Disgruntled Engineer Hijacks San Francisco's Computer System 1082
ceswiedler writes "A disgruntled software engineer has hijacked San Francisco's new multimillion-dollar municipal computer system. When the Department of Technology tried to fire him, he disabled all administrative passwords other than his own. He was taken into custody but has so far refused to provide the password, and the department has yet to regain admin access on their own. They're worried that he or an associate might be able to destroy hundreds of thousands of sensitive documents, including emails, payroll information, and law enforcement documents."
I had a dream... (Score:3, Interesting)
Got to love damage assessments (Score:5, Interesting)
Especially when it makes a crime a Felony. That is one of the four felonies charged to him. The other three are all related to tampering with a computer network.
While this guy is obviously an idiot for thinking he could blackmail a government entity I am quite pleased the security on the system is sufficient to make it hard to get into when strong security is put into place. In other words, nothing annoys me more than so called secured systems having some means of password decryption, let alone the ones that allow admins to see them plain text.
what is going to interest me is how many years they will attempt to land on him. Just how offensive to society is this type of crime versus murder or rape. It seems that every new crime invented by the government gets stronger penalties than existing ones; if only to make it appear more valid. After all the penalty wouldn't be so severe if it were not really a crime now would it?
Apparently they dont have other competent engineer (Score:3, Interesting)
Re:Got to love damage assessments (Score:5, Interesting)
Re:Welcome to Information Terrorism (Score:3, Interesting)
He would have snapped either way, they should be thankful he did not do more damage.
No matter what you do, you can't stop stupidity, madness, hatred and malice. If someone is clever enough or in a position of trust, as inevitably someone has to be, this can happen and you can't always predict it. So the problem is not that a disgruntled employee pulled the plug, but that appropriate checks and balances were not in place. If they were, no individual at all would have been given that sort of power. For a single person to bring down a system is the system's fault.
Re:A San Francisco public employee? (Score:1, Interesting)
Well, he's on 150K+ and he's pissing around laying booby traps for his employer. That doesn't sound like a very well-adjusted fellow to me. I find it very irritating that amongst computer professionals, being an antisocial jerk is all too often treated as a badge of honour and expected qualification, rather than the enormous character flaw that it is.
Re:This is why... (Score:4, Interesting)
fedex it. nothing at workplace is private from employer.
Re:Just hack *his* hack (Score:4, Interesting)
Re:This is why... (Score:2, Interesting)
Private as in privacy, no. But private as in private property? Yes. If they don't allow someone to gather their things before they leave they could be looking at serious legal troubles.
This is not new (Score:4, Interesting)
Been around since the time of Juvenal's Satires (which would be the third or fourth century AD, I think, unless someone wants to look it up and correct me).
Think for a moment. If you are a senior IT administrator or a senior programmer, unless you're in a very rigorous environment, your actions are most likely not subject to peer review. No-one has time. Right?
How many times do we see the argument "it's open source, anyone can read the code" immediately presented with "but who does"? Now consider that there are millions of people using Linux who potentially could read the code and who are likely working with it because they have a personal passion; but a handful of people who potentially could review your work, but are unlikely to have any deep yearning to do so because, well, they've got their own work to do.
In this kind of situation, you either have to have a mandated peer review regime (time consuming and expensive) or an independent audit (ditto). Both of these are, for reasons of practicality, likely to hit only subsections of what needs to be reviewed.
It's a trust thing. If you can trust your admins. And if you can't...well, who admins the admins?
Technologists Unite!! (Score:4, Interesting)
None of us know all the facts of the situation, but I think it's pretty obvious that this guy was just trying to maintain his livelyhood through a misguided attempt at job security. If we had an IT Union looking out for our careers that gave us some sort of protection against the arbitrary whims of upper-management, then maybe this wouldn't have happened.
As for the idea that the guy might have shared his password with some unscrupulous feind... how many of you, had you actually been given admin access to SAN FRANSISCO would really share that password with anyone? Drastic, misguided, sure... but stupid? Come on, there had to be a reason he got the job in the first place.
Re:I had a dream... (Score:5, Interesting)
Talking of what people want to do to their employer... There was this large semi state-owned telecomms company (and a much-hated monopoly for very long in our dear country) that I contracted at. This happened after I moved to another job, but I still had contact with a lot of ex-coworkers. Allegedly a middle management type was sacked, and a few days afterwards he came in again (no idea how he got past various access controls) to (literally) make a stink: he had several shopping bags containing excrement (human, apparently, though it probably was not all his own), which he managed to smear across his own as well as his ex-boss' desk and office wall before being apprehended. Now the office building was one of these modern new agey glass and concrete monstrosities and consisted of 4 floors of open plan desks, with a large opening down the center the same shape and size as the huge lobby and indoor garden on the ground floor - thus no way to contain the "spill".
Apparently, this is one of the more widespread fantasies employees at that place have.
Not to give anyone any ideas or anything....
Re:Countdown... (Score:3, Interesting)
How about they charge him with terrorism? Doesn't seem so far fetched, given we're talking about an entire city's systems. Who wants to bet this is at least being considered? If anything, they may dangle the possibility in front of his face to make him cave.
Comment removed (Score:4, Interesting)
I did it too, on a smaller scale (Score:5, Interesting)
I didn't actually intend to. This was about 15 years ago. I got hired to take care of payroll at a warehouse, which was a completely paper-based process. I suggested that I could transfer the whole operation onto a computer and be more efficient. They said go ahead, but for security be sure to password protect it.
It ended up taking me only a couple of hours to do what had been an all-day job, and naively I told them this and suggested that there were other areas of operation in the plant I could similarly improve. Instead, the next day they canned me - they wouldn't say why, only "It just isn't working out."
The day after that I was glumly poking through the classifieds when I got the call
"Hi, how are you doing?"
"Well, I'm unemployed. That doesn't help."
"Ah, yes... well. Say, you know your payroll system? It's password protected."
"Yes, I know. You asked me to do that." A little bubble of joy started in my chest.
"Well, could you tell me what the password is?"
"I could... but I don't work for you any more, do I?" Then I hung up.
Oh, all the raw data was still available on paper, but I'll bet it took them weeks to straighten it all out completely.
Re:I had a dream... (Score:5, Interesting)
Re:This is why... (Score:3, Interesting)
You can never really take away access once somebody has it at that level in a large and complex system.
Motive and Salary (Score:5, Interesting)
Seems kind of funny that the article reports the DA is "tightlipped" about his motive. Makes me wonder if he is 'disgruntled' for a reason that would embarrass the agency if it got out.
Also pretty funny that they go into great detail about his salary, which seems kind of low to me for the area or at least average. Sounds like they are trying to make him seem unsympathetic in the public eye.
Re:This is why... (Score:5, Interesting)
The employee is usually taken to one of the front meeting rooms under the pretense of an "important staff meeting". As soon as they leave their desk, someone swoops in and piles everything not owned by the company into a box, and takes it to reception. The employee gets their dismissal meeting from their direct boss with someone from HR present, and then they're taken to reception, given their box of stuff, and told to GTFO.
Network Operations gets the call to reset the ex-employee's password so they can't get in through the VPN (have to keep their account so someone can answer their email, etc), and work goes on.
The last thing the ex-employee gets to see on the way out is the hot receptionist. Could be worse.
Sorry for posting anonymously, but I don't feel like getting laid off if someone from work happens to recognize my username.
Folks can see the writing on the wall (Score:5, Interesting)
Firing someone for poor performance (as opposed to firing someone for a single unacceptable action) takes time....and MUCH coordination...at least everywhere that I have worked.
In a decently managed environment, the employee knows in advance that his management views his/her performance as unacceptable since the manager has discussed it with the employee and laid out a plan for improvement. Even an average employee could see the writing on the wall weeks/months in advance...but this individual was also using his administrative access to monitor related email messages.
If his group comprised even a moderately-sized MIS group, you could pull his admin responsibilities and transfer him to a role with lesser rights during the period of performance review and monitoring...but this individual was most likely hired to do this very specific job...and there may not have been another position in to which he could transition naturally...even temporarily.
My question - where are the backup tapes? Pull the tapes from a date prior to his manipulation of the system. Presumably, it should not be that long ago if they were ensuring that at least one other admin had routine access to the system. In such a case, they should have known within 24 hours that he had done something. If, on the other hand, he was a one man show, then I think that they are screwed until he gives up his password...which he will. Mark my word.
Re:I had a dream... (Score:3, Interesting)
Yep (Score:4, Interesting)
In this case, it isn't even anything sinister. Basically they get a court order compelling him to give up the password. If he refuses, he's in contempt of court and they'll lock him up until he does. If that's for the rest of his life, well then that's how it goes. He has no grounds at all to challenge such an order so any appeals will get shot down.
Basically they can just keep him in jail until he decides to give up the password. Most likely, this wont' be long at all. Sounds like this guy isn't a hardened criminal, just an asshole with an over inflated sense of self importance. I'm guessing after a few days he'll realise how much this sucks, and his lawyer will explain that he is in fact just going to sit here until he gives it up, and that the ultimate sentence he'll get will only get worse the longer he stonewalls.
Re:I smell a rat (Score:2, Interesting)
Re:Countdown... (Score:2, Interesting)
Unlikely given that he's already committed multiple felonies worthy of setting bail at $5 million.
He's been arrested for multiple felonies. He hasn't been convicted of them. How do you convict someone of computer intrusion when they are, by nature of their job as administrator, supposed to have access to every system. He gave them a password, it just didn't work.
The article is too light on details to really know, but it seems the city has been pWN3D and all they know how to do is lock up the admin and call in some police team to try to brute force the password. It's possible he didn't even do the pWNage. Those machines could be spam blasting zombies as we speak...
Frankly, something in the article smells. One official would only speak anonymously, and the police we're quoted saying that motive wasn't necessarily part of a crime. They also made a point of repeating his salary twice, which I find odd. Sounds fishy.
Re:Read the Article - He wasn't fired. (Score:5, Interesting)
I've seen this sort of problem...it's really deadly. If you have somebody who has the keys to the entire computer system, is fully willing to snoop into people's personal data, and also is willing to really do some nasty things, you're in a bad situation. If you're going to fire him, do it fast and without warning...he absolutely can't know it's coming. With someone like that, you can't even discuss the issue via email with any other colleagues (i.e., he's probably reading your emails quite regularly).
If he has any time to stew about things, then odds are he'll setup a variety of back-doors or other ways he can royally mess things up. In the situation I've seen, the boss knew the sysadmin was screwing around...though there was no hard proof, the sysadmin also knew that he was essentially caught. But in his position, he basically had the office by the balls. It's a stalemate...unless you're willing to dump the guy and completely sanitize/overhaul anything he's touched on the network. And of course, who knows how much personal data he's copied off-site in the meantime.
Gotta post as A/C for this one...
Re:This is why... (Score:5, Interesting)
He's a municipal employee. I don't know about San Francisco, but where I live, state or local government employee means union member, which in turn means he's very difficult to fire, except for the most egregious offenses. He's probably had an extensive disciplinary history to reach this point, which means he had ample time to see it coming and set this all up in advance.
Re:Not on any Linux system (Score:4, Interesting)
Pfft. That's irrelevant if you've got physical access. You'd either pull the drive in question and attach to another operational machine, then change /etc/shadow, or you boot from a LiveCD and do the same.
I'd assume there are other layers of security, though (poss. including encryption), and TFA doesn't say what operating system it runs on.
Re:Just hack *his* hack (Score:3, Interesting)
No, it's not. There are other things you need to do as well; just changing passwords won't cut it.
Every unix system can be brought up in single user mode; single user mode means no networks, no logins, no security, no passwords. That takes care of any password problems, and you can simply edit the passwd file to remove the bad root password, and you're in.
Basically you have to encrypt the system or somehow keep the owners from gaining physical access to the machine. Encryption is the only likely way, imho.
Re:Just hack *his* hack (Score:3, Interesting)
Officials also said they feared that although Childs is in jail, he may have enabled a third party to access the system by telephone or other electronic device and order the destruction of hundreds of thousands of sensitive documents. Authorities have searched Childs' home and car for a device that could be used in such an attack, but so far no such evidence has been found.
So are they looking for a modem or NIC? What kind of "device" would he need to connect?
Re:This is why... (Score:5, Interesting)
I would not be so sure. For it to be theft (in the UK at least) there has to be "an intention to permanently deprive"
Without this it is not theft. This is why someone who takes a car for a joyride is charged with "Taking without the owners consent" and not theft for example.
Therefore if it is not the employers intention to permanently deprive the ex-employee of their possessions then it is not theft, and they are in the clear.
Re:Backups? (Score:5, Interesting)
Typically corrupted data is worse than destroyed data.
At least when the data is gone, the problem is a lot more obvious.
Imagine if the payrolls have been tampered with (payroll files are mentioned in the article) rather than destroyed. And the law (and other) documents have had the word "not" randomly removed in 0.5% of the occurrences
Re:I had a dream... (Score:3, Interesting)
I Whole-heartedly agree.
I'm sure there are a lot of
Re:Backups? (Score:5, Interesting)
If the data is not encrypted it doesn't matter if the SQL DB uses passwords or not. Same for the webserver and other stuff.
I've patched programs stored in a DB without knowing the DB admin password, just by hexediting the DB files. Didn't have to wait for the vendor's developers in the USA to get back to us
As long as you have read access to the unencrypted data you have enough access - even if it means changing the drives and reloading the data.
Just stupid.... (Score:4, Interesting)
I used to work at a bank. I was the "cash control teller" which means that I counted every single cash shipment into and out of the bank branch. Sometimes 1/2 million dollars.
You know what? It isn't worth it. It isn't enough to live a good life on. If you get caught, the benefits do not out weight the risks.
The same thing with this sort of hack. The guy screwed himself. He's ruined and will serve time in prison. "Everyone" (with any skills) knows you can get into any system you can physically touch.
What is he going to get for his trouble? Will they pay him off and set him free? HA! no way. The worst that will happen is that they'll employ someone's 12 year old nephew to crack the system. Pay him off with a couple XBox games or a new PS3.
Re:Read the Article - He wasn't fired. (Score:1, Interesting)
My wife's IT staff at her law firm has been known to do this (scan emails for things about themselves). They have started peppering emails with fake info to see if it can be coaxed back out of the IT staff.
On one occasion it worked.
Re:I bow to his guts (Score:3, Interesting)
Guts? Try foolishness. He might get away with it in a private company, may even have done it in the past.
But, the government is a whole different ballgame. The government can arrest you and put you in prison. In fact, if a judge ordered him to provide the passwords and he refused, he could be found in contempt of court and jailed until he complied.
No, fucking with the government in this manner is not gutsy, it is stupid and shortsighted.
Re:This is why... (Score:5, Interesting)
I'm guessing they are totally incompetent.
I used to work for the State (a very small state) and some dipshit "Security Director" over at the Department of Administration (all our Internet traffic went through there) decided that he didn't like all this traffic coming from my PC to an IP address that matched a "corporate domain name" (it was my own domain, and I'd login to my own webmail.) Basically this guy was (is) paid $150K a year, and all he does is install appliances and watch logs to try and catch people surfing the wrong web pages (he used to be a cop.)
He tried to fire me for "running a business from my desk" which of course I wasn't doing..
Anyways, he sent someone down to my office and they took my PC. Vista x86.
So they couldn't figure out how to login to the machine. The so-called security expert couldn't even create a boot disk or anything to get access. It's not like it was a crazy machine, it was a Dell Precision machine with a SATA RAID card. All they had to do was download the drivers from Dell and make a BartPE or something.
They basically told me that if I didn't give them my password I was fired. I absolutely REFUSED. Never do you ever need to have someone give you their password. A so-called security expert should know this.
So eventually I drove over there, typed in my password for them, and drove back to my office. They didn't find anything, obviously, and I got the machine back completely wiped two weeks later.
So yes, they are DEFINITELY INCOMPETENT! All IT management in state/government agencies are, and most of the people working for them as well. You move up in the government simply by not being fired and putting in more years than the next guy.
Re:Frankly (Score:2, Interesting)
If you consider that radical conservatism ("Let's change NOTHING! Everything must stay as it is, even what's wrong!") is one extreme, and radical progressism ("Let's change EVERYTHING! Nothing must stay as it is, even what works!") is another, then the middle ground between these two conflicting positions is precisely keeping what works and changing what doesn't.
By the way, terms such as "conservative" and "progressive" are relative. When a progressive manages to change something, he then switches from the "changing mindset" to one of keeping things are they have become. The old conservative, on the other hand, is now the one pursuing changes to the (new) status quo. What this means, in the end, is that every conservative is a progressive, and every progressive is a conservative, and you're one or the other accidentally, not essentially.
Matter for thought, eh? :-)
Re:This is why... (Score:3, Interesting)
It's going to be hard to prove that someone was a "threat" simply because you have fired them. Unless they are displaying aggressive tendencies or what not, then saying "we considered them a threat" is NOT likely to hold up at all in court. Besides if it's that important simply have security there while they gather their things.
Re:I bow to his guts (Score:3, Interesting)
Here's the simple solution to avoid this issue:
1) VPN access needs to be locked down tight, preferably admins should only be able to access company servers from static IPs. (they can access user level resources from anywhere using a different account name) It's a pain, but in a large firm with multiple admins, the ones on call should be typically at home. Other admins can update the IP list if needed.
2) A master account should be created, with a password given in pieces to more than 1 person. Use a script, hidden somewhere in the system, that automatically resets this password once every hour or so. If some disgruntled admin changes it, it would reset itself soon enough. This script should be read only even to admins, so no one has permission to modify it. (the password file it uses should be accessible to the execs given parts of the password) It's not a perfect system, but it's pretty strong.
3) each admin gets 2 accounts: an admin account and a user account. As much as is possible should be done as a user. Admins should never, under penalty of immediate termination, share their login credentials with another admin or user. (there should be no need if everyone has their own)
4) login permission systems (Active directory, e-directory, whatever) need to be backed up daily to more than 1 location, and those files created should be read-only even to admins.
When firing a technician, have someone logged in and working to disable the terminated admin's permissions at the same time he's being called in to HR to be fired. Terminate all sessions using his user name and make all other admins immediately reset their own passwords. Lock out the VPN account as well.
Obviously in a small company with only 1 admin, this is nearly impossible. In that case, meticulous care in the backs is important (including getting rid of all tape based backup systems as they're easy to destroy) Also, meticulous care in the hiring process (and then continual treatment of the IT person) is critical. In general however, if you only have 1 IT person, it's usually better (and cheaper) to outsource.
Re:I did it too, on a smaller scale (Score:2, Interesting)
Something similar here. I had spent a LOT of time translating a paper based estimating system to Excel spreadsheets while working as seconded staff to a powerplant (I wore the Owner's hardhat, but my paychecks were from a contractor). I was unceremoniously relieved of my responsibilities, which were given to an incompetent who worked for the Owner. So I copied all of my work product onto disks, proceeded to scrub my desktop and network share of any evidence that I was anywhere near the place, and then handed the disks to my *employer* - the one who signed the paychecks, not the one whose hat I wore.
Fast forward 6 months, and I get a call from the contractor. "Say, do you have copies of the files you were working on?"
"Lemme check...nope, can't find them. Why?"
"Well, the Owner can't seem to find any of your stuff."
"That's because I scrubbed it and gave copies to my employer, aka you."
"Why'd you do that?!"
"You do remember the circumstances of my termination, do you not?"
"Oh, yeah. Well, who exactly did you give it to?"
"I gave them to you, personally - it was a stack of disks"
"Ohhhh - I lost them"
"Can't help you then"
What pissed me off is that I really would have sent him copies, but I had either forgotten to make personal backups or lost the disks as well.
Re:ha (Score:3, Interesting)
i know this is /. but straight from TFA, one of his supervisors tried to get the guy canned, and Failed, from there on, he had a couple weeks with his usual permissions, and he set up a program to check what people were reporting about him, as well as set (obviously) a time bomb that would only go off if he didn't have access to reset the time bomb that would make him the only guy with a working password.
I think ironically, that someone working there, Disabled his Password (he reportedly gave one to police) then his time bomb went off leaving the system with NO passwords at all,
and to compound things, they've been using the system 'as-is' because they need it desperately, to do daily jobs. what's going to happen when they find out the whole setup was left password less, the past month of data encrypted and irretrievable, and the only way for admins to work on it is by losing a months worth of data?
and here's the thing, TFA is completely tainted with 'worst case scenarios' they totally assume he gave them wrong passwords (ignoring the fact that it might have been a 'time bomb' leaving the system password less) and also assume that he might have given people on the outside access to the system, with no proof... they also think he has it set so he can destroy data with a cell phone, i mean come on, get real he had like a week or two to plan this from when his supervisor tried to fire him, until they finally fired him..
IMO this guy had a personal disagreement with his manager, and was fired because that guy was working full time trying to find a way to fire someone he disliked.. considering he earned an extra 30k as a trouble shooter and was able to pull off a time bomb, i'm sure he knew what he was doing with technology...
Re:Backups? (Score:4, Interesting)
Very likely correct- in which case I say, given the number of KNOWLEDGEABLE people who are out of work right now, the politicians get what they deserve for their stupidity.
This is the reason why you need leaders who know more than the people they are leading. Or at the very least, leaders who know not to kill the golden goose.
Re:I did it too, on a smaller scale (Score:3, Interesting)
I have a similar story from back in the early 80's, and I still laugh about it. I was a network admin for a very-small (4 PC) business. I also did other work for them. Short story is one day I left because they owed me overtime and refused to pay. I wrote down all the passwords on a piece of paper before I left. What can I say, I'm a boy scout. On top of this, I was making nothing (about $6/hour).
Two days later, their lawyer calls me. I knew him because my boss was suing his sons for copyright infringement and he was around a lot. Long story, gold-digger new wife half his age involved.
Lawyer: We need you to come back and show us how to use the passwords.
Me: Sure, that'll be $25/hr.
Lawyer: Well, that sounds fair, let me get back to you.
A couple days later, same lawyer.
Lawyer: We need you to come and fix the system you intentionally broke before you left. We'll pay you the $6/hr you were making when you worked for us.
Me: Broke? Nah, you just don't have anyone else that knows about PC's and the boss is too stingy to hire someone. Let me guess the quote was high?
Lawyer: Yes. But you really need to help them out.
Me: Sure, if they pay me the back-overtime plus $50/hour. Also, the boss can't be there. I'll show anyone he wants how to login to the network and database.
Lawyer: Let me get back to you.
A couple days later, you guessed it.
Lawyer: If you don't arrive at the office in 2 days we're filing suit against you.
Me: Go ahead. Oh, and by the way, the price is $250/hr now, about what you make right?
The office manager had the hots for me, so I was getting the inside scoop during the whole incident. They also never lost the paper but really didn't know how to login to Novell and the database. I found out they hired a 'consultant' that charged them $150/hr to reset the passwords. It's funny that he worked 40 hours to reset 3 passwords, 1 Novell, 1 PC, and 1 database, when they were written down in front of him. It's a shame when they just owed me $4000 in overtime, they instead paid some con-man $6000 to do 10 minutes of work. Oh, and the problem with the overtime is that they said it was a verbal agreement (with the gold-digger wife) and the boss never agreed to pay me overtime. The only good thing to come out of here is that I learned to require a signed piece of paper if you want me to do something.
Oh, and the lawsuit...well, my cousin (a lawyer) sent a nicely worded letter to the lawyer and the lawsuit never happened. Come to think of it, the lawyer made out quite nicely too with that incident.
Although, as an ethical IT guy, I would never purposely harm a computer system or network. I just think about what would happen if someone left me in that pickle and how I would feel about cleaning up the mess.
-D
Re:Unstable (Score:3, Interesting)
The project was successful and in retrospect making the backups kept me sane and kept the pressure off of him that he would feel if I was nervous or watching him too closely.
So, it sounds like his "instability" might have been entirely a figment of your imagination?
Not disgruntled, a big loser (Score:3, Interesting)
If you're making $150K/yr remotely from Pittsburgh you have no right to be disgruntled. It sounded like a sweet deal, I don't really care what kind of assholes you have to deal with at work. You make a decent living and it doesn't sound like it was very hard work. Especially if he had time to stage a monitoring system and hijack the entire network.
As someone who lives in the Bay Area I am insulted that we will have to incur this additional expense because some whiny baby was unhappy with his posh job.
Re:Unstable (Score:4, Interesting)
I will try not to be defensive... this episode took place over 25 years ago so all feelings and facts are not crystal clear any longer.
He received a big promotion into the mainstream MIS division of our company (multi-national) after the successful worldwide implementation of the software. This was a low budget, high visibility project we did and together he and I pulled it off.
Six months later he was escorted to the door with a police escort because of the MIS manager feared his retribution when he was let go.
He was super skilled, very smart and self taught but was a loose cannon at the same time.
I knew he was unstable to a degree... I was simply unsure to what degree and gave him the benefit of the doubt. I'm sure the pressure of the project added to it as well.
When does being a little different from mainstream turn into a disgruntled Engineer hijacking a system?
Sometimes that line is very fine. If the SF employee was handle a little differently by management/HR perhaps the system would not be hijacked nor would jail time be involved.
Making the backups was my way of cooling the situation. If he did tip then nothing was lost except his future valuable service and if he did not tip then nothing was lost either. It was purely insurance against what seemed to be a shaky situation.
What amount was a figment of my imagination?
Probably more than I would like to admit but I was supervising (via team leaders) about 30 individuals at the time and he was the only one I felt this way about.
Thanks for asking that question and giving me the chance to re-examine my feelings, thoughts and reflections.
Re:This is why... (Score:3, Interesting)
In any workplace, the employer has a right to search through your stuff to ensure you are not removing confidential work data. This means that if you have a usb drive, paperwork, etc. they can hold those items until they can verify they are 'clean'.
That's usually a stipulation of an employment contract however. When one is fired, that contract is terminated. As such, regardless of if it's on their property, they have no legal right to examine or interfere with one's personal possessions in any way. I think you're interpreting the "rights" of employers a little too broadly. It's not like they're their own miniature police force inside that building. They can fire you if they like, but if they hold your property it could very easily be considered theft. It's also going to be EXTREMELY hard to prove that they had just cause to immediately remove you from the property rather than to simply have a security guard and/or your former supervisor be present when you are removing your possessions from your office.
Re:Unstable (Score:3, Interesting)
I notice you didn't mention one crucial step: talking to the employee. I wonder what his take on the situation was?
Most software developers are going to get invested in and protective of the systems they work on. In large part that's because they're proud of their work. It's also because they are the ones on the hook when things go south, regardless of who caused it. I don't know how often I've had this scenario play out:
Boss: "Can we do $X?"
Me: "Yes, we can. We'll need to approach it this way."
Boss: "We don't to do it that way. Can we do it this other way instead?"
Me: "Well, we can, but that's going straight against the way the system was designed to work. It'll be a kludge, and it'll make doing $Y all but impossible."
Boss: "We aren't going to have to worry about $Y. Just do it."
Me: "OK, but for the record I think it's a bad idea."
Six months after $X goes live the way the boss wants:
Boss: "Can we do $Y?" Me: "Afraid not, not without a major reworking of the system. Remember we discussed this back when we were implementing $X, I told you that doing it the way you wanted it done would make doing $Y all but impossible?"
Boss: "WHAT! Why in blazes did you do it that way?! You knew we were going to do $Y! You incompetent idiot!"
Me: "... *sigh*"
After a few rounds like that, I get overly protective of the system design because the only way I know of to prevent that scenario is to stop it before it starts. And in at least one case it's resulted in me handing in my 2-weeks' notice to preserve my sanity.
Re:This is why... (Score:2, Interesting)
This [mediamatters.org] was fun to watch unfold, first-hand. All of the systems designed and implemented by Accenture for the Colorado State Government were faulty. Every single one. Yet they kept getting contracts. No one even bothered to Google the company, they just bid low, said they could do it, and no one checked up on 'em until the systems started breaking. And I don't mean breaking like a small problem here, small problem there...the Dept. of Revenue computers (Dept. of A, T & F computers, DMV computers, tax computers, unemployment benefit computers, dept. of labor computers) would shut down and wouldn't fully come back on and be ready to use for a day or two at a time once or twice a month. Servers and workstations, just shutting down all over the place, for no discernible (at least by someone like me) reason. The computers in my office would shut down and I'd check cables 'n stuff and then call the IT dept. (the phone system is and always has been ok, at least) and you could feel the rage and shame oozing through the phone when the guy would say he didn't know what was wrong...the computer systems from Accenture came without usable documentation and without support agreements. Then I'd just tell everyone that we were getting another paid two-day break (union). Good times.
The perfect litmus test (Score:5, Interesting)
Actually, this is the perfect way to test the strength of symmetric encryption algorithms. For those cryptographers with tin-foil hats (http://www.schneier.com/essay-198.html), seeing how long it will take for various three lettered agencies to recover the data will illuminate a previously dark room containing the question, "How safe is your data really?" It seems to me that this guy is doing the whole cryptography community a favor.
Re:Backups? (Score:5, Interesting)
Nope. It's always backed up and the roads have lots of bumps and a few potholes.
Do you have electricity in your home?
Yes, at outrageous rates to California's energy policies.
Are you being raided by armed bandits?
No, but I don't need a police force for that. Just a gun. Except the SF doesn't want you to be able to have a gun.
what about clean water, can you drink the water coming out of your faucet?
I can't really comment on the water in SF--but if the city wasn't providing it, I'm sure the people could figure *something* out. And their solution would probably be cheaper.
What about the mail, is it being delivered?
FedEx, and UPS both courier mail across town and across the country. You can even pay bike messengers to deliver stuff.
You know--it's really amazing just how many solutions there are that don't end with "we need the government to do X"
Re:ha (Score:3, Interesting)
IMO this guy had a personal disagreement with his manager, and was fired because that guy was working full time trying to find a way to fire someone he disliked.. considering he earned an extra 30k as a trouble shooter and was able to pull off a time bomb, i'm sure he knew what he was doing with technology...
Been there, done that... well, without the sabotage. I fought back, and managed to stave off being fired for about a year or so, but once I realized my boss was going to do anything and everything to get me fired? I pretty much worked on Wikipedia the rest of my time there. I tried to do real work, but his restrictions, deadlines, and everything simply made doing real work intractable.
I'm supposing that he and the company I worked for are better off that it never came to my mind to sabotage anything... they treated me like crap, abused me every way possible, blamed me for every mistake. While I had complained about his behavior, the company's investigation came up with, I was told, "absolutely nothing". Then they offered me money in exchange for giving up all my grievances against them.
I think they were most afraid that I could start a suit, then request all my records for disclosure, and it didn't look pretty. I can't imagine a jury in the world, who would listen to my story and not side with me.
This whole experience has shown me the benefits of a union, because when the whole company gets turned against you, there's nothing you can do inside the company to have your concerns actually considered... those "impartial investigators"? Yeah, no... they're being paid by the company. If they tell the employee that the company was liable for something, then that employee goes off and sues the company.
Feel glad when you're on the good side of a company you work for... I've been on the other side, and it was the worst time of my life.
Re:Backups? (Score:4, Interesting)
Are your roads in order - no
is the traffic calm and orderly - no
Do you have electricity in your home - yes, but it is provided by a private company, not the government
what about clean water, can you drink the water coming out of your faucet - sometimes. Again, it is provided by a private company, not the government
What about the mail, is it being delivered - sometimes, when I moan enough.
Re:Backups? (Score:3, Interesting)
Pretty much all Unix systems are hackable with local access.
Any system is hackable with local access.
This is an amazing situation. First:
Childs, according to payroll records, earned $126,735 in base pay in 2007 and additional premium pay of $22,534, for a total of $149,269. Vinson said the extra money was apparently compensation for being on-call as a trouble-shooter.
That's good pay, especially since he apparently lives in Pittsburg. Second:
Childs has worked for the city for about five years. One official with knowledge of the case said he had been disciplined on the job in recent months for poor performance and that his supervisors had tried to fire him.
What on earth constitutes "poor performance" in an IT department in the government that it is too clueless to be able to bottle him up when they are considering firing him?
I have lots of questions about this case ...
Re:Backups? (Score:2, Interesting)
Demonstratably false and demonstratably silly.
I will present, for your perusal, two cases:
My Laptop: Uses TrueCrypt whole disk encryption. Upon boot, the MBR asks for a password. Give it anything but the correct password and it wont boot. Put the drive in another computer, it wont boot. Mount the drive from a LiveCD, it'll look like a stream of randomness. Take the drive down to someone with an electron microscope and have them look at the platters... it'll look like randomness. There is no bypass. There is no way to boot that will allow you to reset this password.
Simply put, you cannot access the data on the hard-drive without the password or the ability to brute force a lot of pretty serious encryption. Your assertion is false.
My File Server: In many cases, it's not just booting the OS itself and access the drives that is the difficulty - you also need the ability to access some of the data and applications once the OS is booted.
My fileserver contains a 20GB file initialized to random data and encrypted with a key (A). There is a USB drive in the computer that is fully encrypted with another key (B). Key A is placed on the USB drive, which requires key B to access. Key B is stored offsite on a server in another country encrypted with symmetric algorithm. Every day at a specific time, the offsite server places another layer of encryption on key B by generating a random key. It notifies my file server of this key, which then stores it. The offsite server does not store this key.
When my fileserver wishes to mount the encrypted file, it requests the encrypted key (B) from the offsite server, and then decryptes it with the locally stored key to it. Once it has key B decrypted (all done in RAM), it mounts the flash drive, uses the key on the flash drive to mount the encrypted file then clears all keys from memory and dismounts the flash drive.
So, the net effect is that in order to get access to the encrypted file, the USB key must be plugged into the computer, and the file server must have a full list of keys for the remote server. If my file server goes offline or changes address or anything for one day, the partition becomes virtually inaccessible to all involved (I have a backup key hidden.)
In either case, there's no way to get at SHIT without already having access or some really fucking powerful computers to brute force it all.
Cheers,
Adam