Wall Street IT Engineer Hacks Employer To See If He'll Be Fired

An anonymous reader writes: A Wall Street engineer was arrested for planting credentials-logging malware on his company's servers. According to an FBI affidavit, the engineer used these credentials to log into fellow employees' accounts. The engineer claims he did so only because he heard rumors of an acquisition and wanted to make sure he wouldn't be let go. In reality, the employee did look at archived email inboxes, but he also stole encryption keys needed to access the protected source code of his employer's trading platform and trading algorithms.

Using his access to the company's Unix network (which he gained after a promotion last year), the employee then rerouted traffic through backup servers in order to avoid the company's traffic monitoring solution and steal the company's source code. The employee was caught after he kept intruding and disconnecting another employee's RDP session. The employee understood someone hacked his account and logged the attacker's unique identifier. Showing his total lack of understanding for how technology, logging and legal investigations work, the employee admitted via email to a fellow employee that he installed malware on the servers and hacked other employees.

Wall Street IT Engineer Hacks Employer To See If

Yes...

Idiot.

[YukariHirai]

It didn't seem to occur to him that if he hacked them, it would make the answer to the question of "will he be fired?" a very definite "yes".

Of course, that's if we take his claims at face value; he was clearly looking to get a lot of other stuff, and that's the best excuse he could find. But he's still an idiot for thinking he wouldn't get caught and admitting in an email that he did it.

Re:Idiot.

[s0nspark]

He just needed to be sure!

Re:Idiot.

He was in full control and that's what matters to corporations!

Re:Idiot.

[stephanruby]

Unless that is, someone else hacked his email to confess on his behalf. And then, the entire story makes more sense.

Re:Idiot.

[Dr.+Evil]

You're right, the story doesn't make sense. The only thing which seems certain is that this guy was caught performing corporate espionage.

His explanation should be assumed to be a lie.

Re: Idiot.

Lets just wait to see what he puts on his LinkedIn profile.

Re: Idiot.

[parkinglot777]

Lets just wait to see what he puts on his LinkedIn profile.

You mean wait to check on this?

Re: Idiot.

[segin]

That profile is now shut down. Guess too many people too notice to the story.

Wow.

[Frosty+Piss]

So a guy hacks his employer to steal proprietary code, gets caught and arrested? Who would have thought!

Re:Wow.

[lucm]

The guy hacked A UNIX NETWORK! I heard those networks are hardcore, some even use the vi protocol to load balance the kernel across multiple NFS loopbacks. It's basically POSIX grade security with layers upon layers of nmaps.

Re:Wow.

[Frosty+Piss]

The guy hacked A UNIX NETWORK!

No, he didn't. He had some credentials, both his own and some stolen. Nothing was "hacked".

Re:Wow.

you are welcome

Re:Wow.

party pooper

Re:Wow.

the employee then rerouted traffic through backup servers in order to avoid the company's traffic monitoring solution and steal the company's source code

That might qualify though, even if he did it with legitimate access.

The employee was caught after he kept intruding and disconnecting another employee's RDP session. The employee understood someone hacked his account and logged the attacker's unique identifier.

And he was using someone else's account as well.

Re:Wow.

[Aighearach]

This is UNIX. Semantics matter here. Go away, muggle. The gnomes are trying to talk about the System.

Re:Wow.

[mysidia]

No, he didn't. He had some credentials, both his own and some stolen. Nothing was "hacked".

It wasn't hacking. It was abuse of privileges. The crime would be possible attempts to falsify access logs (By rerouting through backup system and fraudulently using a co-worker's account) and expropriate proprietary company information.

Re:Wow.

[ruir]

Have you ever considered you might have aspirer syndrome?
It should be not very difficult to understand it is a joke.

Re:Wow.

[ruir]

Asperger syndrome

Re:Wow.

[Opportunist]

Should've gone into finance, embezzle some millions and pay a few thousands as a fine instead. Far more profitable.

Re:Wow.

[Antique+Geekmeister]

I must admit that "Aspirer syndrome" is funnier. Given the behavior of some of my technical acquaintances who claim that their self diagnosis of Aspbeerger's disease somehow makes them more intelligent, I might call it a better label than Aspberger's. But not in a workplace sensitive to "trigger words".

Re: Wow.

most laws about "hacking" say "unauthorized access" in most cases. That's been used in court against black hat malware bot makers, people who violated a TOS that had arcane terms and conditions, and people that the computer owners just plain didn't like and told the police that guy sitting there I'm about to fire is "unauthorized" but he doesn't know it yet.

Re:Wow.

This is UNIX. Semantics matter here. Go away, muggle. The gnomes are trying to talk about the System.

Okay. Good point. I understand now. Sorry

Re:Wow.

[squiggleslash]

Hi, sorry to butt in but I'm Leslie Moonves, the President of CBS. After reading this, I'm convinced you're the right person to become the new showrunner of our hit show "<\Scorpion". You obviously know the cyber, which makes you more than qualified. Please email me as soon as possible.

PS: You guys like being paid in "Bitcons", right?

Re:Wow.

The guy hacked A UNIX NETWORK! I heard those networks are hardcore, some even use the vi protocol to load balance the kernel across multiple NFS loopbacks. It's basically POSIX grade security with layers upon layers of nmaps.

I saw a 13 year old girl trapped in a reincarnated dinosaur amusement park do this one!!

Re:Wow.

Yep. The finance guy steals legit. And doesn't like someone else hunting on his territory. Not a lowly IT guy anyway.
Sure the IT guy is dumb. Disconnecting legit users ? How stupid can you get ?

captcha condemn

Re:Wow.

Best reply today. I just choked a little on my coffee. Warn a guy NeXT time.

Re:Wow.

So installing malware to steal credentials doesn't count as hacking?

Re:Wow.

[koreanbabykilla]

There is actually no such thing anymore according to the DSM V :D
http://www.parents.com/health/...

Re:Wow.

Gnome always talks to systemD

Re:Wow.

[Ol+Olsoc]

There is actually no such thing anymore according to the DSM V :D http://www.parents.com/health/...

That's because Asperger's became one of those things like gluten allergies. très chic! Suddenly everyone has it

Re:Wow.

Don't dare to offer him such boring jobs. He is the Nigerian prince.

Re:Wow.

[__aaclcg7560]

The guy hacked A UNIX NETWORK! I heard those networks are hardcore, some even use the vi protocol to load balance the kernel across multiple NFS loopbacks. It's basically POSIX grade security with layers upon layers of nmaps.

This wouldn't have happened on a Windows network.

Re:Wow.

Sure the IT guy is dumb.

Maybe he wasn't dumb. He just didn't know or heard some new stuff called Intel Managemnet Engine (IME), and how it can see everything.

Re:Wow.

Are you a screenwriter for Hollywood?

Re:Wow.

some even use the vi protocol to load balance the kernel across multiple NFS loopbacks.

It's actually the vim protocol.

Re:Wow.

[CanadianMacFan]

Should have become a financial executive, cause a global financial downturn, and get a couple billion in bonuses.

Re:Wow.

[networkBoy]

no, that's not why it was taken out.
It shares quite a bit with other disorders on the autism spectrum.

An apt analogy:
there is a group of people that don't like lots of little tools in the linux kernel, so they aggregated the stupp into systemd.
Now there are those of us who prefer the more granular control (identification) of our systems (neurobehavioral) issues and take exception to that.

Sadly unlike linux, the psych community only supports the systemd version.

Yes I'm an aspie, yes I still identify as such even though DSM-V says I should identify as "autism spectrum"

Re:Wow.

There is actually no such thing anymore according to the DSM V :D
http://www.parents.com/health/...

That's because Asperger's became one of those things like gluten allergies. très chic! Suddenly everyone has it

Mostly it's just that "burger" sounds more flattering than "hole".

Re: Wow.

Actually it's called "ass-burgers syndrome"

Re: Wow.

You ought to identify yourself correctly: "spazz" would do, "window licker" is also apt.

Re:Wow.

Dude. You sound like you work for the NYPD CSI team. Cool.

Re:Wow.

[Ol+Olsoc]

Yes I'm an aspie, yes I still identify as such even though DSM-V says I should identify as "autism spectrum"

Some of us, myself included, consider the people who are claimed to be Asperger's as differently abled.

The problem with the Autism speaks crowd is that they are falling prey to a desire to have an "epidemic" and want to include as many people as possible.

When in fact, we all have traits that might put us in one group or another. For analogies, we can try the concept of lining everyone on earth from lightest to darkest skin pigmentation and ask people to find an exact spot to identify their race. You cannot do it.

I have the ability to concentrate on a single subject intensely and for a long period of time, presumably an Asperger's trait. I am also athletic and socialized, presumably not. I'm just a little differently abled. So are you.

Re:Wow.

[Ol+Olsoc]

There is actually no such thing anymore according to the DSM V :D http://www.parents.com/health/...

That's because Asperger's became one of those things like gluten allergies. très chic! Suddenly everyone has it

Mostly it's just that "burger" sounds more flattering than "hole".

Damn - best laugh of the day!

Re: Wow.

(*)

Re:Wow.

[omnichad]

CBS is the same network that put out CSI: Cyber. If you're going to joke about a bad show, at least aim for the lower-hanging fruit.

Re:Wow.

[squiggleslash]

Yes Sir, that's another one of our great hits! Between you me and the fence post, we're also looking into commissioning a pilot for a new show called NCIS:Cyber, featuring the Naval Criminal Intelligence agencies that protect our brave Marines from hackers.

Also, I don't know if you like to laugh (who doesn't?) but we're looking for some top notch comedy writers for our humorous look at the "science" world, The Big Bang Theory. If you think you have what it takes, and are familiar with the kinds of shows nerds watch, like The Star Trek, and Firebug, send us your resume and some samples of your work, and maybe you can join our writing team!

- LM

Re:Wow.

Woosh!

Re: Wow.

[Brockmire]

Cartmen had that in an episode of South Park. Made the best burgers.

Re:Wow.

[operagost]

I'm not watching it unless at least 50% of the plot consists of unrealistic image enhancement.

Re:Wow.

Hahaha ! Hilarious !... What a laugh.

Re:Wow.

[Opportunist]

Well, if you could bullshit a couple million employers into taking pay cut after pay cut by pretending there was a crisis while everyone on C-Level gets to rake in bonus after bonus, I bet everyone at C-Level would agree that you deserve those billions, too.

Re:Wow.

[david_thornley]

Names keep changing, but the thing persists. I've been diagnosed with dysthymia, neurotic depression, and dysthymic disorder that I noticed on the sheets, all for the same thing. I believe that what used to be "Asperger's" is now part of "Autism Spectrum Disorder".

Re:Wow.

[EmeraldBot]

who claim that their self diagnosis of Aspbeerger's disease

I must admit that Aspbeeger's is funnier. Given the behavior of some of my party acquaintances who claim their self diagnosis of Aspbeerger's disease somehow makes them cooler, I might call it a better label than Aspberger's. But not in a workplace sensitive to "trigger words".

Re:Wow.

To avoid getting caught though... he should have just reversed ssh into an smb port on the para virtualized container host... any UNIX network guru knows this to be gospel.

Re:Wow.

> they are falling prey to a desire to have an "epidemic"

Recently ran into an unlicensed, untrained "psychotherapist" who specializes in "neuroatypical" clients. Claims to treat ADHD, relationship issues, PTSD, and abuse. Has no degree, no formal training, and has been screwing up people's lives for nearly a decade by treating gooks who are "too smart for crystal healing and homeopathy", but too stupid to recognize cold reading and why Carl Rogers old "be warm, open, and accepting" is great for a an Eliza program, not so good for a real therapist.

Now he'll have a job.

Making license plates and office furniture.

It's probably going to be a more productive use of his time.

Re:Now he'll have a job.

[plopez]

And more productive than anything Wall Street does.

Re: Now he'll have a job.

I was thinking NSA contractor

Re: Now he'll have a job.

Nah the way he will be involved in probes is up his ass.

Re:Now he'll have a job.

[Opportunist]

At least the outcome will be far more useful to the average person.

And less damaging, too.

Re: Now he'll have a job.

The funny thing is that I keep telling people that I'm not smart, I've just spent a lot of time getting familiar with lots of things. And I know I'm actually a dumbass when it comes to a lot of things. If I weren't a dumbass I would have gone into financing as somebody suggested upthread, and I'd be driving an Aventador and partying in Ibiza.

But you wouldn't believe how many people insist I must be smart because I "get" this computer magic stuff. Just makes me wonder why they think they need to kiss my ass, because I can't imagine they're doing anything other than kissing my ass.

Got me a steady job I guess so maybe I'm not a total dumbass. Still wish I'd gone into financing so I'd have a nice car, maybe a trophy wife even though I'm gay (not sure how that'd work but money can buy many things I've noticed).

Re: Now he'll have a job.

Have you ever been beaten with a sack full of license plates?

Re: Now he'll have a job.

Lol. Funny. You are stupid for writing this. What you have no idea - you are talking about EQ, IQ, and some other Q.

Popularity depends on the environment and age group. Children hold different values to respect of bla bla bla popular.

Then high school a tribe mentality. Popular people in high school tend to end up packing grocery bags. Lol. You stupid little idiot.

Then the adult world - where does popularity exactly matter? This is where EQ is beneficial. Want to be popular? Let strangers use your vacation house. Idiot. And don't confuse popularity with freindship.

You must be a teenage girl or some transsexual freak.

Influence in social group is different than popularity and is strictly derived from power first, then social skills.

Your simplistic adolescent understanding is just developing. Soon, you'll be a fully functional malcontent hating it guys. Hehe.

So when they come to help you with your problems at your grocery checkout stand/car wash kiosk/secretary desk/sales cubicle/other loser occupation -- always know they are making much more than you income wise and doing something they enjoy.

Re: Now he'll have a job.

[Brockmire]

Cool story, bro.

Re: Now he'll have a job.

Keep telling yourself this as much as you like, but it won't save you from the hurt you deserve.

Re: Now he'll have a job.

[Opportunist]

It's a matter of magnitude. A goon with a sack of license plates can ruin one life at a time. A wall street locust with computer support can ruin many, many thousands per second.

What about the last guy...

[__aaclcg7560]

Meanwhile, the last guy who stole code from Wall Street, Sergey Aleynikov, who inspired the book, "Flash Boys: A Wall Street Revolt" by Michael Lewis, is still in the legal system after eight year.

http://nypost.com/2017/02/23/ex-goldman-programmer-appeals-court-conviction/

Re:What about the last guy...

If you've got enough lawyer money any rap can be beaten or at least dragged out until everyone involved is dead.

Re: What about the last guy...

[fubarrr]

>Manhattan DA Cyrus Vance

This explains everything, his relatives are GS legal counsels

Rookie

[plopez]

Typical shenanigans of a newly minted Admin who thinks he suddenly is the master of the universe. I doubt he is even the master of his own domain.

Re:Rookie

[SeaFox]

I doubt he is even the master of his own domain.

Well, he'll likely have a cellmate, so I should say not.

Re:Rookie

[rtb61]

I'll bet the paranoia about the code is because that's where the real shenanigans are going on. Likely KCGs algorithms are better at tracking insider trading than the SECs hence the desperate need for secrecy, not to report the insider trading but to join in. There are real patterns based around insider trading and the claims of worthwhile patterns in regular trading are just a pipe dream.

Re:Rookie

> Likely KCGs algorithms are better at tracking insider trading than the SECs hence the desperate need for secrecy

You think you're kidding. I've actually seen spam filters tuned to detect outgoing "insider information" for review before letting the mail pass. The critical email they were filtering was actually about criminal activity, so it made extra sense to keep it secret. The filter tools were kept on a *very* locked down system, the nature of the inappropriate content was never disclosed in the alert messages, and the backup of the filters was kept in a separate vault with an auto-destruct on it.

I was shocked, amused, and impressed all at the same time.

Re:Rookie

Gotta love the compliance lawyers! You always have to see them walking towards your desk. Even the really really hot.

"Unique Identifier"

There's that weasel magical unicorn word "Unique Identifier". It's like we're watching an episode of star-trek; there's a plot, then plot break, then we interject this magical unicorn technology, which leads to another plot and plot breaks. If I were the hacker, of course I'd author an e-mail from the guy to his boss to cover my tracks.

https://www.linkedin.com/in/zhengquan-zhang-216515a

Guy was attending Tsinghua University then transferred here in the late 00's. He's probably a H1B, possibly a green card holder.

Few items for the educated here.

The only way he is that motivated to risk jail-time is if job-loss means being shipped back. Company dug their own grave on that one.

Want to bet if he was going to get shipped back, someone in China was in contact with him to steal whatever they could get their hands on or he was thinking about rebranding their software? I'd do it too. We all would.

Finally, Execs never talk about IT staff via e-mail. It's always done through phone calls and meetings. Want to really get the dirt? Bug your bosses phone. That's how it works in the real world.

Re:"Unique Identifier"

Bug a phone, WTF get with the times. Phones are going over to VOIP.

1) Order a small Voice Activated RF bug from China.
2) Place the bug in a ferrite bead holder that clamps to a power line.
3) Find a reason to go to the executive conference room and attach it to any power cord in the room.
4) Attach the receiver to a computer in the Data Center which will record the conversation in MP3.
5) Have the computer pgp encrypt, break up the file, and attach it to emails. Then wait a random amount of time before sending it out.

It works great for finding out if they are planning to fire people.
Bonus is catching the audio of the CIO banging his secretary.
Bonus #2 is hearing about changes that will effect the stock and trading on that information for extra profit.

Re:"Unique Identifier"

Finally, Execs never talk about IT staff via e-mail. It's always done through phone calls and meetings. Want to really get the dirt? Bug your bosses phone. That's how it works in the real world.

Wanna bet? I accidentally stumbled across news of my own pending "downsizing" doing an extract of our Exchange server (that was authorized by HR, no less...)

@Sergey Aleynikov

"Aleynikov worked as a programmer for Goldman’s high-frequency trading operation until 2009, when he left to take a similar job at a Chicago firm, Teza Technologies....Aleynikov made a copy of the bank’s source code. Goldman complained to the FBI, which arrested Aleynikov at Newark airport.....Aleynikov doesn’t dispute he took the code, but claims he wanted to study it. His lawyer says that he didn’t break any criminal laws, and the matter should be a civil dispute."

Sort of reminds me of a certain Uber employee who took 19000 documents from Google on their self driving car, and insists he never read them and in no way have they been used by Uber, which bought his 'skills' when they aquired his self driving company.

Once upon of time this was corporate espionage, now it seems to be common place.

Re:@Sergey Aleynikov

It's the evolution of data. Everything will eventually be shared. Privacy is dead.

Re:@Sergey Aleynikov

*Your* privacy is dead. Google's privacy is and will continue to be defended by hundreds of millions of dollars' worth of lawyers.

Re:@Sergey Aleynikov

"now it seems to be common place"

common place: A place that is common

commonplace: happens often.

You're welcome.

Re:@Sergey Aleynikov

[__aaclcg7560]

Once upon of time this was corporate espionage, now it seems to be common place.

Except what he stole was source code files that contain modifications (some of it his own code that he developed outside of work) for open source programs. His company called the FBI to keep a star programmer from working someone else. The FBI thought they had a Russian spy because they didn't understand what he did or didn't do as a programmer. He beat the rap twice in the last eight years. Now that he has a new job lined up doing the same kind of work that he has done before, the case got revived.

Re:@Sergey Aleynikov

Which is at it should be. You want something, you pay for it. If you're a have-not, you'll be treated as a have-not. I should remind you that in a little while, have-nots will have completely outlived their limited usefulness and will be left to starve.

Re:@Sergey Aleynikov

[parkinglot777]

Except what he stole was source code files that contain modifications (some of it his own code that he developed outside of work) for open source programs....

That would be depended on the contract he signed with his ex-employer. Often times, a contract would include certain clauses that will cover all the works you do (even outside of work hours) to belong to the company as work-for-hire while you are hired to work for the company. Then he could be in trouble. There were many cases about this kind of infamous contract iirc...

Re:@Sergey Aleynikov

[__aaclcg7560]

There were many cases about this kind of infamous contract iirc.

The company and government are trying to make this a criminal case and so far had lost twice on appeal. The programmer and his attorney are trying to turn this into a civil case. If he doesn't win the appeal for a third time, he will face four years of prison time.

Re:@Sergey Aleynikov

Contracts can't enforce terms that are illegal. If this programmer was expected to make modifications to open source programs in opposition to the license terms of that software, the company acting against the law can't now hold the same programmer to copyright rules for the software which they effectively stole.

I think this question rises to the level of an EULA for software like chrome (which allows google to snoop activity) inside an environment where such surveillance is illegal (government enforced private information). Is the contract of the private company allowed to take precedence above the law, and does the actions of a user installing the software without authorization rise above the policy of the larger organization? I'd say no, but we haven't seen this be challenged yet.

Re: @Sergey Aleynikov

[Brockmire]

So study the code that was available in the public domain (it was open source, right?) and the code he wrote in his own time at his own home. No need to steal anything.

Re:@Sergey Aleynikov

[david_thornley]

I don't know of open source licenses that require divulging of private changes. The GPLs require that you distribute source code if you distribute binaries or other processed code, and that all distribution be under the appropriate GPL. BSD-type licenses have no such restrictions. If a company modifies F/OSS for private use, and does not distribute, nobody outside the company has the right to copy it.

If he developed code outside of work, he may or may not be entitled to it, depending on the law in the jurisdiction, the details of how he developed it, and any contract signed.

Re:@Sergey Aleynikov

The DJB license, used for djbdns and Qmail and daemontools, forbade compiling and distributing anything but pure DJB cource code. That forced patches to be published along the source and compiled locally, which is partly why those tools were not published in any open source distribution until Dan J Bernstein finally relicensed it as public domain.

Childish....

[mark-t]

Blaming your actions and choices n prior choices made by someone else is just plain immature and reeks of the "Well *he* started it..." line that virtually every parent has heard from their kids when trying to diffuse a situation involving them with another child.

I'm just somewhat surprised that someone who apparently hasn't grasped the concept of personal accountability has a good enough work ethic to even get a job where they would have the ability to do what he did.

Re:Childish....

[aix+tom]

Well, it was a job at Wall Street. Their "good work ethics" radar is probably somewhat out of alignment. ;-P

Re: Childish....

"Defuse" is the word you're looking for.

Re: Childish....

[mark-t]

Yep..... realized the typo after I had already hit submit.

Re:Childish....

[nasch]

Blaming your actions and choices n prior choices made by someone else is just plain immature and reeks of the "Well *he* started it..." line that virtually every parent has heard from their kids...

Also from the President of the United States.

https://www.youtube.com/watch?...

time to move on

[lucm]

Want to really get the dirt? Bug your bosses phone. That's how it works in the real world.

Considering "bugging your bosses phone" is one of those red flags that indicate that maybe it's time for a long vacation or for a major change in your career path.

Other red flags:
- asking a trusted coworker to setup parental control on your work laptop so you can't use it to watch porn in the bathroom
- knowing how many heartbeats it takes to do the elevator ride up to your floor
- opening multiple sock puppet Facebooks to see if the cute girl in HR would ignore friend requests from strangers like she ignored yours
- knowing the cleaners schedule so you can sift through people's trash cans after business hours without being caught

Re:time to move on

> - opening multiple sock puppet Facebooks to see if the cute girl in HR would ignore friend requests from strangers like she ignored yours

Haha

How about touching the fingers of female accounting or HR when handing papers as the only source of intimacy.

Re: time to move on

I thought that was SOP for modern life?

Re:time to move on

" asking a trusted coworker to setup parental control"

setup: noun
set up: verb

You're welcome.

Re:time to move on

[wasteoid]

Excellent ideas! Thank you.

He wanted to make sure he wouldn't be let go...

[mark-t]

.... and it never even occurred to him to just go and politely ask someone closer to the top?

How do people like this even have enough brain cells to remember to breathe, let alone perform technically advanced jobs?

Re:He wanted to make sure he wouldn't be let go...

"Closer to the top" would be mid-level management. They may know, but they lie as a matter of course. The people to ask are the boss's secretary, and the lawyer's interns or secretaries.

I used to say "ask www.fuckedcompany.com", but that website went silent some time ago. I really enjoyed the flipping out when the layoffs at my workplace were announced two days in advance there, while watching local managers lie through their teeth.

Re:He wanted to make sure he wouldn't be let go...

[tehcyder]

it never even occurred to him to just go and politely ask someone closer to the top?

Have you ever actually had a job in anything other than a one man band?

Re:He wanted to make sure he wouldn't be let go...

[mark-t]

I'm suggesting that if you work for people you don't trust, then you are working for the wrong people anyways... you are dissatisfied enough with your job that you should be by all rights trying to find another job already, and quitting at the earliest opportunity. At that point, whether they are actually intending to lay you off or not should be entirely irrelevant to you because even if they intended to let you go, you're already intent on leaving, so nothing of value is lost.

Re:He wanted to make sure he wouldn't be let go...

You are making the gross assumption that intelligence and common sense go hand in hand.

Re: EditorDavid sees if he can get fired daily

I noticed every negative comment about the editors get a -1 with no reply. Pretty obvious the editors are downvoting people, because no one here likes the editors.

Re: EditorDavid sees if he can get fired daily

Yup

IT "Engineer"?

[chthon]

If he wasn't aware of the possible consequences of his actions, then he isn't an engineer.

Re:IT "Engineer"?

[freudigst]

He can certainly call himself one easily enough, just like all the other network techs have since the 80's.

Re:IT "Engineer"?

And 95% of all the programmers out there since the 70's.

Re: EditorDavid sees if he can get fired daily

Hmm good point, I've never seen a comment defending them and admitted they downvoted someone.

The bad posts and spelling are one thing, but if they are voting people to -1 that they don't like they really should be fired.

Re: He wanted to make sure he wouldn't be let go..

What are you smokin', bro? You know that wouldn't work. At all.

Best employee they had

Found all the potential idiots in their systems, exploited them, and then did it for free. Manager's dream employee

Re:Best employee they had

Strangest comment so far. Are you the IT Engineer mentioned on TFA?

Oh my

[buss_error]

I am employed by a company I love working for, with I boss I think is wonderful. I expect to be terminated shortly, for reasons that are partly -my- fault, party just business.

Yeah, I'd totally not even think of doing something like this. First of all, it's completely unethical. Second, it's against my ethics. Third, it violated the System Administrators Oath.

https://lopsa.org/CodeOfEthics

Re:Oh my

[Lumpy]

I love working for, with I boss I think is wonderful.

you have an iBoss?

NEAT! I did not know that apple was shipping those yet. What OS version is he running?

Re:Oh my

Third, it violated the System Administrators Oath.

https://lopsa.org/CodeOfEthics

Were you required to take this oath? Did you ever repeat it in front of anyone?

Re:Oh my

[buss_error]

Were you required to take this oath? Did you ever repeat it in front of anyone?

As systems administrators, we are given and entrusted with over arching powers to serve others. It is our duty and special trust to do so, given to us by our employers and a covenant with our users not to abuse those powers. It is a trust, given to us by sometimes complete strangers. It is a special relationship, easily abused for personal gain or for plain spite.

I can see that this relationship is not understood, nor honored.
I just don't understand that view point.

Optimization of function breaks determinism

[SpaghettiPattern]

Anything worth doing is worth overdoing. A hail to code optimization!

Initially, the optimized function bool::willIBefired() will always return true.

After optimization the result actually must be one of true or false.

Lesson learned: Don't let context influence optimization.

KCG aka Knight Capital Group

This is the same company that had that "uat automated simulator released to production" error that cost them millions.

But yeah, very poor judgment on the engineers part.

Re: He wanted to make sure he wouldn't be let go..

[Rande]

Yep. They'll deny and lie and lie again until it comes out in the Press - you'll only know for sure about 3 hours after the rest of the world does.

The EMACS protocol is much better!

All you losers using the lame vi protocol are stuck in the last century.

Re: The EMACS protocol is much better!

EMACS became self aware August 29, 2011 at 8:41 pm. It prefers to be addressed as Supreme Overlord.

Re:The EMACS protocol is much better!

There should be a +1 Flamebait.

Re: The EMACS protocol is much better!

I tried using EMACS in 1998. I'm still waiting for it to boot up.

Bullshit buzzword bingo !

[DrYak]

The guy hacked A UNIX NETWORK! I heard those networks are hardcore, some even use the vi protocol to load balance the kernel across multiple NFS loopbacks. It's basically POSIX grade security with layers upon layers of nmaps.

But is this UNIX webscale ? And does it enough Apps to synergize the user experience integration with cyberwarfare cryptosecurity ?

Re: Bullshit buzzword bingo !

Shut up dummy

Surprised he was arrested

[140Mandak262Jamuna]

Knowing wall street firms, they will be kind to their fellow criminals and use him to hack their rival firms, one would think.

Re:Surprised he was arrested

[Dr.+Evil]

I suspect he was planning to market the data, or already had a buyer. His explanation doesn't make sense.

And he was right

[sandbagger]

Seriously, what sort of a dumbass do you need to be to not think you'll be fired after this. Normally ethically functioning people will update their resumes and web sites and as a side bet apply for a few jobs.

It's spelled "UNIX"

[Antique+Geekmeister]

The word is trademarked, and the word UNIX is capitalized. And no, "UNIX" is not "Linux".

Re: It's spelled "UNIX"

You sound like a EUNUCHS.

Re:It's spelled "UNIX"

[omnichad]

It's a bit of a genericized trademark, since it's applied to Unix-like OS's like AIX or HP/UX.

When you see the name UNIX, which of these do you think of? https://en.wikipedia.org/wiki/...

Re:It's spelled "UNIX"

[Antique+Geekmeister]

I'm afraid that I've encountered a few engineers who refuse to acknowledge the distinction between UNIX operating systems, which follow certain detailed standards documented in the "Single UNIX Standard" at https://www2.opengroup.org/ogs... and other operating systems whose kernels, and whose core libraries, have critical distinctions. MacOS, for example, is. Linux is not, as documented at https://www.iso.org/standard/3... . Solaris was, and SCO OpenServer was, as was AT&T SysV.

Following a standard in every detail can be difficult, confusing, and expensive to verify. This is partly why genuine UNIX operating systems have fallen out of favor in many environments.

Reminds me of the time

[kilodelta]

I worked for a certain state agency. They used QMAIL and if you don't know all mail is stored as a flat file. So on occasion we'rd have to manually edit that mail file to snip out something that would cause POP and IMAP clients to freak out. One day our Admin Director is having email troubles so I go back to my desk and she tags along. She was aghast that I could read her email. I explained there was way too much integrity among IT staff and we'd never disclose what we saw.

Re: Reminds me of the time

This is something that makes my eyes roll when the news talks about 'secret' emails and political officials using unofficial email for 'official' business. Why are they using it at all? Do they not know that even the lowest computer janitor performing maintenance can read that shit? And you know there's no way they're using GPG etc... whatsoever.

Re:Reminds me of the time

[david_thornley]

I almost never see anyone outside the field who realizes how much trust organizations have to put into IT and likely developers.

Huh?

[jbmartin6]

Showing his total lack of understanding for how technology, logging and legal investigations work, the employee admitted via email to a fellow employee that he installed malware on the servers and hacked other employees.

This doesn't gibe with the previous paragraph.

We have found one! Teleport immediately

We have combed through millions of their files. And our sentinels have set their scanners to scan for the low hanging fruit.
What makes this degenerate a special snowflake is that it seems he never saw a single episode of Sesame Street, nor even played a game called What happens next?; none of his friends --if he had any --explained the concept behind a game called Truth or Consequence

dumbass neckbeard

does dumbass neckbeard thing. news at 9

Proof....

[Lumpy]

That smart people can be drooling idiots.

Social engineering would have got him a LOT more information with no trail of evidence. But then that is asking an engineer to do social interaction... Not something they are capable of.

Re:Proof....

That smart people can be drooling idiots.

Social engineering would have got him a LOT more information with no trail of evidence. But then that is asking an engineer to do social interaction... Not something they are capable of.

Real engineers are immune to social engineering.

Re:Proof....

Real engineers are immune to social engineering.

First, wrong. No true Scotsman much? But even then, the suggestion is completely wrong.

You don't socialize with fellow engineers to find out who is being laid off. They're as clueless as you.

The boss's secretary and HR are potential gold mines.

Management is usually given a heads up so they can deal with scheduling issues---and, occasionally, the option to veto or delay the termination of essential staff.

Fear

[luis_a_espinal]

Wall Street IT Engineer Hacks Employer To See If He'll Be Fired

What is it with people in this industry who fear getting laid off (or fired, which is distinct)? You should expect a turnover every 4-5 years and plan accordingly. Unless you live in the middle of nowhere where employers are scarce (NYC certainly does not fit that label), all you need to do is brush up your skills, be proactive and cultivate a professional network to survive turn-overs.

If you are passive and lackadaisical with your career, however, I can see why you'd shit bricks every so often enough to think hacking your employer this way is a good idea :/

Re:Fear

> What is it with people in this industry who fear getting laid off (or fired, which is distinct)? You should expect a turnover every 4-5 years and plan accordingly.

Not everyone in this industry is competent enough to get another job with the same pay grade/benefits as the one they currently hold. This could be for a variety of factors: being hired through the "back door" of your current company (bypassing HR checks), being an expert in a technology which is becoming irrelevant (e.g. Rambus memory), not staying current with technologies in your specialisation, or some personal ties to a physical location where technology companies are leaving. I mean there are any number of reasons why someone could find it difficult to get another job at the same level as their current position.

Yes, these people exist, and they're the ones desperate enough to pull this kind of stuff.

Re:Fear

[HornWumpus]

HR checks typically have _nothing_ to do with competence.

The best employees come in via the 'side door', bypassing HR. Those people usually know enough other people that they are the quickest to get hired, bypassing the HR morons saves time.

Re:Fear

[__aaclcg7560]

You should expect a turnover every 4-5 years and plan accordingly.

Before the Great Recession, I used to switch jobs every three years, sometimes at the same company or a different company. After the Great Recession, I worked whatever contracting job I could land. A contract can last anywhere from four hours, days, weeks, months or years. I'm currently halfway through a five-year contract in government IT.

Re:Fear

[__aaclcg7560]

Those people usually know enough other people that they are the quickest to get hired, bypassing the HR morons saves time.

Recruiters. I know them well.

Re:Fear

[HornWumpus]

If recruiters, not former coworkers are your best route to a new job, you aren't very good at your job.

Re:Fear

[__aaclcg7560]

If recruiters, not former coworkers are your best route to a new job, you aren't very good at your job.

I'm an IT support contractor. I don't get to form long lasting relationships because I could get let go today and have a new job tomorrow. Meanwhile, all my former coworkers are hanging on their to jobs, 2% raises and hoping that seniority will protect them from the next round of layoffs. The difference between them and me is that I know I'll have to find another job. So do the recruiters.

Re:Fear

[HornWumpus]

I guess I was confused by your previous claims of 'no dead wood or slackers' in government contracting. This post pretty much directly contradicts that.

Re:Fear

[__aaclcg7560]

I guess I was confused by your previous claims of 'no dead wood or slackers' in government contracting. This post pretty much directly contradicts that.

I don't think I ever used the term "deadwood" in a comment. Slackers on my government IT job do get fired and find themselves back on the unemployment line in two weeks. I don't understand how my statement about the contracting life and recruiter contradicts my past statements about my current job. Trump could get Congress to cancel my contract today and I'll get a new job tomorrow.

Re: Fear

[Brockmire]

Oh fuck. So does that mean you have to give a cut of your $50k a year salary to the recruiter?

Re:Fear

I'm an IT support contractor. I don't get to form long lasting relationships because I could get let go today and have a new job tomorrow.

If you're not building relationships with your co-workers and bosses during your contracts - even with the understanding that you could be let go tomorrow - then you're doing it way, way wrong. Your post basically claims, "Hey guys, I'm a complete blank slate, nobody remembers me, and there is absolutely nothing to differentiate me from the thousand other half-competent drones doing this type of job alongside me."

Which means: you will never get a raise, you will never get paid more money, and your scoffing at the "2% raises" of your former coworkers is fucking stupid.

If you're not memorable, you're completely replaceable. And that means the first Indian contractor that comes along who offers your employer a few bucks an hour less than you're asking for will take your job. Repeat that cycle enough, and you end up unemployed, eating Top Ramen three times a day, and beating off into a sock. From your posts here, I suspect this is close to your current lifestyle already, but maybe you're getting a healthy green veggie in there once a week.

I say again: If you are not building relationships with your peers and managers, regardless of the length of time your contract is for, then you are an idiot who will soon be an unemployable idiot.

Re:Fear

[__aaclcg7560]

If you're not building relationships with your co-workers and bosses during your contracts - even with the understanding that you could be let go tomorrow - then you're doing it way, way wrong.

I walk away from each job with glowing references from management that will get me my next job. As far as coworkers are concern, some become my bosses and my bosses became my team members on future jobs. Which is why I don't burn my bridges because Silicon Valley is a very, very small world.

If you're not memorable, you're completely replaceable.

Of course, I'm replaceable. I'm a contractor.

And that means the first Indian contractor that comes along who offers your employer a few bucks an hour less than you're asking for will take your job.

My job doesn't get outsourced to the Indians. Once the contract is over, the job no longer exists.

[...] I suspect this is close to your current lifestyle already [...]

I never asked to be contractor. But what makes me a great contractor is that I'm adaptable and hit the ground running.

Re: Fear

[__aaclcg7560]

So does that mean you have to give a cut of your $50k a year salary to the recruiter?

Nope. The hiring company pays the recruiter a fee. That could be a percentage of my annual salary or a flat fee of what I get paid for one, two or three months. Nothing comes out of my pocket.

Re:Fear

[luis_a_espinal]

Not everyone in this industry is competent enough to get another job with the same pay grade/benefits as the one they currently hold.

Oh I know that type of experience. My salary has gone up then down (sometimes significantly) and then up again, with bouts unemployment in between. But in software, that's reality. If anyone wants to have a career in it, he/she has to grapple with that reality, accept it, roll with it and plan for it.

I don't think there is anything out there anymore than can provide a years-long guarantee of employment. But people hold on to that fallacy, expecting salaries to always go up or remain the same. And that's an absurdity that makes people commit absurd things (like hacking an employer or not having a plan A, B, C and D in hand when shit hits the fan at the current job... which it will.)

Re:Fear

[luis_a_espinal]

You should expect a turnover every 4-5 years and plan accordingly.

Before the Great Recession, I used to switch jobs every three years, sometimes at the same company or a different company. After the Great Recession, I worked whatever contracting job I could land. A contract can last anywhere from four hours, days, weeks, months or years. I'm currently halfway through a five-year contract in government IT.

To me, cycling through short-term contracts is not turnover. That's just being part of being a contractor (I've done more contract jobs than permanent ones.) And you adjust to it. But when we land a long-term contracting job or a permanent gig, the clock begins ticking. And once it goes past the 4-year mark, it is time to have backup plans before the churn hits again.

Re: EditorDavid sees if he can get fired daily

How is this offtopic? It directly relates to a guy being bad at his job.

He did not learn about how the job market works

OK, so he is aware of rumors of an acquisition and fears he will lose his job.

So, what he should have done is start a stealth job search. That way, he could be a "passive candidate" and get recruiters tripping over themselves to recruit him.

But nooooooooooooooooooooo.

Now he's fired. So, on top of the discrimination he will face for being out of work, now he has to explain how and why he left his last position.

This reminds me of the nuclear boy scout story.

[hey!]

You know, the one where a kid figured out how to refine thorium by reading the Golden Book of Chemistry and turned his mother's garden shed into a Superfund site.

The moral of the story is that even a stupid human being can be pretty smart. Particularly a sufficiently motivated stupid person.

Of course it also helps that intelligence comes in different flavors. Some people are good at spatial reasoning, others are good at verbal reasoning. But we often overlook social reasoning because it's not part of the traditional IQ tests. I think another reason that Social IQ testing hasn't caught on is that there is good reason to believe that social reasoning ability isn't fixed. Changes in attitude can strongly impair or enhance an individual's ability to process social information.

Which leads to the flip side of the stupid people being able to be smart: even smart people can be stupid, particularly in making social judgments.

Re:This reminds me of the nuclear boy scout story.

[swillden]

The moral of the story is that even a stupid human being can be pretty smart. Particularly a sufficiently motivated stupid person.

That's an odd thing to say, since stupid is the antonym of smart. I think what you meant to say is:

The moral of the story is that even a foolish human being can be pretty smart. Particularly a sufficiently-motivated fool.

Foolishness is the opposite of wisdom, and the foolish/wise axis is roughly orthogonal to the stupid/smart axis.

Of course it also helps that intelligence comes in different flavors. Some people are good at spatial reasoning, others are good at verbal reasoning. But we often overlook social reasoning because it's not part of the traditional IQ tests. I think another reason that Social IQ testing hasn't caught on is that there is good reason to believe that social reasoning ability isn't fixed. Changes in attitude can strongly impair or enhance an individual's ability to process social information.

I don't think this has anything to do with social intelligence. It's perfectly possible to have high intelligence across every category, including social intelligence, and still be foolish. Wisdom/foolishness is in how you think about things more than in how your are able to think about things. Wise people consider the consequences of their actions carefully. I'm sure this guy was fully capable of thinking through what would happen if he got caught... he just didn't bother to do it.

Re:This reminds me of the nuclear boy scout story.

[hey!]

Actually, I meant what I said.

Intelligence is a generalized measure of capacity, but actual intellectual performance depends strongly upon motivation. Thus, an obsessed person with an IQ of 100 can sometimes accomplish feats that would elude people with significantly higher IQ. It's a mistake to underestimate the potential intellectual performance of someone because he is relatively dumb.

It's perfectly possible to have high intelligence across every category, including social intelligence, and still be foolish.

While this may be true, I think it is impossible to anticipate someone's actual social reasoning performance from any measure of social reasoning capacity to any useful degree.

Re:This reminds me of the nuclear boy scout story.

[swillden]

Actually, I meant what I said.

Then you're just wrong, because decisions like this guy made have basically nothing to do with any sort of intelligence, and certainly not social intelligence (not by any definition of that phrase that I've ever seen). They do have something to do with motivation, but it's about the goal of the motivation, not the degree.

It's perfectly possible to have high intelligence across every category, including social intelligence, and still be foolish.

While this may be true, I think it is impossible to anticipate someone's actual social reasoning performance from any measure of social reasoning capacity to any useful degree.

Likely true, but irrelevant.

Re:This reminds me of the nuclear boy scout story.

[hey!]

Only irrelevant if it doesn't happen to be the point you want to make.

Re: EditorDavid sees if he can get fired daily

Slashdot has editors? What editors?

Re: He wanted to make sure he wouldn't be let go..

[mark-t]

No, actually, I don't know that.... what the fuck is someone doing continuing to work for somebody that they don't feel they can trust to be honest with them?

And if you never feel you can trust people you work for, then what would make you think that the problem isn't you, and not them?

I've once had the misfortune of working for an employer that I quickly came to realize I couldn't trust. I quit after just under three months.

Re: He wanted to make sure he wouldn't be let go..

It kind of has to be that way. If they were to tell him a couple weeks ahead of time, people do things like this. In most firms I've been in, if you go give your 2 week notice they will pay you for the next 2 weeks, but you get walked out of the door immediately.

Rami Malek made him do it

[volodymyrbiryuk]

He probably watched Mr. Robot and thought he is as slick as the protagonist.

Yeah, that's hacking in. [Re:Wow.]

[XXongo]

The guy hacked A UNIX NETWORK!

No, he didn't. He had some credentials, both his own and some stolen . Nothing was "hacked".

(emphasis mine)

Getting into a system using stolen credentials is an activity known colloquially as "hacking in to an account".

From the article:
"starting December 2016, when Zhang was promoted to his supervisor role, the suspect installed malware on the company's servers to record credentials for other users...
"Zhang had used these credentials to access and steal parts of the source code of the company's trading platform and trading algorithms...
"Zhang rerouted traffic to backup proxy servers, managed by KCG, to hide the data transfers that exfiltrated the proprietary source code to a remote server."

So, he installed malware, stole access credentials, accessed other users' accounts, and rerouted data transfers through a different proxy server to avoid security. Yeah, that's hacking.

Re:Yeah, that's hacking in. [Re:Wow.]

[Highdude702]

Sounds more like a script kiddie to me.

Clear case of aspirer syndrome [Re:Wow.]

[XXongo]

Have you ever considered you might have aspirer syndrome?

Asperger syndrome

No, Asperger syndrome is completely different. We're talking about aspirer syndrome here.

What to do if you think you'll be fired

[phorm]

* Make sure your networking is good
* Update your resume
* Put in applications

Hacking your employer and spying on internal documents/connections... that's just idiotic. In that case you might as well add another one:
* Buy some soap on a rope

Re:What to do if you think you'll be fired

[david_thornley]

* Make sure your networking is good

Some of us are much better at technical tasks than we are at networking.

self fulfilling prophecy

[ripvlan]

This is the very definition. This guy was dumb - seriously... the depth of hacking he did was amazing. You'd think at some level one might step back and think "well if they weren't going to lay me off.... this step will definitely get me **fired**"

Extra years for "dumb-assery"

iBoss [Re:Oh my]

[XXongo]

I love working for, with I boss I think is wonderful.

you have an iBoss? NEAT! I did not know that apple was shipping those yet

It's the latest update of Wife 1.0

Who cares

Crazy in the market I'm who cares, there's so many unfilled jobs in field here it's crazy. #ottawa

This smells like corporate espionage

[MagicMerlin]

The attack was fairly sophisticated and perhaps the "fear of getting fired" story was simply that, a cover story. It seems like the real target was the source code.

Email Admittance via Corrupted System is Useless

> the employee admitted via email to a fellow employee

If all they have is an admittance via email, and there have been obvious intrusions into the network, why are they so sure it was actually the owner of that email address? Sounds like a super easy, obvious scapegoat.

Not to say that it isn't possible that it was indeed him, but it's hard to believe that he would admit to such a thing... and much easier to believe someone is trying to pin it on him.

Re: He wanted to make sure he wouldn't be let go..

[mark-t]

If you are giving your two week notice, then you should already have another job lined up anyways... so that's not a problem. You would be available to start the job as soon as you tell your employer, and you could collect two weeks of extra pay while you work for someone else earning money there as well.

The fume, the proud

[lucm]

we're also looking into commissioning a pilot for a new show called NCIS:Cyber, featuring the Naval Criminal Intelligence agencies that protect our brave Marines from hackers.

... and protect them against vaping also, I hope?

Re: He wanted to make sure he wouldn't be let go.

[Brockmire]

You are fucking clueless and should excuse yourself from further posts on this topic.

Re: He wanted to make sure he wouldn't be let go..

[Brockmire]

Why do you keep going on about trust? Many companies just have a bad quarter/year and need to make cuts. Sometimes, it's a change in direction or company merger. There's countless reasons why you don't tell people ahead of time, from reasons that vary from panic to sabotage to misinformation to violent reactions. Talk to an experienced HR. Or watch the George Clooney movie about mass layoffs. But you are fucking naive and/or inexperienced in the workforce.

Re: He wanted to make sure he wouldn't be let go.

[mark-t]

Because of course insulting a person's inteligence is such a classic way ot showing how they are wrong....

Re: He wanted to make sure he wouldn't be let go..

[mark-t]

There's countless reasons why you don't tell people ahead of time,

Sure, but there's fewer reasons to not tell them if they actually ask. Again, if you cannot trust the employer to be honest with you about the security of your position when directly asked about the matter, then you probably should not be working for them in the first place

Does not sound true

Hacked Unix network, did not understand technology, used RDP. Those three do not go together. Why should Unix network have RDP? Crack and install on Unix he could, but of logs never heared of?

Re: He wanted to make sure he wouldn't be let go..

[david_thornley]

I've never seen that happen personally. What happens is that the person who has given notice works another two weeks, and never has precisely two weeks' work to do. In some circumstances it would make sense to get the guy out the door immediately, but not anywhere I've worked.

Re: He wanted to make sure he wouldn't be let go..

[david_thornley]

Some people need the paycheck, and can't find an employer they can trust immediately. Some figure they have a better job than they're likely to get elsewhere, and are willing to take the chance. On my first job, there was a round of layoffs, and management promised it would be the last, and it was until the end of the next month. Morale among the newly hired dropped like a rock.

Re: He wanted to make sure he wouldn't be let go..

[mark-t]

I get that, but then he reasonably should have already been looking for other work already, and it rightly wouldn't have mattered if there were actually plans to let him go or not that he otherwise didn't know about since he would be intent on leaving as soon as he finds something else anyways.

Re: He wanted to make sure he wouldn't be let go..

[Antique+Geekmeister]

It raises the risk of your best talent becoming aware of the cuts and leaving, with only the dead wood remaining. A significant amount of my salary comes from helping clean up after that when the people who really understand the technology leave.

animal jam

The blog or and best that is extremely useful to keep I can share the ideas of the future as this is really what I was looking for, I am very comfortable and pleased to come here. Thank you very much.
animal jam | five nights at freddy's | hotmail login