How being an irresponsible geek can kill!
(okay perhaps not kill but ruin one's employment reputation)
This is an account of what can only be classified as an act of "stupidity" a phrase that will continually reappear throughout this text. I've taken the liberty of changing or obscuring certain names.
ABC Corp was my first real job. I started at the very bottom of the corporate ladder as a lowly technician in the middle of '96. But in the space of a year and a half thanks due partly to the company's high employee turnover and also my ability to work 50+ hours per week shifts, I soon found myself the "Unix System Administrator".
My domain of responsibility was the unix servers (running "SOUL"1) which ran at each of our sites. At the start of my new post this numbered five sites all of which were Texas based. To run some quick numbers in my head most sites had 5 servers a piece with the exception of "site one" which had 10. So this came to be 30 machines in total. I'm sure you could imagine the feeling of empowerment I must have felt. I had only one peer: the Novell SysAdmin.
With the Novell SysAdmin being my only other peer, we had what could best be described as a mutual understanding; I didn't question how he ran his servers and in turn nor did he. These servers were utilised by a highly complex automated phone menu system. No real user would ever be aware of the engine behind the system; it was totally transparent. I had only one real user: the developer who had resigned himself to the fact that he would only be able to see and do what I had permitted.
Now we'll say that I've been in this unquestionable and near unaccountable position of power for almost two months. What did this mean in real terms? Well first I need to digress a little; we had just recently gained Internet access which due to the volume of traffic almost immediately became monitored. This was pretty bad for most of the chaps but I know some enterprising gentlemen who utilised our modem pool to dial out to their own ISPs. There was ultimately a flaw with this scheme: the modem pool's access was being logged and we knew which numbers had been called. I chose however to go down a different route.
Since I had become the Unix System Administrator it was only natural that I would be running a Unix workstation. And of course this would mean I could now rekindle my love affair with Linux, which had started with a 20 disk install of Slackware and a 1.x stable kernel I believe. Simply using FreeBSD let alone SOUL was not an option I was too eager to catch up on what had transpired since I last ventured into the land of Linux.
With pretty much all my traffic being secured (via ssh) I now began to master the fine art of slacking on the job. If Everything (in its version one incarnation) had existed back in '96 and if I had known of its existence who knows what kind of trouble I would be causing now. Of course this is a moot point, so instead I found myself viewing pron sites, trading mp3s and continually hitting the re-load on the slashdot page. Social activities included a chat-line in which I was able to talk to all my friends who I left behind in "Blighty" and being a regular on #linux (which irc network I forget; it was not efnet or undernet). In general my quality of life at work had vastily improved.
I had become, if you will, one of the "untouchables".
Now let's get out of all this happiness and walk into that fateful day on the chat-line....
what follows is a rough approximation of what happened.
welcome to the english trumpet...
there are no new news items
you are in the "wanila"
you can see Pastardly, Pocara, Plundie, Port.
You say: Hi everyone.
Pastardly says: hey booyaa!
Pocara says: lo dude!
Plundie says: boo!
Port says: lo booyaa! :)
Pastardly says: hey boo come up with a name for our rc5 team!
:
:
.
Now for the uninitiated "rc5" or to be more precise "
rc5-64" was/is
3 key
cracking competition by the famous
distributed.net. Now I had heard of distributed.net and dug what they were selling; they needed
our collective computational power to prove the viability of the Internet as one big
supercomputer and also gave great exposure to the world of
cryptography. And of course there was always the
cash prize of $2,000, so naturally I wanted to partake in such a contest. At the end of the day that's not why I wanted to join, I wanted to be in the team or the person to "break the code". Let's get back to the chat session and see what arises...
Pastardly says: we need to have some cool initials..
Pocara says: yeah something like NSA!
You say: erm Nutty System Administrators?
At which point my muse must have landed on my lap and whispered "here try this..."
you say: Need Some Ass
Pastardly says: heh
Pocara laughs.
With our team newly christened I took it upon myself to create our logo. So using a pre version 1 of the gimp I managed to create what could only be described as one of my finest logos ever. I had taken the asses of women whom I had found to be of exemplary quality from the choicest pron websites. I assembled this collage of "usda approved rumps" into what would become the background. I then utilised the "xach effect" script-fu on an average but chunky font. To have seen those heavenly and pert bottoms through the lettering would have reduced most grown men to tears. Sadly through operator failure (the idiot writing this) this logo has since been destroyed.
Now I admit full liability for that wholly unacceptably and protracted digression...but simply put failure to describe this logo would have been unacceptable. Well in my eyes it would have been! I shall call a recess and expect everyone to return in 15 minutes time.
Okay now we had everything; an awesome name and an incredible logo. Our collective computing power was acceptable: a Sun SPARC E450 (dual processors at 333Mhz a piece), 4 x SPARC Ultras (233 Mhz each), at least one DEC Alpha (no specs available but not the top of the line) and at least a further 7 Pentium or better class machines.
Before you could say "cycle" I began to formulate a diabolical plan to exploit my thirty odd boxes littered across Texan state - The friendly state. My problem was this; none of the machines had access to the Internet they were on our private network. So it was a simple case of running a key server proxy on my Linux workstation in my cubicle which did have Internet access.
Now of course running these key cracking clients could potentially cause either net congestion or slow processing problem during regular company operating hours. So knowing that these operating hours were between 0800 and 2300 I decided to place all my clients in cron jobs. I had one smooth operation.
As new servers came in it became part and parcel that I installed the client software them. I even came into posession of a SPARC Netra-J box which promptly became the department's Quake server and of course moonlighted as a very slow client. Soon there wasn't a unix server that did not have a client running on it. On my watch I came to participate in a further six site installations which brough my tally to fifty-eight machines if you also included three machines outside of these site operations.
At this point I introduced a good friend of mine at work2 to my new game. Being a true geek at heart he too wanted a piece of this number crunching action. So the problem was now how to find him a viable platform for him to run his operations out of. He was a friend but I would have chosen limb separation with a dull and rusty knife rather than spare him even one cycle from a server let alone give him an entire server. We did however find a platform for him; the NT workstations. This only became an option when we discovered that the key cracking client could be hidden away from the system tray. Before long every machine my friend went to service had the client installed on it.
Now you could imagine we were beginning to become a veritable power house key cracking wise. It seemed that every other week we would continue to rocket in the number of keys we were cracking. I believe at the time we were cracking a couple of thousand keys a second. Things were good... too good.
For reasons I don't wish to disclose at this moment in time, by the end of July '98 I found myself in a situation where I need to leave the country. This would mean leaving behind my job and more importantly my key cracking capability. I now had only two nights in which to start shutting down all my operations. There was simply no time to bring my friend up to speed on how to run it. For some insane reason which I can only attribute to sheer
I wrote off any possibility that anything could go wrong when the linux workstation which was the key server proxy was shut down upon my departure from the company.
I must warn those with heart conditions or weak dispositions to turn away from this node now...
Here's exactly what happened:
After almost two weeks of the key cracking clients continual logging errors of their
inability to contact the now
non-existent key server. This logging of course was done to the
/var/log area which was still part of the
root
filesystem (at which point I would like my
peers to begin picking up their stones and proceed to throw them at me in a
carefree fashion). To put it in layman terms when the root filesystem becomes full the server promptly:
crashes, dies, bought the farm, <insert your favourite death euphemism here!>
Yes this meant that
all fifty-eight servers promptly died!
To explain the ramifications of this system failure our entire division of the company depended on all those machines. Luckily (depends on your point of view) the company had seen fit to actually hire a system admin rather than train one of our boys up. So it didn't take him long to work out what had happened and a quick call to distributed.net who happily obliged to disclose our team's information; (in their preamble they say we don't take responsibility if you decide to run these clients illegally on your company's machines) namely my email address. This wasn't a problem I was no longer with the company or the country. However my poor friend was also indicted. He was immediately placed on the last caution prior to dismissal from the company. Had
they managed to pin the server failure on him his would have been out. Perhaps my sheer greed for key cracking power saved his tail, but at the same time he wouldn't be in this predicament if I hadn't had introduced him to it.
What does this all mean in real terms? Did I get off scott free? No, here's what it cost me:
My reputation as an exceptional employee with the company has now been tarnished. This has virtually poisoned my work record causing me to worry about the possibility of any future employer enquiring with my former company. I have lost the trust of my manager who was not only my friend but also the inspiration for me to return back to night school at which point would have gone towards the completion of my degree. Also had this incident never occurred I would have had the proverbial employment door left open indefinitely for me by not only my manager but also my director. I nearly had a friend fired from his job who although never admitting to it felt he had been left to the wolves by me. I know this because we never seem to maintain good contact with one another afterwards. I also suspect because he now had a black mark on his record would have had to leave and find somewhere else to grow careerwise.
I wanted to end with something witty like, if I could do it all again I wouldn't have got caught. But after writing this I'm simply sickened by my sheer stupidity and complete ignorance of foresight. I know this may sound stupid but I really did like the people I worked with. And I wish I could have called them to explain that I was very sorry for betraying their trust. I can't. I would strongly advise anyone treading down this route to realise all the possibility ramification of their actions!
1 "S".ome "O".ther "U".nix under the inte"L" architecture.
2 This is quite a feat to achieve, a friend at work. let alone a good one.