Re: Highlighting Security Issues

[Victor Williams <vbwilliams () neb rr com>]

I'm not defending the manager's actions (if he's indeed guilty).  But it 
seems everyone I've had discussions with about this seems to think that 
the gospel truth is that this manager WAS playing Solitaire.

Myself, I find it more difficult to believe the employee than the 
manager in this case.  I cannot help but question the motive, 
intelligence, and ability of someone who resorts to loading a trojan or 
piece of malware--IF this is what happened--for the express intent of 
getting someone else in trouble.  If his concern was with the waste in 
the whole organization, why didn't he log EVERYTHING on EVERY 
workstation that he had access to administratively (which I'm going to 
assume was the whole office)?  Why did he just go for this guy?

In addition, who says he didn't load the trojan on his own PC and take 
screenshots of him opening someone else's mailbox?  An Administrator has 
access to EVERYONE's documents and records at every level.  So, why did 
he blow the whistle on this ONE person?

Sounds like a personal vendetta to me.

The only things that have been proven in this case beyond the shadow of 
a doubt for me (and I'm only speaking for me) is:

1.  A trojan was loaded;  the ex-employee admitted it.
2.  His intention was to blow the whistle on ONE person.
3.  He has too much time on his hands to write non-specific and 
ambiguous emails to people vs just telling someone up the food chain 
that abuses are going on and they need to know about them.
4.  He's not a very good administrator seeing all the peripheral things 
that were wrong with this technology-wise.

That's my conclusion.  I cannot conclude that the manager was playing 
Solitaire or was wasting gov't tax dollars.  IF he was, he should be 
removed IN ADDITION to this employee.  But that has yet to be proven.

From a technology point of view, there were so many things wrong with 
this scenario, we could go on for days...literally.  Where do we start?

I'll start by asking how many on this list leave the games loaded on a 
new workstation when they hand it to a new user?  In addition, do you 
give that new user administrator rights to the machine?  How many 
directories do you give write access to on the local machine?

Those are just three things that would be wrong with this scenario 
without even going any deeper than the surface.


firewalladmin () bellsouth net wrote:
> 'Scuze me, but whether or not the systems admin guy was a loser or not is just the side note here in my opinion, and it seems to me you are defending a manager who doesn't deserve a defence, nor is what he has been doing over the last 7 months acceptable just because it was pointed out in a wrongful manner. It is stuff like this that - if I may use an outrageous example to help make a point in a much smaller matter - let's the murderer go free because he wasn't read his miranda rights before he confessed to the crime he was caught red-handed doing. 
>
> If this discussion is about ethical and professional systems administration, okay fire the dork who loaded the trojan. If it 
> is about ethical work habits in the government, then the idiot who plays solitaire and checks his stocks on-line all day at 
> taxpayer expence (and I would guess this guy makes 60-90k per year) needs to lose his job too. Don't defend one 
> criminal just because he was ratted out by another criminal. Either both are wrong or neither are wrong. To sypathize with 
> either individual is understandable in this case depending on which side of the fence you have been on in the past, but to 
> defend either position seems a little ridiculous.
>
> From: Victor Williams <vbwilliams () neb rr com>
> Date: 2004/08/01 Sun PM 10:20:46 EDT
> To: "Paul D. Robertson" <paul () compuwar net>
> CC: firewall-wizards () honor icsalabs com
> Subject: Re: [fw-wiz] Highlighting Security Issues
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards