back to article Funnily enough, no, IT admins who trash biz machines can't claim they had permission

In a not particularly surprising decision, the Fifth Circuit Court of Appeals in New Orleans, USA, this week ruled that Michael Thomas, in his former role as IT operations manager for web hosting biz ClickMotive, was not authorized to trash company files and infrastructure as he claimed. Upset that a friend had been fired from …

  1. Anonymous Coward
    Anonymous Coward

    This man is obviously a psychotic

    And although I hate to judge before all the facts are in, it's beginning to look like Mr Thomas exceeded his authority...

    1. matchbx
      Facepalm

      Re: This man is obviously a psychotic

      He was already convicted....

      This was an appeal.

    2. Lysenko

      Re: This man is obviously a psychotic

      The man is obviously an idiot. With his level of access, he could have just leaked remote credentials to certain murky corners of the internet and retained bulletproof deniability while l33+ hax0rz trashed the system for him.

    3. FuzzyWuzzys Silver badge

      Re: This man is obviously a psychotic

      Who the heck downvoted you?!

      I quite agree, it's obvious this Thomas bloke was bonkers. I've got pee'd off at work when things didn't go my way but not for a single split second have I ever considered doing anything to damage a company's systems. It's simply unforgivable. Even as I've been redundant from various jobs I've always worked my hardest up the last day to ensure I left the job knowing I gave my best, my conscience was clear when I walked out.

      There's no excuse for any person to damage company property, physical or virtual. As an IT admin you have been given high level permissions and a high level of trust, at the very least behave like an adult and act responsibly to show you deserved that trust the company put in you.

      1. Aquilus

        Re: This man is obviously a psychotic

        It's alright, I've learned to stop worrying and love the downvotes ;D

        1. Anonymous Coward
          Joke

          Re: This man is obviously a psychotic

          "It's alright, I've learned to stop worrying and love the downvotes ;D"

          One from me.....

          Can I have One?

          Oh hold on ...

          can i av 1?

          (Always helps if upset the grammer nazis as well)

      2. Lysenko

        Re: This man is obviously a psychotic

        I think at least some of these cases can be explained by a little rephrasing:

        "There's no excuse for any employer to damage an employee's livelihood, either directly or in terms of agreed benefits. As an employer, you have been given a great deal of power and a high level of dedication, at the very least show a reciprocal degree of loyalty to show you deserved that trust the employees placed in you."

        Years of treating people as "Human Resources" (i.e. objects to be exploited) causes some employees to adopt the same mindset. From this point of view, the employer is simply an ore-bearing seam that the employee mines to extract resources to further overall career objectives. Obviously, you don't deliberately collapse your own mine while it is profiting you, but once it's worked out, all bets are off. You don't show "loyalty" to a hole in the ground. It certainly isn't going to show any to you.

      3. Anonymous South African Coward Silver badge

        Re: This man is obviously a psychotic

        Same here. There were periods when I was p'd off a lot at my work - but I never thought (or considered) thrashing their systems.

        1. Anonymous Coward
          Anonymous Coward

          Re: This man is obviously a psychotic

          When I was made redundant I did consider creating a Windows Service program that would place app_offline.html on the internal web applications that I developed just to "disable" the apps at random intervals, but not damage the applications or data. Just enough to annoy the Hell Desk :)

          The only fix they would need to do is delete the app_offline.html file.

          Never went through with it though.

          Nice to dream :)

      4. Potemkine! Silver badge

        Re: This man is obviously a psychotic

        Even as I've been redundant from various jobs I've always worked my hardest up the last day to ensure I left the job knowing I gave my best, my conscience was clear when I walked out.

        Even if I object to Mr Thomas actions, I wouldn't be glad either to provide lubricant lube for free before being fist fucked to the elbow... As Mr Kant said, "Wer sich zum Wurm macht, kann nachher nicht klagen, wenn er mit Füßen getreten wird." . A company treating me like a disposable item cannot expect the best from me.

    4. Pen-y-gors Silver badge

      Re: This man is obviously a psychotic

      Dunno about psychotic, but clearly guilty as hell of something. I question though, whether he's guilty as charged:

      The CFAA criminalizes anyone who "knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer."

      It is very clear to me that that law is specifically written to deal with malware. It would be really stretching things to say that typing "rm -r backups" into the command console is really 'transmission'.

      1. Sparkypatrick

        Re: This man is obviously a psychotic

        "knowingly causes the transmission of a...command"

        It's no stretch at all. Typing a command into a console session is exactly transmission of the command.

        The legislation is not specific to malware. It explicitly includes the type of activity he engaged in. The basis of his attempted appeal was that the consent given by his employers to access their systems in the normal course of his duties extended to his acts of sabotage.

        Common sense tells us that this is nonsense and his own admissions suggest that he understood that he did not have permission to do what he did.

        1. JLV Silver badge

          Re: This man is obviously a psychotic

          How about applying another common sense metric too - would a knowledgeable person acting on his employer's behalf have approved of his actions? or did he feel a need to conceal them?

  2. Anonymous Coward
    Anonymous Coward

    Mind you, any internet company with "click" in its name is better off kicked on its arse.

    1. JLV Silver badge

      Double-kicked, even.

  3. Anonymous Coward
    Anonymous Coward

    Should have...

    ... had a backup!

    Oh wait, he deleted 625 backups?

    Darn should have had 1250 backups!

  4. bombastic bob Silver badge
    Devil

    If it had been the 9th circus court...

    If it had been the 9th circus court (San Francisco) he'd have succeeded in his appeal... because SOME of these activist judges [which infest the 9th circus court] would actually GO with something stupid like this.

    (So yeah, I'm glad the appeal attempt failed)

    criminals are idiots, and APPARENTLY believe the rest of us are the same way. And it wouldn't be the first time someone with a criminal mindset would try to wrap the world around his finger and manipulate like that.

    when I was in Jr. High there was this one THUG [a short kid with a mean attitude and 2 oversized 'not so smart' goons following him everywhere] had the school counselor MANIPULATED around his finger, because the school counselor was a touchy-feely-liberal of the 70's, who FELT everything (instead of thinking) and wanted to UNDERSTAND the thugs, and not EXPEL them. Predictable things followed, and that included the involvement of the police. [the cops fixed it]

    1. Anonymous Coward
      Anonymous Coward

      Re: If it had been the 9th circus court...

      Whereas Bob would of preferred to carry gun in and shoot that little commie.

      Bomb the bastards!

    2. Naselus

      Re: If it had been the 9th circus court...

      "when I was in Jr. High there was this one THUG [a short kid with a mean attitude and 2 oversized 'not so smart' goons following him everywhere] had the school counselor MANIPULATED around his finger, because the school counselor was a touchy-feely-liberal of the 70's, who FELT everything (instead of thinking) and wanted to UNDERSTAND the thugs, and not EXPEL them. Predictable things followed, and that included the involvement of the police. [the cops fixed it]"

      I think bringing this up here probably explains everything we've ever wondered about Bob.

      1. chr0m4t1c

        Re: If it had been the 9th circus court...

        >I think bringing this up here probably explains everything we've ever wondered about Bob.

        I still want to know if Bob is the short kid or one of the thugs.

        1. 's water music Silver badge

          Re: If it had been the 9th circus court...

          >I think bringing this up here probably explains everything we've ever wondered about Bob.

          I still want to know if Bob is the short kid or one of the thugs.

          Maybe he was the counsellor and this event was what set the course of his Picklesish political arc

          1. A. Coatsworth
            Trollface

            Re: If it had been the 9th circus court...

            >I think bringing this up here probably explains everything we've ever wondered about Bob.

            Close but not CIGAR. It still FAILS to account for the RANDOM failures with HIS caps lock key

        2. bombastic bob Silver badge
          Devil

          Re: If it had been the 9th circus court...

          I'm the one that caused the cops to become involved.

    3. Steve Knox Silver badge
      Thumb Up

      Re: If it had been the 9th circus court...

      I have to agree with BOB here. There IS a very real threat form all of the loony left activist judges here in America. We ABSOLUTELY need more Trump appointees like Matthew Petersen. So what if he can't answer a few INSANE questions about law topics -- I couldn't answer those.

      HIS opinions are shared by many others here too. Fill those POSTS quickly, Trump! Many Americans ARE counting on you to counter the DISGUSTING tide of liberalism!

      1. JEDIDIAH
        Linux

        Re: If it had been the 9th circus court...

        It's simply not the role of judges (at any level) to inject their personal politics into their decisions. They are there to apply and interpret the law. They should be as close to "justice machines" as possible.

        They should even resist the temptation to bend to public opinion and the mob.

  5. DNTP

    I've, umm... done most of that stuff

    at one point or another in my career. Deleted backups and reformatted drives. Disabled backup mechanisms. Not told users stuff behind the scenes was going horribly wrong. I don't think I've ever forwarded my boss' email without him knowing though.

    All of that, however, was done incidentally to somewhat proper IT activities.

    1. usbac

      Re: I've, umm... done most of that stuff

      Same here!

      This brings up a really big question. I've done all of these things. I think, even forwarding the boss's email somewhere else. All done legitimately, as part of doing my job.

      Where does the line exist? Do I need to get written permission every time I delete a backup. Format a server? Change contact info with one of our cloud provides? Since I haven't been expressly given permission to do these things, am I breaking the law each time? It sort of opens a can of worms, doesn't it?

      1. kain preacher Silver badge

        Re: I've, umm... done most of that stuff

        Are you trying trash the sever ? if no then you are OK.

        1. Bob Dole (tm)

          Re: I've, umm... done most of that stuff

          Are you trying trash the sever ? if no then you are OK.

          But... what about a QA person doing this? I mean, it's their job.

          1. kain preacher Silver badge

            Re: I've, umm... done most of that stuff

            If that's in their job title and on a dev/ test server fine. But if management actually wants you to trash a production server you need to leave.

            1. Anonymous Coward
              Anonymous Coward

              Re: I've, umm... done most of that stuff

              If that's in their job title and on a dev/ test server fine. But if management actually wants you to trash a production server you need to leave.

              But do you leave before or after doing the deed? What if a nice payoff/good reference/early retirement package was forthcoming.

              It could well be that doing the right thing would make you seriously at risk of being unemployable for years after - not good for the low/middle ranking employee likely to carry the burden of whistleblower.

              Seriously, I can think of at least one very high profile media co. case of comms related backups/archives containing potentially incriminating evidence being deleted wholesale, but even when there was evidence found to show this had been ordered by individuals at the highest level in the company to impede the workings of justice, no-one responsible for this instruction got done for the dirty deed. It was presented as housecleaning in line with a new retention policy.

        2. Tim Seventh
          Coat

          Re: I've, umm... done most of that stuff

          "Are you trying trash the sever ? if no then you are OK."

          Well if you physically try to put the server into the trash bin, surely that's not ok... for the trash bin.

          I'll walk myself out. icon ->

        3. Allan George Dyer Silver badge

          Re: I've, umm... done most of that stuff

          @kain preacher - "Are you trying trash the sever ?" As in decommission and throw in the trash? Yep, done that.

          1. Anonymous Coward
            Anonymous Coward

            Re: I've, umm... done most of that stuff

            No trash as in upgrade a BSD server to windows IIS

      2. MonkeyCee Silver badge

        Re: I've, umm... done most of that stuff

        It depends entirely on your intention, and what an impartial observer would think.

        If you're really not sure, then you should really get some sort of arse covering paperwork signed off.

        Thus if your job is entirely about security, then you probably don't need explicit permission for a pen test. If you're a general sys admin bod, then it's a good idea, but probably OK. If you're on the helldesk, then you definitely need explicit permission.

        For a more "real world" example, if I went up to my neighbors house* and broke the door down, then dragged the inhabitants out onto the street, then either I would be arrested, or reprimanded for being idiotic/brave. Mainly depending on how much smoke was coming out of the house at the time and whether I'd called the fire brigade first.

        Public health announcement: smackheads and candles don't mix well.

        *technically a sleepout, so an insulated shed

        1. michael.moon

          Re: I've, umm... done most of that stuff

          I don't think a impartial observer is a good idea , it's like asking joe smo , so look at this brain surgen performing this operation , so do you think they did a good job or a bad job ? , joe smo can submit a opinion but thats just it it's a opinion , he has no clue what it's like to actually do the job.

        2. Kiwi Silver badge
          Flame

          Re: I've, umm... done most of that stuff

          ainly depending on how much smoke was coming out of the house at the time and whether I'd called the fire brigade first.

          I probably wouldn't call the brigade first.

          1) I'd be yelling for others to call them.

          2) Having recently had to dial 111 in an emergency, I was quite pissed off at the number of times the dispatcher verified my name and other details BEFORE getting onto the accident at hand. What could've been precious seconds were lost. The first thing the dispatcher should be doing is getting the address of the incident and the service(s) needed, then get more details. Fires can spread quickly and if you do intend to go in and rescue your neighbours, you don't want to be wasting 20 bloody minutes verifying the spelling of your own name for the umpteenth time.

          3) Have been reprimanded for being idiotic/brave before. I'll do it again. If it appears to be the difference between life or death for someone andit's something I am confident I can do, I'll do it (eg when I am a strong swimmer I'll dive in to save someone else, if I am out of practice I'll look (quickly) for other options - no good me going into the water if I'll just need saving myself (of course, if it's an unconscious person I can at least get them upright and breathing while waiting for us both to be pulled out).

        3. bobajob12

          Re: I've, umm... done most of that stuff

          Why does this example sound strangely real? I think there is an On Call story in there...

      3. hplasm Silver badge
        Boffin

        Re: I've, umm... done most of that stuff

        "Do I need to get written permission..."

        Yes. It is, though a pain, called Change Management.

        1. michael.moon

          Re: I've, umm... done most of that stuff

          IF change management is even implemented, also as far as most technical requests go , hi mr manager who has no clue about anything IT related , Is it ok for me to adjust the companies DNS records I would like to adjust the mx records for another system , I also need to make some adjustments to our backup systems it will make over 700% better use of space it will save us a fortune in storage , Plus I really should take a look at the monitoring systems I am likely to be getting a lot of alarms lately due to some backup related changes you approved , is ok if i shut it down for a while , O last thing the vpn it has not been patched for like years , i think this weekend is the perfect time to do it :-) , o sorry one last thing the documentation server , it seems out of date would it be ok if i redo it for you , might take me a while like say a few months but don't worry the company is worth it ;-).

          submitted as a request like this worded correctly , your IT manager normally some poor person from management would most likely still sign off not realising he just signed the death warrant for the network.

          Problem solved , documentation (I was in the process of rewriting it when you arrested me , unfortunately now due to the stress of the arrest i wont be able to do it, it's a lot of work and i was going to start the documentation from the beginning to get it done just how the company likes, as in as much work as they can get for free while firing people ) , but the backups , o yes thats unfortunate we had a lot of failures so i wiped it, i was meaning to rebuild that , but the cops showed up , and the VPN ? o I patched it , it didn't work it's a shame i had already cleaned up the backups I could really have done with them at that point , lucky i got permission from management right , you subverted the email system , did I ? I asked if i could make the changes to the mx records, the manager said I could .

          Bottom line is treat people with respect and fairly and you won't get people going over the deep end like this in the first place.

      4. Naselus

        Re: I've, umm... done most of that stuff

        "Where does the line exist? "

        Intent.

        To take an analogy, more or less every doctor in the world has killed someone. They've missed an obvious symptom, or prescribed the wrong treatment, or accidentally put the wrong dosage on a form. Your first kill is practically a right of passage in medicine. However, this is clearly different from a doctor going out an shooting someone in the head.

        The same applies here. I've deleted backups - hell, I've NEEDED to delete backups in order to maintain the overall health of a system in the past. And I was doing so precisely because it was what was required to fulfill my job roll - I need to keep the system running, even if that means doing stuff which is not normally 'correct'. This guy, on the other hand, was acting to break the system. He was like a doctor on a shooting rampage. There's no way you could spin this as being done for the sake of the system's overall health.

    2. Captain DaFt

      Re: I've, umm... done most of that stuff

      at one point or another in my career. Deleted backups and reformatted drives. Disabled backup mechanisms. Not told users stuff behind the scenes was going horribly wrong. I don't think I've ever forwarded my boss' email without him knowing though.

      All of that, however, was done incidentally to somewhat proper IT activities.

      And there, you have the gist of Mr. Michael Thomas's idiotic appeal.

      Yes, these are legitimate activities in properly maintaining the systems, but as the court pointed out, They are not legitimate activities when used to vandalise the systems he was supposed to be maintaining.

      His argument was as farcical as a killer offing his victim with a hammer, then claiming that as a carpenter, it was part of his job to swing a hammer.

    3. dan1980

      Re: I've, umm... done most of that stuff

      @DNTP

      Well, wasn't that the whole thrust of his argument: that he actually had authority to perform each discrete action he did?

      It's actually an interesting (to me) defence because it shines a light on the difference between the implied authority required for the tasks you need to perform and the implied responsibilities demanded by the outcomes you are hired to achieve.

      Common sense dictates that of course what this person did was utterly wrong and that he should be punished but common sense and the law are not always in step so I was very interested to see how this turned out.

      One concern I have, however, is the flip side of this - what if a sysadmin is fired and accused of destroying company property when they delete old backups that they believe are unnecessary in order to make space for new backups?

      Again, common sense dictates that is not the same but how is that argued if such a case went to court.

      Still, I just can't get in the mind of someone who would do something like this. Completely innocent people were likely severely impacted. This chap was annoyed that a reduction in IT staff would mean more work for him - did he feel sorry about all the extra stress and work and difficulties he was causing everyone else in the company?

      1. DNTP

        Re: I've, umm... done most of that stuff

        I justify it to myself that I'm acting in good faith in the interests of my company, department, and users, and often that's actually my prime motive. Sometimes though it's just plain fun to get a new billing system in place and then put a bullet through the hard disk of our last (in 2015, for fuck's sake) WinXP PC.

      2. michael.moon

        Re: I've, umm... done most of that stuff

        I suppose in short , no he diden't give a care in the world about all the people he would upset and inconvenience , On the flip side, neither did the company as they throw away their employees like garbage , so kinda like pot calling the kettle black. Company doesn't care , doesen't listen to reason , eventually neither does the system admin. One might look at cause and effect , cause company treats people like crap , effect employee treats company like crap

      3. Kiwi Silver badge
        Big Brother

        Re: I've, umm... done most of that stuff

        common sense and the law are not always in step

        FTFY

        You're welcome.

    4. Anonymous Coward
      Anonymous Coward

      Re: I've, umm... done most of that stuff

      Never assume malevolence when incompetence is a valid scenario, and never assume incompetence when a bad day, fat fingers and tiredness can make everything go horribly wrong. Everybody makes mistake from time to time.

      However the mistake Michael Thomas made was being malevolent and being incompetent enough to get caught.

  6. Chairman of the Bored Silver badge

    Dang it!

    This guy gets a lot done when he's pissed off. Wonder how things would have gone if he had shown a similar level of effort towards actually doing his job!

    1. DavCrav Silver badge

      Re: Dang it!

      "This guy gets a lot done when he's pissed off. Wonder how things would have gone if he had shown a similar level of effort towards actually doing his job!"

      Who do you think made the 625 backups?

  7. Blofeld's Cat
    FAIL

    Never read the BOFH ...

    Now if he had:

    a) Described his planned actions as a "Radical, agile, system-wide upgrade"

    b) Given the plan a catchy title

    c) Documented his intended changes and produced a three-bullet-point management summary

    d) Got "Project Scorched Earth" signed off by his line manager (Before their unfortunate, fatal fall from the collapsing fire escape).

    e) Engaged a highly paid consultant (also on the fire escape) to execute the plan

    Then, assuming there were no meddling kids or a pesky dog nearby, he might just have got away with it.

    1. I ain't Spartacus Gold badge
      Happy

      Re: Never read the BOFH ...

      Somehow I doubt the BOfH has any friends...

      But assuming that long association with the PFY has kind of mellowed into something analagous to friendship, then I'm sure that the BOfH would never allow things to come to this pass.

      His protective telltales in the HR system would no doubt inform him in advance of the impending doom of his "friend" and allow for preventative action. Maintenance is always better than repair. And as we all know, a hammer is an excellent tool for maintenance...

      The fire-escape + boss + consultant + deleted back-up concatenation would be reserved only for emergencies. Such as extra storage room being needed for videos of a specialist nature. Or idle malice.

      1. tfewster Silver badge
        Angel

        Re: Never read the BOFH ...

        Everyone is a friend to the BOFH, because you don't want to be an enemy - not that that attitude would last long anyway. If he's friendly to you depends on what you've given him (Scotch, aggro or merely being in the way of his plans)

  8. Anonymous Coward
    Anonymous Coward

    Intent not proven, just "reasonably" assumed

    The acts they say were malicious are not by default and to be fair are the sort of things he might do as part of his job.

    They suggest that his behaviour after the actions indicates malice but unless he admits acted out of malice then it is all just "reasonable assumption of guilt".

    Now if he had a document asking him to perform these actions or had a "reasonable professional" justification for his actions then it there would have been a greater burden of proof required.

    I don't have all the evidence to say that yes he definitely is guilty, all we have is the court's ruling that he is and what professionals here should take away from this is that not having proof of authorisation when performing these kind of actions leaves you exposed.

    Having been in a situation where someone attempted to maliciously blame for their own failures, when I had told them in advance were likely then proof becomes very important. If your colleges who should know better give any credence to accusations of this type then yes you are going to be making certain you have proof for every action until you move jobs.

    In my case a user had always had an issue with me, so when she asked me to look at her machine I got her to put in a support job first detailign the nature of the fault. The issue was that a file had been corrupted or intentionally deleted from the local storage. Since in my case all client data was required to have been on the backed up network storage and I had already alerted the client to the fact that the local sharing of data files without any record locking was going to cause corruption then there should have been no credence given at all.

    That there was credence resulting in me not offering to restore the data from the main database and removing my offer to provide a local record locking solution to prevent the problem. Unsurprisingly the corruption reoccurred but since I had removed myself then the next time they were left with no one else to blame. Even still, this liar was still working for the client when I left.

    In summary not having proof that your actions are reasonable can leave you exposed to malicious accusations so cover your back every time. Not everyone is reasonable,truthful or competent and only you can protect yourself from abuse when your management start pukering. The same management I might add who had often complained about my insistence upon a paper trail.

    1. I ain't Spartacus Gold badge

      Re: Intent not proven, just "reasonably" assumed

      For most criminal convictions, the prosecution must prove intent. Mens Rea, in legal jargon - guilty mind.

      Obviously the standard of proof is lower for getting sacked by HR - so it's often worth getting things in writing where neccessary.

      But it's ludicrous to say that his actions weren't in themselves malicious. Turning off the backup system and deleting the backups without first having an alternative system in place and without permisison is obviously a criminal act. Particularly obviously so, when coupled with changing the notification system so nobody will find out.

      Now if management had given permission for this ludicrous act and later denied it, it would only be gross stupidity, negligence and incompetence to have carried it out. That's the sort of instruction any competent employee should refuse, and if management insist then demand written permission and indemnity with written warning of the consequences of said stupidity. Or just resign. Nothing good is likely to come of it.

      As it's pretty bloody unlikely that even the thickest of managers are going to give those particular instructions (why cover up something that's company policy?), and there's other evidence of guilt, and a conviction already in court, I think we can satisfy ourselves beyond reasonable doubt that he's guilty.

      1. 's water music Silver badge

        Re: Intent not proven, just "reasonably" assumed

        obviously a criminal act

        Whilst common sense makes it pretty easy to identify this as a tort, criminal acts are what the relevant law says they are, no more, no less. It was potentially worth a roll of the dice* for him to test if a judge would agree with his interpretation. The intent of a legislator matters little versus what they actually wrote down. Happily, judicial interpretation was in line with common sense.

        *would make sense to me under the circumstances although it is clear that his frame of reference differs somewhat from most of the commentards

      2. J. Cook Silver badge
        Black Helicopters

        Re: Intent not proven, just "reasonably" assumed

        "As it's pretty bloody unlikely that even the thickest of managers are going to give those particular instructions"

        My previous manager did exact that; I refused, with the grand-manager on CC, which is my usual reply when I'm being ordered to do things that will damage the company or give grounds for me to be canned.

        A good solider knows when his orders are full of s&^t.

  9. Anonymous Coward
    Anonymous Coward

    I've done similar. I called it "learning Powershell"

  10. Anonymous South African Coward Silver badge

    Another thing - when asked to trash a server, I make 100% sure of that before I proceed.

    In all the instances where I had to trash a server, it was due for recycling anyway. And in other cases it was fun to bork a RAID array just to see what happens if I do X and Y and Z (on an redundant server, of course).

    I don't do stuff to production servers because of fallout and loss of my good name.

  11. Pat Harkin

    "fined roughly $130,000, the cost of fixing the damage."

    Considering what he did, that's not a lot of loot. Isn't it only a few weeks or so since we were discussing a malware removal which cost 2.6 million?

    https://www.theregister.co.uk/2017/09/22/it_contractor_logic_bombed_army_payroll/

  12. Salestard

    Seems to be a very odd method

    Trashing your own work to get back at your employer seems to be an odd method of getting one over on 'the man'.

    Shirley, a better tactic would be to accidentally leave the payroll folder on a shared drive somewhere and simply bask in the chaos it causes internally when everyone finds out what everyone else is being paid?

    Plausible mistake, no obvious malicious intent, and indeed as IT bod would probably be called upon to investigate how such a file ended up on the shared drive - which opens up the option to royally stitch up the person who fired your mate?

    1. I ain't Spartacus Gold badge
      Devil

      Re: Seems to be a very odd method

      Mmm. How would one make sure the right person sees the file, without giving oneself away?

      Just asking for a friend...

      1. Salestard

        Re: Seems to be a very odd method

        My experience of this happening (files being in the wrong place) is aged, back when shared server drives were the norm, but usually it only needed one person to see a file, and the cascade effect would ensure everyone knew within a matter of minutes.

        1. I ain't Spartacus Gold badge
          Happy

          Re: Seems to be a very odd method

          Could be tricky though. Now normally if a file is accidentally in a user's normal shared folder / personal folder and is named something like "Confidential - Payroll 2016-17.xls - they'll find it instantly. Even if they're the kind of user who couldn't normally find the bog standard letter heading that they use every day. Or in fact, their arse with both hands...

          But in the case of the accidentally released file, there's some suggestion that this is one of the exemptions to general relativity, in that this knowledge will propogate faster than the speed of light.

          However, this is very difficult to test for. Becuase Murphy's Law states that if you want people to find the file, then even the most OCD organised file-Nazi will fail to notice it for weeks, or even months. Even if labelled something like DON'T OPEN ME - JUICY SECRETS INSIDE - MANAGEMENT PAYSLIPS.xls.

          Perhaps one would be reduced to the old piece of paper left on the photocopier trick...

          Apparently there was a photocopier in the House of Commons in the 90s that was in an area open to both MPs and journalists. During the Major government's period of leaking like a rusty tug, any senior civil servant or minister wishing to inform/mislead the gentlemen of the press would simply pop their document of choice onto the glass, wander off, and wait for the inevitable headlines. Apparently some journalists resorted to regular patrols to check if there was anything juicy for them in it today.

  13. Anonymous Coward
    Anonymous Coward

    A proper exit strategy

    His leaving plan should be much simpler

    A dozen cheap digital alarm clocks with new batteries.

    Synchronise the clocks and set all the alarms for say mid morning.

    Drop them into static office furniture, cubicle partitions are great choices.

    A boxed prawn sandwich apparently takes three weeks ripening to burst the seal.

  14. HmmmYes Silver badge

    Loon.

    Just follow company procedure.

    I remember one place where legal/hr had a hardon for escorting off the building thennthere anyone who resigned . I think they saw it in a filum.

    30% of the group quit over a 6 month period.

    Despite the claims of people being fungible, they could not get anyone with any thing approaching the skills into an interview.

    So, the other 60% minys 1 quit on the say day. All escorted off the building.

    How do i know you ask, i was the minus one - i was waiting for a new job place to complete before quitting.

    Companies luve and due by their procedure and employees.

  15. Anonymous Coward
    Anonymous Coward

    With great admin/root powers....

    ....comes great responsibilities.

  16. Inachu

    VS what was done to me by a CFO and fix an old computer in a room that also had a netware 3.11 server. I never touched it as I have ZERO training in netware. I leave after fixing the old 386 computer and the CFO complained I locked him out of the netware 3.11 server which was in a half height rack mount server case and the pc I was fixing was on the floor far away from the server.

    He used me as a crutch/patsy to destroy the server data because the insurance company was being bought out by another insurance agency.

  17. Rob Foster 1
    FAIL

    Yup, I've always thought of it as...

    While I have the physical permissions to break stuff, the actual authorisation is only to try & fix it if/when broken.

    This seems to be the bit he missed.

  18. Anonymous Coward
    Anonymous Coward

    which is why we always say, "go ask a lawyer"

    Nothing like being your own lawyer, right up until you get caught.

    Some people are just too smart for their own good. While this case is pretty obvious, I've read similar "ingenious" parsing of this particular law. It's all been legal amateur rubbish.

    As someone whose first career was as a trial lawyer for over a decade, this didn't seem to be a close case. This language in this particular status is very broad, but not much more so than other "special crimes" legislation like RICO. Of course when you're representing someone whose liberty is at risk, you do everything you can to minimize the damage ("if the facts go against you, argue the law"), but in this case the client didn't really leave his lawyer with much to work with at all. Once the guy actually _did_ something to his company's systems, he was, and I'll use a technical legal term here, "toast".

    People really need to reach out and ask for legal advice when they're in situations like this, _before_ they act.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019