I find it interesting that folks seem to assume the fact that the managers, city government and police acted poorly in this case somehow balances out the fact that Childs was guilty of the crime.
There were plenty of opportunities on both sides to handle this entire affair in a better way, and both sides managed to screw up each and every opportunity. That said, when your manager asks you for access to a system, you give it to them -- you can write for the record that you're doing so under protest and list the reasons, but you do it.
Legality aside (since that's a settled issue), let's not pretend Childs was somehow a slightly-paranoid innocent in all this. Childs acted unethically and incompetently as an administrator -- he was trusted with access to these very important systems, and he abused it. He not only failed to create a plausible disaster recovery plan, but he set things up so that he had to be the cornerstone of any effort to recover or even maintain the system.
Do you honestly believe that it's okay to build a system and then hold out access to it as some sort of guarantee of lifetime employment? If you'd bothered reading the details of the case, you'd see that Childs clearly broke the law and, on top of that, clearly acted unethically in regards to his duties as an administrator.
> He may have been an ego-maniacal dick about how he managed the systems when > he was authorized, but being a dick is not a criminal offense.
He can be a dick all he wants, you're right. Refusing access to an authorized user, as it turns out, actually *is* a criminal offense.
I'll even go a step further and say it's a good law to have. Electronic infrastructure is important and needs to be safeguarded -- you simply cannot have situations like this where some admin decides that he can hold a company or (in this case) government hostage to his whim by locking them out of their important systems, systems that are (at the end of the day) property of the entity that owns them, not the individual hired to set them up or maintain them. It doesn't matter if that person denies access actively (suspending all the other admins, for example) or passively, as in this case -- it's the same effect.
How could you possibly reply on computers for anything otherwise?
The whole "taking out $10k and planning to leave the state" thing got Childs arrested, but that's not why he was tried. He was tried and convicted for refusing to provide access to the computer system to people whom he was legally required to do so. At the end of the day, it really doesn't matter what his "views" were about who deserved access, there was a management chain and he choose to ignore it. It wasn't his call to make.
I can't imagine how you get "railroaded" out of that. The jury clearly did their bit here, examining the law as written and finding that Childs violated it. That's exactly what juries are supposed to do.
Now, we can talk about the severity of the punishment, but that's hardly unique to this case.
Exactly when did allowing a paranoid network admin to continue to deny access to critical city systems to anyone but himself become "right"?
Regardless of the mitigating circumstances, Childs was still in the wrong on this one -- having dimwit managers is not an excuse for denying the rightful owners of the systems access.
The city didn't have the configurations stored anyplace else, and the routers were configured in such a way as to not allow password recovery. If you look at the list of city services that were being handled by this system, it's not exactly something for which you can simply declare "planned downtime" and go to work.
What folks here need to get their heads around is that (a) the managers responsible for this system are badly incompetent and handled this in the worst possible way*, and (b) at the end of the day that still doesn't matter for shit -- he still broke the law, he dug himself a hole and he paid (and likely will continue to pay) the price.
The jury found the guy guilty because he was guilty -- the mitigating factors here don't justify or excuse his actions. That's exactly what they're supposed to do, and I'm certain it's what I would have done in their place.
* One of the jurors was quoted saying this: "We had a lot of sympathy for him... He was put in a position he should not have been put in... Management did everything they possibly could wrong... There was ineffective management, ineffective communication. I think that if they put the city on trial, they would be guilty, too."
By your logic you could criminalize or decriminalize anything just via a government's say-so. Political thinking dismissed that sort of justification three hundred years ago (you know, "unalienable rights"?).
Man, two hours a week isn't nearly enough time for the micromanagement, pontification, self-promotion, idle chatter and general dumbfuckery that has become the mainstay of my job -- I can't see anyone in management in any serious-size company (where the most important job qualification for middle management is, of course, meetings) going for this.
My God, can you just imagine having eight hours to sink into work, unbroken by pointless meetings? Being able to concentrate on a task rather than sit in some soul-crushing little room with fluorescent lighting just to realize that your boss brought you in just so he'd have people sitting there to look impressive to some other department? Getting things done rather than listen to your coworkers discuss the specifics of your job even though they're not vaguely qualified to do so?
Password aging is one of those policies that sounds like it makes some degree of sense only if you don't have any understanding of human nature.
Here in reality, forcing people to change their password every 30 or 60 or 90 days only has a few possible results:
(1) A lot more people writing down passwords and sticking them to their monitors. Who the hell can remember a new eight-digit string of nonsense every month? (2) A lot more easy-to-guess passwords (3) Incremented passwords (FuckTheSecurityGuys14)
This is why I consider password policies a great indicator of where your IT department is on the "keepin' it real" scale: No restrictions, you IT people are idiots and don't care or understand security. Reasonable restrictions (min 8 characters, letters and numbers) and you're in the sweet spot. Passwords that expire every 15 minutes, your IT people are idiots and don't care or understand security.
What could possibly be said to justify firing into a crowd of unarmed people?
I suppose my base assumption is that this patrol wasn't just walking down the street one day, saw a group of people and thought to themselves, "Hey, let's blast away at these motherfuckers! I haven't gotten to shoot anyone all day, and I just can't get an erection anymore if I don't do so. Also, maybe we can punch a baby or two when we're done."
For example, why exactly did people have video cameras? I admit that my sole experience in this is having seen 'Hurt Locker', but it seems to me that's the sort of thing that would set off certain alarm bells for me if I were a soldier. What was being said on the ground? What sort of behavior preceded attacks in this area in the past, what sort of warning signs were these guys responding to?
Again, these guys may well have screwed up and may well be deserving of punishment. Assuming, however, that my base assumption (that these guys aren't all evil merciless killing machines) is correct, there must be factors we don't, as civilians, understand.
I always feel like the key trouble with video of any military operation is that the general public has absolutely no basis from which to really understand what they're seeing -- the context of civilian day-to-day just doesn't create the sort of base of experience you need to watch this sort of video and draw decent conclusions from it.
What was the situation? What were these guys trained to do in this sort of situation? What had happened the hour or day or week before in this area, what was happening in the region, what sort of tactics had the bad guys been using, what were other patrols telling these guys? These details are actually more important than what we see in the video towards understanding the events, but we have none of it.
I don't want to make apologies if these guys screwed up -- I'm not of the mindset that out men and women in uniform are all heroes who can do no wrong or anything of that nature. That said, I'm also willing to accept that I don't have the experience or understanding to understand what I'm seeing... I'd be interested to hear from someone who does.
I believe that internships are important. I was an intern at SGI back in the late '90s, and I still frequently think back to the things I learned working there and applying those lessons to my current career.
That established, I can also say without hesitation that tech internships aren't like apprenticeships -- you're generally not learning the skills you need to do a given job, but rather applying the skills you've already amassed.
Really, the benefit of internships is twofold: You learn how to operate in an environment where you're not simply taking instructions (like you would working a job at Subway or mowing lawns or answering support calls, the typical menial jobs you can get before college) but rather participating in the job and dealing with peers, managers, HR twits, etc. Second, and related to this, you're doing it to get it on your resume, proving that you've already been through the learning curve.
So getting back to my initial point, while an intern obviously may not be as effective as a 'regular' employee, interns are still generally 'earning their keep' from Day 1 by producing value for the company.
A critical part of any internship, then, ought to be learning to value your skills, to get an idea of what your services are worth. And unpaid internship, while still better than nothing, skips this lesson, and it really is a key one -- I know people who are 15 years into their career and still unable to realize they're wasting their time in a given position or with a particular employer.
Reading the article, you can't really pigeonhole this as a cyberbullying incident -- it seems way more accurate to call this an instance of *comprehensive* asshole behavior. I mean, when I was a kid the bullies knew how to operate the phone, but nobody called that telebullying.
Don't get me wrong, this is distressing stuff, but reading between the lines it seems awfully simplistic to try and just pass this entire affair off as being a simple result of these kids using the internets in order to torment this girl into killing herself. Really, the most disturbing thing to me in the article is the lack of remorse these girls displayed after the fact. I understand that high school is messed up, but who the hell makes jerk comments on a memorial page? That seems pretty damn sociopathic even by the standards of high school.
How things *should* work and how they *do* work are often, if not most times, drastically different from each other. This is pretty simple "Life 101" stuff here.
In SGI's case, I'd say it's more like "Any company that realizes they can't sell $10k IRIX workstations anymore and decides to base their new business strategy on the moronic idea that they can sell $10k WinNT workstations instead is mere months from going down the crapper".
Any company over a certain size will contain the useless sorts of twits who have nothing better to do then spend their time concentrating on what employees are posting on the internet -- it's a function of CYA mixed with boredom, stupidity and a touch of basic loserdom that is extremely common in the ranks of HR and middle management. You're not safe anywhere.
Social media has a nasty learning curve when it comes to the workplace. This has always been the case in any forum where your electronic musings are available to anyone who cares to look, or even in areas where having some jerk forward a message to the wrong person.
I remember back when I was an intern at SGI, there was a big hullabaloo over the "bad attitude" newsgroup -- this was a newsgroup set up with the idea that people who had a forum to bitch about the company would be overall happier workers. In concept it was a pretty good idea. In practice, it even worked out fairly well; it created a community where people could actually get things fixed or at least have others tell them that the little issue they were overfocused on weren't such a big deal.
Of course, the regular users were people who didn't think what would happen once the bottom-feeding lawyers got ahold of it (as they did when Microsoft subpoena'ed Netscape's offshoot of BA) and then the predictable reactions of the HR drones (HR people being, by definition, the bottom 1% of humanity -- right below baby rapists). Management invented all sorts of reasons to go ahead and fire the more active participants despite the fact that the forum had been more or less sanctioned by the company in the first place.
Of course, that being SGI around 1999/2000, the people who got canned over BA were just a few months ahead of most of the rest of the company, but you take my meaning.
So if there's any difference between us and them, it's that more of us have seen how this works by now..
Lebron James is one of the best basketball players ever to live, not just some run-of-the-mill pickup player.
Let's make a slightly more appropriate comparison: Samuel Palmisano, CEO of IBM, made $1.8 million last year, plus a bonus of $4.75 million and $13.5 million in stock options. So really, the top performers in tech don't really do so poorly either, especially considering that their career is probably a bit longer than Lebron's.
The awesome part about this is that it ought to cause the Tea Party types to blow a gasket.
On one hand, you have the federal government making ID's that will make it tougher for undocumented aliens to get work, so finally all of those high-flight jobs mowing lawns and manning the grill at fast food restaurants will be safe for Real Americans(tm).
On the other hand, you have the federal government making ID's that will allow them to do... Well, whatever wacky-ass conspiricy stuff the federal government supposedly does with ID's -- I'll have to wait for Glenn Beck to tell me exactly why it'll be such a problem, but I'm sure it will be.
In reality, however, the big losers in any sort of forgery-proof national ID situation are going to tomorrow's 19 year-olds who won't be able to get into the bar with their "Hawaii driver's license" anymore. So really, this program only hurts the children.
Slashdot Mirror
I find it interesting that folks seem to assume the fact that the managers, city government and police acted poorly in this case somehow balances out the fact that Childs was guilty of the crime.
There were plenty of opportunities on both sides to handle this entire affair in a better way, and both sides managed to screw up each and every opportunity. That said, when your manager asks you for access to a system, you give it to them -- you can write for the record that you're doing so under protest and list the reasons, but you do it.
Legality aside (since that's a settled issue), let's not pretend Childs was somehow a slightly-paranoid innocent in all this. Childs acted unethically and incompetently as an administrator -- he was trusted with access to these very important systems, and he abused it. He not only failed to create a plausible disaster recovery plan, but he set things up so that he had to be the cornerstone of any effort to recover or even maintain the system.
Why would any jury 'nullify' this case?
Do you honestly believe that it's okay to build a system and then hold out access to it as some sort of guarantee of lifetime employment? If you'd bothered reading the details of the case, you'd see that Childs clearly broke the law and, on top of that, clearly acted unethically in regards to his duties as an administrator.
All kidding aside, Jason's a smart guy and makes a hell of a honey brown beer.
> He may have been an ego-maniacal dick about how he managed the systems when
> he was authorized, but being a dick is not a criminal offense.
He can be a dick all he wants, you're right. Refusing access to an authorized user, as it turns out, actually *is* a criminal offense.
I'll even go a step further and say it's a good law to have. Electronic infrastructure is important and needs to be safeguarded -- you simply cannot have situations like this where some admin decides that he can hold a company or (in this case) government hostage to his whim by locking them out of their important systems, systems that are (at the end of the day) property of the entity that owns them, not the individual hired to set them up or maintain them. It doesn't matter if that person denies access actively (suspending all the other admins, for example) or passively, as in this case -- it's the same effect.
How could you possibly reply on computers for anything otherwise?
The whole "taking out $10k and planning to leave the state" thing got Childs arrested, but that's not why he was tried. He was tried and convicted for refusing to provide access to the computer system to people whom he was legally required to do so. At the end of the day, it really doesn't matter what his "views" were about who deserved access, there was a management chain and he choose to ignore it. It wasn't his call to make.
I can't imagine how you get "railroaded" out of that. The jury clearly did their bit here, examining the law as written and finding that Childs violated it. That's exactly what juries are supposed to do.
Now, we can talk about the severity of the punishment, but that's hardly unique to this case.
Exactly when did allowing a paranoid network admin to continue to deny access to critical city systems to anyone but himself become "right"?
Regardless of the mitigating circumstances, Childs was still in the wrong on this one -- having dimwit managers is not an excuse for denying the rightful owners of the systems access.
Yeah, look -- we're gonna need you to stop providing informed, rational commentary. This is Slashdot.
The city didn't have the configurations stored anyplace else, and the routers were configured in such a way as to not allow password recovery. If you look at the list of city services that were being handled by this system, it's not exactly something for which you can simply declare "planned downtime" and go to work.
What folks here need to get their heads around is that (a) the managers responsible for this system are badly incompetent and handled this in the worst possible way*, and (b) at the end of the day that still doesn't matter for shit -- he still broke the law, he dug himself a hole and he paid (and likely will continue to pay) the price.
The jury found the guy guilty because he was guilty -- the mitigating factors here don't justify or excuse his actions. That's exactly what they're supposed to do, and I'm certain it's what I would have done in their place.
* One of the jurors was quoted saying this: "We had a lot of sympathy for him... He was put in a position he should not have been put in... Management did everything they possibly could wrong... There was ineffective management, ineffective communication. I think that if they put the city on trial, they would be guilty, too."
By your logic you could criminalize or decriminalize anything just via a government's say-so. Political thinking dismissed that sort of justification three hundred years ago (you know, "unalienable rights"?).
Man, two hours a week isn't nearly enough time for the micromanagement, pontification, self-promotion, idle chatter and general dumbfuckery that has become the mainstay of my job -- I can't see anyone in management in any serious-size company (where the most important job qualification for middle management is, of course, meetings) going for this.
My God, can you just imagine having eight hours to sink into work, unbroken by pointless meetings? Being able to concentrate on a task rather than sit in some soul-crushing little room with fluorescent lighting just to realize that your boss brought you in just so he'd have people sitting there to look impressive to some other department? Getting things done rather than listen to your coworkers discuss the specifics of your job even though they're not vaguely qualified to do so?
It'd be glorious.
Password aging is one of those policies that sounds like it makes some degree of sense only if you don't have any understanding of human nature.
Here in reality, forcing people to change their password every 30 or 60 or 90 days only has a few possible results:
(1) A lot more people writing down passwords and sticking them to their monitors. Who the hell can remember a new eight-digit string of nonsense every month?
(2) A lot more easy-to-guess passwords
(3) Incremented passwords (FuckTheSecurityGuys14)
This is why I consider password policies a great indicator of where your IT department is on the "keepin' it real" scale: No restrictions, you IT people are idiots and don't care or understand security. Reasonable restrictions (min 8 characters, letters and numbers) and you're in the sweet spot. Passwords that expire every 15 minutes, your IT people are idiots and don't care or understand security.
What could possibly be said to justify firing into a crowd of unarmed people?
I suppose my base assumption is that this patrol wasn't just walking down the street one day, saw a group of people and thought to themselves, "Hey, let's blast away at these motherfuckers! I haven't gotten to shoot anyone all day, and I just can't get an erection anymore if I don't do so. Also, maybe we can punch a baby or two when we're done."
For example, why exactly did people have video cameras? I admit that my sole experience in this is having seen 'Hurt Locker', but it seems to me that's the sort of thing that would set off certain alarm bells for me if I were a soldier. What was being said on the ground? What sort of behavior preceded attacks in this area in the past, what sort of warning signs were these guys responding to?
Again, these guys may well have screwed up and may well be deserving of punishment. Assuming, however, that my base assumption (that these guys aren't all evil merciless killing machines) is correct, there must be factors we don't, as civilians, understand.
I always feel like the key trouble with video of any military operation is that the general public has absolutely no basis from which to really understand what they're seeing -- the context of civilian day-to-day just doesn't create the sort of base of experience you need to watch this sort of video and draw decent conclusions from it.
What was the situation? What were these guys trained to do in this sort of situation? What had happened the hour or day or week before in this area, what was happening in the region, what sort of tactics had the bad guys been using, what were other patrols telling these guys? These details are actually more important than what we see in the video towards understanding the events, but we have none of it.
I don't want to make apologies if these guys screwed up -- I'm not of the mindset that out men and women in uniform are all heroes who can do no wrong or anything of that nature. That said, I'm also willing to accept that I don't have the experience or understanding to understand what I'm seeing... I'd be interested to hear from someone who does.
People working for free do not have jobs, therefore they cannot be involved in 'job creation' one way or another.
I believe that internships are important. I was an intern at SGI back in the late '90s, and I still frequently think back to the things I learned working there and applying those lessons to my current career.
That established, I can also say without hesitation that tech internships aren't like apprenticeships -- you're generally not learning the skills you need to do a given job, but rather applying the skills you've already amassed.
Really, the benefit of internships is twofold: You learn how to operate in an environment where you're not simply taking instructions (like you would working a job at Subway or mowing lawns or answering support calls, the typical menial jobs you can get before college) but rather participating in the job and dealing with peers, managers, HR twits, etc. Second, and related to this, you're doing it to get it on your resume, proving that you've already been through the learning curve.
So getting back to my initial point, while an intern obviously may not be as effective as a 'regular' employee, interns are still generally 'earning their keep' from Day 1 by producing value for the company.
A critical part of any internship, then, ought to be learning to value your skills, to get an idea of what your services are worth. And unpaid internship, while still better than nothing, skips this lesson, and it really is a key one -- I know people who are 15 years into their career and still unable to realize they're wasting their time in a given position or with a particular employer.
Reading the article, you can't really pigeonhole this as a cyberbullying incident -- it seems way more accurate to call this an instance of *comprehensive* asshole behavior. I mean, when I was a kid the bullies knew how to operate the phone, but nobody called that telebullying.
Don't get me wrong, this is distressing stuff, but reading between the lines it seems awfully simplistic to try and just pass this entire affair off as being a simple result of these kids using the internets in order to torment this girl into killing herself. Really, the most disturbing thing to me in the article is the lack of remorse these girls displayed after the fact. I understand that high school is messed up, but who the hell makes jerk comments on a memorial page? That seems pretty damn sociopathic even by the standards of high school.
How things *should* work and how they *do* work are often, if not most times, drastically different from each other. This is pretty simple "Life 101" stuff here.
In SGI's case, I'd say it's more like "Any company that realizes they can't sell $10k IRIX workstations anymore and decides to base their new business strategy on the moronic idea that they can sell $10k WinNT workstations instead is mere months from going down the crapper".
Any company over a certain size will contain the useless sorts of twits who have nothing better to do then spend their time concentrating on what employees are posting on the internet -- it's a function of CYA mixed with boredom, stupidity and a touch of basic loserdom that is extremely common in the ranks of HR and middle management. You're not safe anywhere.
You must be new to the workforce.
I remember back when I was an intern at SGI, there was a big hullabaloo over the "bad attitude" newsgroup -- this was a newsgroup set up with the idea that people who had a forum to bitch about the company would be overall happier workers. In concept it was a pretty good idea. In practice, it even worked out fairly well; it created a community where people could actually get things fixed or at least have others tell them that the little issue they were overfocused on weren't such a big deal.
Of course, the regular users were people who didn't think what would happen once the bottom-feeding lawyers got ahold of it (as they did when Microsoft subpoena'ed Netscape's offshoot of BA) and then the predictable reactions of the HR drones (HR people being, by definition, the bottom 1% of humanity -- right below baby rapists). Management invented all sorts of reasons to go ahead and fire the more active participants despite the fact that the forum had been more or less sanctioned by the company in the first place.
Of course, that being SGI around 1999/2000, the people who got canned over BA were just a few months ahead of most of the rest of the company, but you take my meaning.
So if there's any difference between us and them, it's that more of us have seen how this works by now..
Set up Facebook privacy so only friends can see your stuff. Crisis averted.
Let's make a slightly more appropriate comparison: Samuel Palmisano, CEO of IBM, made $1.8 million last year, plus a bonus of $4.75 million and $13.5 million in stock options. So really, the top performers in tech don't really do so poorly either, especially considering that their career is probably a bit longer than Lebron's.
We'll just recruit our cybersecurity from the obvious source: China.
I, er, hear they may have some relevant experience.
Oh, and the other loser? The formatting on my posts.
Eh, whitespace is overrated anyhow.
The awesome part about this is that it ought to cause the Tea Party types to blow a gasket. On one hand, you have the federal government making ID's that will make it tougher for undocumented aliens to get work, so finally all of those high-flight jobs mowing lawns and manning the grill at fast food restaurants will be safe for Real Americans(tm). On the other hand, you have the federal government making ID's that will allow them to do... Well, whatever wacky-ass conspiricy stuff the federal government supposedly does with ID's -- I'll have to wait for Glenn Beck to tell me exactly why it'll be such a problem, but I'm sure it will be. In reality, however, the big losers in any sort of forgery-proof national ID situation are going to tomorrow's 19 year-olds who won't be able to get into the bar with their "Hawaii driver's license" anymore. So really, this program only hurts the children.