Slashdot Mirror

← Back to Stories (view on slashdot.org)

Former TSA Analyst Charged With Computer Tampering

Posted by samzenpus on from the let-me-fix-that-for-you dept.

angry tapir writes "A Transportation Security Administration analyst has been indicted with tampering with databases used by the TSA to identify possible terrorists who may be trying to fly in the US. If convicted, he faces 10 years in prison."

19 of 109 comments (clear)

  1. Where's the security protocol? by guruevi · · Score: 5, Insightful

    seven days after he'd being given two weeks notice that he was being dismissed

    So, you have this super-secure database system that is really important so the country doesn't get overrun by terrorists and then you do this!

    --
    Custom electronics and digital signage for your business: www.evcircuits.com
    1. Re:Where's the security protocol? by WrongSizeGlass · · Score: 4, Insightful

      Two weeks notice for someone with access to confidential or secure data is just a bad idea. If it's time for them to go then now is the time for them to go.

    2. Re:Where's the security protocol? by Pyrion · · Score: 3, Insightful

      Even if the system is required to give two weeks notice prior to dismissal, his access rights should be revoked the moment they've decided they're going to dismiss him. Let him collect a paycheck for two weeks without actually doing any work: since he's going to get fired anyway, why leave him in the position to do some real damage now that he's been given motivation?

      --
      "There is much pleasure to be gained from useless knowledge." - Bertrand Russell.
    3. Re:Where's the security protocol? by JoshuaZ · · Score: 4, Interesting

      Not necessarily. If I still trust the person but can't afford to keep them due to a bad economy for example it isn't obvious that I should take them off of access to secure data. That's especially the case if in order to do the job they need access to the secure data (which isn't uncommon). Unfortunately, sometimes they need to train someone else to do the job and have the same problem. Sure in an ideal world, as soon as people got their two weeks notice they'd have no access to anything secure, but that's not generally doable. (To use an obvious analogy, if a bank teller gets a two week notice I don't think we expect the bank to not let them handle any cash for those two weeks).

    4. Re:Where's the security protocol? by v1 · · Score: 3, Insightful

      Does make one wonder if the PHB that decided to give notice to a disgruntled employee with sensitive access will be held accountable for his stupidity? Oh wait, what am I thinking?

      Someone needs to give his ex-manager an education by example of how to can someone safely.

      --
      I work for the Department of Redundancy Department.
    5. Re:Where's the security protocol? by tsstahl · · Score: 4, Interesting

      To use an obvious analogy, if a bank teller gets a two week notice I don't think we expect the bank to not let them handle any cash for those two weeks).

      No, I actually expect them NOT to handle money.

      Pay them for their time, thank them for their service and humanely supervise their cubicle packing. They are still 'yours' during he severence period, so call them if you need to.

      My employer trusts me. I have a good rapport with my boss. I also have access to data worth millions. If I were downsized tomorrow, i would expect to see HR, and maybe my desk one last time.

    6. Re:Where's the security protocol? by plover · · Score: 4, Insightful

      If you can't afford to keep them due to the bad economy, you can bet that they're still full of irrational emotions about being let go. It really doesn't matter what the real true reasons are or how well they're documented, a laid-off person will still take it personally. It may be professional pride, or shame, or some other feelings like "if only I had done more, they would have kept me instead of Joe," or a mix of all of the above. It hurts, it's confusing, and it's very very personal.

      Being laid off can be seen by the employee as a strike at the very core of their ego. Even a well-balanced person can respond irrationally. So you never, ever, let them back near sensitive data or systems after the layoff. It's heartless and cold, and you're a total shit for doing it, but you have to do it anyway. Or this happens, and it's completely his boss' fault for not escorting him to his desk and out the door immediately. Think about it: this guy is going to prison because his boss didn't have the balls to walk him out when he had the chance. Nice.

      --
      John
    7. Re:Where's the security protocol? by byornski · · Score: 5, Funny

      Because you'd be really small?

    8. Re:Where's the security protocol? by timmarhy · · Score: 5, Insightful
      no no no no. it's his own fault for being a stupid douche and tampering with shit he knew damn well he shouldn't be tampering with. attemping to make this his boss's fault for trusting him is just a classic symptom of today's society lack of personal responsibility. it's alllllways somebody elses fault right?

      i do agree they should have shown him the door right away, but it's his own faul he is in this mess, not his boss.

      --
      If you mod me down, I will become more powerful than you can imagine....
    9. Re:Where's the security protocol? by Opportunist · · Score: 4, Interesting

      No. No! You can NOT trust that person anymore, sorry.

      I spent my time in bank auditing. High security levels, very high security standards applied, you don't even want to know where they checked me and my background... anyway. The standard procedure for layoffs (independent of which side terminated the contract) was to let the person go IMMEDIATELY. Not at the end of a two week period, not even the end of the day. IMMEDIATELY. You clean out your desk now, two people at your side watching your fingers, protocoling your actions. You are not working here anymore the very nanosecond the contract end has been signed.

      This is by no means an "instant dismissal", by the negative notion of it, neither was it in any way seen as such. It's also not a matter of trust, many of the people I cleaned out with were good, honest, decent and hard working people (what they did in bank auditing in the first place seems odd... but I ramble). It's a matter of principle and a matter of absolute security. To illustrate this, usually a nice little "good bye party" was hosted the evening to show that this person was not "fired out the window", it was just necessary due to secrecy.

      This served a few purposes. First of all, to minimize the threat that someone could give himself a nice "severance package" and take a few infos with him to pass on to some newspapers who would pay handsomely to have some banks financial reports a few months before some shit hits fans. Insider trade is also a big issue since it's tempting to give out "interesting" details and, well, what should they do to you for doing it, fire you? Not to mention that the IT had pretty much total access to ALL financial information of any customer or banks themselves, nothing you want to see backed up and taken home.

      It was a win-win for everyone. The auditing company could rest easy and be sure that nobody gives out info, and you got 6 weeks extra weeks of full payment that you could spend entirely on looking for something new to do instead of looking busy working while actually studying the classifieds.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    10. Re:Where's the security protocol? by Maxmin · · Score: 4, Interesting

      The whole thing smells fishy: the indictment's first odd bit is its vagueness about what Duchak was up to, specifically. No details.

      The second weird thing is that DOJ doesn't want him held - no bail mentioned (nor in any newstory that I've found), and the "will not seek detention" box is checked on the indictment form (pre-trial detention.)

      Likewise, the indictment says "five days or less" for the trial duration. I once sat for a sexual assault trial, and despite being an open-and-shut case of guy-grabs-coworkers-boobs-in-front-of-witnesses, it lasted 4-1/2 days.

      Three federal agents are listed, you can bet their affidavits spell out more of what he did... and they don't appear to be online. Further searching, looks like there's absolutely nothing within .gov that bears our Duchak's name.

      Under other circumstances (and administrations), this might have been a highly-touted smackdown in the war against whatever. Not so here...

      But hey! There's a Douglas James Duchak listed in the whitepages ...

      Let's see if he can fill us in...

      --
      O lord, bless this thy holy hand grenade, that with it thou mayest blow thine enemies to tiny bits, in thy mercy.
  2. Where are the terrorism charges? by holdenholden · · Score: 4, Insightful

    If I did the same thing I would be accused of violating DMCA, across federal borders, with intent to destabilize the National Security. I would be lucky to get away with a life sentence without parole. This guy is getting as much as somebody stealing a really big TV.

    1. Re:Where are the terrorism charges? by Opportunist · · Score: 4, Funny

      Hey, he just messed with a database containing your personal info. He didn't download a movie for crying out loud!

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  3. Finally, some liability? by Wayne247 · · Score: 3, Interesting

    It's about time that a TSA agent steps over the line enough for the justice system to finally react and hit back. So far the TSA has been running their own show and making up their own laws so much that I became genuinely scared of passing through the USA on my next trip.

  4. Re:Aiding the enemy by Drgnkght · · Score: 4, Insightful

    War? What war? Did Congress declare war while I wasn't paying attention?

  5. The article is like a Progress in Iraq press repor by Antique+Geekmeister · · Score: 3, Insightful

    It makes a claim without any relevant details. For example, if this former employee were doing a normal security assessment to file a report on what they need to lock down after he's gone, one which his new boss didn't ask for or understand as appropriate security practice, he could face exactly these kind of charges. Or if he were plugging a hole used by the NSA for warrant-free tapping and injection of data, knowing that the hole was a constitutional violation mandated by his previous boss, and whose discovery and protest over its existence was the reason he was fired, I'd applaud his desire though not his means to plug such a hole.

    Let's be quite clear: the TSA has inherited bad staff, bad bureaucracy, and bad guidance from the White House itself down to all the agencies it was created to oversee and merge and which it has profoundly failed to coordinate. The result is a security and policy nightmare, the kind of political football that incompetent middle managers flock to because it's so hard to close, and it's so hard to actually measure its work product. I'm not surprised that an employee being terminated was mishandled, or misbehaved by the agency's standards. But the agency engages in so much blatantly civil rights abuse that it's unreasonable to believe its claims of cyber attack without far more detail about what was attacked, and why.

  6. Re:They missed "why?" by PPH · · Score: 5, Funny

    He was just searching for information about the infamous terrorist, Ahmed');Drop Table No_Fly_List;.

    --
    Have gnu, will travel.
  7. Re:They missed "why?" by Simon80 · · Score: 3, Funny

    Little Ahm-y tables, we call him.

  8. Re:They missed "why?" by JWSmythe · · Score: 4, Insightful

        That would be consistent with trying to support their case.

        I was once charged with careless driving, that a couple corrupt cops wanted to make into a serious case, and get another notch in their belts. The charges were just shy of attempted murder, where I could have run someone over, except for the fact that I was driving down an empty back road in rural nowhere, and there wasn't a person to be seen along the route. The lied the whole way, including claiming that my car flew. Well, more like a "Dukes of Hazzard" jump, except my car couldn't get out it's own way. They had "experts" testify that my car had been modified for racing, and I switched it back to claim innocence. That was tough for a 16 year old with no money. A couple years later they were officially charged and convicted of a whole slew of charges including falsifying evidence and other various nasty charges. In my case, the DA stood in front of a judge, and said that I was a danger to the safety of the citizens of the state and I should be held until the conclusion of the hearings. As the courts run, that would have put me in county jail for about a year. In the end, it was dropped to careless driving, and I was let off with probation and community service.

        So a single pesky word passed by the grand jury was done for the drama, and to influence their case. It doesn't necessarily reflect the facts. Then again, it may be a hint of what they have.

        All they said is that his job was to work on the servers and database. They said "knowingly transmitted code". Was it a shell script to maintain something? Was it a virus on his PC that accidentally got on there (pesky Windows networks and poor security)? Was it something nefarious? It'll come out in the real case, but this guy will be spending an awful lot of time in jail and court before it's proven either way.

        I hope for the sake of justice that this isn't another innocent man run through the system just to prove that he's innocent.

    --
    Serious? Seriousness is well above my pay grade.