The point is that you ban the combination as spam; sending a handful of emails is far removed from sending millions, and there's no legitimate reason to do it.
i think you'll have a hard time arguing that spam is any more damaging to your property than other types of unsolicited e-mails. how would you show that spam 'abuses your property'? what property is it abusing?
That's what spam is. Unsolicited and in large quantities.
Yeah, don't drink, don't smoke, what do you do? No booze to me means someone's a dry drunk or a bit too straight laced. you don't need to be a drunk, but enjoy something like booze once in a while.
i hear Jeff Goldblum can do that with only one passive sensing point AND call it triangulation at the same time!
I can do that and I'm not even a cable repairman. All you have to do is assume it's stationary and move the receiver a couple times. It's a freaking cell phone - how fast can his ex wife walk, anyway?
Not wanting to hire a second admin is not the same as wanting only one person on earth to know the passwords. A responsible admin would at least have a safe with the passwords in it so that if they were hit by a bus a decent locksmith could get to the passwords...
Not if he didn't trust anyone else at his job to respect the protocol. He pulled all control to himself with management's blessing, then they fired him when he refused some random auditor's request for full access. Before asking for the passwords themselves.
Since when would a recovery doc include passwords?
This points to mgmt's general resistance to anything that would improve the situation. If there was a #2 that was trustworthy, presumably he'd know some of the passwords.
Business prefers brilliant people who aren't off-the-wall. Because then shit like this doesn't happen in their yard.
You won't find that caliber of network engineer that's not a bit off; also, if you've been paying attention, this shit happened due to management's active refusal to improve processes and hire people who know what they're doing.
Ahh accessing the network in an unapproved fashion from a remote location... wrong for so many reasons..
How would you know - there were no written procedures.
I don't think when they asked him to lock down the network they wanted a single point of failure so that if he were hit by a street car they would have to build everything over again.
Yes they did - they refused for years to hire a second person who could share the job with him and refused to document recovery procedures.
Well they 'sort' of found it I do not believe they have physically located it yet.
it's not that hard to locate a wired in device, especially something like this.
I'm sure he was breaking many documented security rules in doing so
I doubt it; from what we've learned, there wasn't much in the way of documented security rules.
The issue is what was the TS doing?
Allowing him to fix things from home, most likely.
the guy has a hidden criminal record, brought in a device of his own and put it on the network and locked down the existing infrastructure so that he and he alone held the keys
What's his hidden criminal record? Also, the whole locking things down was known and approved for more than a year - he didn't exactly sneak around.
Ah, so they did find it. Consider that the management is thoroughly inept - what are the odds that this is something he brought from home to allow him to do his job? Besides, it's a TS - replace it with one from newegg if you care so much.
If you had your license suspended, it would take hours to get that information to all the other cops, and you could keep driving without penalty.
You can anyway - they need PC in order to pull you over and run your license. Anyway, all of your examples miss the mark; your ATM doesn't need to be sitting on the internet (probably doesn't). It needs a network connection, but that's covered with VPN type tech or a private network. The cost angle needs to be weighed against the risk of doing things on the cheap - no need for direct access, at least not naked access.
The absolute, positive biggest challenge I face isn't the contractors, or suppliers, or the local government - it's the end users (IT included) that simply CANNOT accept when they don't get things their way.
Too bad you don't get your way - try working in a screwed up place where the lights shut off whenever the sensor thinks nobody's there - sort of distracting.
I've had VP's in a tizzy over the fact that they had to tell their people they could not bring their fans, space heaters, and coffee makers to the new buildings and plug them into their cubicles.
So add a coffee maker spot in the kitchen and fix the AC - space heaters are a symptom of a bigger problem.
Most cheap ass computers comes with power supplies going at full capacity + cheap screens will likely send your power usage above the 300W, doing that 8 hours a day from home is far from negligible.
You'll find that most computers draw about 100W while working, and displays generally power down to 5W or less when left alone. Don't believe me? use killawatt or an ammeter and check it out yourself.
Slashdot Mirror
The point is that you ban the combination as spam; sending a handful of emails is far removed from sending millions, and there's no legitimate reason to do it.
i think you'll have a hard time arguing that spam is any more damaging to your property than other types of unsolicited e-mails. how would you show that spam 'abuses your property'? what property is it abusing?
That's what spam is. Unsolicited and in large quantities.
in some cases this information is available from the devices themselves.
And why would they be allowed to search that without a warrant? They can't very well snoop through your files just because they want to.
And what about the people who never go out and have fun. looking at the GGP, consider the guy who doesn't even go to a BBQ - what's wrong with him?
Yeah, don't drink, don't smoke, what do you do? No booze to me means someone's a dry drunk or a bit too straight laced. you don't need to be a drunk, but enjoy something like booze once in a while.
That isn't an urban legend, it's something that high school students do from time to time.
meh, a 25 year old conviction for something unrelated to network security. In a lot of countries, the cops wouldn't even release that info.
i hear Jeff Goldblum can do that with only one passive sensing point AND call it triangulation at the same time!
I can do that and I'm not even a cable repairman. All you have to do is assume it's stationary and move the receiver a couple times. It's a freaking cell phone - how fast can his ex wife walk, anyway?
Not wanting to hire a second admin is not the same as wanting only one person on earth to know the passwords. A responsible admin would at least have a safe with the passwords in it so that if they were hit by a bus a decent locksmith could get to the passwords...
Not if he didn't trust anyone else at his job to respect the protocol. He pulled all control to himself with management's blessing, then they fired him when he refused some random auditor's request for full access. Before asking for the passwords themselves.
Since when would a recovery doc include passwords?
This points to mgmt's general resistance to anything that would improve the situation. If there was a #2 that was trustworthy, presumably he'd know some of the passwords.
Business prefers brilliant people who aren't off-the-wall. Because then shit like this doesn't happen in their yard.
You won't find that caliber of network engineer that's not a bit off; also, if you've been paying attention, this shit happened due to management's active refusal to improve processes and hire people who know what they're doing.
Ahh accessing the network in an unapproved fashion from a remote location... wrong for so many reasons..
How would you know - there were no written procedures.
I don't think when they asked him to lock down the network they wanted a single point of failure so that if he were hit by a street car they would have to build everything over again.
Yes they did - they refused for years to hire a second person who could share the job with him and refused to document recovery procedures.
Well they 'sort' of found it I do not believe they have physically located it yet.
it's not that hard to locate a wired in device, especially something like this.
I'm sure he was breaking many documented security rules in doing so
I doubt it; from what we've learned, there wasn't much in the way of documented security rules.
The issue is what was the TS doing?
Allowing him to fix things from home, most likely.
the guy has a hidden criminal record, brought in a device of his own and put it on the network and locked down the existing infrastructure so that he and he alone held the keys
What's his hidden criminal record? Also, the whole locking things down was known and approved for more than a year - he didn't exactly sneak around.
Ah, so they did find it. Consider that the management is thoroughly inept - what are the odds that this is something he brought from home to allow him to do his job? Besides, it's a TS - replace it with one from newegg if you care so much.
1) He placed a rouge device (his personal property) on the SF network
If they can't even find it, how do you know it's his?
What criminal history? He hasn't been convicted of anything, and probably won't be.
If you had your license suspended, it would take hours to get that information to all the other cops, and you could keep driving without penalty.
You can anyway - they need PC in order to pull you over and run your license. Anyway, all of your examples miss the mark; your ATM doesn't need to be sitting on the internet (probably doesn't). It needs a network connection, but that's covered with VPN type tech or a private network. The cost angle needs to be weighed against the risk of doing things on the cheap - no need for direct access, at least not naked access.
that's why we have these things called vpns.
what do you think is going to happen there? It's not like this is at all legal.
Too bad the most popular beer here is crap like Bud.
And what about the common case where the AC is set wrong? The whole cold room/hot room thing is so common it's hardly worth mentioning.
The absolute, positive biggest challenge I face isn't the contractors, or suppliers, or the local government - it's the end users (IT included) that simply CANNOT accept when they don't get things their way.
Too bad you don't get your way - try working in a screwed up place where the lights shut off whenever the sensor thinks nobody's there - sort of distracting.
I've had VP's in a tizzy over the fact that they had to tell their people they could not bring their fans, space heaters, and coffee makers to the new buildings and plug them into their cubicles.
So add a coffee maker spot in the kitchen and fix the AC - space heaters are a symptom of a bigger problem.
Openable windows? They will STAY open
Damn straight. I like my fresh air.
200 of that is the monitors if they're like my samsungs.
New Belgium, imo the best brewing company in the Unites States
What about Rogue, Dogfish Head, or Red Hook? Lots of great beer in the US.
Most cheap ass computers comes with power supplies going at full capacity + cheap screens will likely send your power usage above the 300W, doing that 8 hours a day from home is far from negligible.
You'll find that most computers draw about 100W while working, and displays generally power down to 5W or less when left alone. Don't believe me? use killawatt or an ammeter and check it out yourself.
great, now I'll need to flap my arms every 5 minutes in my office.