back to article He’s a pain in the ASCII to everybody. Now please acquit my sysadmin client over these CIA Vault 7 leaking charges

Typically, your lawyer is on your side. Which is why it was a little unusual that on the first day of the trial of ex-CIA sysadmin Joshua Schulte – accused of leaking classified information to WikiLeaks – that his attorney, Sabrina Shroff, went out of her way to explain what an asshole he is. “When he worked for the CIA, he …

  1. iron Silver badge

    So after being locked out of a system he somehow restored a backup to that sytem to give himself access to the backups?

    I hope he gets a very good jury that can follow the complicated discussions that his trial will consist of.

    1. Symon Silver badge
      Holmes

      Don't worry, about seven out of eight juries are 'good'! You want to have Henry Fonda as Juror no.8, I reckon*.

      https://www.researchgate.net/publication/227633293_Estimating_the_Accuracy_of_Jury_Verdicts

      "Average accuracy of jury verdicts for a set of cases can be studied empirically and systematically even when the correct verdict cannot be known. The key is to obtain a second rating of the verdict, for example, the judge's, as in the recent study of criminal cases in the United States by the National Center for State Courts (NCSC). That study, like the famous Kalven-Zeisel study, showed only modest judge-jury agreement. Simple estimates of jury accuracy can be developed from the judge-jury agreement rate; the judge's verdict is not taken as the gold standard. Although the estimates of accuracy are subject to error, under plausible conditions they tend to overestimate the average accuracy of jury verdicts. The jury verdict was estimated to be accurate in no more than 87 percent of the NCSC cases (which, however, should not be regarded as a representative sample with respect to jury accuracy). More refined estimates, including false conviction and false acquittal rates, are developed with models using stronger assumptions. For example, the conditional probability that the jury incorrectly convicts given that the defendant truly was not guilty (a “Type I error”) was estimated at 0.25, with an estimated standard error (s.e.) of 0.07, the conditional probability that a jury incorrectly acquits given that the defendant truly was guilty (“Type II error”) was estimated at 0.14 (s.e. 0.03), and the difference was estimated at 0.12 (s.e. 0.08). The estimated number of defendants in the NCSC cases who truly are not guilty but are convicted does seem to be smaller than the number who truly are guilty but are acquitted. The conditional probability of a wrongful conviction, given that the defendant was convicted, is estimated at 0.10 (s.e. 0.03)."

      * https://lawcat.berkeley.edu/record/1121221/files/fulltext.pdf - "Good film, bad jury."

      1. Doctor Syntax Silver badge

        From the viewpoint of a forensic lab I started with the assumption that "somebody probably knows what actually happened but that's not me". I'd find it difficult to decide how "accurate" a judge's opinion or a jury's might be. An interesting experiment would be to pick a shadow jury and see if they agreed with the real jury. That still has limitations - they don't carry the responsibility of the real jury. I suppose you'd really need two shadow juries and see how often they agree.

    2. Dr Dan Holdsworth
      WTF?

      I rather think that a large amount of hand-waving and systematic bullshit will be used to try to baffle the jury into accepting the prosecution view of things.

      Were I in charge of setting up a system to hold secrets, I would make very sure that the security of the system was based around centralised tokens and preferably several separated central token-issuing servers to get into any particular secure vault. I would also try my best to ensure that as little as possible was kept on the client machines as possible, using encrypted network filesystems and encrypted local disks. Thus when I lock out a client, I simply void all their central tokens and force them to re-authenticate to get back in, and with a lower security clearance they aren't going to get at very much. With next to nothing stored on the client machine stealing data is going to be challenging.

      The CIA are trying to imply that far from being a masterful agency of computer security experts, they are actually really quite stunningly stupid, and rely on client-side authentication to control access. Furthermore, their client-side tokens don't seem to be time-stamped thus when the accused rolled back his workstation to an earlier version, the changed timestamp on the authentication tokens wasn't noticed! The CIA argument may well be on the lines of "Yes, our security sucks and we trusted a man we shouldn't have trusted, and we may have accused the wrong man, but we're the good guys so trust everything we say whilst we frame this possibly-innocent but very unlovable man".

      It will therefore be rather interesting to see how this one pans out; I doubt that the CIA will come out of this one smelling entirely of roses.

    3. NoneSuch Silver badge
      Coat

      "I hope he gets a very good jury that can follow the complicated discussions that his trial will consist of."

      Rest assured the prosecution will ensure the jury will be composed of blue collar workers who don't have enough knowledge to program a ringtone on their phone. They don't want people who know IT and can see the flaws. They want patriotic 'mericans who will believe their version of events and put a "traitor" in jail.

      He may also not get a jury at all and have just a federal judge deciding his fate.

      1. John Brown (no body) Silver badge

        "Rest assured the prosecution will ensure the jury will be composed of blue collar workers who don't have enough knowledge to program a ringtone on their phone."

        From watch some episodes of Bull, it seems both sides get a number of chances to approve or reject jurors. Assuming that's the usual process in this type of trial, then the CIA would have to either "nobble" the selected jurors or have pre-arranged the type of jurors they wanted so only "their type" are in the pool to start with.

        1. Intractable Potsherd Silver badge

          @John Brown (NB): "... the CIA would have to either "nobble" the selected jurors or have pre-arranged the type of jurors they wanted so only "their type" are in the pool to start with."

          Neither of which are outside the skill set of the CIA. Any guilty verdict will be difficult to believe.

          Also, to save time later - child porn on a server is to the early 21st century as tax evasion was to the early 20th century, don't you think? Of course, the tax evasion was easier to believe.

      2. Electronics'R'Us Silver badge
        Holmes

        How to not get jury duty

        In the (rather distant) past, I had a girlfriend who was a practicing lawyer in the criminal courts for both state and federal and I was told I would never be an active member of a jury simply because I have a degree level education.

        Well educated? Off you go.

        The reason is that there are a number of pre-emptions permitted (so the lawyers can get rid of a juror for virtually any reason at all).

        He may also not get a jury at all and have just a federal judge deciding his fate.

        The right to trial by jury for serious offences is a constitutional right so there will be a jury trial; it is in the lawyers interests (on both sides although in this case I would love to see tech pros but I won't hold my breath) that those jurors are not particularly well educated.

        1. Michael Wojcik Silver badge

          Re: How to not get jury duty

          I was told I would never be an active member of a jury simply because I have a degree level education

          This is simply false. I've served on a jury in a criminal case, and I hold three degrees. I have friends with doctorates who have served on criminal and civil juries. I've seen other jurors selected (when I was in the pool) who admitted to bachelor or advanced degrees.

          My neighbor is a lawyer and law professor who specializes in aspects of trial process, and she tries to keep as many well-educated candidates in the jury as possible.

          US voir dire is a complex process. Counsel typically get a handful of peremptory challenges (the right to remove a candidate from the jury for no expressed reason), but beyond that they have to present cause. And they don't know what the rest of the pool contains. Basically, it's a generalized secretary problem.

  2. Scuby

    CIA - Crime Inventing Agency

    Is anyone else thinking this is a Stitch-up job? Maybe by the bloke that threatened to kill him?

    Tin-Foil hats everyone!

    1. Claptrap314 Silver badge

      Re: CIA - Crime Inventing Agency

      It would be really, REALLY hard to convince me "beyond reasonable doubt" that a person who had lower access to systems was not set up by someone with higher access if the person with higher access was pissed off enough at them. The fact that the government is using such "evidence" at all suggests that the rest of their case is weak.

      Further more, if the reporting is precisely accurate, the feds are feeding a line of BS to the jury. We are to believe that a computer on the inside, assigned to a former disgruntled employee, was left sitting running for more than four months? How else would there be anything at all in the "memory" of the computer to leave the tracks as claimed?

      Equally tough to believe is that he was successful in deleting the logs off the target system, but failed to delete them on his own?

      If I were on the jury, this alone is almost enough for me to acquit, and I'm no fan of Wikileaks.

      1. rcxb Bronze badge

        Re: CIA - Crime Inventing Agency

        How else would there be anything at all in the "memory" of the computer to leave the tracks as claimed?

        Perhaps a swap or hibernate file?

  3. Pascal Monett Silver badge

    What a nasty nest of vipers

    This case looks like it is going to be an epic romp into Ultra Secret information. A digital Fort Knox ? I would tend to believe the sysadmin when he says it was wide open. Management typically believe things are much better than they actually are when it comes to IT security.

    In any case, in this cat fight, the fur is going to fly, of that I'm sure.

    And, of course, we have the mandatory kiddie pic. What a surprise. A top-level security expert is obviously going to leave a kiddie pic lying around on a CIA computer, yeah, sure. Apparently, everyone agrees he's an asshole. Nobody is saying that he's stupid. That is stupid, ergo it's not him. And that is a very basic mistake for the CIA. Nobody's going to believe the CIA didn't plant that pic.

    1. AIBailey Silver badge
      FAIL

      Re: What a nasty nest of vipers

      From the article - ...child sex abuse images the FBI claimed it had found on a server he ran.

      This wasn't a picture, rather multiple images. And they were (allegedly) on a server that Schulte ran, nothing to do with the CIA.

      Edit : from the earlier article : " Schulte was in charge of a server that contained 54GB of illegal content"

      1. Pascal Monett Silver badge

        Okay, missed that. Still, 54GB of illegal content does not mean 54GB of kiddie porn. Still seems a bit stupid, but it's happened before, so too bad for him.

        1. batfink Silver badge

          It may well have been 54GB of kiddie porn, but the weasel words here are "in charge of". What does this mean exactly? Was he running some kind of hosting service that anybody could put any crap on? Or was he the only user? There's a hell of a difference - ask any hosting service.

          As an example: I understand Condoleeza Rice is now "in charge of" Dropbox. I'm sure a bit of Dropbox trawling could turn up any amount of dodgy content. Should Condy therefore be in the dock with this joker?

          1. Sgt_Oddball Silver badge
            Black Helicopters

            For further evidence...

            Lookup Kim Dotcom....

          2. Michael Wojcik Silver badge

            For that matter, is there any evidence besides the claims of some agents of another intelligence service. Yes, yes, very persuasive.

        2. Doctor Syntax Silver badge

          It also doesn't mean that it wasn't planted. When this is the IT dirty tricks dept. of the CIA it's going to be very difficult to get any jury to decide between what's real and what's a dirty trick.

          1. batfink Silver badge

            but if they've modified the logs....

          2. Anonymous Coward
            Anonymous Coward

            If the dodgy content had been encrypted and the "good guys" had stumbled across the password, I might be inclined to believe he wasn't being setup. If he was hosting material for others and the CIA haven't attempted to identify who put the material there, I would think that maybe a red flag. The lack of evidence around the computer logs also seems to be a red flag - while it may indicate someone is hiding something, it doesn't necessarily indicate who is doing the hiding, so there's another red flag. I'd also be interested to find out what happened with the first defence lawyer - were they offering to plea bargain him down to life in prison to avoid the death sentence for treason? Were they just not willing to defend him or had they been told not to try too hard by the CIA? Another red flag...

            While the use of a mobile in prison is undoubtedly an offence, if you think it is the only way you may get your side of the story out there after the first lawyers tried to ditch you, it's not necessarily a sign of guilt.

            The lack of hard evidence, the long time frames and the CIA playing hard ball all the way and the forest of red flags growing in the evidence suggests they have very little but plan to make it stick regardless of actual guilt or innocence.

  4. Moldskred

    "For over an hour, from the computer sitting at his desk at CIA, Schulte was in that system secretly restoring his super access, giving himself back all the control he had before it was taken away. Restoring his access to the backups that stored copies of the entire system. [...] After stealing the backup, Schulte tried to cover his tracks. During that hour on April 20, when he took the system back in time, Schulte started carefully deleting every log file that kept track of what he had done while he was in the system. After destroying that evidence, he unwound the reversion. Schulte restored the system to how it had been just before he hacked in, [...]"

    So that's gaining access through an undetected backdoor, running a system restore, accessing and copying the material, deleting or editing all relevant log files and finally run a second system restore? All that in little over an hour? That seems a bit tight, time-wise.

    Also, if he restored the system to the original state, surely that'd reintroduce whatever backdoor he'd used to gain access so that it could be found?

    1. John Sturdy

      Still possible, I reckon, or at least plausible

      With that much access, he could have modified the data for the second restore, to restore it without the backdoor; and for that matter, the second restore could be what wound the log files back, so it's not that many separate stages. And it would make sense for him to have scripted at least most of it.

      That being said, it does like they're just out to get him.

      1. Moldskred

        Re: Still possible, I reckon, or at least plausible

        Yes, I wouldn't go as far as to say it sounds outright implausible, just that it sounds unusual enough to raise my eyebrows. More of an "I wouldn't choose it as my null-hypothesis."

    2. Doctor Syntax Silver badge

      "Also, if he restored the system to the original state, surely that'd reintroduce whatever backdoor he'd used to gain access so that it could be found?"

      And if he restored the system back to its original state why would he need to edit the logs? Surely he'd have the wit to restore the original logs.

      1. Moldskred

        That would depend on how logs are kept and what's covered by the system restore or not.

        (While I'm not _surprised_ that it doesn't, considering how muddled IT security is at all levels of the industry, there's really no excuse for computer systems like these to not have some kind of tamper-resistant logging in place.)

        1. John H Woods Silver badge

          Tamper resistant logging...

          ... is easy... even a line printer in a physically secured room can do it. You'd need secured logs for anything of financial importance, it would seem to be even more necessary in an environment like this.

    3. c1ue

      The timeline and details, to me, implies a physical server or desktop.

      But the question then is: why would super secret stuff be on a single physical server or desktop, as opposed to a centrally managed cloud device?

      This matters because the evidence talked about all appears to be endpoint - there is hardly any, if any, network data.

      Whatever superuser access the defendent may or may not have had - surely he didn't have the ability to access and modify network logs?

    4. Anonymous Coward
      Anonymous Coward

      Plausible does not mean beyond reasonable doubt, which is the standard of evidence. Plausible without evidence is as good as fiction.

    5. Inkey
      Holmes

      Round abouts

      Im no sysadmin... Or even near the level of dreaming of such competence..

      So perhaps my question sounds dumb and someone can shed some light....

      Shirley there would be one last log that would remain as he would just keep going around in circles trying to remove the last log..?

      Can you script a reversal, copy, re-reverse a privileged state and wipe the logs without leaving a log.

      If they can prove without a doubt it was him (proper evidence) he should be given some kind of award,

      Thats solid brass balls right there...

      The company... In the company office... On the company's time...

      1. Michael Wojcik Silver badge

        Re: Round abouts

        If all the logs are on writable media, then it's just a software problem.

  5. Neil Barnes Silver badge
    Big Brother

    a digital Fort Knox: impenetrable to only a very few special people.

    So if you're one of those few special people, you're fine. It wasn't you. Anyone else, watch out; it could have been any one of you!

    1. phuzz Silver badge

      Re: a digital Fort Knox: impenetrable to only a very few special people.

      Reading Ed Snowdon's autobiography, it doesn't sound too hard to become a sysadmin at the CIA.

    2. diodesign (Written by Reg staff) Silver badge

      Re: a digital Fort Knox: impenetrable to only a very few special people.

      Yeah yeah, we meant "all but" not "only" - it's fixed. Don't forget to email corrections@theregister.co.uk if you spot something wrong like that, please, so we can fix it ASAP.

      C.

  6. bryces666
    Coat

    Kiddy Porn - that old chestnut...

    They must be desperate if they need to go planting that stuff to make their arrest and case. As if anyone as well versed in security as the defendant has been described would leave bad stuff lying around in the open for CIA to find, I smell a rat

    1. ciaran
      Trollface

      Re: Kiddy Porn - that old chestnut...

      But they haven't talked about the book on Hitler they found in his apartment. And the woman's underwear. I thought this was automatic?

  7. AndyFl

    Dirty pics are not relevant

    He may or may not have knowingly hosted child porn pics. It certainly wouldn't be the first time something was unknowingly embedded in a large archive of stuff.

    However that is not relevant to the CIA charges which, on the face of it, appear to be somewhat contrived and if they are to be believed make him out to be some sort of super BoFH,able to remotely restore systems to previous configurations, exfiltrating all sorts of data, hacking files then restoring the systems to a previous state whilst nobody noticed and moving his fingers on he keyboard at several times the speed of light. They may have other evidence which they are unwilling to disclose at the trial and what is being described is the remainder left over from it but if they don't up their game then he is likely to get off whilst everyone is laughing at what they are presenting.

    Why does it feel a little like what is going on between HPE and Lynch? They got upset with him having bought a pup then spent their time trying to find reasons to sue him and eventually managed to cook up something that the US DOJ could use to start extradition proceedings with whilst there was an ongoing civil trial ongoing.

    I think both stories have a long way to run and look forward to watching them develop.

  8. DavCrav Silver badge

    "He's an incredibly able criminal mastermind."

    "But there's no evidence he did it."

    "See! That's how good he is."

    1. TeraTelnet
      Coat

      "If they did, how did they do it?"

      "If they didn't, how did they didn't?"

      "If they didn't then it's easy, 'cause they simply didn't do it."

      "If they did it, then I knew it, but we've nothing that can prove it!"

      With apologies to the fuzzy frog puppet in my coat pocket.

      1. The Oncoming Scorn Silver badge
        Holmes

        Blakes Vault 7

        VILA When it comes to computers, he's the number two man in all the Federated worlds.

        NOVA Who's number one?

        VILA The guy who caught him.

  9. batfink Silver badge

    They're never going to get a jury who understands any of this

    I'm going to guess that he will be convicted.

    Most (if not all) of us here would be asking some very hard questions about this, were we in the jury. However, we do this for a living, and the vast majority of people do not. There are even a hell of a lot of people in the IT industry who wouldn't have a clue about the dark arts of a sysadmin.

    So, statistically speaking, they're going to get a jury full of laypersons. The CIA are going to come in and say "He's a computer whiz! He did all sorts of secret computery things that none of you understand! Of course he must've dun it!". And the said laypersons are going to think "I don't understand any of this. The prosecution say that he's such a computer genius he could work computery magic. Sounds feasible to me. Guilty!".

    Even the simple stuff in the case, like the weasel words of "he was in charge of a server with kiddie porn" will sail right past most people.

    1. rmason Silver badge

      Re: They're never going to get a jury who understands any of this

      Yeah, guys going to Jail isn't he? Regardless of those pesky facts (he may have done it, i'm not assuming either way).

      Due is going to jail though.

    2. Claptrap314 Silver badge

      Re: They're never going to get a jury who understands any of this

      You summer's child. The jury selection process is specifically designed to keep experts out. While this is sounds outrageous, it is really important. Expert witnesses must be cross-examined for a trial to be fair, and an expert in the jury room cannot be cross-examined.

      Having said that, I will repeat what I said in the Microsoft anti-trust case: "Better to have a jury full of experts." For cases with national (or international) significance, we need to spend the money to have these things decided by people who actually have the ability to call BS on the lawyers.

      But the lawyers are not about to give up their power. <sigh>

      1. Anonymous Coward
        Anonymous Coward

        Re: They're never going to get a jury who understands any of this

        There are two ways to get kicked out of the jury pool...

        Wear a nice suit and work my CV into the conversation...both counsels will move to strike immediately.

        ...or go unshaven, wear a MAGA hat (bonus points for an American flag with an M-16 emblazoned on it) Interrupt a counselor and stare at him intently while saying, "yet honor, I sho' wan' be in dis here jury! I can TELL when a man is guilty. Jes' by LOOKIN at em!". Both counsels will move to strike.

        1. Old Used Programmer

          Re: They're never going to get a jury who understands any of this

          I did it by questioning the integrity of the prosecutors, citing examples of dirty tricks by same in various places. Followed by being leery of the integrity of the defense attorney.

  10. CrazyOldCatMan Silver badge

    Still think..

    .. a sooper sekret encryption-decrypting master key is a good idea? After all, all it takes is one disgruntled employee and said SSEDMK is out in the wild and all your stable doors are open and your herd is frolicing in distant pastures new..

  11. Anonymous Coward
    Anonymous Coward

    Weird thing

    So this dude was so clever to gain back access to a highly seecured system after been revoked, steal a backup, cover all tracks, upload all to wikileaks without getting caught.

    But he was not clever enough to conceal (or even to run to start with) a public system full of pedo material ?

    Doesn't make sense to me. Not saying it is not possible though.

    And why was he revoked in april that he had to roll back to get superuser rights back ? Dodgy people don't last for long in there ...

    But yes, as was commented already, the technicality is very high here, will surely interest El Reg + readers than jury + judge who certainly don't get a thing here.

  12. Doctor Syntax Silver badge

    "He left the CIA following an internal dispute in which he accused a co-worker of plotting to kill him, and made a formal complaint. The complaint was investigated and management sided with the other employee."

    They told him to form an orderly queue?

    1. batfink Silver badge

      Good Doctor Syntax: I wonder whether, rather than taking a chance with a murder charge, the co-worker has simply dumped 54GB of kiddie porn onto this guy's server and then there was a mysterious anonymous tip-off to the feds?

  13. Doctor Syntax Silver badge

    This back door which only authorised users could access that's been accessed without authority: is this the one you want to put in everybody's communications?

    1. stiine Silver badge
      Pint

      Exactly!

      Have a pint, sir.

  14. Anonymous Coward
    Anonymous Coward

    For over an hour, from the computer sitting at his desk at CIA, Schulte was in that system secretly restoring his super access, giving himself back all the control he had before it was taken away.

    Do the CIA not use any sort of File Integrity Monitoring then? Or perhaps he turned that off first...

    I know the other day I made a change to a config file on a server of ours, and got bombarded with warning emails and a phone call asking what the hell I was doing...

  15. Alan Johnson

    Does not reflect well on the CIA whatever the outcome

    The ability to do what it has been claimed that he did within 1 hour seems deeply implausible but what stood out in my mind is the claim that he modified the logs. If it is actually possible to modify a log in a way that is not instantly detectable on such a hyper secure system then whoever designed it and considered it suitable is massively incompetent.

  16. WillCunningham

    "the nation's secrets"

    Ah, yes, the CIA - a spotless organization known for having the best interests of the nation behind their every action. These backdoor hacking programs belong to THE NATION, damn it!

  17. NiceCuppaTea

    As a Juror i would not believe a single word the prosecution spouted.

    I would expect that the events were probably as follows....

    CIA realises they have been PWND because of lax security and the conversations goes.....

    "We need to save face who can we stick this on, if congress finds out we are actually shit at security our budget will get cut"

    "What about that guy that quit last month, the one thats a complete asshole?"

    "yeah he will do, he runs a web server, set some bods putting a load of kiddie porn on it to help set up his image as a bastard in the media"

    "righto boss"

    "set some other people on coming up with a suitable complicated story to confuse a jury into convicting him"

    "Already on it boss"

    "ok tip off the FBI over the kiddie porn then we will also arrest him with our story about how hes magic and theres noone who could have stopped him unless we had more budget"

    1. DCFusor Silver badge

      And while we use the fake kiddie porn to keep him out of circulation, we can gin up all the necessary fake logs needed to convict him of the espionage crimes. It wouldn't do to have him on the loose, interfering with that.

      Things like this create something like Maxwell Smart saying "ah yes 99, the old kiddie porn trick".

      Sure, it's believable that some wackos are into that - but the percentage of people who have offended

      the government that also have kiddie porn seems like it's way, way too high to reflect reality.

      I rather doubt that near 100% of criminals are into kiddie porn - that seems to be the specialty of

      politician-criminals and enablers who didn't kill themselves.

    2. -v(o.o)v-

      Indeed - how come there's always, always kiddie porn "found" from leakers' machines??

      Just look at past reg pieces and it's always the same story. Kiddie porn found first.

  18. Imhotep

    Focus On The Clowns

    We all cherish some delusion. Mine is that the CIA is a blind created to draw attention away from a real secret intelligence agency that is so competent that we don't know about it.

    1. J. Cook Silver badge
      Alien

      Re: Focus On The Clowns

      Ah, the MIB.

      "What branch of the government do we answer to, CIA, NSA?"

      "No one, they ask too many questions!"

    2. Old Used Programmer

      Re: Focus On The Clowns

      There is the story from the end of WW2. A German intelligence official was being interogated. He was asked what he knew about the OSS (the predecessor to the CIA). He replied, "Oh, we know all about the OSS. That's your cover for your real intelligence operation."

  19. Anonymous Coward
    Anonymous Coward

    Impenetrable and Invincible

    ..."to only a small group of people". Those that missed this weeks SUDO bug? Impenetrable to preschoolers? Think you might want to switch that grammar back to Block all incoming and Allow all outgoing default logic :)

  20. Claptrap314 Silver badge

    Hobson's choice

    If he's convicted, he goes to the special prison for such types for decades. Not, he dies in an accident or from a heat attack within a year.

    1. batfink Silver badge

      Re: Hobson's choice

      I hadn't realised the CIA's new Heat Weapon was operational yet...

  21. Boris the Cockroach Silver badge

    Fired

    and yet still has an account on a super secret CIA computer?

    Did I read that right?

    yet my account at work would be locked down 5 secs after I leave the building with P45 in hand... gone over and then deleted within a week.....

    Something smells here...... and it aint the content of my underpants

    1. The Oncoming Scorn Silver badge
      FAIL

      Re: Fired

      5 secs after I leave the building with P45 in hand.

      Security is a bit lax at your place then apparently.

      1. Anonymous Coward
        Anonymous Coward

        Re: Fired

        The Oncoming Scorn,

        You are correct.

        In a previous role, as the one who did the 'locking down', I would be told the day before at the latest !!!

        The soon to be 'Ex-employee' would find they could not log in, usually after being intercepted by a manager on the way in and told the 'good news'.

        Not nice to be involved but I was the senior Techie/Manager and was able to lock out *any* user, if needed.

        This covered all internal & remote access and HR would 'kill' all company credit cards/Fuel Cards etc.

        All outstanding claims for expenses etc would be submitted on 'Paper based' forms, so NO computer access would be necessary.

  22. DougS Silver badge

    Moral of the story

    Don't piss off the CIA/NSA/Mossad/etc. because they don't have to kill you in a dark alley. They merely need to put child porn on your computer or phone and you'll wish you were dead once you get to prison.

    Yes yes I have no idea if he really was a pervo or not, but it seems suspicious how many similar cases also involve child porn. Unless there's some correlation we're all missing, that just doesn't pass the smell test given the (hopefully as low as it appears) percentage of pedophiles in the overall population.

    1. Claptrap314 Silver badge

      Re: Moral of the story

      Little biased sampling of the TLAs there. Any intelligence service is capable.

  23. IGotOut

    So.lwt me get this right..

    ...the backdoor is still there?

    I

    1. Inkey
      Trollface

      Re: So.lwt me get this right..

      Not just that they're shit at basic It security by the accountants presented above and in the article...

      Question is are yours big and brassy enough to take a crack at it and find out? Would hate for your server to suddenly have gross indecent material appear on it....

  24. Kane Silver badge
    Black Helicopters

    Question...

    ...what happened to the other 6 vaults?

    1. Anonymous Coward
      Anonymous Coward

      Re: Question...

      "...what happened to the other 6 vaults?"

      Well Vault 3 was over-run by Fiends and turned into a secure drugs den....

  25. Torchy

    I am............

    I'm Spartacus………...

  26. Anonymous Coward
    Anonymous Coward

    What's the problem anyway...

    ...does no one at the CIA realise ... "If you have nothing to hide; ......"

  27. GruntyMcPugh Silver badge

    I've only worked on one secure system,... but,.....

    .... this could not have happened within that architecture, and while I required some level of security clearance, the contents were not as important.

    So, our secure environment was VPNd off from the regular network and I had a separate credentials to authenticate to the VPN, and that was provided by a system I didn't have admin rights to, the network team managed that, so I wouldn't have been able to cover my tracks there, my access would have been time stamped. 2nd, the bit I looked after was in multiple tiers, and some servers could only be accessed from others, there would be three levels of access logs to clear. A lack of a login here would be a gaping hole when compared against the VPN logs. 3rd, we monitored the systems and got automated alerts if anything rebooted, stopped responding, etc.

    So we're supposed to buy into the notion that the system that was compromised was monolithic, and could be rolled back in it's entirety, and that it's not monitored, it could reboot or go offline and nobody would notice?

  28. -v(o.o)v-

    Logs could be modified? Really?? What kind of Mickey mouse operation is it? Beggars belief...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020