• Bahnd Rollard@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      10 days ago

      IT work is feast or famine.

      “IT people, your not doing anything, what the hell do we pay you for?”

      “IT people, everything is on fire, what the hell do we pay you for?”

  • Cinder Bloc @lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    10 days ago

    Every person that has worked in a sysadmin type role, has joked about doing something like this. Very few actually carry through with it. So, in a way, I kinda like this guy for actually doing it, even if he didn’t cover his tracks very well.

  • partial_accumen@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    11 days ago

    A 55-year-old software developer

    … and…

    Lu had worked at Eaton Corp. for about 11 years when he apparently became disgruntled by a corporate “realignment” in 2018 that “reduced his responsibilities,” the DOJ said.

    So he was 48 at the time he started this. Was he planning on retiring from all work at 48? I can’t imagine any other employer would want to touch him with a 10ft (3.048 meters) pole after he actively sabotaged his prior employer’s codebase causing global outages.

  • GhostlyPixel@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    11 days ago

    This kill switch, the DOJ said, appeared to have been created by Lu because it was named “IsDLEnabledinAD,” which is an apparent abbreviation of “Is Davis Lu enabled in Active Directory.”

    Lu named these codes using the Japanese word for destruction, “Hakai,” and the Chinese word for lethargy, “HunShui,”

    [Lu]’s “disappointed” in the jury’s verdict and plans to appeal

    No, this guy is cooked, there’s even evidence of him looking up how to hide processes and quickly delete files, absolutely no way an appeal would work out for him, I don’t think an “I got hacked” argument is going to work.

    • rottingleaf@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      11 days ago

      I take it he hasn’t heard about “hiding things in the open”.

      That would be, for example, using a constant of some near year in “end time” column meaning unfinished action.

      Or just making some part that will inevitably have to be changed - “write-only”, as in unreadable. Or making documentation of what he did bad enough in some necessary places that people would have to ask him.

      So many variants, and such obvious stupidity.

    • snf@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      11 days ago

      It’s actually kind of worrisome that they have to guess it was his code based on the function/method name. Do these people not use version control? I guess not, they sure as hell don’t do code reviews if this guy managed to get this code into production

      • TAG@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        10 days ago
        1. I assumed that the code was running on a machine that Lu controlled.
        2. Most companies I have worked at had code reviews, but it was on the honor system. I am supposed to get reviews for all the code I push to main, but there is nothing stopping me from checking in code that was not reviewed (or getting code reviewed and making a change before pushing it). My coworkers trust me to follow the process and allow me to break the rules in an emergency.
    • db2@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      11 days ago

      It would only work if he owned the code and the company stopped paying. There’s lots of precedent for that.

      • Lv_InSaNe_vL@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        11 days ago

        Still probably not. The code also deleted files, deleted accounts, and created infinite loops which took down large chunks of the network and infrastructure.

        You could take your code, but you can’t take down the company.

    • IHeartBadCode@fedia.io
      link
      fedilink
      arrow-up
      0
      ·
      11 days ago

      Oh yeah, but the thing that usually offsets the intrusive thoughts is a lot of courts treat this as the crime of “hurting rich people” which comes with like 30 years in pound you in the ass penitentiary.

      • peoplebeproblems@midwest.social
        link
        fedilink
        English
        arrow-up
        0
        ·
        11 days ago

        Oh. Personally for me it’s code reviews that prevent me from doing it, but pound you in the ass penitentiary is a good motivation too

        • WetBeardHairs@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          0
          ·
          11 days ago

          The secret is get promoted to where you do the code reviews. Then just get too busy to do them reliably. Timebomb activated.

  • Toes♀@ani.social
    link
    fedilink
    English
    arrow-up
    0
    ·
    11 days ago

    Reminds me of the timebombs in windows 2000. I guess he’s forced to start fresh.

  • AA5B@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    11 days ago

    I’m disappointed they found so much in his search history. Do these people not have phones? In this day and age with everyone carrying a smartphone, there’s no excuse for using work computers for personal activities

    • kautau@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      11 days ago

      Did it say they went through his work search history? Everything you search on Google with your IP or through your account is recorded, in case law enforcement knocks. Don’t think using a phone protects you. Use a trusted VPN in a separate browser if you want to search for things and not have them show up in court.

      • AA5B@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        10 days ago

        I think that what happens on a work computer, a work network, belongs to the company and they are free to check it at will.

        However my phone, and what happens on the network it’s attached to are between me and my provider, and usually needs a warrant for someone to look through.

    • UnderpantsWeevil@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      11 days ago

      In this day and age with everyone carrying a smartphone, there’s no excuse for using work computers for personal activities

      There are plenty of reasons, mostly amounting to “Nobody tends to give a fuck” and “I’m not running out to buy a second high end laptop just to casually browse the web from my couch on the weekend”.

      What you’ve got is a very poorly enforced, very draconianly executed set of deliberately vague and inarticulate rules that vary from company to company. And none of that really has anything to do with the “kill switch” thing. In the same way you might say “Well but obviously nobody should smoke weed in a state that criminalizes it! That’s just stupid!” when you’ve got the police tearing apart a particular person’s house for a completely unrelated issue, based on an officer’s exclamation of “I smell weed!” at the front porch.

      Just accept you live in a police state and stop buying into excuses made to surveil and punish.

      • AA5B@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        10 days ago

        I’m not running out to buy a second high end laptop just to casually browse the web

        Even the cheapest laptop or tablet will cover that need

        But when you’re at work, planning criminal activities, the least you can do is save your searches for “how to be a criminal mastermind” on your personal phone

  • Vanth@reddthat.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    11 days ago

    Initially makes me wonder how the employer could be so dumb as to give one employee so much access. But then I remember a former employer of mine did the same and worse.

    Colleague was known for writing his comments in such a way that only he could read them, including mixing in German (US based company doing all business in English). He was also the admin of our CAD system and would use it as leverage to get his way on things, including not giving even default user access to engineers he didn’t like. We migrated systems and everyone was thinking, “this is it, the chance to root this guy out of the admin position” and… they gave him admin access again. Not even our IT department had the access he had. I left before the guy retired / was fired, this post is making me wonder if he left peacefully or left bricking the CAD system out.

    • jaschen@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      11 days ago

      My previous work didn’t revoked my access to their CMS. I was so upset when they laid me off after telling them my wife is pregnant.

      But I ain’t that stupid.

    • partial_accumen@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      11 days ago

      Initially makes me wonder how the employer could be so dumb as to give one employee so much access.

      The amount of access he had doesn’t surprise me. He’d been there for 11 years already likely working on many things as he interacted with systems in the course of his legitimate work. While its possible to set up access and permissions in an organization utilizing the “least privilege principle”, its expensive, difficult to maintain, and adds lots of slowdowns in velocity to business operations. Its worth it to prevent this exact case from the article, but lots of companies don’t have the patience or can’t afford it.

    • ubergeek@lemmy.today
      link
      fedilink
      English
      arrow-up
      0
      ·
      11 days ago

      Initially makes me wonder how the employer could be so dumb as to give one employee so much access.

      Right now, just based purely on the access I need to do my day-to-day job involves me having access where I can pretty much nuke everything from orbit, with an ssh loop.

      At some point, you need to trust your employees, in order to get work done. Sure, you can lock it all down tightly, but then you just made work take longer. It’s a trade off.