Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Former TSA Analyst Charged With Computer Tampering

samzenpus posted more than 4 years ago | from the let-me-fix-that-for-you dept.

Crime 109

angry tapir writes "A Transportation Security Administration analyst has been indicted with tampering with databases used by the TSA to identify possible terrorists who may be trying to fly in the US. If convicted, he faces 10 years in prison."

cancel ×

109 comments

Sorry! There are no comments related to the filter you selected.

Dismissed, Downsized, or Dismembered? (0)

Anonymous Coward | more than 4 years ago | (#31434160)

So was it poor performance, over staffed department, or scapegoat for a possibly security breach and/or coverup?

They missed "why?" (2, Interesting)

skids (119237) | more than 4 years ago | (#31434164)

Not that it matters for the court case, but most people are going to be asking "well what was he trying to do?"

Delete his girlfriend's name? Add the name of the guy who slept with his wife? I guess at least it leaves plenty of room for pointless speculation.

Re:They missed "why?" (1)

Pyrion (525584) | more than 4 years ago | (#31434258)

I'd think the answer is obvious here: "damage."

Re:They missed "why?" (4, Insightful)

JWSmythe (446288) | more than 4 years ago | (#31434634)

    That would be consistent with trying to support their case.

    I was once charged with careless driving, that a couple corrupt cops wanted to make into a serious case, and get another notch in their belts. The charges were just shy of attempted murder, where I could have run someone over, except for the fact that I was driving down an empty back road in rural nowhere, and there wasn't a person to be seen along the route. The lied the whole way, including claiming that my car flew. Well, more like a "Dukes of Hazzard" jump, except my car couldn't get out it's own way. They had "experts" testify that my car had been modified for racing, and I switched it back to claim innocence. That was tough for a 16 year old with no money. A couple years later they were officially charged and convicted of a whole slew of charges including falsifying evidence and other various nasty charges. In my case, the DA stood in front of a judge, and said that I was a danger to the safety of the citizens of the state and I should be held until the conclusion of the hearings. As the courts run, that would have put me in county jail for about a year. In the end, it was dropped to careless driving, and I was let off with probation and community service.

    So a single pesky word passed by the grand jury was done for the drama, and to influence their case. It doesn't necessarily reflect the facts. Then again, it may be a hint of what they have.

    All they said is that his job was to work on the servers and database. They said "knowingly transmitted code". Was it a shell script to maintain something? Was it a virus on his PC that accidentally got on there (pesky Windows networks and poor security)? Was it something nefarious? It'll come out in the real case, but this guy will be spending an awful lot of time in jail and court before it's proven either way.

    I hope for the sake of justice that this isn't another innocent man run through the system just to prove that he's innocent.

Re:They missed "why?" (1)

khallow (566160) | more than 4 years ago | (#31435160)

So a single pesky word passed by the grand jury was done for the drama, and to influence their case. It doesn't necessarily reflect the facts. Then again, it may be a hint of what they have.

Remember that a grand jury merely determines if there is cause for trial. The standard for evidence is very low. The word of a couple of corrupt cops or equivalent is sufficient evidence. The real trial is where things like that would come out (if it comes out).

Schoolteacher arrested for PC virus (1, Interesting)

Anonymous Coward | more than 4 years ago | (#31435162)

Some poor innocent woman was arrested and very nearly sent to prison for many years because all of the PCs in her elementary school classroom started displaying pr0n to the shock and amazement of all the little kids.

It took a lot of time and a lot of effort that shouldn't have been in any way necessary, but she was finally vindicated when an expert witness was finally able to demonstrate that the pr0n display was the result of every PC in the class having been 0wn3d by a virus.

Re:They missed "why?" (0)

Anonymous Coward | more than 4 years ago | (#31436464)

Fuck the police.
(-nwa)

Re:They missed "why?" (0)

Anonymous Coward | more than 4 years ago | (#31436778)

It'll come out in the real case

If the guy can afford a good lawyer, it might.

Re:They missed "why?" (1)

spydum (828400) | more than 4 years ago | (#31434348)

Presumably, read mail real fast.

Re:They missed "why?" (0)

Anonymous Coward | more than 4 years ago | (#31434358)

That's what trials are for, the prosecution would be absolutely foolish to speculate why when filing charges, and give the defense a chance to answer that in the press, and let the extremist wingbats (left and right) who dominate public opinion these days a chance to try the case in the media.

Re:They missed "why?" (1)

aldld (1663705) | more than 4 years ago | (#31434410)

I think I'd rather know exactly how he did it.

Re:They missed "why?" (5, Funny)

PPH (736903) | more than 4 years ago | (#31434424)

He was just searching for information about the infamous terrorist, Ahmed');Drop Table No_Fly_List;.

Re:They missed "why?" (1)

Opportunist (166417) | more than 4 years ago | (#31434552)

20 minutes and no link the the relevant XKCD comic? You're getting old, people...

Re:They missed "why?" (0)

Anonymous Coward | more than 4 years ago | (#31434680)

http://xkcd.com/327/

Re:They missed "why?" (0)

Anonymous Coward | more than 4 years ago | (#31435024)

best xkcd ever!

Re:They missed "why?" (1)

sheph (955019) | more than 4 years ago | (#31437050)

I have it posted in my cube, so why post it here?

Re:They missed "why?" (3, Funny)

Simon80 (874052) | more than 4 years ago | (#31434556)

Little Ahm-y tables, we call him.

Re:They missed "why?" (2, Insightful)

L4t3r4lu5 (1216702) | more than 4 years ago | (#31435916)

OMG! I have just the right xkc... Oh. I see what you did there.

Re:They missed "why?" (-1, Redundant)

martas (1439879) | more than 4 years ago | (#31434658)

oblig. http://xkcd.com/327/ [xkcd.com]

Re:They missed "why?" (1)

jonaskoelker (922170) | more than 4 years ago | (#31435998)

Don't forget his last name, --. As in Ahmed');Drop Table No_Fly_List; --

That name makes anything who follows him rather insignificant ;-)

Re:They missed "why?" (1, Interesting)

Opportunist (166417) | more than 4 years ago | (#31434540)

May I speculate wildly?

Some database hicckup happened that resulted in a slightly malformed database. The guy saw it, was enough of a guru to know the format and also how to fix it easily so it works again.

Presto database tampering.

Re:They missed "why?" (1)

dgatwood (11270) | more than 4 years ago | (#31434978)

My speculation would be more along the lines of "If I leak the entire no-fly list to the press anonymously, I'll be a hero, particularly once the public sees who is on it."

And that, my friends, is why I won't set foot through one of those damn full body scanners. There's somebody out there thinking, "If I create an anonymous video called 'Air Travelers Gone Wild', I'll be infamous." One cell phone camera is all it takes. Information, once placed in government hands, is as good as public knowledge---if not immediately, then eventually.

Re:They missed "why?" (1)

techno-vampire (666512) | more than 4 years ago | (#31435236)

Information, once placed in government hands, is as good as public knowledge---if not immediately, then eventually.

Except, of course, for all those conspiracies the tinfoil-hat brigade is certain they're covering up.

Re:They missed "why?" (1)

dgatwood (11270) | more than 4 years ago | (#31435290)

The longer something is "covered up", the less likely it is that there is any truth in the conspiracy theory. Once all the people potentially involved are dead, there's nobody left to confess on his/her death bed, and the odds are good that somebody will if a story is true, so I think the real-world upper bound is about 40-50 years.

Re:They missed "why?" (1)

Opportunist (166417) | more than 4 years ago | (#31435400)

So Kennedy is finally in the sweet spot, hmm?

Moonshot and MLK assassination are warming up in the back seats. We shall live in interesting times. ;)

Where's the security protocol? (5, Insightful)

guruevi (827432) | more than 4 years ago | (#31434168)

seven days after he'd being given two weeks notice that he was being dismissed

So, you have this super-secure database system that is really important so the country doesn't get overrun by terrorists and then you do this!

Re:Where's the security protocol? (4, Insightful)

WrongSizeGlass (838941) | more than 4 years ago | (#31434194)

Two weeks notice for someone with access to confidential or secure data is just a bad idea. If it's time for them to go then now is the time for them to go.

Re:Where's the security protocol? (3, Insightful)

Pyrion (525584) | more than 4 years ago | (#31434244)

Even if the system is required to give two weeks notice prior to dismissal, his access rights should be revoked the moment they've decided they're going to dismiss him. Let him collect a paycheck for two weeks without actually doing any work: since he's going to get fired anyway, why leave him in the position to do some real damage now that he's been given motivation?

Re:Where's the security protocol? (1, Informative)

Anonymous Coward | more than 4 years ago | (#31434710)

Places also just give you a check for those last two weeks (along with all the other money they owe you) and out the door you go- two weeks to job hunt while still on the payroll.

Re:Where's the security protocol? (1)

baegucb (18706) | more than 4 years ago | (#31436572)

That's why I usually give 3 weeks notice and have another job already lined up :)

Re:Where's the security protocol? (1)

L4t3r4lu5 (1216702) | more than 4 years ago | (#31435922)

Garden Leave [wikipedia.org] - You need it.

Re:Where's the security protocol? (4, Interesting)

JoshuaZ (1134087) | more than 4 years ago | (#31434248)

Not necessarily. If I still trust the person but can't afford to keep them due to a bad economy for example it isn't obvious that I should take them off of access to secure data. That's especially the case if in order to do the job they need access to the secure data (which isn't uncommon). Unfortunately, sometimes they need to train someone else to do the job and have the same problem. Sure in an ideal world, as soon as people got their two weeks notice they'd have no access to anything secure, but that's not generally doable. (To use an obvious analogy, if a bank teller gets a two week notice I don't think we expect the bank to not let them handle any cash for those two weeks).

Re:Where's the security protocol? (2, Interesting)

lazycam (1007621) | more than 4 years ago | (#31434320)

If you plan on letting someone go and you are a manager/administrator it's your responsibility to ensure the job gets done. Period. I don't care how much you trust the guy. You would be hard pressed to convince me this guy was the only person familiar with the system (of course this is our government). I'm sure the FBI or another agency would be happy to send in their expert for a time that risk a secure database from being compromised. Much cheaper than having to deal with the costs of say...another 9/11.

Re:Where's the security protocol? (2, Insightful)

Pyrion (525584) | more than 4 years ago | (#31434402)

Moreover, if you plan on letting someone go and that person has access rights to sensitive information, you take away those access rights immediately. No exceptions. If it means they can't do their job, who cares? You've already decided you're firing the person, why try to squeeze two more weeks of "work" out of someone who is at this point nothing more than a liability?

Re:Where's the security protocol? (4, Interesting)

tsstahl (812393) | more than 4 years ago | (#31434334)

To use an obvious analogy, if a bank teller gets a two week notice I don't think we expect the bank to not let them handle any cash for those two weeks).

No, I actually expect them NOT to handle money.

Pay them for their time, thank them for their service and humanely supervise their cubicle packing. They are still 'yours' during he severence period, so call them if you need to.

My employer trusts me. I have a good rapport with my boss. I also have access to data worth millions. If I were downsized tomorrow, i would expect to see HR, and maybe my desk one last time.

Re:Where's the security protocol? (5, Funny)

byornski (1022169) | more than 4 years ago | (#31434468)

Because you'd be really small?

Re:Where's the security protocol? (0)

Anonymous Coward | more than 4 years ago | (#31435082)

Good luck finding all their notes, docs, any passwords they set (yes, they change them without others being informed sometimes). The knowledge they have may to pass on may make it far better to let them go gently.

Re:Where's the security protocol? (1)

khallow (566160) | more than 4 years ago | (#31435124)

Good luck finding all their notes, docs, any passwords they set (yes, they change them without others being informed sometimes). The knowledge they have may to pass on may make it far better to let them go gently.

I bet they're paid during the severance period precisely for this reason. And this is the gentle way to do it. They get far fewer opportunities to go to prison, for example.

Re:Where's the security protocol? (1)

mysidia (191772) | more than 4 years ago | (#31435324)

The policy on how to handle employees being terminated should be accompanied with a policy about changing of passwords and access codes, requiring thorough documentation of changes (including codes changed and the new code), AND review of all changes by an immediate peer.

Re:Where's the security protocol? (4, Insightful)

plover (150551) | more than 4 years ago | (#31434392)

If you can't afford to keep them due to the bad economy, you can bet that they're still full of irrational emotions about being let go. It really doesn't matter what the real true reasons are or how well they're documented, a laid-off person will still take it personally. It may be professional pride, or shame, or some other feelings like "if only I had done more, they would have kept me instead of Joe," or a mix of all of the above. It hurts, it's confusing, and it's very very personal.

Being laid off can be seen by the employee as a strike at the very core of their ego. Even a well-balanced person can respond irrationally. So you never, ever, let them back near sensitive data or systems after the layoff. It's heartless and cold, and you're a total shit for doing it, but you have to do it anyway. Or this happens, and it's completely his boss' fault for not escorting him to his desk and out the door immediately. Think about it: this guy is going to prison because his boss didn't have the balls to walk him out when he had the chance. Nice.

Re:Where's the security protocol? (5, Insightful)

timmarhy (659436) | more than 4 years ago | (#31434516)

no no no no. it's his own fault for being a stupid douche and tampering with shit he knew damn well he shouldn't be tampering with. attemping to make this his boss's fault for trusting him is just a classic symptom of today's society lack of personal responsibility. it's alllllways somebody elses fault right?

i do agree they should have shown him the door right away, but it's his own faul he is in this mess, not his boss.

Re:Where's the security protocol? (2, Insightful)

plover (150551) | more than 4 years ago | (#31434586)

Yes, it's his own fault. He attempted to mess around with their data. And for that, he will deserve whatever punishment they give him.

But it all could have been avoided if his boss had the stones to do what we all know he should have done. Not following this procedure is like handing car keys and a bottle of whiskey to an alcoholic, and then wondering why he got a DUI.

Re:Where's the security protocol? (1)

timmarhy (659436) | more than 4 years ago | (#31435852)

are you suggesting he is addicted to tampering with data or something? not that i think and alcoholic has any excuse either, but it's not on the same level.

I think his boss should get a large sharp pineapple inserted into him, but he isn't responsible for this guys actions, merely for his own failure.

Re:Where's the security protocol? (1)

sjames (1099) | more than 4 years ago | (#31434696)

Unless, of course, they just ASSuME it's him because he had a motive that they know about. Or they have a problem, no idea who it is or even if it's internal or external, and need someone expendable to blame it all on. Nobody is more expendable than someone who will be gone in 2 weeks anyway.

Re:Where's the security protocol? (0)

Anonymous Coward | more than 4 years ago | (#31434830)

i do agree they should have shown him the door right away, but it's his own faul he is in this mess, not his boss.

And his boss should be out the same door five minutes behind him.

This is a required topic on day one of any security class. From the moment notice is given, the employee is never out of sight of someone in authority.

This, of course does not address the truth of the charges.

You think that asking for trouble is a good idea? (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31435012)

> no no no no. it's his own fault for being a stupid douche and tampering with shit he knew damn well he shouldn't be tampering with.

More than one person can be at fault here. Nobody is arguing that it's not this guy's fault. Maybe you think it's a good idea to stand on the train tracks all day and whine about how any decent conductor should be paying enough attention to stop, but most people would say that you're asking for trouble.

Trying to get off the hook for not stopping foreseeable problems is just another way of dodging personal responsibility while claiming not to. Playing victim doesn't help, either.

Re:Where's the security protocol? (1)

houghi (78078) | more than 4 years ago | (#31436134)

It happend to me and I was fine untill they took away my red stapler.

Re:Where's the security protocol? (2, Insightful)

nedlohs (1335013) | more than 4 years ago | (#31434438)

No way. If they get two weeks notice then they get to spend that two weeks being paid to not come to work.

Even if they were the perfect employee, the risk that they are now disgruntled due to not having a job anymore is too high. Even if the risk is 0, you want a policy in place so that idiot managers don't screw up like this.

You better be able to cope without them, after all they could quit and walk out tomorrow, crash the car driving to work and die or be in a coma for the next 6 months, get arrested for murdering a neighbor last week and have to spend time away from work in jail, etc, etc.

Re:Where's the security protocol? (0)

Anonymous Coward | more than 4 years ago | (#31434954)

You better be able to cope without them, after all they could quit and walk out tomorrow, crash the car driving to work and die or be in a coma for the next 6 months, get arrested for murdering a neighbor last week and have to spend time away from work in jail, etc, etc.

Damned right.No one wants to "waste the time" cross-training any more.

When I got laid off, I was in charge of a couple of unix systems. It was otherwise a windows shop. The last time I set passwords, I emailed them to my boss, his manager and the manager's director.

I did it again the day I left. Naturally there was a multiple power drop three months after I left, the servers didn't come up correctly (no UPSes, the dummies) and they called me for the passwords. All three had deleted the emails.

Being a nice guy (and thinking I might still need job references), I sent them the passwords.

They had also had me set up processes, but never included time for anything except the sketchiest documentation.

Eventually I decided to retire instead of looking for another job. That day, I forgot everything I knew about the place. I also set my consulting rates at $500/hour (minimum 4 hours) for remembering, documenting or reconstructing.

Re:Where's the security protocol? (1)

Miseph (979059) | more than 4 years ago | (#31434466)

As a bank employee, I have absolutely no reason to believe that I would ever be given 2-weeks' notice. In fact, I know of a few people who were shit-canned for whatever reason, and none of them were given any notice at all... an e-mail is sent out to the effect that they are not to be spoken of, and they never show up again.

I've seen the same happen in retail, not with regular grunts who couldn't do any serious damage if they wanted to, but anyone with access to keys or confidential information (ie. management) has their credentials revoked, any company property confiscated, and are escorted from the premises by security.

And no, I'm not talking about anywhere with serious security clearance or anything... this is a small local bank, and mass-market retailers. I'm sure that once you get into serious corporate roles or other high-security fields, things get even more paranoid. I'm stunned that the TSA agent in question was ever given such an opportunity.

Re:Where's the security protocol? (1)

timmarhy (659436) | more than 4 years ago | (#31435874)

i've seen it as well a few times now. they disappear into their boss's office, then it's out the door right after that. just easier to get rid of them.

Re:Where's the security protocol? (4, Interesting)

Opportunist (166417) | more than 4 years ago | (#31434610)

No. No! You can NOT trust that person anymore, sorry.

I spent my time in bank auditing. High security levels, very high security standards applied, you don't even want to know where they checked me and my background... anyway. The standard procedure for layoffs (independent of which side terminated the contract) was to let the person go IMMEDIATELY. Not at the end of a two week period, not even the end of the day. IMMEDIATELY. You clean out your desk now, two people at your side watching your fingers, protocoling your actions. You are not working here anymore the very nanosecond the contract end has been signed.

This is by no means an "instant dismissal", by the negative notion of it, neither was it in any way seen as such. It's also not a matter of trust, many of the people I cleaned out with were good, honest, decent and hard working people (what they did in bank auditing in the first place seems odd... but I ramble). It's a matter of principle and a matter of absolute security. To illustrate this, usually a nice little "good bye party" was hosted the evening to show that this person was not "fired out the window", it was just necessary due to secrecy.

This served a few purposes. First of all, to minimize the threat that someone could give himself a nice "severance package" and take a few infos with him to pass on to some newspapers who would pay handsomely to have some banks financial reports a few months before some shit hits fans. Insider trade is also a big issue since it's tempting to give out "interesting" details and, well, what should they do to you for doing it, fire you? Not to mention that the IT had pretty much total access to ALL financial information of any customer or banks themselves, nothing you want to see backed up and taken home.

It was a win-win for everyone. The auditing company could rest easy and be sure that nobody gives out info, and you got 6 weeks extra weeks of full payment that you could spend entirely on looking for something new to do instead of looking busy working while actually studying the classifieds.

Re:Where's the security protocol? (2, Insightful)

Jah-Wren Ryel (80510) | more than 4 years ago | (#31435130)

This served a few purposes. First of all, to minimize the threat that someone could give himself a nice "severance package" and take a few infos with him to pass on to some newspapers who would pay handsomely to have some banks financial reports a few months before some shit hits fans.

That's a two-edged sword. The fact that you instantly terminate people is going to be well known to all employees. It only takes half a brain to prepare for it - if the guy is crappy at his job to begin with, he probably expects to be fired at any time; if the company isn't doing so good - maybe there has been a previous round of layoffs - then everyone will consider themselves a candidate for the axe. So you end up in a situation where the crafty people pre-arrange things - maybe they leave a timebomb in the code that they routinely disable as long as they are on the job - maybe they set up cron job to mail a "few infos" to some anonymous email drop point unless they manually abort the job, etc, etc.

My point being that instantly terminating access provokes your less trustworthy employees to take proactive measures while they still have maximum trust. It may even increase risk because one of these guys might get hit by a bus and the corp would get hit by the automated sabotage even though they didn't fire the guy.

Re:Where's the security protocol? (2, Insightful)

Opportunist (166417) | more than 4 years ago | (#31435378)

You cannot eliminate risk. But you can minimize it. And, bluntly, if someone expects to be fired, he should either be better at his job or he shouldn't be there in the first place.

Also, without going into detail, we had security precautions against this kind of thing. You're talking about one of the most paranoid businesses on this planet. You don't think that you do anything unsupervised in this environment, do you?

Re:Where's the security protocol? (1)

Jah-Wren Ryel (80510) | more than 4 years ago | (#31435794)

And, bluntly, if someone expects to be fired, he should either be better at his job or he shouldn't be there in the first place.

Irrelevant from a risk reduction standpoint.

You don't think that you do anything unsupervised in this environment, do you?

It certainly can't be any more supervised than after an employee is given notice.

Guys, where do you work? (0)

Anonymous Coward | more than 4 years ago | (#31436152)

- Timebomb on the code? Is nobody auditing new in-house code?

- email by cronjobs? Are you not auditing your cron jobs? (at.allow, at.deny and from there automated tools, both inhouse and commercial to raise flags when somebody changes a cron job).

You can't secure everything to perfection, but boy, you are assumming that companies leave open the obvious holes for exploits (well, not the ones I work with, but that is why nobody buys me lunch: I am not lax with my employer's security).

Re:Where's the security protocol? (0)

Anonymous Coward | more than 4 years ago | (#31435394)

Yea- let me tell you something. I did allot of damage wayyy long before I left this one company I worked for. Sort of. I didn't do anything with it until after I left though. Even after I left I didn't do anything with it that caused dammaged. It was WAY long after I left that damage occurred from the the info I stole. I knew they'd eventually can my ass. Yea.. I HAD a good relationship with my one boss right above me.. but I had another one that was above him who was only so-so happy with me. Mostly because he was a shitty boss and didn't know do squat himself. He wasn't good at his own job. He didn't confront you about anything-but he'd be frustrated with you. I was one of his best employees.. a little too good you might say which I think made him suspicious too. With good cause. He had no reason to get rid of me for the longest time as a result but he never trusted me. He just couldn't figure out what I was doing working for a shit salary when I clearly had $$$$ and had turned down real jobs elsewhere. He finally found out I had my own company that competed with the company I worked for :)

Goonies.... (0)

Anonymous Coward | more than 4 years ago | (#31436110)

In banks serious about security SAs and DBAs can't see the data on the machines and databases they are administering.

Encription tehcnology and role based privileges have been there for a while already (no, not in Windows I believe, but I may be mistaken), so why it is not being implemented?

Re:Where's the security protocol? (2, Interesting)

Anonymous Coward | more than 4 years ago | (#31436416)

Not always. When I got laid off in the third round of layoffs at a big company, I was furious. (Three department heads screamed murder when they found out I was leaving: two tried to hire me back on Monday, for their own departments. I'd been blocked from transferring by a new supervisor who should have been the one laid off, and the old supervisor kicked back downstairs from VP status.) But my supervisor, consulted with me on how to clean up projects and where things were, and I was left alone to clear my desk and my work product. (They'd tried to block my email and login access. I'd been submitting bug reports on flaws in their security for a year, and my supervisor knew I was still active, so I think that legally I was fine.)

So while cleaning my desk, I backed up all my current, development work on CD and gave him 2 copies, just in case the source control and backup people flushed my data. (it was awating QA to stop missing releases to go in the main codeline, and for a particular developer not to be at a meeting where it would be inserted over his screaming.. God invented working Makefiles and dependency trees for a *reason*.) A month later, he called me and begged, very nicely, for another copy, praying I'd brought a copy home because he'd lost the CD's and sure enough, they'd flushed my work. So I told him where to find the copy I'd taped behind the second drawer of *his* desk.

If he hadn't let me leave gracefully, he'd have lost a stack of critical work, and not had the resources to recreate it for another six monhs.

Re:Where's the security protocol? (1)

mysidia (191772) | more than 4 years ago | (#31435284)

To use an obvious analogy, if a bank teller gets a two week notice I don't think we expect the bank to not let them handle any cash for those two weeks

Bank tellers and all their actions can easily be watched for obvious attempts to commit a crime, and it should be immediately obvious to the manager if the teller attempts to steal anything.

If they have the combination to the vault, access cards to a secure area, building keys, or any alarm combination, it will probably be changed just after they get the news, and be up to security staff to grant access when needed.

necessarily. If I still trust the person but can't afford to keep them due to a bad economy for example

Ah. But how well do you really know them, and how sure are you that you can trust them fully in such an extreme situation?

If they do something you don't like that hurts you (but isn't technically illegal)... after that point, what are you going to do, fire them?

Unfortunately, sometimes they need to train someone else to do the job and have the same problem.

You should have thought about that long before deciding to fire them. They know they are going, and they have little incentive to properly train someone else, which for any really complicated job takes more than 2 weeks to do anyways. Why should they want to do that for you, really?

Most likely you'll instead get some sort of half-hearted training from them, either because they intentionally hold back, or because they're so disturbed by the news, that they won't do a good job training someone, even if they want to.

Re:Where's the security protocol? (0)

Anonymous Coward | more than 4 years ago | (#31435956)

Good security means databases cannot be tampered with - no ifs or butts.
You got backups, baselines, and you do compares,and have logs and journals - real DBA's know they will get caught and behave. In fact it pays them handsomely to stay bloated, so endless overtime for 'reorgs' occurs.

Was he
1) Removing a lock - sometimes things get stuck and you have to manually remove locks when idiot users turn off their computers or a server dies - restart flag.
2) Doing a change: Schema modifications
3) FTPing the update list per normal.

The correct way to ruin things is
1) Lodge a departing DBA / Change passwords change, exit checklist - by the book.
2) Call security .Walk out the door on the spot - citing security protocol, and call security to implement change - get passwords changed, and the ones in the safe.
3) New guy does not have clearance yet, not added to firecall either.
4) Security is your friend. Now if something goes wrong - nobody can fix it.

Lesson: All DBA's tamper - otherwise no work would get done, and there would be huge downtime. If business as usual, I'd sue. If he did something stupid, then his manager has to go as well.

Re:Where's the security protocol? (2, Insightful)

timmarhy (659436) | more than 4 years ago | (#31434314)

i agree. after the stink the TSA has kicked up about how important security is, i don't give a fuck what excuse they have for letting this guy keep his access after he's been given notice. it's just plain wrong.

Re:Where's the security protocol? (1)

techno-vampire (666512) | more than 4 years ago | (#31435276)

after the stink the TSA has kicked up about how important security is

Look: we all know that the TSA's job isn't security as such, it's security theater.

Re:Where's the security protocol? (1)

Stephenmg (265369) | more than 4 years ago | (#31434452)

We revoke network access where I work if your suspended. This guy was being fired and they let him continue to work?

Re:Where's the security protocol? (0)

Anonymous Coward | more than 4 years ago | (#31434854)

That's why you plant backdoors while you do have access. You never know when you'll need to knock out an ex-company for a day or so. If the company treats you fairly, then you can part ways peacefully. If the company mistreated you, confidential company records "mysteriously" get spread across the net and random data suddenly gets corrupted.

Re:Where's the security protocol? (1)

sheph (955019) | more than 4 years ago | (#31437096)

Maybe his boss sent him to the basement to get rid of the roaches. Could've been worse. He could've blown the place up.

Re:Where's the security protocol? (0)

Anonymous Coward | more than 4 years ago | (#31436352)

Two weeks notice for someone with access to confidential or secure data is just a bad idea. If it's time for them to go then now is the time for them to go.

It depends on the maturity level of the individual. I know plenty of people who, while pissed off at what happened, would be professional enough not to fuck around with things.

Personally I hope I would be mature to be one of those people as well.

Re:Where's the security protocol? (1)

Kjella (173770) | more than 4 years ago | (#31436404)

I know that it happens sometimes in Norway too on very critical systems or when fired for cause, but this whole idea that Americans seem to think is natural is really absurd to me. My resignation period is 3 months and I'm in the middle of it now. Still got my admin logins, all my server logins, the same intranet access I've always had. Two weeks is nowhere near enough to find a serious job, personally I spent about 1.5 months from application to contract going through interview rounds and negotiations. Now I did all that before I resigned, but if I was let go it'd be about the same, I'd likely have another job ready when I left my old job. I've already done quite a bit to transfer things to the rest of the team and on Monday someone new starts - I was even one of those interviewing her - that I'll be teach for the next month and a half.

The US system remains me of being clubbed in the head for both parties. So you come there, expecting just to finish up for the weekend and you get called into a short meeting - because Friday is the day you're least likely to come back and go postal and it hits you WHAM! in the back of your head. Guards to escort you out and before you know it you stand there on the street thinking "What the fuck? What the FUCK just happened?" like being struck by lightning from a clear blue sky. Unless you're one of the few who'd people hire on the spot, you most likely just took a financial WHAM! in the back of your head on top of the mental one too. So how exactly are you supposed to feel about your employer after being kicked to the curb? "Thank you sir, may I have another sir."?

I can't really imagine it being much better for the employer, particularly if they have to escort you off the premises the moment you hand in your resignation. I mean there's no job description that lists everything I do. There's no organized documentation that says "this is how to do my job" - and I'd be mighty suspicious is someone asked me to write one. There'd be no replacement, it'd all be like a sudden cave-in where you hope those around will fill in the gaps as best they can. Managers are hostile to workers on resignation exactly because it hits them WHAM! in the back of the head, throwing all those neat little plans they had into chaos. They have to deal with their bosses, annoyed clients or customers, try to reschedule allocations and because it happens so fast things always get lost in the process. Planning to do without me three months out is nowhere near the same issue.

Now, you might ask what's keeping me from slacking and just not doing my job now? Not really much more than my reputation and professionalism I guess, but it seems to be enough for almost everyone here right down to the retail clerks. Why then is it so different from the US? I think because of the references, in the US you can't normally get a company to do more than to confirm your employment dates and barely that. Here you can actually get people talking to you, and your reputation travels without the risk of a multi-million groundless lawsuit on your ass. It's expected that you provide charatcter references from people that have worked with you in the past or been your boss in the past or been your client in the past. Not to make it sound like we've gone to the other extreme and run on gossip, but the truth has a way of getting around I think is lacking in the US. It certainly seem to work well here.

P.S. Normally companies know long in advance they have to lay off people. It's very rare that they need to lay off people on two weeks notice because the market collapsed right here and now without warning.

Re:Where's the security protocol? (3, Insightful)

v1 (525388) | more than 4 years ago | (#31434330)

Does make one wonder if the PHB that decided to give notice to a disgruntled employee with sensitive access will be held accountable for his stupidity? Oh wait, what am I thinking?

Someone needs to give his ex-manager an education by example of how to can someone safely.

Re:Where's the security protocol? (4, Interesting)

Maxmin (921568) | more than 4 years ago | (#31435222)

The whole thing smells fishy: the indictment [mnginteractive.com] 's first odd bit is its vagueness about what Duchak was up to, specifically. No details.

The second weird thing is that DOJ doesn't want him held - no bail mentioned (nor in any newstory that I've found), and the "will not seek detention" box is checked on the indictment form (pre-trial detention.)

Likewise, the indictment says "five days or less" for the trial duration. I once sat for a sexual assault trial, and despite being an open-and-shut case of guy-grabs-coworkers-boobs-in-front-of-witnesses, it lasted 4-1/2 days.

Three federal agents are listed, you can bet their affidavits spell out more of what he did... and they don't appear to be online. Further searching, looks like there's absolutely nothing within .gov that bears our Duchak's name.

Under other circumstances (and administrations), this might have been a highly-touted smackdown in the war against whatever. Not so here...

But hey! There's a Douglas James Duchak listed in the whitepages [anywho.com] ...

Let's see if he can fill us in...

Re:Where's the security protocol? (1)

AK Marc (707885) | more than 4 years ago | (#31436204)

And the news reports are contradictory. Some would indicate he was making database edits, other refer to direct sabotage of the "computers" which is either so sloppy as to be incorrect, or indicating he was doing things like loading keyloggers on computers that used the database or other such things. It's hard to get a clear idea when the reports are not consistent and the actual allegations aren't released. I'd like to know why he did it, but even more important is what he actually did (or is accused of doing), and we don't even know that.

Re:Where's the security protocol? (1)

clarkkent09 (1104833) | more than 4 years ago | (#31435740)

Yeah, they should have fired him on a Friday. Studies have statistically shown that there's less chance of an incident if you do it at the end of the week.

Re:Where's the security protocol? (0)

Anonymous Coward | more than 4 years ago | (#31436536)

You gain an extra day, Clark

--
your boss

Re:Where's the security protocol? (1)

JamesP (688957) | more than 4 years ago | (#31436744)

So, you have this super-secure database system that is really important so the country doesn't get overrun by terrorists and then you do this!

It's probably an Access database and Clippy told them something was fishy...

Where are the terrorism charges? (4, Insightful)

holdenholden (961300) | more than 4 years ago | (#31434178)

If I did the same thing I would be accused of violating DMCA, across federal borders, with intent to destabilize the National Security. I would be lucky to get away with a life sentence without parole. This guy is getting as much as somebody stealing a really big TV.

Re:Where are the terrorism charges? (0)

Anonymous Coward | more than 4 years ago | (#31434518)

Ever heard the saying, 'never attribute to malice what can be attributed to incompetence'? Have you noticed who's working for TSA these days?

Re:Where are the terrorism charges? (4, Funny)

Opportunist (166417) | more than 4 years ago | (#31434638)

Hey, he just messed with a database containing your personal info. He didn't download a movie for crying out loud!

Re:Where are the terrorism charges? (1)

mandelbr0t (1015855) | more than 4 years ago | (#31434786)

Yea, but YOU didn't get to write the laws. Funny how "unlawful" can sometimes be synonymous with "unpopular". Given enough emergency powers and enough time, they are no longer synonyms.

Re:Where are the treason charges? (1)

Dr Herbert West (1357769) | more than 4 years ago | (#31435488)

really, I'd like to know-- does this fall under that category? INAL....

Finally, some liability? (3, Interesting)

Wayne247 (183933) | more than 4 years ago | (#31434236)

It's about time that a TSA agent steps over the line enough for the justice system to finally react and hit back. So far the TSA has been running their own show and making up their own laws so much that I became genuinely scared of passing through the USA on my next trip.

Re:Finally, some liability? (1)

causality (777677) | more than 4 years ago | (#31434340)

It's about time that a TSA agent steps over the line enough for the justice system to finally react and hit back. So far the TSA has been running their own show and making up their own laws so much that I became genuinely scared of passing through the USA on my next trip.

The TSA agent is being charged with tampering with a TSA system. The TSA just decided that he's not one of them after all and is merely trying to secure their own interests and make an example. I doubt this will stop their authoritarian attitude towards airline customers. I'd like to be wrong about this, however.

He's not a TSA agent (1)

wiredog (43288) | more than 4 years ago | (#31436578)

He's a data analyst, or maybe a sysop (the article is a bit light on the details), but not an agent. And he's not the first one of those to go off the reservation and get smacked. Happens a couple times a year, and gets reported here.

Public knowledge (1, Interesting)

Darkness404 (1287218) | more than 4 years ago | (#31434292)

If things like this were public knowledge similar to "most wanted" lists, perhaps abuses like this wouldn't happen. Secret lists will only lead to more abuses the more we rely on them.

If he is convicted of actually aiding terrorists (0)

Anonymous Coward | more than 4 years ago | (#31434296)

He could lose a small part of his pension.

Aiding the enemy (0)

DigiWood (311681) | more than 4 years ago | (#31434338)

Aiding the enemy during a time of war is considered treason and according to US laws treason is punishable by death. NOT prison. http://en.wikipedia.org/wiki/Article_Three_of_the_United_States_Constitution#Section_3:_Treason [wikipedia.org]

Re:Aiding the enemy (0)

Anonymous Coward | more than 4 years ago | (#31434370)

This is not a "time of war"; the War on Terror is a buzzphrase, same as the War on Poverty and the War on Drugs.

Re:Aiding the enemy (0)

Anonymous Coward | more than 4 years ago | (#31434426)

Yes, but it be nice if, for once, this twisted reasoning was applyed to them.

Re:Aiding the enemy (1)

Killer Orca (1373645) | more than 4 years ago | (#31434384)

Aiding the enemy during a time of war is considered treason and according to US laws treason is punishable by death. NOT prison. http://en.wikipedia.org/wiki/Article_Three_of_the_United_States_Constitution#Section_3:_Treason [wikipedia.org]

I believe the legal term here is "light treason".

Re:Aiding the enemy (4, Insightful)

Drgnkght (449916) | more than 4 years ago | (#31434412)

War? What war? Did Congress declare war while I wasn't paying attention?

Re:Aiding the enemy (0)

Anonymous Coward | more than 4 years ago | (#31434484)

We are holding people as enemy combatants, something you only do in a time of war, so must be a war going on.

Re:Aiding the enemy (0)

Anonymous Coward | more than 4 years ago | (#31435260)

War? What war? Did Congress declare war while I wasn't paying attention?

No, but a whole bunch of Muslim preachers did.

Re:Aiding the enemy (1, Troll)

dbIII (701233) | more than 4 years ago | (#31434476)

No, treason is playing Chess against a Russian.
Selling guns to Iran or helping terrorists is patriotism.

Re:Aiding the enemy (2, Interesting)

Daniel Dvorkin (106857) | more than 4 years ago | (#31434612)

And desertion by members of the armed services in time of war is punishable by death, and yet somehow George W. Bush was never court-martialed, convicted, and appropriately sentenced. Sometimes the system works, sometimes it doesn't.

Desertion "in time of war" (1, Informative)

Anonymous Coward | more than 4 years ago | (#31434718)

And desertion by members of the armed services in time of war is punishable by death, and yet somehow George W. Bush was never court-martialed, convicted, and appropriately sentenced.

Neither are the ~50 soldiers who are chaptered out for desertion at the Personal Control Facilities at Ft. Sill and Ft. Knox every week.

The article is like a Progress in Iraq press repor (3, Insightful)

Antique Geekmeister (740220) | more than 4 years ago | (#31434414)

It makes a claim without any relevant details. For example, if this former employee were doing a normal security assessment to file a report on what they need to lock down after he's gone, one which his new boss didn't ask for or understand as appropriate security practice, he could face exactly these kind of charges. Or if he were plugging a hole used by the NSA for warrant-free tapping and injection of data, knowing that the hole was a constitutional violation mandated by his previous boss, and whose discovery and protest over its existence was the reason he was fired, I'd applaud his desire though not his means to plug such a hole.

Let's be quite clear: the TSA has inherited bad staff, bad bureaucracy, and bad guidance from the White House itself down to all the agencies it was created to oversee and merge and which it has profoundly failed to coordinate. The result is a security and policy nightmare, the kind of political football that incompetent middle managers flock to because it's so hard to close, and it's so hard to actually measure its work product. I'm not surprised that an employee being terminated was mishandled, or misbehaved by the agency's standards. But the agency engages in so much blatantly civil rights abuse that it's unreasonable to believe its claims of cyber attack without far more detail about what was attacked, and why.

Re:The article is like a Progress in Iraq press re (1)

georoamer (909704) | more than 4 years ago | (#31436600)

The TSA doesn't oversee other agencies, that's Homeland Security. TSA is only responsible for the security of flights originating in the U.S. It sound like this guy was responsible for reviewing information from other agencies watch lists and determining if such information properly should be included in the TSA don't fly list. Such analysis is valuable because it prevents the database from being filled up with irrelevant junk. I wonder if he just decided to clear his desk by dumping all the records he received from the US Marshal's Service Warrant Information Network into the TSA database. That may have included record info that should not have been disclosed even to TSA employees. Yeah it's pretty stupid, but it's not treason. And yes, his access should have been pulled days before.

Not justified (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#31434566)

He must not get punishment as whatever he did , his intentions were not bad. http://www.articlesbase.com/health-articles/new-life-cleanse-reviews-colon-cleansing-formula-1964637.html [articlesbase.com]

Re:Not justified (2, Funny)

shermo (1284310) | more than 4 years ago | (#31434688)

Sorry, I'm not clicking anything that has 'colon' in the url. I learnt that the hard.

2 weeks notice? (1, Informative)

Anonymous Coward | more than 4 years ago | (#31434708)

If someone is going to be a problem, you can just let them go in most states. If you feel bad about letting them go, give the 2 weeks pay. You don't have to and you can let them go any time.
People think there is some mythical 2 week rule. No mater where you work, you could be let go tomorrow for any reason without notice.

So if this guy was some kind of problem they should have just given him his walking papers. If it was something else, well they are just stupid anyway.

Innocent until proven guilty (2, Insightful)

OrwellianLurker (1739950) | more than 4 years ago | (#31435298)

Seriously guys? We read an unsubstantiated claim of "computer tampering" and automatically assume that he's guilty of treason or something equally malicious? The indictment was incredibly vague and we have little to go on.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?