
I was authorized to trash my employer's network, sysadmin tells court - koesterd
https://www.theregister.co.uk/2017/02/23/michael_thomas_appeals_conviction/
======
woliveirajr
> If he is found to have acted without authorization, the question then
> becomes: does that make other sysadmins criminally liable for mistakes they
> might make unless they get explicit permission beforehand? That would create
> a hell of a problem.

> If Thomas is found to have acted with authorization, every company will
> wonder if that gives their sysadmins carte blanche to ruin their systems
> with no legal comeback. That's not going to sit very well in boardrooms.

Both are very good points. Not that I think that a sysadmin has the right to
screw up everything _on purpose_ , far from that. But the other way round:
when a sysadmin screw up something, will he be obliged to prove that was a
mistake? What constitutes a mistake? Not all companies have the right touch
when dealing with the IT personal, so all sysadmins will have to contract some
insurance against his company?

------
jdhopeunique
New Employee Policy:

Employees are not authorized to access any company computer resources unless
the following conditions are met:

1\. Toilet seats must be in the down position following restroom use, as
requested by HR.

2\. Coffee area must be clean, with all spills and sugar wiped from the
counter.

3\. Refrigerator must be clean and free from week-old goods.

Any attempt to access the network while the above conditions are not met will
be considered an unauthorized access of the network.

------
devoply
mens rea. if he knows what he did was wrong, that's enough to find him guilty.

~~~
yebyen
I'm not so sure charging him is the right choice though. Yes deleting backups
is interesting, but "it turned out there were local copies of the deleted
backups" \-- so, he did or he didn't delete the backups? It sounds like he
left them with backups.

If I'm the only one left on a sinking ship, you better believe that before I
quit, I'm taking myself out of the "on-call" rotation on the pager system.
You're going to prosecute me for "causing chaos by leaving?" It took them all
day Monday to sort it out! Surprise, after a power outage and a denial of
service attack that the sysadmin spent all weekend fixing, it's quite lucky
that's all it took!

Taking myself off the pager system when nobody else is on-call, is that the
same as turning off the pager system altogether? I'm sure not obligated to
hire and train my own replacement before I can leave (not without a contract
anyway, and most certainly not when you just terminated MY boss and only
backup without notice.)

If your backup systems' daily transfer has a tendency to overload the
fileserver that's running your company's internal shared drives and primary
DNS? (for example only, wink -- but this is definitely a real thing that I
personally dealt with) If this fault causes everything else to go down all at
once some whole-number percent of the days that it runs... and the only way to
fix it is for someone to walk into the server room and reset the right
machine... is it better to leave that time-bomb ticking with nobody on-call,
or should you leave a note for the next guy "ask for a bigger budget and a new
backup server" and disarm the bomb? Personally, I'd disable the nightly
backups in that case too.

Suppose you've tried training a resource to answer that page and nobody will
pick up the task? I understand there's such a thing as malicious action, and
deleting Wiki pages with important documentation on them might fall into that
category. There's also such a thing as negligent inaction I suppose, but the
more I read into this article, the more it sounds like a very familiar
situation, and maybe the truth is closer to this employer would just like to
hold their "key man" junior IT guy hostage, on-call 24/7 until the sale of the
company goes through, when the new owners can cut his benefits.

