this post was submitted on 08 Mar 2025
51 points (100.0% liked)

Pulse of Truth

6 readers
6 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 1 year ago
MODERATORS
krogoth@infosec.pub
51
Developer sabotaged ex-employer with kill switch that activated when he was let go (go.theregister.com)
submitted 1 month ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub
7 comments fedilink hide all child comments
 

IsDavisLuEnabledInActiveDirectory? Not any more. IsDavisLuGuilty? Yes. IsDavisLuFacingJail? Also yes A federal jury in Cleveland has found a senior software developer guilty of sabotaging his employer's systems – and he's now facing a potential ten years behind bars.…

top 7 comments
sorted by: hot top controversial new old
[–] CosmicTurtle0@lemmy.dbzer0.com 23 points 1 month ago (1 children)

If this dev had this much access and his work didn't do any sort of code review, I don't understand how their CSOC or ISO isn't on trial along with him.

This is terrible OpSec.

In order for me to create an IAM role, I have to have two different people to approve it, along with the access control team, along with a change review on what the role does and how it will authenticate.

Dev teams cannot access production. Prod teams cannot access code directly. Only machine roles can access databases directly.

We have so many checks and balances that it's amazing we get anything done.

[–] homura1650@lemm.ee 8 points 1 month ago

I work in a high security industry. You'd be amazed at what you can do if you are willing to ignore the process. Our real defense against insider threats is attribution, law enforcement, and incident recovery. By the sounds of it, that is exactly what happened.

[–] harryprayiv@infosec.pub 10 points 1 month ago (1 children)

Dude is an absolute legend!

[–] Onomatopoeia@lemmy.cafe 4 points 1 month ago (1 children)

Nah.

We saw this happen in the 90's when controls were practically non-existant.

This behaviour (and his lack of concealing it), just reinforces you don't want him as an employee - partly because he never considered the implications of his actions.

Now he gets to deal with the legal consequences of this - court alone is going to be stressful and expensive, then jail time. Dude ended his career doing this.

[–] harryprayiv@infosec.pub 5 points 1 month ago

Undoubtedly.

Still, he will go down in history both for his stupidity AND boldness.

[–] jjjalljs@ttrpg.network 5 points 1 month ago

I'm reminded of some garbage post I saw in the hell known as LinkedIn. Some soulless suit was saying "Don't do PRs - just let your team merge directly to production." I didn't engage with it because I hate everything about LinkedIn and its clickbait trash feed, but "it protects you from a lone disgruntled employee" was one of the reasons I thought about.

[–] archonet@lemy.lol 2 points 1 month ago

And that, kids, is why you leave breadcrumbs going to someone else if you're going to do something stupid like this.