Slashdot Mirror
Disgruntled Engineer Hijacks San Francisco's Computer System
ceswiedler writes "A disgruntled software engineer has hijacked San Francisco's new multimillion-dollar municipal computer system. When the Department of Technology tried to fire him, he disabled all administrative passwords other than his own. He was taken into custody but has so far refused to provide the password, and the department has yet to regain admin access on their own. They're worried that he or an associate might be able to destroy hundreds of thousands of sensitive documents, including emails, payroll information, and law enforcement documents."
With backups no data will be lost. Oh, those are encrypted?
...you disable his account *before* you tell him he's fired.
TLR
A man no more knows his destiny than a tea leaf knows the history of the East India Company
Next thing you know, we'll have some dinosaurs on the Presidio.
We all dream about doing this to our ex-employer, but he's the one who's had the balls to do it!
With the correct knowledge, it should not be too difficult to get back door access to their system again.
This seems to be more of a PR excercise on making an example (as they should) of this guy.
More and more reasons why people like us should have a recognised code of ethics.
Eagles may soar, but weasels don't get sucked into jet engines
Idiotic new law in 5...4...3...
If he met the same kind of problems I did when I worked in public sector and tried to push changes that would prevent this kind of idiocy in the first place only to be ignored because policy and process changes for better security and general good practice improvements meant management actually having to do some work then well, good on him for having the balls to do it.
Certainly in the UK in public sector those who work hard get shit on because those who refuse to do any work or could care less about a good job own the IT departments due to nothing more than hanging around for the job long enough that everyone higher than them dies/retires. As there's no accountability in local government and most other public sector these people can't be sacked or disposed of in other ways so they just hang around until they are 65.
"Childs has worked for the city for about five years. One official with knowledge of the case said he had been disciplined on the job in recent months for poor performance and that his supervisors had tried to fire him."
How the hell do you "Try to fire" someone .. either you do it or you don't.
(And please .. no Yoda BS. If you go back and look at when Yoda was first introduced as a character he didn't do that cutesy backwards sentence construction. That came later. So I put it in the realm of Jar Jar - obnoxious character development)
I am Slashdot. Are you Slashdot as well?
He was arrested AFTER he disabled everyone else's account.
What do you recommend they do next time, use a crystal ball or ouija board to predict who's going to pull such a stunt?
There was an unsuccessful attempt to fire him. The article also mentions that he was essentially spying on people to learn things being said about him.
Especially when it makes a crime a Felony. That is one of the four felonies charged to him. The other three are all related to tampering with a computer network.
While this guy is obviously an idiot for thinking he could blackmail a government entity I am quite pleased the security on the system is sufficient to make it hard to get into when strong security is put into place. In other words, nothing annoys me more than so called secured systems having some means of password decryption, let alone the ones that allow admins to see them plain text.
what is going to interest me is how many years they will attempt to land on him. Just how offensive to society is this type of crime versus murder or rape. It seems that every new crime invented by the government gets stronger penalties than existing ones; if only to make it appear more valid. After all the penalty wouldn't be so severe if it were not really a crime now would it?
* Winners compare their achievements to their goals, losers compare theirs to that of others.
Is what I say ...
Large municipal department of technology seeking software engineer for a multimillion-dollar computer system. At least 5 years of previous experience required. Must be able to gain administrative access to a system where the password is not known. Hiring immediately!
ok, you're mad at your employer, perhaps there reasons for firing you are invalid
but taking it out on third parties, such as with locking up law enforcement documents that might decide the guilt of hardcore criminals: you're a selfish asshole for setting up that scenario
maybe you didn't deserve to be fired
but now you deserve to rot in jail for how you responded to your firing
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Number one rule in IT. If i have PHYSICAL access to a system i can get in. Some way, some how.
There Can Be Only One...
Noodleboarding...
"Kill 'em all and let Root sort 'em out"
He would have snapped either way, they should be thankful he did not do more damage.
No matter what you do, you can't stop stupidity, madness, hatred and malice. If someone is clever enough or in a position of trust, as inevitably someone has to be, this can happen and you can't always predict it. So the problem is not that a disgruntled employee pulled the plug, but that appropriate checks and balances were not in place. If they were, no individual at all would have been given that sort of power. For a single person to bring down a system is the system's fault.
Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
FTFA:
"At a news conference announcing Childs' arrest, District Attorney Kamala Harris was tightlipped about what his motive may have been."
I think there's more going on here than we're being told.
That director over there, he gets a golden handshake as he goes out the door... You want to keep him sweet because he knows where all your dirty secrets are and could cause all sorts of trouble for your operation.
The sysadmin, youre going to kick out the door becuase hes blue colar... Oh, wait a minute... He really does know where all your dirty secrets are and really can bring your operation to its knees. In fact hes far more dangerous going out the door than the exec... pity you didnt think of that.
Execs are heaved out the door all the time for being incompetent, but its done with kid gloves because theyre deemed to be potentially damaging... And they wear a suit.
Word of advice: if youre sacking somebody who can bring your operation to a grinding halt, make sure you you keep them sweet, regardless of the job they do for your organisation. Its simple business.
Thats why you run unpatched windows, it will take only 4 minutes to get access.
log in in init 1 (runlevel 1) and change the root password or;
/etc/shadow change this:
in
root:$2$3bJ7DS4R$rV45lDlqNsfDRntfO1NCk0:14069:0:::::
look exactly like this:
root::14069:0:::::
this and you can log in to root without any password
maybe other *nixes are close enough to do the same (BSD or solaris)
on ubuntu the root shadow is a little differrent since it is disabled with an asterisk:
root:*:14069:0:::::
just remove the asterisk
Politics is Treachery, Religion is Brainwashing
Number one rule in IT. If i have PHYSICAL access to a system i can get in. Some way, some how.
Government Agency rule number one: If I have PHYSICAL access to a criminal, I can get information. Some way, some how.
From TFA: "Prosecutors say Childs, who works in the Department of Technology at a base salary of just over $126,000"
No wonder he was disgruntled, that's not even a living wage in San Francisco.
stuff |
"Officials also said they feared that although Childs is in jail, he may have enabled a third party to access the system by telephone or other electronic device and order the destruction of hundreds of thousands of sensitive documents."
Or maybe he hasn't. He might have done a lot of other things as well. A few of them are worth investigating but speculating publicly makes them sound a little hysterical.
Poor soul. All pissy over a job that pays 150K/yr? This guy lacks perspective, huge. If incarceration and bankruptcy don't help him figure things out - perhaps a stint delivering pizza or a cardboard sign at the offramp.
Been around since the time of Juvenal's Satires (which would be the third or fourth century AD, I think, unless someone wants to look it up and correct me).
Think for a moment. If you are a senior IT administrator or a senior programmer, unless you're in a very rigorous environment, your actions are most likely not subject to peer review. No-one has time. Right?
How many times do we see the argument "it's open source, anyone can read the code" immediately presented with "but who does"? Now consider that there are millions of people using Linux who potentially could read the code and who are likely working with it because they have a personal passion; but a handful of people who potentially could review your work, but are unlikely to have any deep yearning to do so because, well, they've got their own work to do.
In this kind of situation, you either have to have a mandated peer review regime (time consuming and expensive) or an independent audit (ditto). Both of these are, for reasons of practicality, likely to hit only subsections of what needs to be reviewed.
It's a trust thing. If you can trust your admins. And if you can't...well, who admins the admins?
because
They're worried that he or an associate might be able to destroy hundreds of thousands of sensitive documents, including emails, payroll information, and law enforcement documents.
Yes - that's the reason.
Not because he showed up their complete incompetence and made them look like fools and now they want retribution. Protecting the public's right to privacy - yes, that's the reason.
Genesis 1:32 And God typed
modern computer systems have a single point of control or power, the superuser. most admins need that access to do their job, but through that account they can do exactly this, disable all other accounts and change the superuser password. It can be circumvented (usually) with physical access, but it sort of comes down to the fact that someone in a position of trust can abuse it and do a lot of damage. I'm not sure how 'checks and balances' would have prevented it except maybe to not hire nutjobs.
Responsibility is part of the sysadmins job. This concerns sensitive data and uptime of services. He failed.
None of us know all the facts of the situation, but I think it's pretty obvious that this guy was just trying to maintain his livelyhood through a misguided attempt at job security. If we had an IT Union looking out for our careers that gave us some sort of protection against the arbitrary whims of upper-management, then maybe this wouldn't have happened.
As for the idea that the guy might have shared his password with some unscrupulous feind... how many of you, had you actually been given admin access to SAN FRANSISCO would really share that password with anyone? Drastic, misguided, sure... but stupid? Come on, there had to be a reason he got the job in the first place.
"Knock the stones together, guys!"
I do not bow to his guts. There is a fine but definite line between fantasy and reality. This might be YOUR data he uses to play his game.
It is not gutsy to do this. It is childish at best. And no, it doesn't matter if he might be in his right with whatever dispute he has or had. Put him in jail untill he is willing to talk.
Don't fight for your country, if your country does not fight for you.
I didn't actually intend to. This was about 15 years ago. I got hired to take care of payroll at a warehouse, which was a completely paper-based process. I suggested that I could transfer the whole operation onto a computer and be more efficient. They said go ahead, but for security be sure to password protect it.
It ended up taking me only a couple of hours to do what had been an all-day job, and naively I told them this and suggested that there were other areas of operation in the plant I could similarly improve. Instead, the next day they canned me - they wouldn't say why, only "It just isn't working out."
The day after that I was glumly poking through the classifieds when I got the call
"Hi, how are you doing?"
"Well, I'm unemployed. That doesn't help."
"Ah, yes... well. Say, you know your payroll system? It's password protected."
"Yes, I know. You asked me to do that." A little bubble of joy started in my chest.
"Well, could you tell me what the password is?"
"I could... but I don't work for you any more, do I?" Then I hung up.
Oh, all the raw data was still available on paper, but I'll bet it took them weeks to straighten it all out completely.
"going municipal"?
bickerdyke
Why yes, torture is only wrong when its done by some banana republic. Done right its the utmost expression of freedom, the american way of life and free speech.
HTTP/1.1 400
Seems kind of funny that the article reports the DA is "tightlipped" about his motive. Makes me wonder if he is 'disgruntled' for a reason that would embarrass the agency if it got out.
Also pretty funny that they go into great detail about his salary, which seems kind of low to me for the area or at least average. Sounds like they are trying to make him seem unsympathetic in the public eye.
When information is power, privacy is freedom.
Firing someone for poor performance (as opposed to firing someone for a single unacceptable action) takes time....and MUCH coordination...at least everywhere that I have worked.
In a decently managed environment, the employee knows in advance that his management views his/her performance as unacceptable since the manager has discussed it with the employee and laid out a plan for improvement. Even an average employee could see the writing on the wall weeks/months in advance...but this individual was also using his administrative access to monitor related email messages.
If his group comprised even a moderately-sized MIS group, you could pull his admin responsibilities and transfer him to a role with lesser rights during the period of performance review and monitoring...but this individual was most likely hired to do this very specific job...and there may not have been another position in to which he could transition naturally...even temporarily.
My question - where are the backup tapes? Pull the tapes from a date prior to his manipulation of the system. Presumably, it should not be that long ago if they were ensuring that at least one other admin had routine access to the system. In such a case, they should have known within 24 hours that he had done something. If, on the other hand, he was a one man show, then I think that they are screwed until he gives up his password...which he will. Mark my word.
> on any Linux system you can log in in init 1 (runlevel 1)
Anyone with even the slightest bit of security concern would put a restricted flag in the boot loader to prevent this sort of thing. The boot loader will then ask for the password to alter the boot command line. See RedHat docs for a howto.
Can you get into a system that has intentionally been locked off? And can you do so in a way that you're sure won't set off any little surprises that will, say, overwrite all backups with Star Trek Furry fan fiction, change who owns which files, e-mail/post confidential medical/legal data all over the interwebs, change data in a harmful way (switch names on booking records, for instance) and/or destroy all the relevant data?
Their safest bet short term might be to not try to access the system at all really. Pull the storage media and hope its not encrypted.
Now, we have no information indicating he's good enough to pull off some kind of massive lockdown in less than three weeks (even if he had planned something like this). But while you can always get access to a system if you have physical access, that doesn't mean you can get access with zero damage to the system.
In this case, it isn't even anything sinister. Basically they get a court order compelling him to give up the password. If he refuses, he's in contempt of court and they'll lock him up until he does. If that's for the rest of his life, well then that's how it goes. He has no grounds at all to challenge such an order so any appeals will get shot down.
Basically they can just keep him in jail until he decides to give up the password. Most likely, this wont' be long at all. Sounds like this guy isn't a hardened criminal, just an asshole with an over inflated sense of self importance. I'm guessing after a few days he'll realise how much this sucks, and his lawyer will explain that he is in fact just going to sit here until he gives it up, and that the ultimate sentence he'll get will only get worse the longer he stonewalls.
Of course, if we all had wings, we'd fly. Then reality sets in. Can't change the past.
I'm sure he was plenty stable until he became disgruntled, otherwise he wouldn't have ended up with the admin passwords, no?
Anyone who'd be an asshole like this, doesn't deserve to be in a position of responsibility. Anyone who would do something like this, regardless of the work situation, doesn't deserve a job that has that kind of responsibility. While your situation at work may suck, your boss may be an asshole, etc, etc this sort of thing is just unacceptable. Goes double when you are in the public sector and you will be screwing over people who have nothing at all to do with the situation.
Get fucked, asshole. The last thing this country needs is for butthurt pussies to define another ordinary crime as "terrorism" because they think a particular perp should be punished more "as an example" or because they're afraid.
This is not terrorism. It's an act of sabotage by one individual (who should undergo a psych eval) who should be prosecuted to the extent of the law, and to a lesser extent it's a failure of leadership for his bosses.
Hail Eris, full of mischief...
E pluribus sanguinem
For those who wonder what kind of working environment DTIS has:
PeopleSofts HRMS 8.x application software.
PeopleTools 8.4x, PeopleCode, SQL, SQR, COBOL, Application Engine, Oracle and HP/UNIX.
IBM hosts and DB2
Microsoft SQL Server 2000
Just look for open positions and you know what they are running.
Step 1: make bomb
Step 2: go to spice market
Step 3: asplode self and random shoppers
Step 4: Prophet
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
...the police did give the codes back, but now the city is mysteriously spending 20% more on police salarys.
Use your head, can't you, use your head,
You're on earth, there's no cure for that - S. Beckett
When I was still in college I had heard of a programmer at one of the nearby companies had rigged the payroll system she wrote. I guess they hired her on little more than a vocal agreement and fired her after they thought the job was finished. Oddly enough she thought she had a long term job, go figure. Anyway, her payroll system was setup to payout $100,000 checks to every employee on payday one month after her name was off the rolls. Suffice it to say they had to hire her back with real terms of employment and she made them follow through with their previous agreement as well.
Just remember, capitalism is a dog eat dog system. If you don't protect yourself, no one else will. Business and government are notorious for screwing people when its convenient and even when its not, even those they depend upon. Just remember, even if you have a glowing employee record, there's always going to be some prick above or even below you that can intentionally or unintentionally mess things up, that's when you don't do it yourself.
I used to work at a bank. I was the "cash control teller" which means that I counted every single cash shipment into and out of the bank branch. Sometimes 1/2 million dollars.
You know what? It isn't worth it. It isn't enough to live a good life on. If you get caught, the benefits do not out weight the risks.
The same thing with this sort of hack. The guy screwed himself. He's ruined and will serve time in prison. "Everyone" (with any skills) knows you can get into any system you can physically touch.
What is he going to get for his trouble? Will they pay him off and set him free? HA! no way. The worst that will happen is that they'll employ someone's 12 year old nephew to crack the system. Pay him off with a couple XBox games or a new PS3.
This guy is the reason the rest of us have to deal with such draconian security measures around the office place. He has made life worse for everyone he works with and everyone whose CEO reads about this in the newspaper.
Check out my lame java blog at www.javachopshop.com
Guts? Try foolishness. He might get away with it in a private company, may even have done it in the past.
But, the government is a whole different ballgame. The government can arrest you and put you in prison. In fact, if a judge ordered him to provide the passwords and he refused, he could be found in contempt of court and jailed until he complied.
No, fucking with the government in this manner is not gutsy, it is stupid and shortsighted.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
Remember, this is San Fran.
Beautiful area of the country, but 150K doesn't go far out there.
Ever feel like you are driving the getaway car?
If you need a recognized code of ethics to tell you that sabotaging your ex-employer's system isn't right, then no code of ethics can help you.
Integrity and reputation is typically more profitable than malice and destruction.
I've been in the business a few years, and as you get older, you acquire positions of trust. You have too, you can't be "starting out" your whole career. This sort of behavior is a deal breaker. No one will hire him.
When laid off or fired. Collect your stuff, shake hands with your boss, tell them what is left to be completed, politely and with insight, try to be constructive with any discussions on the exit interview. Even a complete moron will leave a better impression than the greatest genius.
Once out, have a beer or two. Calm down. If you'r any good at all, when they are picking up the pieces of the layoff, they'll remember you attitude and professionalism and probably pay you contractor wages to do stuff while you collect unemployment and look for a new job.
Back in the 80's I had an analyst working for me that seemed to become more unstable as each day passed.
We had a big project that he was working on and making great progress but then he started feeling like the software he created was his and not the company's.
I talked it over with the regional VP as we did not have any reason to fire this guy but yet feeling more flaky with him all of the time.
Plus replacing him would set the project back months.
So I went in each evening (only lived a mile from the office) and made a backup of the files just in case.
The project was successful and in retrospect making the backups kept me sane and kept the pressure off of him that he would feel if I was nervous or watching him too closely.
It seems we attract those things we fear.
Dealing with brilliant but somewhat unstable (supposedly) individuals is a tricky balance and occasionally the situation can tip in the wrong direction.
Sounds like this case in SF tipped all the way.
And in the end, the love you take is equal to the love you make
It is not gutsy to do this. It is childish at best.
Gutsy and childish aren't mutually exclusive, you know.
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
Here's the simple solution to avoid this issue:
1) VPN access needs to be locked down tight, preferably admins should only be able to access company servers from static IPs. (they can access user level resources from anywhere using a different account name) It's a pain, but in a large firm with multiple admins, the ones on call should be typically at home. Other admins can update the IP list if needed.
2) A master account should be created, with a password given in pieces to more than 1 person. Use a script, hidden somewhere in the system, that automatically resets this password once every hour or so. If some disgruntled admin changes it, it would reset itself soon enough. This script should be read only even to admins, so no one has permission to modify it. (the password file it uses should be accessible to the execs given parts of the password) It's not a perfect system, but it's pretty strong.
3) each admin gets 2 accounts: an admin account and a user account. As much as is possible should be done as a user. Admins should never, under penalty of immediate termination, share their login credentials with another admin or user. (there should be no need if everyone has their own)
4) login permission systems (Active directory, e-directory, whatever) need to be backed up daily to more than 1 location, and those files created should be read-only even to admins.
When firing a technician, have someone logged in and working to disable the terminated admin's permissions at the same time he's being called in to HR to be fired. Terminate all sessions using his user name and make all other admins immediately reset their own passwords. Lock out the VPN account as well.
Obviously in a small company with only 1 admin, this is nearly impossible. In that case, meticulous care in the backs is important (including getting rid of all tape based backup systems as they're easy to destroy) Also, meticulous care in the hiring process (and then continual treatment of the IT person) is critical. In general however, if you only have 1 IT person, it's usually better (and cheaper) to outsource.
There is no contest in life for which the unprepared have the advantage.
It's just not that easy for a sysadmin, especially a major one. For myself, I've got passwords, SSH-keys, and many other access points everywhere in my company. It's not because I want to screw with them, but because they tend to call me at all sorts of different times and I never know if I'll need secure access to the server.
So, routing rules from home. Public SSH keys on various border-servers with my USB-drive having the private keys, etc. They're all used for doing my job, and if I'm fired (not sure why I would be though) I'll just move on to the next one without tainting my career and doing something stupid to burn bridges. However, I could see a *bad* sysadmin using these same tools and more to entrench himself so deeply that you'd almost have to rebuild the entire infrastructure from scratch to find all the back-doors.
If this guy was a real dick (but a clever+smart one), knew it, knew he was going to be canned, and prepared for it... then how are you going to know that your authentication methods, your binaries, or even your kernels haven't been messed with in some way? MD5 sums only go so far when you have hundreds of systems tied together.
rand, the bitch who perfected the philosophy of selfishness
basic altruism trumps genius
every time
a solitary selfish genius is routed by a coordinated effort of retards working for the benefit of the group, every time
rand loses. her philosophy is inadequate to survive in this world
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Here it is...
Dear Mr. Baker,
As an employee of an institution of higher education, I have few very basic expectations. Chief among these is that my direct superiors have an intellect that ranges above the common ground squirrel. After your consistent and annoying harassment of my co-workers and me during our commission of duties, I can only surmise that you are one of the few true genetic wastes of our time.
Asking me, a network administrator, to explain every nuance of everything I do each time you happen to stroll into my office is not only a waste of time, but also a waste of precious oxygen. I was hired because I know how to network computer systems, and you were apparently hired to provide amusement to your employees, who watch you vainly attempt to understand the concept of "cut and paste" as it is explained to you for the hundredth time.
You will never understand computers. Something as incredibly simple as binary still gives you too many options. You will also never understand why people hate you, but I am going to try and explain it to you, even though I am sure this will be just as effective as telling you what an IP is. Your shiny new iMac has more personality than you ever will.
You wander around the building all day, shiftlessly seeking fault in others. You have a sharp dressed, useless look about you that may have worked for your interview, but now that you actually have responsibility, you pawn it off on overworked staff, hoping their talent will cover for your glaring ineptitude. In a world of managerial evolution, you are the blue-green algae that everyone else eats and laughs at. Managers like you are a sad proof of the Dilbert principle.
Seeing as this situation is unlikely to change without you getting a full frontal lobotomy reversal, I am forced to tender my resignation; however, I have a few parting thoughts:
When someone calls you in reference to employment, it is illegal for you to give me a bad recommendation as I have consistently performed my duties and even more. The most you can say to hurt me is, "I prefer not to comment." To keep you honest, I will have friends randomly call you over the next couple of years, because I know you would be unable to do it on your own.
I have all the passwords to every account on the system and I know every password you have used for the last five years. If you decide to get cute, I will publish your "Favorites," which I conveniently saved when you made me "back up" your useless files. I do believe that terms like "Lolita" are not viewed favorably by the university administrations.
When you borrowed the digital camera to "take pictures of your mother's b-day," you neglected to mention that you were going to take nude pictures of yourself in the mirror. Then, like the techno-moron you are, you forgot to erase them. Suffice it to say, I have never seen such odd acts with a ketchup bottle. I assure you that those photos are being kept in safe places pending your authoring of a glowing letter of recommendation. (And, for once, would you please try to use spellcheck? I hate correcting your mistakes.)
I expect the letter of recommendation on my desk by 8:00 am tomorrow. One word of this to anybody and all of your twisted little repugnant obsessions will become public knowledge. Never f*ck with your systems administrator, Mr. Baker! They know what you do with all that free time!
Sincerely
David Blocker
Network Administrator
Box in the warehouse has a bios boot password. It is clearable, but there's a problem, the hard drives are 'locked' and are only unlocked by a code stored in the bios during later part of boot. And clearing the bios boot password also clears the lock code.
The guy who set it up drove his car through a red light and got his neck broken. He apparently didn't write down this password.
They ended up sending one set of the mirrored drives to a data recovery house.
Fortunately it was not mission critical, merely 'important' data.
So I'm sure it's doable to make the situation untenable 'on purpose'.
i know this is /. but straight from TFA, one of his supervisors tried to get the guy canned, and Failed, from there on, he had a couple weeks with his usual permissions, and he set up a program to check what people were reporting about him, as well as set (obviously) a time bomb that would only go off if he didn't have access to reset the time bomb that would make him the only guy with a working password.
I think ironically, that someone working there, Disabled his Password (he reportedly gave one to police) then his time bomb went off leaving the system with NO passwords at all,
and to compound things, they've been using the system 'as-is' because they need it desperately, to do daily jobs. what's going to happen when they find out the whole setup was left password less, the past month of data encrypted and irretrievable, and the only way for admins to work on it is by losing a months worth of data?
and here's the thing, TFA is completely tainted with 'worst case scenarios' they totally assume he gave them wrong passwords (ignoring the fact that it might have been a 'time bomb' leaving the system password less) and also assume that he might have given people on the outside access to the system, with no proof... they also think he has it set so he can destroy data with a cell phone, i mean come on, get real he had like a week or two to plan this from when his supervisor tried to fire him, until they finally fired him..
IMO this guy had a personal disagreement with his manager, and was fired because that guy was working full time trying to find a way to fire someone he disliked.. considering he earned an extra 30k as a trouble shooter and was able to pull off a time bomb, i'm sure he knew what he was doing with technology...
https://www.gnu.org/philosophy/free-sw.html
1. declare him a terrorist
2. torture him
3. ???? [redacted for national security reasons]
4. password!
According to the Untied States Supreme Court in Doe v. United States, 487 U.S. 201 (1988), a defendant's right to remain silent means that a defendant cannot be compelled to provide a combination to a safe, even though he could be compelled to turn over a copy of a key to a lock box. I wonder if the court in California will follow this or will he be compelled to divulge the password.
Slight difference here is that the password is a work product not owned by him. It is not the combination of his own safe, or his own password to his system. Don't know if it will play out that way.
I don't know whether to laugh or cry. What kind of incompetence does it take on the part of the rest of the system administrators there to be unable to regain access to a system to which they have physical access?
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
Way to play into the hands of the beast. This stuff is set up exactly so that the ignorant can 'tip' past the critical threshold and become monsters.
If everybody thought like you, then we might as well be living under Saddam Hussein.
There are always better solutions than the ones which hot emotion dishes out as the fast and dirty answer. Just skimming the first few feet of posts, already half a dozen people have pointed out that with physical access to the system, it takes relatively little effort to crack a password.
Everybody I've met who I've had the chance to really discuss this with are usually only looking for an excuse to hurt people because they get off on it. There's a reason S&M is popular with some people, often in sexually repressed people, (i.e., Republicans). Torture NEVER truly has anything to do with the stated reasons. It's always about justifying the feeding of dark appetites, because in the dark recesses of the mind, it feels good to cause pain. This is what drives school yard bullies and psychopaths. Some people hide from this reality and do not admit it, others know it is true which gives them the choice to deliberately resonate on a different level and change into beings who are naturally repelled by the mere idea of torture, whereas others jump right in and become evil.
What do you want to become?
-FL
I'm intrigued by the carefully constructed character assassination that went into this article. I am disappointed others did not see how the information in this article was delivered in such a way as to shift all of the blame to the employee.
There is no doubt the employee did lots of wrong things that deserved dismissal. I am not arguing for his position at all.
Note carefully, that while the guy has the admin password, it's the source of the story that has shifted the blame entirely to the employee. By adding "we're afraid he's going to bring an IT Armageddon to the city of San Francisco!" to a very poorly managed situation, management is off the hook.
The story *should* be a cautionary tale. Where are the management procedures to prevent this kind of event? Don't ever discuss fragile IT systems, that are running mostly on blind faith. How about management's total incompetence in this episode?
Nope. Instead the blame conveniently shifts away from the OTHER responsible party in this story.
Let this be a cautionary tale for those with company IT "by the balls." Hopefully, you won't do some of the horrible things purportedly done by this fellow. You deserve to be fired if you make those kinds of bad choices.
Note how ridiculously easy it is for Management to publicly discredit you and bring your IT career to a swift end using anecdotal evidence. As this story so elegantly exemplifies, it is very common, and people would really do that to you and not lose a minute of sleep. You would have no forum with which to air your side of the story either...
My approach to bringing some balance to the situation is to make my IT role as transparent as possible. Which, means basically, lots of documentation.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
If you're making $150K/yr remotely from Pittsburgh you have no right to be disgruntled. It sounded like a sweet deal, I don't really care what kind of assholes you have to deal with at work. You make a decent living and it doesn't sound like it was very hard work. Especially if he had time to stage a monitoring system and hijack the entire network.
As someone who lives in the Bay Area I am insulted that we will have to incur this additional expense because some whiny baby was unhappy with his posh job.
“Common sense is not so common.” — Voltaire
When I fired our IT manager I had an employee changing his access rights at the same time I was giving him the bad news. It's a "Duh" sort of thing.
If they were using symmetric cryptography correctly, it could be virtually impossible to recover any of the information without first recovering the password.
Actually, this is the perfect way to test the strength of symmetric encryption algorithms. For those cryptographers with tin-foil hats (http://www.schneier.com/essay-198.html), seeing how long it will take for various three lettered agencies to recover the data will illuminate a previously dark room containing the question, "How safe is your data really?" It seems to me that this guy is doing the whole cryptography community a favor.
Damp matches.
IMO this guy had a personal disagreement with his manager, and was fired because that guy was working full time trying to find a way to fire someone he disliked.. considering he earned an extra 30k as a trouble shooter and was able to pull off a time bomb, i'm sure he knew what he was doing with technology...
Been there, done that... well, without the sabotage. I fought back, and managed to stave off being fired for about a year or so, but once I realized my boss was going to do anything and everything to get me fired? I pretty much worked on Wikipedia the rest of my time there. I tried to do real work, but his restrictions, deadlines, and everything simply made doing real work intractable.
I'm supposing that he and the company I worked for are better off that it never came to my mind to sabotage anything... they treated me like crap, abused me every way possible, blamed me for every mistake. While I had complained about his behavior, the company's investigation came up with, I was told, "absolutely nothing". Then they offered me money in exchange for giving up all my grievances against them.
I think they were most afraid that I could start a suit, then request all my records for disclosure, and it didn't look pretty. I can't imagine a jury in the world, who would listen to my story and not side with me.
This whole experience has shown me the benefits of a union, because when the whole company gets turned against you, there's nothing you can do inside the company to have your concerns actually considered... those "impartial investigators"? Yeah, no... they're being paid by the company. If they tell the employee that the company was liable for something, then that employee goes off and sues the company.
Feel glad when you're on the good side of a company you work for... I've been on the other side, and it was the worst time of my life.
WARNING! This girl exceeds the MAXIMUM SAFE standards established by the FDA for BRATTINESS
LiveCDs don't work on domain accounts. Even if you can get access to the unencrypted SAM file which has the hashed passwords, you can only break it through brute-force hash comparisons if the password is relatively simple. If it's 16-characters random with special symbols and numbers and upper case, you can pretty much forget it. You can however retrieve all your data if the systems are not encryped but you'd need to re-setup your Active Directory from scratch.
Something tells me that there is more to this story.
People don't usually hold out like that after being arrested just because they don't want to lose their job.
My guess is that there is something politcal going on where there shouldn't be or shouldn't have been - he may be standing on principal.
The simplest solution when it comes to firing the "admin"... have an equal or higher level admin lock the fired employee out of the system BEFORE telling him (s)he's fired! *shrugs* I bet that would solve 99% of these cases, and nobody would have to worry about their data... just the employee coming back with a shotgun :-/
Just my thought.
IMO this guy had a personal disagreement with his manager, and was fired because that guy was working full time trying to find a way to fire someone he disliked.. considering he earned an extra 30k as a trouble shooter and was able to pull off a time bomb, i'm sure he knew what he was doing with technology...
And this incident proves the manager was completely in the right to get rid of him. No amount of tech skills are worth the damage that an unprofessional employee can cause.
Business. Numbers. Money. People. Computer World.
I see a lot of claims that he did this. But all I see are claims.
- That he locked everybody else out.
- That he gave them a fake set of passwords.
- That he refuses to give them "the real one(s)".
And I don't see word one from him.
Is this what really happened?
I can imagine a number of scenarios where we'd see this external claim when, in fact, it's NOT what happened. For instance:
1) After firing the sysadmin they didn't like on the second attempt, management tries to change the passwords and fumbles it. They demand "the real passwords". He gives them what he has. It doesn't work. So:
a) They do a scapegoat operation on him to cover their own incompetence.
b) They're so incompetent that they don't even realize what happened, and honestly go after him for the crimes they believe he committed.
2) The system got pwn3d about the time they fired him. (Maybe just before, leading to the firing of the already-disliked employee. Maybe just after.)
And I could go on.
Now I have no reason to believe that he DIDN'T do it, either. (After all, it turns out Hans DID kill Nina...) But I see a government agency with a hung system doing a major smear job in the press, with lots of accusations and no details or evidence. And I see all the other posters taking as given that the accusations are true.
Let's reserve judgment until we hear what the evidence actually is, shall we? (If nothing else, they guy deserves a fair trial when it finally gets that far. It's going to be hard to find an uncontaminated jury at the rate things are going.)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Having good knowledge of events, concepts and other things published by mainstream media at a later date, you've really hit the nail on the head on what I've observed, with regards to reporters. Reporters most of the time don't have the technical acumen to realize the nuances of what they're reporting, the context and when to spot bad data. Eg. While reporting an accident, they blindly take the "speed was a factor" quote from police. Since parked cars rarely spontaneously collide, it's a falsehood. When GPS was new in the early 90's I read multiple articles that stated, "GPS tracks your movements". Ummmmm....no. The satellites have no clue how many users are out there and where they may be.
In a few weeks this will blow over, they'll get their access back, the guy will be in jail and none of what was reported in the FA will come to pass. A few managers may get fired for being incompetent though, which you saw no mention of in the article.
This whole experience has shown me the benefits of a union
I've been in a situation similar to yours, and instead of pointing me towards union membership it pointed me towards only working for companies and people whom I respect and by whom I feel respected.