaving the system password less) and also assume that he might have given people on the outside access to the system, with no proof... they also think he has it set so he can destroy data with a cell phone, i mean come on, get real he had like a week or two to plan this from when his supervisor tried to fire him, until they finally fired him..
IMO this guy had a personal disagreement with his manager, and was fired because that guy was working full time trying to find a way to fire someone he disliked.. considering he earned an extra 30k as a trouble shooter and was able to pull off a time bomb, i'm sure he knew what he was doing with technology...
https://www.gnu.org/philosophy/free-sw.html
I thought only sysadmins in higher ed used that insurance policy?
Just kidding, man--you know who you are ;-)
I might know what I'm talkin' about, but then again, this is Slashdot...
Please post your name so I can be sure never to hire you.
1. declare him a terrorist
2. torture him
3. ???? [redacted for national security reasons]
4. password!
Can't we use water boarding to "encourage" the person in question to divulge the information sought? I mean, it works so well for terrorists why can't we use it here? Hell, why not label him a terrorist so no one can argue against it?
And no, it's not torture, 'cause Bush says it ain't. He's never wrong about anything.
Easy solution. Label him an enemy combatant, terrorist or whatever buzzword du jour is and waterboard the password out of him.
Yes, because acting like an antisocial, unethical prick is a great example to set for your baby. And let's consider for a moment how wonderful growing up with a father who's in jail or unemployable would be for that baby, and your (i presume) wife.
The phrase is "life, liberty, and the *pursuit* of happiness." Nowhere is there a *guarantee* of perpetual happiness. Shit is going to happen to you in your life. Sometimes really bad shit. You don't fuck over the *rest* of your life because of some (admittedly major) setbacks, if you've chosen to be a mature and responsible adult.
So you'd advocate that companies should pay protection money to make sure their sysadmins don't fuck them over when they're terminated or laid off? You, sir, should take a refresher course in professional ethics. I can just see the medical profession operating under these rules:
Well sir, you have appendicitis, and your appendix will have to be removed. I can do the operation tonight. I'm also need a suturing fee to make sure I don't nick your hepatic artery while I'm in there. You wouldn't want to bleed out all over the OR, would you?
Dude got caught. "In custody," I assume that means police custody. Refusing to turn over the password at this point will not gain him anything but an additional charge of extortion. Does he think he could strike a deal to be let go? He's insane.
I think it's pretty obvious that this guy was just trying to maintain his livelyhood through a misguided attempt at job security.
Nuking your career is hardly "job security".
I don't know whether to laugh or cry. What kind of incompetence does it take on the part of the rest of the system administrators there to be unable to regain access to a system to which they have physical access?
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
Where the hell is their IT Security Dept at? There should be alerts set up when accounts are modified...
I wouldn't do it now, but I was young. It was the better part of two decades ago.
What are the codes!?! I need to know now! TELL ME WHAT THE CODES ARE!
Way to play into the hands of the beast. This stuff is set up exactly so that the ignorant can 'tip' past the critical threshold and become monsters.
If everybody thought like you, then we might as well be living under Saddam Hussein.
There are always better solutions than the ones which hot emotion dishes out as the fast and dirty answer. Just skimming the first few feet of posts, already half a dozen people have pointed out that with physical access to the system, it takes relatively little effort to crack a password.
Everybody I've met who I've had the chance to really discuss this with are usually only looking for an excuse to hurt people because they get off on it. There's a reason S&M is popular with some people, often in sexually repressed people, (i.e., Republicans). Torture NEVER truly has anything to do with the stated reasons. It's always about justifying the feeding of dark appetites, because in the dark recesses of the mind, it feels good to cause pain. This is what drives school yard bullies and psychopaths. Some people hide from this reality and do not admit it, others know it is true which gives them the choice to deliberately resonate on a different level and change into beings who are naturally repelled by the mere idea of torture, whereas others jump right in and become evil.
What do you want to become?
-FL
Unless there is a a brick of C4 and lots of colored wires strapped to the servers any competent sysadmin with physical access should be able to regain control in under an hour.
For windows they could try the offline windows password reset boot cd:
http://home.eunet.no/pnordahl/ntpasswd/
For linux and just about ever other UNIX booting with the '-s' or 'single' should do the trick. Hell if there systems are like most you could probably just google for some ancient local privilege escalation exploits.
You go in straight through Falken's Maze.
And then after you get in, simply type 'OVERRIDE'.
Losers.
I dind't say I would do it, just that I'd likely have had a breakdown. I also did say I'd use legal action, not criminal.
Fortunately, as a patient in a hospital, not only does the doctor have a Hippocratic oath, but also I have malpractice insurance. In IT, I have neither. Criminal laws are the only thing preventing a lot more IT admins from going postal on their systems, and those that think about how to do it properly would not get caught anyway (delayed activation scripts, minor changes to backup routines, etc).
It's not protection money, it's simply a "look, in a perfect world, we'd give you a few weeks notice, but unfortunately, since you have access to secure information, Federal red flag regulations and HIPPA/Sarbanes, etc, require we terminate your access effective immediately, here's a bonus to help you transition into your next job instead of leaving you completely fucked.
This is a cost of doing business. Failure to pay that cost can cost a LOT more.
It's a fact, employees will become disgruntled. It;s a fact, a very small majority of them will go postal. Offering severence packages is a way to not only mitigate that chance, but employees that know they have it also worry less about the [possibility of termination, thereby reducing stress and improving morale, which benefits the company in immesurable ways. too many companies have forgotten this lesson.
There is no contest in life for which the unprepared have the advantage.
Come on, you all know you were thinking it. ;-)
Yes, we are, and why do you think that is?
Is that a good thing? And who is responsible?
This is an old pattern and it takes awareness and will power to choose a path which is different from that which the psychopath wants us to take. --This is the way psychopathic leadership works. They know there is something wrong with them and that they are outnumbered by normal people, and so it is one of their unstated mission goals to change the tenor of society so that it matches their reality, so that they are comfortable and no longer on guard against being discovered. The psychopath creates chaos and within that chaos is able to present easy on-ramps to the dark-side of human instincts. This is a very clear example happening right now.
There are two choices; Crack the password and take back control, (the guy, as it has been pointed out, is not even a software engineer, and as has also been pointed out, with physical access to a system, a simple password isn't going to prevent information from being retrieved). --Then punish the guy using the rule of law.
The other option is to descend into debauched S&M sickness. --Because arguments for torture are NEVER about the stated reasons, but are instead attempts at justification. If one travels into the dark-side of their human nature, they realize that it feels good to hurt people. You can get off on it if you deliberately align yourself in that manner. There's a reason S&M is related to sex for some, and THAT is what this whole torture thing is really all about. And it should be pointed out that people with repressed sexual tendencies tend to go that way more readily. (Repression ==> Frustration ==> Anger ==> Evil) --Now which political group is more sexually repressed would you say?
-FL
I do not condone the actions of Jack Bauer.
adding zero to what they were paying him before will give him exact same amount of money as before. Perhaps you meant multiply by ten?
As the island of our knowledge grows, so does the shore of our ignorance.
Being this is San Francisco, perhaps he could claim he's an underaged illegal alien drug dealer and get a free ticket to honduras instead...
Oh wait, that doesn't work anymore in San Fran. I guess he's screwed...
Quick, someone call Samual L Jackson !
This guy is my new hero for the year, sorry Mr. Riser !
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
Exactly why was this guy disgruntled and how was he treated by his employer? I'm betting the city admins were more at fault. I'm thinking it's this guy who just might be the victim here. While I don't condone a move that might impact other innocent employees, his bosses just might be getting exactly what they richly deserve.
Moral of the story? Be more discriminating in what you lock up or disseminate. Publishing the salaries of the higher-ups would have been a better move. Or exposing the city's dirty laundry.
The intent was malicious and the financial loss in the felony range. Definately not creative hacking.
If it were me involved, I'd -prefer- a quick round of torture to long term jail, any day of the week. Which is really worse? Getting waterboarded for 15 minutes, or going to jail for a couple of YEARS? Given the choice, I'm going for the waterboarding. The torture - is - the punishment, gets the password back, and the guy and the city can both move on with life. It's -better- for everyone.
You know, if anyone is mentally ill, it is arguably the liberal bent of this world. Republicans do all things in moderation, and some to excess, whereas you liberals deny yourselves every pleasure in life, from matters of the spirit, to family, to making a fire, to driving, to hunting, to shooting, to food, to work and acquiring things of great beauty, and all that leaves you with liberals with is that you have to put sex on the altar.
Its all you've allowed yourself to have.
In denying -everything- in your f-- up earth worshiping ego-less religion, you've turned yourselves into sexual deviants because you've placed way too much importance on it. Just because you are turning yourself into an animal because you can't admit that your own earth fest sucks donkey dick, doesn't mean that everyone else should jump into your neurotic hellhole.
I sure as hell do not want to become anything like you. You are all diseased... and if you kept to yourselves, it might be ok, but, you don't, and until you don't, there's always going to be the possibility that those who are sane are just going to have to someday deal with you diseased. You genuinely think you have some better way, and you just don't.
This is my sig.
.. Jack Bauer when you need him. He'd get that password in under 24 hours...
Yeah i known, cheap one. So sue me... ... hey wait, i didnt mean that
Use the "SECURITY OVERRIDE" function! That always works...
Seriously though, WHY does a software engineer have network-wide sudo access? They should, at most, have root access for their own system, and NOT across the domain/subnet/workgroup/whatever.
Those using pirated Tinysoft signatures(TM) are a real threat to society and should all be thrown in jail.
All your base are belong to us!
There may be no "I" in team, but there's also no "F" in way.
The 'public sector' is full of the worst time serving, non-working, slackers anywhere.
Did you hear CalTrans was going to layoff 10,000 road 'workers'? They invented a shovel with a kick stand so they aren't needed anymore.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
I'm intrigued by the carefully constructed character assassination that went into this article. I am disappointed others did not see how the information in this article was delivered in such a way as to shift all of the blame to the employee.
There is no doubt the employee did lots of wrong things that deserved dismissal. I am not arguing for his position at all.
Note carefully, that while the guy has the admin password, it's the source of the story that has shifted the blame entirely to the employee. By adding "we're afraid he's going to bring an IT Armageddon to the city of San Francisco!" to a very poorly managed situation, management is off the hook.
The story *should* be a cautionary tale. Where are the management procedures to prevent this kind of event? Don't ever discuss fragile IT systems, that are running mostly on blind faith. How about management's total incompetence in this episode?
Nope. Instead the blame conveniently shifts away from the OTHER responsible party in this story.
Let this be a cautionary tale for those with company IT "by the balls." Hopefully, you won't do some of the horrible things purportedly done by this fellow. You deserve to be fired if you make those kinds of bad choices.
Note how ridiculously easy it is for Management to publicly discredit you and bring your IT career to a swift end using anecdotal evidence. As this story so elegantly exemplifies, it is very common, and people would really do that to you and not lose a minute of sleep. You would have no forum with which to air your side of the story either...
My approach to bringing some balance to the situation is to make my IT role as transparent as possible. Which, means basically, lots of documentation.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
Number two rule in IT. Just because you can get in to a system doesn't mean you can access the data or applications in a meaningful fashion in a realistic time-frame.
Ok, it's not as snappy...
It's official. Most of you are morons.
Do not meddle in the affairs of sysadmins, for they are subtle and quick to anger.
-Billco, Fnarg.com
You can't escape it — San Francisco is America's most illiberal city, and has been for decades. Nikita Khruschev, reportedly, liked it so much, he promised not to target it (with Soviet missiles).
I blame the fact, that the city's largest employer — for generations — has been a military base. Federal Government's monies were flowing in and slowly spoiled the residents, who had little worries about budget or attracting businesses.
Of course, no city with policies this illiberal could've survived for long maintaining a decent quality of life — for that they needed the rest of the country being as rich as only a Capitalist one can be.
Khmm, really... Maybe, you should ask this Marxist, who is already blaming not the criminal, but those unspecified victims, who "pissed him off"... Mess Mend, brother.
In Soviet Washington the swamp drains you.
I would be willing to bet that most people would prefer 15 minutes of waterboarding torture to a year in jail, as you would have them do.
Your approach ruins lives. Mine doesn't. You are one sick dude, claiming ruin as a mercy, then having the delusional gall to proclaim those who disagree with you to be mentally ill.
Spare your preaching for the mirror!
This is my sig.
This article would be 10x funnier if it was a windows system and the other admins can't get in. Then we would know they definitely are not reading Slashdot. Microsoft has a backdoor for everything.
Crap! I just kissed my karma good-bye.
A smarter admin would have:
Oh wait!
now we need to go OSS in diesel cars
if he's a municipal employee and this is important data for local government employees, couldn't this be considered a terrorist act? wouldn't they be able to do all sorts of nasty stuff to him until he fixes what is wrong, and then blackball him from just about any job he could ever get? they must've really been screwing with him for the dude to get this cheesed off about it and FUBAR the entire system on them. a lot of times, it's not the employer's fault, but with this severe of a /kill, I think they really must've done something to him.
I'm just shocked he was able to do all of that. wonder how long it took him [and how long he knew that he was going to be sent off].
My wife belongs to a union and makes in excess of 100k. So do you think unions drive down wages in all professions or just IT and even if it were to drive down the average salary I think 25k is way too low.
Scary as this sounds -- juding by the crappy technical writing on the piece (the x-over of Network Engineering, System Engineering, etc -- and we can't really be sure WHAT his title is)...Id almost have to say that there is more than meets the eyes. Why would somebody elect to sit in Jail harboring some sort of information -- unless of course he has an agenda. An agenda that will get plaid out in the papers like some garrish soap opera. Problem is the flatfoots and pencil pushers that have arrested him -- are the same ones that just cant understand why you shouldn't fwd every stoopid email you get to 5 of your friends -- or even better, that they really DONT have a rich uncle in Nigeria. There is a wide gap in the technology between IT and PD -- which makes cases like this very interesting to watch. I would have love to have read the search warrant looking for the "device" that resided in his car -- too bad he doesnt have a good lawyer lined up...Im sure the case could get bounced easily for "lack of any *real* evidence".
And to the point that motive is not nessecairly an important factor in crime -- are we then suggesting that this was purely a "crime of oppurtunity" -- changing the motd on a box that the SA has left a root shell unlocked on his desk when he went for a smoke -- thats a crime of oppurtunity...this thing smells of premeditation.
I'm so gruntled, that I would never do such a thing.
Insightful(if blindingly obvious) stuff in the message just above.
I'm sure he was plenty stable until he became disgruntled...
Stable? Wouldn't the correct word here be "gruntled"?
I sure hope his PI license is up to date.
I wasn't the one that wrote it, however my understanding is that it wasn't a real letter, but an amusing fabrication. As it's been circulating on the net for quite a long time, I'd imagine that it would have gotten back to somebody at the company for which the supposed sender was employed.
Since were all just speculating here how about this scenario.
Boss - "You're fired!"
Admin - "Ok. See you later"
Boss - "Wait, you have to tell me all the passwords"
Admin - "I don't have to tell you anything, I don't work for you anymore, you just fired me"
Boss - "but, but...."
None of them can see the clouds; The polished wings don't care.
If you're making $150K/yr remotely from Pittsburgh you have no right to be disgruntled. It sounded like a sweet deal, I don't really care what kind of assholes you have to deal with at work. You make a decent living and it doesn't sound like it was very hard work. Especially if he had time to stage a monitoring system and hijack the entire network.
As someone who lives in the Bay Area I am insulted that we will have to incur this additional expense because some whiny baby was unhappy with his posh job.
“Common sense is not so common.” — Voltaire
for hiding passwords - what a cheap shot.
/.ers have created things at their workplace where they were the only person competent to run them, often because no-one else can be bothered to RT(perfectly)F(good)M that they insisted be created or they don't know that google exists.
But having said that, where does one draw the line ? I'm sure that many
When is one of us going to be fired and arrested for refusing to explain to her previous colleagues how to do a join on a pair of database tables ?
On a side note, at one point at my company there had been so many dismissals where people only found they were dismissed after inquiring why their email no longer worked, that every email server outage led to widespread fear that we'd all been let go.
Nullius in verba
That always works. permanently locks doors when you want them locked, opens them when you want them opened.
it's foolproof
Nullius in verba
A number of shops I've worked in have solved this potential security problem by making sure that the people who hold the keys to everything are completely incompetent. :-)
He was spying on HR, according to TFA. In other words, he knew he was fired before they told him.
Actually, what you said was ( emphasis mine ):
Explain to me again - I must have missed it - how the access you had there being enough to bring down their helpdesk system & phones has anything to do with non-criminal activity & "just filing a lawsuit"?
I refuse to even grant this statement the legitimacy of calling it a different point of view - what you've proposed is that businesses should routinely plan for extortion by ex-employees, and buy them off to prevent this unethical & illegal behavior.
Severance packages are of course a wonderful thing, and when laying ANY people off, companies should always try to grant reasonable severance in order to ease the transition. But your original point, singling out "employees with critical knowledge and any form of system admin," implies that these employees are somehow more deserving of severance packages because they could cause a lot of damage if they decide to be unethical sociopaths when they're terminated or laid off.
Perhaps that's not what you meant, but it *is* what you said. Running your business under the assumption that everybody who works for you is going to turn out to be lazy, unethical, and criminal-minded is a surefire way to end up with only the lazy, unethical, and criminal-minded people working for you.
A visit to the Guantanamo Bay Detention Camp (http://en.wikipedia.org/wiki/Guantanamo_Bay_detention_camp)
-- Wondering how long until the internet becomes fully corporatist, like television.
The next time you are escorted out the door after giving notice, or your bosses "scummily" take away all your access before telling you that you are fired...
You'll understand why.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
When I fired our IT manager I had an employee changing his access rights at the same time I was giving him the bad news. It's a "Duh" sort of thing.
Yeah, because every single server out there runs Windows.
Jurassic Park.
Make love, not reality television.
Best to read again, and read my response..
- It's not the Macs I hate. It's Digg users. -
If they were using symmetric cryptography correctly, it could be virtually impossible to recover any of the information without first recovering the password.
Actually, this is the perfect way to test the strength of symmetric encryption algorithms. For those cryptographers with tin-foil hats (http://www.schneier.com/essay-198.html), seeing how long it will take for various three lettered agencies to recover the data will illuminate a previously dark room containing the question, "How safe is your data really?" It seems to me that this guy is doing the whole cryptography community a favor.
my guess on the administrative password:
PMTA_prison_4ever
So why use passwords at all?
What's the point of even having a password if it can just be overwritten? Also what if the file system is encrypted with truecrypt, how exactly are you supposed to access the password hash when you can't even decrypt the partition?
Damp matches.
IMO this guy had a personal disagreement with his manager, and was fired because that guy was working full time trying to find a way to fire someone he disliked.. considering he earned an extra 30k as a trouble shooter and was able to pull off a time bomb, i'm sure he knew what he was doing with technology...
Been there, done that... well, without the sabotage. I fought back, and managed to stave off being fired for about a year or so, but once I realized my boss was going to do anything and everything to get me fired? I pretty much worked on Wikipedia the rest of my time there. I tried to do real work, but his restrictions, deadlines, and everything simply made doing real work intractable.
I'm supposing that he and the company I worked for are better off that it never came to my mind to sabotage anything... they treated me like crap, abused me every way possible, blamed me for every mistake. While I had complained about his behavior, the company's investigation came up with, I was told, "absolutely nothing". Then they offered me money in exchange for giving up all my grievances against them.
I think they were most afraid that I could start a suit, then request all my records for disclosure, and it didn't look pretty. I can't imagine a jury in the world, who would listen to my story and not side with me.
This whole experience has shown me the benefits of a union, because when the whole company gets turned against you, there's nothing you can do inside the company to have your concerns actually considered... those "impartial investigators"? Yeah, no... they're being paid by the company. If they tell the employee that the company was liable for something, then that employee goes off and sues the company.
Feel glad when you're on the good side of a company you work for... I've been on the other side, and it was the worst time of my life.
WARNING! This girl exceeds the MAXIMUM SAFE standards established by the FDA for BRATTINESS
LiveCDs don't work on domain accounts. Even if you can get access to the unencrypted SAM file which has the hashed passwords, you can only break it through brute-force hash comparisons if the password is relatively simple. If it's 16-characters random with special symbols and numbers and upper case, you can pretty much forget it. You can however retrieve all your data if the systems are not encryped but you'd need to re-setup your Active Directory from scratch.
Maybe he was this guy.
you had me at #!
Sorry, denying a disgruntled employee the right to retaliate against their employer is a human rights violation not only in San Francisco, but in any government job anywhere. Douchebags and dumbasses are special people, how else would they get jobs?
Give a man a fish and you have fed him for today. Teach a man to fish, and he'll say "WHERE'S MY FISH, YOU IDIOT?"
.. you get fired, and then legitimately get hired back as a $500 per hour contractor.
Give a man a fish and you have fed him for today. Teach a man to fish, and he'll say "WHERE'S MY FISH, YOU IDIOT?"
According to the article the system is still working for many user tasks -- just no high level administrator access.
from the article
So he seems to have made certain that third parties are not hampered by his actions.
and there exists people who actually work for it
there do exist people who work for their own good while lying about working for the common good, yes. but the existence of such people does not nullify the existence of those who actually work for the common good
then there are people like you, who through some combination of pathological distrust, inability to perceive reality versus fears, general dimwittedness, or impoverished lack of faith, sees selfish where there is actually altruism
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
SAE (Stand Alone Environment) from NewEra Software?
Here's a marketing PDF: http://ssss.cm-cp.com/mktdoc/SAE_02.pdf
Exactly! This sounds like a job for Gitmo to me!
Broke somewhere after the first paragraph.
you had me at #!
Something tells me that there is more to this story.
People don't usually hold out like that after being arrested just because they don't want to lose their job.
My guess is that there is something politcal going on where there shouldn't be or shouldn't have been - he may be standing on principal.
Virgil (first century BC) quoted Juvenal (second or third century AD, if I recall)? That was rather prescient.
if over-applied stop a society making the changes it needs to in order to adapt and survive.
And American-style capitalism is not making those changes, and is failing exponentially. The mystery is why that's not obvious to everyone... And the tragedy is they've "exported" the model and the accompanying culture of dysfunction almost everywhere on the planet.
I appreciated your grandparent rant, thanks.
you had me at #!
If they start cracking the hash WRONG, they'll be hacking the crash LONG....
Even tho his spite is not right, they will work hard, night after night...
No, sir, I am not Cyrano, You didn't know, no?
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
gave more ore rejuvenated ammunition to send people to Guantanamo-like facilities. Except, being citizens, but still considered "ter'rist", he probably can be subject to torture. I bet that guy IS NOT trained in resisting torture.
San Francisco is NOT just a city services government, but a COUNTY, too. Probably as burdened if not more than LA City & LA County, meaning a LOT of underserved, needy, and numerous other social and revenue services could be under duress. What's that import film I saw when a bad guy asked furiously of another bad guy, "WHAT THE HELL ARE YOU DOING?", which elicited the response, "Oh, what's a little torture?".
Probably the other problem is this guy MIGHT have been a union member (I don't know at what level SF's IT are exempt or become non-union), but often it is HARD to legitimately purge slackers or even dangerous types from union protection. Short of arson or murder or paedophelia, a LOT of unions will fight tooth and nail out of position rather than practicality. OTOH, it seems that guy either had personal issues for which he could NOT be fired, or he has goods/bads on the staff and that knowledge makes/made them too fearful to fire him. Maybe he had/has too much intimate, embarrassing knowledge about shitty financials, inadequate security, knowledge of moles, narcs/CI (confidential informants), and resettled/refugee types of residents records. If this guy is quirky, but too hot too handle, he might emerge from this relatively untouchable if he gives up the passwords and discloses ALL of his booby-traps, disarms and then becomes a consultant of some sort for the entire state... Oh, the irony of things...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
The phrase "could have" in no way implies intent. "least of which" also in no way implies criminal intent, it's simply a statement of where to begin. Attacking them through the press, headhunter agencies, employment securities, and more are all very viable otions.
I'm not suggesting they buy off employees, I'm saying that peaceful seperation is allways better than a war, wether it's criminal, legal, or just hassles you are trying to avoid.
Line level basic employees, who have little impact on general company systems, they don't get severerence typically until they've been employed for years, and then typically, we're talking about tyhem having reached levels where severence is warented. People who work a line in a facotry for years without advancing, they have other options, assuming they've invested in them (retirement, pent up vacation, etc), and furthermore, they're not typically subject to unemployment limitations like higher up positions are (If I made $10 per hour and got laid off, unemployment covers nearly 70% of my pay, at IT admin salaries, in SC, it covers less than 40%, since I was over the cap).
Businesses should plan for EVERYTHING. Natural disaster, postal employees, lawsuits, and more. It's called due dillegence, and has been not only an accepted business practice for a hundred years, it's a practice that maintains morale, and actually ATTRACTS quality workers.
When interviewing for job recently, the things I wanted to know most about were: vacation caryover policy (unused annual vacation rules), severence package structure, employee direct stock purchase (not options, they're worthless), and medical coverage options beyond simple coverage (ADAD, LTD, etc). I didn't ask about the salary until after those questions were answered.
I'm not saying I'm the type of person who would castrate a company like this IT guy, what I'm saying was I had the opportunity had I been that type of person. Having a seperation package means the company didn't have to be so strict with policy. IT opeople don't like to feel like they're not trusted, and most other employees don't either. Instead of negatively effecting morale through draconian rules and watchguards, they assure employees they'll be covered if things don't work out in the long run, and everyone is happier for it.
This is no different than the reasons why companies keep lawyers on staff, why they have security at the door, and why they have cameras on the inside. People eventually will try to take advantage, or you'll have a bad seed. The bigger the firm, the more likely it will happen. This is an insurance against it. No different from hurricane insurance.
There is no contest in life for which the unprepared have the advantage.
"Terry Childs, a 43-year-old computer network administrator"
...someone had programmed in a back door.
It also claims that he is a "computer engineer". That's very ambiguous. He could be either. Or both.
Those using pirated Tinysoft signatures(TM) are a real threat to society and should all be thrown in jail.
All they gotta do is play "It's a Small World" in an endless loop till he coughs up the password. Might take about 30 minutes.
I recall doing work for a new client, where I made suggestions as to how to distribute admin access on their new NetWare network... the last tech guy had locked them out of their old server some years ago:
First they wanted everyone to login as Supervisor; I explained that it only took one of them to change the password, and then they'd be out of luck.
I suggested that they actually didn't need admin access, so they could simply keep a password in a safe (just in case) and otherwise use normal accounts for day-to-day use, but then they made the point that they didn't want me to be the only one with access...
I was a consultant, and in fact a friend of a friend of the owners, so I wasn't impacted, but they sure were: in the end, only the accountant was made admin equivalent, though everyone's passwords were "go", including his.
This was the best I could do!
Their system was just as vulnerable to lockout but at least I hope to have reduced the potential for human error/accidents.
"I'm not telling."
If you need a recognized code of ethics to tell you that sabotaging your ex-employer's system isn't right, then no code of ethics can help you.
I beg to differ.
About one percent of the population are psychopaths/sociopaths. Think "color blindness", except it's conscience, not vision.
Psychopaths CAN compensate - if there's something in it for them and they choose to do so. But is isn't wired in. So they have to learn a set of rules to do it right. That can be very hard - especially if the rules are written by non-psychopaths, who leave things out because they assume the rule-follower will "just know" or "apply common sense", which doesn't work for someone with this mental problem.
(Compensated psychopaths are, IMHO, some of the most "good" people around - because they CHOSE to be good and WORKED at it, rather than having the bulk of it being automatic, like it is with the rest of us.)
Moral codes, ethical codes, and the like are such rule sets. Yes, psychopaths need them. And yes, if the codes are well written they can follow them and become, if not pleasant co-workers, at least valuable and reliable employees who know they shouldn't sabotage the systems when their services are no longer required.
(The one treatment known to have a high success rate rehabilitating psychopaths who have become career criminals is teaching them Objectivism. B-) )
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
The simplest solution when it comes to firing the "admin"... have an equal or higher level admin lock the fired employee out of the system BEFORE telling him (s)he's fired! *shrugs* I bet that would solve 99% of these cases, and nobody would have to worry about their data... just the employee coming back with a shotgun :-/
Just my thought.
you are working for the common good
this is true even if what you are doing actually hurts the common good
it is the concept known as intent
this happens all the time in medical situations. the predicament is you have limited knowledge but you must propose a course of action. as long as the person's intent was to do good, they are protected under law. it is called the good samaritan law
http://en.wikipedia.org/wiki/Good_Samaritan_law
intent mixed with limited knowledge can be fixed: it just needs to be educated
additionally, real life is always about limited knowledge. no one is omniscient. you can't find someone culpable for doing wrong when no one knows everything about about a sitaution to propse the ironclad right course of action. and taking no course of action is even worse
it is worse to do nothing than propose a solution that is unsound. those who sought to aid the environment by using ethanol instead of fossil fuels were acting in good faith. therefore, they are blameless
intent matters more than final results. someone who intends to do good, even if they wind up hurting, is someone more valuable to society than someone who benefits society, but is only looking out for themselves
if you kill 10 pedestrians because a bee bit you while you were driving, you are less wrong than someone who killed 1 pedestrian on purpose. results alone are not the final arbiter of value. intent actually matters more
if you believe that you are working for the common good, nothing can touch you in terms of culpability for doing wrong
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
IMO this guy had a personal disagreement with his manager, and was fired because that guy was working full time trying to find a way to fire someone he disliked.. considering he earned an extra 30k as a trouble shooter and was able to pull off a time bomb, i'm sure he knew what he was doing with technology...
And this incident proves the manager was completely in the right to get rid of him. No amount of tech skills are worth the damage that an unprofessional employee can cause.
Business. Numbers. Money. People. Computer World.
I am sure that the people who ran airplanes into the twin towers thought that they were working for the common good. They should not be culpable? If Hitler thought he was working for the common good by cleansing the earth for the benefit of the Aryan race is he not culpable. What about those that are willfully ignorant? It is not as if there weren't people saying ethanol from corn would drive up food prices before the gov't started subsidizing it.
I strongly disagree that intent matters more than result. Tell that to the families of the 10 pedestrians.
I see a lot of claims that he did this. But all I see are claims.
- That he locked everybody else out.
- That he gave them a fake set of passwords.
- That he refuses to give them "the real one(s)".
And I don't see word one from him.
Is this what really happened?
I can imagine a number of scenarios where we'd see this external claim when, in fact, it's NOT what happened. For instance:
1) After firing the sysadmin they didn't like on the second attempt, management tries to change the passwords and fumbles it. They demand "the real passwords". He gives them what he has. It doesn't work. So:
a) They do a scapegoat operation on him to cover their own incompetence.
b) They're so incompetent that they don't even realize what happened, and honestly go after him for the crimes they believe he committed.
2) The system got pwn3d about the time they fired him. (Maybe just before, leading to the firing of the already-disliked employee. Maybe just after.)
And I could go on.
Now I have no reason to believe that he DIDN'T do it, either. (After all, it turns out Hans DID kill Nina...) But I see a government agency with a hung system doing a major smear job in the press, with lots of accusations and no details or evidence. And I see all the other posters taking as given that the accusations are true.
Let's reserve judgment until we hear what the evidence actually is, shall we? (If nothing else, they guy deserves a fair trial when it finally gets that far. It's going to be hard to find an uncontaminated jury at the rate things are going.)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
"Most large shops have a script or utility to change all the root/administrative passwords across the board in a single operation .. Odds on the guy just used that same script/utility to change the passwords"
What evidence do you, SaDan, Crayon Kid or guruevi have to support that speculative scenario ?
davecb5620@gmail.com
the 9/11 guys were willfully ignoring human life for the sake of an invisible skyman. this was their intent. an examination of their intent compounds their guilt, it doesn't erase it. they most definitely were not working for the common good, they working purposefully against it
as for the relatives of 10 people killed by a guy bitten by a bee while driving, i'm sure this makes quite an impression on their anger and anguish as compared to the anger and anguish of the relatives of the guy killed by a driver who mowed him down on purpose
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Dexter was a great show, wasn't it?
Won't somebody think of the Childs?
When someone says, "Any fool can see
Even in the presence of an encrypted disk ? Brute force it might take a while...
If you had an IT Union looking out for your career then you'd be making $25.000 max
Just like members of the MLB Players Union or the NFL Players Union. Everyone knows that baseball players and football players never make more than $25,000 a year. :)
And if you happen to be better than the next guy then, well, tough sh*t, as he will be making exactly as much as you do.
Yup, baseball players all make exactly the same amount of money. The quality of their play is irrelevant to their income. It's all about seniority. And what about the members of the Screen Actors Guild? God only knows that their pay is purely dependent on the number of years they've been in the industry. Doesn't matter how much money your last film grossed, or how much of a superstar you are, if you're a member of SAG, you're getting scale.
Yup, every professional union or guild must be run exactly on the same lines as the average blue-collar union. Professional unions can't be different because...um...because then my irrational hatred and fear of unions would be exposed as utterly foolish. :)
Having good knowledge of events, concepts and other things published by mainstream media at a later date, you've really hit the nail on the head on what I've observed, with regards to reporters. Reporters most of the time don't have the technical acumen to realize the nuances of what they're reporting, the context and when to spot bad data. Eg. While reporting an accident, they blindly take the "speed was a factor" quote from police. Since parked cars rarely spontaneously collide, it's a falsehood. When GPS was new in the early 90's I read multiple articles that stated, "GPS tracks your movements". Ummmmm....no. The satellites have no clue how many users are out there and where they may be.
In a few weeks this will blow over, they'll get their access back, the guy will be in jail and none of what was reported in the FA will come to pass. A few managers may get fired for being incompetent though, which you saw no mention of in the article.
Actually, a while back, a fellow I.T. worker told me about the term, "gray collar", that was developing. The idea was, the fields of software development, network administration and PC support were a weird combination of "blue collar" and "white collar" work.
After all, like most traditional "white collar" jobs, you're probably working in a climate-controlled office, and paid more for your knowledge and ability to problem-solve than for your physical labor. BUT, like a "blue collar" job, you're typically expected to do things the "white collar" workers usually assign to others. For example, you probably get to crawl around on dirty floors tracing network cabling, unbox and set up computer hardware, and spend time with hand tools removing and replacing defective components inside machines.
I'd have to say though, people like this govt. worker in the story, seem to be paid fairly well to me? I know cost of living is high in San Francisco, but still ... earning well over $110K/yr. salary isn't exactly "scraping by".
I'd say this is a clear argument in favor of waterboarding...
I am rather tempted to say, "No, honest Virgil did say it!" Or : "he would have!" or "Tertullian forced me say it!" or possibly even:
"Yeah, but, no, but... ", "... or summing or nuffing", "I wasn't even sposed to be there so, SHUT up!", "Don't be giving me evils!", "Oh my God! I sooo can't believe you said that!"
But it was indeed a mistake, too many classics, not enough brain space left.
You have my sincerest apologies. I meant Juvenal. Sorry.
Posts, MyBio or Sig, may contain satire, sarcasm, bolded nouns be sardonic or even witty & be Church of SD
the common good is the common good is the common good
the common good has nothing to do with impressing invisible skymen
the common good has nothing to do with saving the earth mother
both of your examples are invalid
the people in your examples are NOT working for the common good. they are working for nebulous, imaginary or preposterous goals
the common good includes the welfare of the human beings and society according to any rational definition of what that comprises:
1. a reasonable expectation of human dignity, rights, and freedom
2. a reasonable definition of what society needs to function coherently
impressing the earth mother or invisible skymen is WAY off that map
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Anybody else notice that this guy was being fired for being a poor performer yet what he did cannot be figured out by all the other sys admins there? IOW he's smarter than all of them! Perhaps you should fire some of those obviously incompetent sys admins. You have physical access to the box but cannot managed to get in?!? Idiots!
Good point. Take a look at some of the comments left on the SFGate story about Kamala Harris, the San Francisco District Attorney who is prosecuting this case (who used to sleep with former mayor Willie Brown) and Ron Vinson, the Department of Information Technology's Chief Administrative Officer (who probably hired this guy) and you can see what kind of ethical standard is employed by the City Government of San Francisco. And even Mayor Gavin Newsome, the Democratic Party's golden boy who is now organizing an exploratory committee to run for Governor after Schwarzenegger is termed out of office, has his own ethics problems (e.g., porking the wife of his campaign manager on his office desk in City Hall before his last re-election campaign). Is it any wonder why his super-model wife left him to go work as a reporter for Court TV?
And this, folks, is a prime example of what I'm talking about.
The number of off the wall assumptions this guy is making about me and by extension, society in general, offers a rather creepy window into his own mind. I shudder to imagine what he thinks I get up to in private. I'm betting it ain't pretty, but you can be certain of one thing; it says a great deal more about him than anybody else. Also notice how he was condemning me of sickness and depravity when he's the guy promoting torture? That's a classic example of sociopathy; blaming the victim of the crime you are responsible for. --Mind you, I'm calling this creep a psycho; you'd need proper medical testing to be sure, but if it looks like a rose and smells like a rose, you'd be foolish not to expect thorns. If I was somebody in this guy's life, I'd have my guard up big time; these types are totally incapable of seeing that they are wrong even while they rain massive amounts of harm, both physical and psychological on their victims.
As for his broken argument. . . Sigh. It takes so much work to explain the fallacies of broken logic to the delusional, and it's pretty much pointless, because guys like this are generally incapable, sometimes on a neurological level, of admitting or even understanding that they are not perfect beings, that they are capable of being wrong. So whatever I say will be twisted or misinterpreted, slithered out from under or just plain ignored in the blare of his own never-ending voice box. . . But I will make the attempt for the benefit of anybody sane who happens to care. . .
A society which accepts waterboarding in lieu of prison terms, as he suggests we ought to do, is a society which has replaced the means of punishment, so torture is no longer a means simply for extracting information. And since there will be others just like him who scoff in exactly the same way he does, saying, "Bah, Waterboarding doesn't scare me. It's quick and I'll be able to get on with my life, (of crime??)."
So what is the next logical step? Anybody? That's right! To step it up a notch. Any society which starts by accepting torture as a reasonable reaction has just taken a step down the ladder, and so it will accept the next step; that of more terrible torture methods, until the logical end, death by torture, is ultimately reached. I don't want to live in a society which is engaged in a torture arms-race with the 'criminal' element. --Further, and there are SO many things wrong with such a plan, when depravity becomes acceptable, those who have an inclination toward depraved behavior come out of the closet. This is an observed pattern in previous fascist states; because of society's tacit approval of depravity, you'd get the local twisted cop conducting his own extracurricular waterboarding sessions. That's absolutely guaranteed. --But it's a subtle enough detail that it always manages to be left out of the bombastic arguments presented by those arguing for a more evil society.
So that's my argument. Creep-o man, however, will no doubt see it differently. You can always tell which way these types of sicko will jump. Just watch. His internal impulses will pretty much make it impossible for him not to respond with some manner of foul lunacy. And if he somehow manages not to, you can bet he'll be vibrating with rage for a whole week wishing he could kill me! Ha Ha! Loser.
-FL
the guys on 9/11 did not think they were working for the common good
they thought they were working for the glory of god
duh ;-P
but let's go further than that and say they DID think they were working for the common good
well, the thought processes of a nutjob does not validate their absolution
a nutjob could also believe that pontius pilate speaks to them in code through the chirping of birds out their window. a nutjob could believe many things. the thoughts of someone who is not mentally coherent does not validate or invalidate anything. the thought processes of a nutjob are not relevant. the thought processes of a sane coherent individual is the sole determinant of valid intent
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Your approach ruins lives.
So, NOT torturing people ruins lives, eh? Whereas torturing people is an act of mercy? This is what you are claiming?
Those kinds of statements are anything but new. They are in fact recurring patterns on the world stage in dark times. War is peace. Hate is Love. Etc.
Look sicko, you might actually think you are right, but that's only because you're insane.
I have already responded to this creep and his 'logic' in more detail earlier in this Slashdot comment forum. Anybody interested can read it here.
Cheers!
-FL
Actually - I see this as a very good day. ... is the day we really learn how secure a determined admin of whatever system this is can make a system. ... we learn whether big systems have back doors for the NSA. ... we learn whether physical access to a system really does mean pwned, or if we have passed that final barrier. ... is Independence DAY!
Today
Today
Today
Today
(Plus - I don't live anywhere near SF, so I don't mind using their system as the scratch monkey.)
Glonoinha the MebiByte Slayer
This whole experience has shown me the benefits of a union
I've been in a situation similar to yours, and instead of pointing me towards union membership it pointed me towards only working for companies and people whom I respect and by whom I feel respected.
well, if you ever have a manager from hell, who eventually moves to get you fired, maybe you'd get the idea of how stressful (especially in a down economy) his efforts to get you fired can be.
the guy made a big mistake, but, it's not like he brought in a machine gun and mowed down half the office. doesn't excuse him for committing the crimes he did make, but it does explain how a human being, confronted with something they just can't handle might cope with it.
so perhaps large institutions that begin a process to fire someone, should remove their passwords to any mission critical services until the process results either in a firing, or a determination that he/she hasn't done anything worth being fired over.
https://www.gnu.org/philosophy/free-sw.html
Troll my ASS, you troll-marking dipshit. By marking me a troll, you are saying it's OK for sysadmins to hold hostage their employers, the public, and the clients of government or business.
SHAME on you.
ANYone who is a sysadmin is quite likely in a VERY trusted position. IF such a person with SOOO much access and control decides to hold hostage and harm people, then even though such person might not have directly killed or mutilated anyone, his/her ACTION puts police, the public, and workers, even patients and other clients at risk. So, why should such a hostage-taker NOT be pummeled or beaten for the information and systems he/she admits to locking down?
Sure, the NSA or CIA might be able to unscrew the systems he screwed, but letting him off or punishing him is a circumstantial situation, just like court cases are. But if his supervisors or cowards or unions or others protect him for reasons of agenda, rather than business or government system continuity, then THEY are part of the problem.
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
entity might solve their problems. What 2-letter entity? Well, ms, of course. Didn't they just release to law enforcement a USB-based security bypass? Now, the THREE-letter agencies don't even have to get involved-- except to say, "ms, make sure you don't leave the USB device unattended, and be sure to retrieve it upon your departure for each system you use it on."
(That is, assuming the non-government intel agencies cannot legally obtain the bypass device already...)
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Wouldnt be very hard to set up a cell-phone activated wipe in 2 weeks...
I have all the hardware needed sitting in a box in my apartment :-p
If you can do something from a single machine through some sort of scripting it is rather trivial to build a hardware gizmo that takes a cellphone call and runs the script.
I hope they learn from this whole major fuckup though.. Hope.. Hope....
Is there some way to graft these systems onto one or more virtual systems? This could be a whole new line of business strategy for VMWare, possibly VirtulBox, QEMU... If you can somehow make an ISO of a running OS.
But, I suppose any devious, capable saboteur would have inserted booby traps that periodically check for live, undocumented, random, one-time "pulse-points". If enough of them don't respond properly (assuming the saboteur assumes the infrastructure won't change drastically in a short period of time...), and if they don't interact at commanded moments based on his own interaction, then the systems melt as if he is arrested, dead, etc.
But, assuming that is not the case, still, it might be interesting to find out if it is msoft or VMWare that saves the day and creates a new or augments an existing aspect of the data recovery industry.
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Especially since Mugabe and his cronies and accountants have in the West as many friends as they have in Asia and Europe, all helping him launder, recycle, redirect and so on untold sums of cash and other instruments. The US and UK found SOME monies, but they cannot and will not find it all.
hear "Looting", at:
http://marketplace.publicradio.org/display/web/2008/07/15/zimbabwe_loot/
So, Zimbabwe dollars are probably converted to LOTs. Seems to me, Zimbabwe dollars are worth a LOT, if lots of people take risks to convert and hide them... But the, i'm not an economist or anything near it...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
"I...I.. well... I COULD burn the building down..."
Slidell: Oh, yess. yess.. That's it... Um... Could you move your leg jussst i little to the right? Oh... yess, that's it... Now, arch your back a bit... Oh... purrrfukt...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Ken Starling.... Or, Commander Braxton, of the Federation Timeship Aeon...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
I'll let you into a secret: I didn't learn the classics. I prefer Dostoevsky.
Si tacuisses, philosophus mansisses
Anyone know what OS the city of SF is using? You shouldn't be crying about what bad he has done..You should be avoiding the OS they use!!! I can do the same thing on any Windows network in seconds.
Well,
There's always the "rubber hose attack"
What, no bofh tag?
Did you know there are more people employed in government jobs than in Manufacturing in the US?
Cool! Amazing Toys.
... because you are totally wrong and I am totally right.
You can call me loonie toons all you want but your logic remains completely flawed. On one hand, you argue that torture is terrible, and then, on the other hand, you agree that people would prefer to be tortured rather than suffer long prison terms. Then you argue that torture is morally wrong and a slippery slope towards, what?
Again, let's have some facts.
a) the guy admitted having the passwords and refused to give them up.
b) in doing so, our poster would have, at great expense, third parties attempt to hack them. Guess what, if he chooses a strong password and they are using Windows, it's not going to be so trivial to break into the SAM.
c) in doing so, our poster would have, at great expense, incarcerated the guy for up to several years.
d) the poster then argues that long prison sentences are necessary to avoid fascist states. I leave the reader to judge the logic of THAT argument!
I ask, again, what exactly is this accomplishing? The poster has labelled the man that hacked the computers and withheld the computers as a criminal. I am not so sure that this is the case. I think the perp in this case was reacting badly to stress in some way and frankly, given the financial circumstances our country is in, I think many of us ourselves feel it. Above all, I think there is a movement within the IT sector, among those of us who have had badges deactivated, police escorts and our stuff tossed out on the curb when data centers get sent off overseas, after working for years trying to make the company better, that we are implicitly criminals and not professionals.
What this man did was wrong, no doubt about it, but, again, do you really need to throw him in jail for years upon years? Is it really so horrible a crime to do so? Only if the victim has to spend thousands of dollars in down time and recovery services to get their passwords back up.
I thought, that the first measure of justice is simple: Does the punishment fit the crime? We have become so numb to doling out multiyear prison terms in hopes of some imagined deterrant effect that we have lost notice that we now have people now grow up pretty much thinking that at some point they will be tossed into prison for nearly every capricious sentence invented by the State. That, to me, is fascism....
Thus, I argue, the most merciful thing to do, for the victim, and the perp, is to waterboard the perp until he gives up the passwords, which, by all accounts takes only a few minutes, and then, let bygones be bygones. If the perp is willing to give up the passwords before then, there's no need for the waterboarding at all. But, I can't see how making a felon out of a stressed out guy that made -one- bad mistake, while at the same time making matters worse for the victim of the crime, benefits society in any way.
When I was younger, I used to believe in the slippery slope argument. I remember being told that if we had one more government program, or one too many deregulations, the country would go on a slippery slope either way. But neither happened. If anything, the political battles between liberals and conservatives of the 1980s have lead to so many role reversals that the only thing that is consistent about "conservative" and "liberal" are the words. There hasn't been a slippery slope on any issue, only an ongoing argument. Even in the case of the media and excessive violence and sex, there has been marked improvement. There is no slippery slope and it turns out that people have a pretty good barometer of what is right and what is wrong and that these morals are intrinsic to most humans, above and beyond even one's religious beliefs or even in the absence of them. They can sense when the pendulum has gone too far in one way or another and they tend to push things back towards the best moral ground that they can. It is not just that Americans are decent people, it is that the world is filled with decent people, and so long as we educate ourselves and our children to live by the Golden Rule, to live fairly, I just do not see how we could descend into the very barbarity that he should so describe.
This is my sig.
Here, here.
Now, to be fair, I've never actually worked for the public sector at any level, (although my wife does, as do several of my friends) but whenever I hear somebody suggest that any given problem in the government doesn't exist, or would be less of a problem if it were handled by private sector, I think to myself, "what private companies have you been working for?". My wife works for the feds, and I can match her for any story of bureaucracy or waste or mismanagement or inefficiency with a similar, or worse, case, in the private sector.
I see that as a company grows larger, it takes on more and more of the stereotypical traits of "big bad government bureaucracies".
Makes me wonder often if there's a natural size to any organization, regardless of it's funding or revenue source. Once you get over a given size (maybe 100-500 employees) then the "overhead" of maintaining organizational structures messes everything up.
The plural form of "anecdote" is "anecdotes", not "evidence".
The world will not end in a zombie rampage, by zealot's with dirty bombs, greenhouse gasses or meteor strike . . . it will be by a disgruntled employee with root access . . .
"You were expecting something witty here ?"
If you are already running stuff in a virtual machine it should not be too difficult to clone them while they are running. VMware already allows rapid live migration of virtual machines to different hosts (vmotion), I believe xen can do that too nowadays.
But if they are not running on a virtual machine it will be difficult, because with most virtualization solutions, the virtual hardware would be different from the real hardware. The NIC drivers, video, SCSI etc would be different.
Probably have the passwords. Just wait a couple of days until they arrive.
All the agency needs to do is come up with some story which proves that that engineer by doing what he is doing is a terrorist. After that they can use great anti-terror powers to resolve the problem.
Making stories is easier than figuring out why is is disgruntled.
Plus, advice to agency principals: Be sure to never try to find out why is he disgruntled because you may find out it's because of you. :)
hany
How do they know he was spying if they cannot access the system ?
This sounds like another attempt to sling s#!t.
I notice the subject here is doing exactly as predicted; ignoring those elements which disagree with its argument while spinning utter nonsense. Again, for anybody interested, I'll dissect the clutter. . .
Of course a psycho would prefer a system which allows a criminal to get away without a record. Psychos repeat their crimes; they can't not. And hey, maybe the criminal will get away with it next time around. If the only punishment involves something which the psychopath does not fear and from which it can walk away to continue its criminal activities, then it's completely win-win for the psychopath, whereas society suffers. That's the primary point here, and the real reason for this subject's argument; trying to make society work for the psychopath. Everything else offered by it is total nonsense spin.
Your plan - the victim spends many man hours trying to recover their passwords while the perp then spends years in jail, then cannot get any other job because he has a felony on the record.
Again, there appears to be no understanding here that society doesn't WANT the criminal to be part of society anymore. That's why we put them in jail. If they can't play by the rules, then we pull them out of our midst and put them in a box for a long time so we don't have to deal with them. I'm not saying that there aren't massive problems with the justice system and the prison system. There are, namely bad politics and rampant corporatism. But the essential function makes sense. When a criminal attacks society, they become our enemy. We don't want them to go unnoticed. We want them labeled as a threat so they cannot hurt us again. That's how we protect ourselves. The psychopath loves a society which is endlessly forgiving because that's where it can thrive.
I would be happiest if the purpose of the justice system were bent towards the total ruination and containment of psychopaths. They cannot be fixed or saved, and they do not have souls and thus mercy means nothing to them except another get out of jail card and meal ticket.
I'm far more merciful than you!
No. This subject is a sick monster which wants to strap people to tables and torture them until they scream for mercy, screams which will be ignored until they pony up with the right price. For the psychopath, mercy is just another commodity, and this is what is wrong with them. Mercy comes naturally to real humans which is why torture is so automatically abhorrent. The problem is that psychopaths are masquerading as human, playing the system against us. For example. . .
[...]I would also make available some psychiatric help for the guy[...]
"Make available some psychiatric help"? Make available? Not 'enforce', I notice. Is the psychotic criminal really going to take up such an offer voluntarily? --Also, psychopaths tend to spend a fair bit of time playing psychoanalysis game, so they get good at it and they don't care. It's just another place to tell the story of their 'greatness' and be let off scott free. It's all a game to the monsters, because they cannot be cured.
Luckily, it works both ways. The more people learn, the more people will be able to recognize the psychopath for what it is and thus the predator's options to feed will be narrowed, hopefully to the point of starvation.
Plus this joker is totally hilarious under glass! He's the only one who doesn't realize just how completely out to lunch he sounds, and it's not because nobody 'gets' his 'brilliant' arguments. It's because there's simply something wrong with his brain which means he is actually incapable of seeing a portion of reality which is plainly obvious to everybody else. It's like he thinks in black & white while everybody around him thinks in color. His comments are all based on less information than those around him have, and so it's automatic that his reaction to the world is going to look utterly foolish to everybody with fully functioning perceptions. Ps
Ok, for your whole thesis to work, you have turned a disgruntled employee into, what do you say, a "psychopathic enemy of society". That's quite a leg you've got to stand on. Seems to me that psychopathic enemies of society would be more like Ted Bundy and other killers, not disgruntled computer programmers that changed a few passwords around.
Again, for anybody interested, I'll dissect the clutter. . .
Please do.. you advocate a justice system mandates psychiatric treatment and puts away a guy for life for changing a couple of passwords. I wonder, based on that scale, how many lifetimes you can put away a murderer for? Does a speeding ticket get 10 years, in that scale?
Really, seriously, give yourself a break, go get a hammer and a chunk of marble, and just to get work on my statue. I'm just better than you and, it's just part of the natural order of things. I still love you in your inferiority, and you will be able to share in that love and gain a love of yourself as you completely your important work of making a statue of me.
This is my sig.
... get treated like shit.
Here endeth the first lesson of human-computer relationships.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
Wow. That's sounds like a very hard time! I'm glad to hear you got out in one piece. I've been studying the psychopathic head space for some years now, since it is becoming increasingly clear that our governments are well-stocked with such. I'm not entirely sure what the answer is, but I've resolved to learn as much about the condition as possible. I have a suspicion that with the right training, it should be possible to build up a set of personal mechanisms which can be used to not just survive the psychopath, but also to combat them. Possibly with great efficiency.
The latest thing I've learned is that the 'sick to the stomach' feeling which comes with exposure to what our emotional side recognizes as clearly 'evil' and which really can wreck you for weeks, can be quite easily side-stepped by recognizing that the subject as exactly that; a subject or machine with a set of predictable text-book reactions. It becomes impossible to take any of the psychopath's words personally because there's simply no person in there. The difficult part is detection; you don't want to make any mistakes, but it makes sense to learn and keep an eye out for the basic cues, like the example of cat killing you came across.
The other useful tactic is the open sharing of information. That one is huge.
Anyway, cheers to you!
-FL
Yes, but that only work up the point where you don't feel respected anymore. Then it degenerates into the situation described by the grandparent.
Singularity: a belief in the "God" idea with the "demiurge" relation inverted.
More houses of cards to shoot. . .
That's quite a leg you've got to stand on. Seems to me that psychopathic enemies of society would be more like Ted Bundy and other killers, not disgruntled computer programmers that changed a few passwords around.
This is a typical misinterpretation. Bush hasn't Ted Bundied anybody, but he's a psychopath. Killed small animals when he was a kid, and then did further damage to his brain through drug and alcohol abuse. Sociopaths in positions of power result in Enron, and Iraq, and now countless other disasters for society, the costs of each which are counted in the billions of dollars. So yes, I think seemingly innocuous psychopaths need to be tested and upon discovery, put away. Anybody who has dealt with a psychopath in the workplace knows just how destructive and manipulative such creatures can be.
you advocate a justice system mandates psychiatric treatment and puts away a guy for life for changing a couple of passwords. I wonder, based on that scale, how many lifetimes you can put away a murderer for? Does a speeding ticket get 10 years, in that scale?
Don't be daft. (Oops! That's neurologically difficult for you on these topics, isn't it? Well struggle along as best you can. . .)
Where on earth did I say the fellow in question should be put away for life? I don't know anything about the guy. If he's just a regular fellow who broke the law, then he should be suitably penalized under the law. I'd probably be satisfied seeing him do a few months of community service, so long as nobody was hurt or no serious damage was done as a result of his pass-word crank. If somebody, however, was demonstrably hurt by his actions, then it's a different story. But you get the idea. (Well, no of course you don't, but my responses are only here for the record.)
If however, the fellow is discovered to be displaying psychotic tendencies, (such as promoting torture and displaying pathological egotism and demonstrating regular examples of cognitive dissonance. --You know, like you), then he certainly should be taken in for proper testing and evaluation. If he is deemed psychotic, then we should most definitely lock him up somewhere he can't do anybody any harm for the rest of his natural life. I'm sure we could come up with a clean system to deal with the problem and prevent errors. And the good thing is that when you start pulling psychotics out of the system, the likelihood of general abuses drops dramatically. Win!
Really, seriously, give yourself a break, go get a hammer and a chunk of marble, and just to get work on my statue. I'm just better than you and, it's just part of the natural order of things. I still love you in your inferiority, and you will be able to share in that love and gain a love of yourself as you completely your important work of making a statue of me.
Pump that one all you want; levity won't wash you clean; this guy actually believes on a fundamental level that he really is perfect. Read the full post series here to determine it for yourself; the links are all easily within reach right on your browser. He/it realized his mistake of self-exposure early on and he's been dropping these 'joke' versions as frequently as possible so as to disguise the odor of something not quite right in the air.
Gimme more, pal! I'm learning SO much with every step you take!
-FL
Why is this incorrect information being repeated over and over?
In theory, yes, physical access equals full system access.
In the real world, there's encryptions, traps, etc. to deal with.
For example, my laptop. I use TrueCrypt to provide full disk encryption. Sure, you can theoretically get access to my data given physical access, but it's not feasible given current computer systems and encryption algorithms.
Even if the OS is completely unencrypted, the application data could be encrypted with no bypass.
Even if the encryption isn't an issue, you've still got to worry about traps and such. Once you reset that password, a cron job on the next boot might notice and delete all of the important data off of the machine.
So although citing this oft-repeated rule makes you sound smart, it's not true.
ND
This statement is forty-five characters long.
True serum TADA
How do we know that SF wasn't spying on on people without a court order?
> It's possible this guy had set this all up in the case he got fired, and then we he saw it was going to happen he put it into motion.
And it is also possible that Childs is completely innocent, because what we have is just a newspaper article full of "he said, she said" allegations. The whole story is as one-sided as it gets.
Allow me to highlight the important parts:
Not Pittsburgh, PA -> Pittsburg, CA. He wasn't working remotely, he was commuting in from way out near Antioch. Just goes to show you that 150k a year isn't enough to buy a decent house close to your place of employment in the Bay Area.