this post was submitted on 23 Aug 2025
219 points (100.0% liked)

Technology

3909 readers
393 users here now

Which posts fit here?

Anything that is at least tangentially connected to the technology, social media platforms, informational technologies and tech policy.

Post guidelines

[Opinion] prefixOpinion (op-ed) articles must use [Opinion] prefix before the title.

Rules

1. English onlyTitle and associated content has to be in English.
2. Use original linkPost URL should be the original link to the article (even if paywalled) and archived copies left in the body. It allows avoiding duplicate posts when cross-posting.
3. Respectful communicationAll communication has to be respectful of differing opinions, viewpoints, and experiences.
4. InclusivityEveryone is welcome here regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
5. Ad hominem attacksAny kind of personal attacks are expressly forbidden. If you can't argue your position without attacking a person's character, you already lost the argument.
6. Off-topic tangentsStay on topic. Keep it relevant.
7. Instance rules may applyIf something is not covered by community rules, but are against lemmy.zip instance rules, they will be enforced.

Companion communities

!globalnews@lemmy.zip
!interestingshare@lemmy.zip

Icon attribution | Banner attribution

If someone is interested in moderating this community, message @brikox@lemmy.zip.

founded 2 years ago
MODERATORS
BrikoX@lemmy.zip
219
Developer gets 4 years for activating network “kill switch” to avenge his firing (arstechnica.com)
submitted 1 day ago by cm0002@piefed.world to c/technology@lemmy.zip
66 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[–] x00z@lemmy.world 104 points 1 day ago (7 children)

For developers in similar situations, where the corporate overlords make your life miserable; use dead man's triggers Instead of a simple killswitch: manually start handling certificates, introduce memory leaks that you can easily clear, have excessive disk filling logs that you can daily clear, and all kinds of other stuff that is a perpetual dumpster fire that you extinguish as part of your job. Oh, and don't forget to forget commenting and documenting. The next developer should instantly learn the pressure they have been putting on you.

[–] peoplebeproblems@midwest.social 52 points 1 day ago

Errr

That's EXACTLY why I did that in the past. It wasn't an accident at all. Nope. It was future proofing my job. Completely intentional.

[–] chicken@lemmy.dbzer0.com 12 points 1 day ago (1 children)

I'd like to imagine countless instances of this that we never hear about because there just isn't anything concrete to write a news article about

[–] x00z@lemmy.world 9 points 19 hours ago

Well the guy from the article is named David Lu and added a function with the name IsDLEnabledinAD. That by itself deserves an article.

load more comments (5 replies)
[–] wetbeardhairs@lemmy.dbzer0.com 98 points 1 day ago (2 children)

Dipshit. Just do bad coding and leave timebombs that could be considered an accident.

[–] Elechicken@lemmy.ca 21 points 1 day ago (1 children)

I mean, there's a reason he got fired and it wasn't because he's a genius...

[–] Mouselemming@sh.itjust.works 4 points 1 day ago

Yeah, name it after the boss, not yourself!

load more comments (1 replies)
[–] AmazingAwesomator@lemmy.world 89 points 1 day ago* (last edited 1 day ago) (8 children)

company ruins life of employee: stonk

employee ruin company: immediate imprisonment

edit:

Ultimately, Eaton Corp. bore substantial costs getting its network back online

actually, it did nothing to the company but cost it a few bucks. do not pass go/collect $200.

this person was not fired, he was laid off. he was not actively harming the company until the company ruined his life.

load more comments (8 replies)
[–] spankmonkey@lemmy.world 83 points 1 day ago (1 children)

The defendant breached his employer’s trust

The company breached employee trust when they fired a bunch of people during a "realignment".

Four years is far too long. If he had run over the CEO in the parking lot he wouldn't have gotten four years.

[–] bhamlin@lemmy.world 14 points 1 day ago (1 children)

It's because they can quantify damages that way. Because you legally cannot put a value on the life of a "human" (still unsure if CEOs are human, but legally they still are), it's just "murder" and not "you cost us eleventy billion dollars in downtime." One is more negotiable in terms of damages than the other.

[–] DeathsEmbrace@lemmy.world 14 points 15 hours ago* (last edited 15 hours ago)

Then Ceos should be treated and charged with every crime a company commits or this is another class problem I'm going to solve. The guy who made the opiod crisis literally walked away with a billion dollar fine but should've gotten multiple live sentences for multiple murders.

[–] roundup5381@sh.itjust.works 53 points 1 day ago (8 children)

Have to make an example of them lest the surfs realize they have power

[–] themeatbridge@lemmy.world 35 points 1 day ago (2 children)

*serfs but yeah

[–] Zachariah@lemmy.world 16 points 1 day ago

* Smerfs

[–] roundup5381@sh.itjust.works 7 points 1 day ago (1 children)

Thought that didn’t look right

[–] MotoAsh@lemmy.world 10 points 1 day ago (1 children)

They're both words. Serf is the one for a person subject to someone else's rule just to live. (obvs not fully accurate definition, but dictionaries can give you the real deal)

[–] roundup5381@sh.itjust.works 13 points 1 day ago

Yea, sorry, English is my first language.

load more comments (7 replies)
[–] amzd@lemmy.world 44 points 20 hours ago (1 children)

4 YEARS?! And gaming companies can just build a kill switch into their game and get no penalty?

[–] Blackmist@feddit.uk 5 points 7 hours ago

Tesla build them into fucking cars.

[–] tazeycrazy@feddit.uk 33 points 1 day ago (2 children)

No one reviwing his code? Sounds like a timebomb in its self.

[–] andyburke@fedia.io 19 points 1 day ago (1 children)

This was my first thought. Just zero code review going on? Some random server only that dude knew about? tf kind of controls these people have in place?

Oh right, none of the shit the company should have had.

Instead of jail time, the government should consider giving this guy whistleblower status and investigating the corp for negligence.

load more comments (1 replies)
[–] Alaik@lemmy.zip 7 points 1 day ago

Gotta stay "lean".

[–] LibertyLizard@slrpnk.net 21 points 1 day ago

Kinda funny. 4 years seems excessive to me but what do I know.

[–] rumba@lemmy.zip 16 points 12 hours ago

What he did was brazen and stupid but 4 years sounds a bit excessive. Unless the journalist is under reporting what happened, he didn't do any long-term damage just probably knocked them offline for a day and required somebody to come in and manually reset the drsm account in the domain controller.

But in a fit of rage and passion he built out booby traps and put his name all over everything. He wanted them to know it was him, How do you absolutely denied himself plausible deniability.

All he had to do was pretend he was inept and replace service accounts with his own login. Push 90-day password resets on the account for 'security'. Set up a house of cards out of security certificates.

The company probably walked into that court with a technically competent team of lawyers and a bunch of expert testimony, he probably had a state defender.

[–] Jimbabwe@lemmy.world 14 points 1 day ago (3 children)

Kinda heroic, ngl. I think the prison sentence is appropriate, but if I was let go after 11 years, I’d harbor fantasies of doing something similar. They’d stay fantasies, though.

[–] al_Kaholic@lemmynsfw.com 19 points 1 day ago (7 children)

Prison? For shutting down the computers? How many lives were lost because of his actions, how many were saved?

load more comments (7 replies)
load more comments (2 replies)
[–] hodgepodgin@lemmy.zip 12 points 1 day ago (1 children)

this was stupid. A career ending move. no one’s gonna hire someone who wrote a logic bomb at their last job.

[–] thedruid@lemmy.world 2 points 15 hours ago

Yeah they will.

[–] Alph4d0g@discuss.tchncs.de 12 points 10 hours ago

Sounds like he could have been a bit more creative in implementing this. Having something immediately traceable back to a username is no bueno.

[–] thedruid@lemmy.world 9 points 15 hours ago

Good. Some one should sponsor and hire this guy.

[–] TempermentalAnomaly@lemmy.world 8 points 7 hours ago* (last edited 7 hours ago)

collapsed inline media

collapsed inline media

[–] Sprocketfree@sh.itjust.works 5 points 10 hours ago (1 children)

I'm curious what this crowd thinks is an appropriate punishment here. No priors, found guilty, caused some lost revenue (which I have to admit doesn't mean you actually lost revenue). So, should they even be sent to jail? House arrest? Or do we just want consistency in punishments?

[–] jonesey71@lemmus.org 11 points 6 hours ago

He should get a corporate level penalty. He made X dollars while working for that company but did something wrong while making that money. He should have to pay back .001% of his profits as a fine and the illegal stuff he did should then be ignored/forgiven. That is what corporations get as a penalty when they break the law, I think it should be applied when they are the victims.

load more comments
view more: next ›