Tech Companies Have a History of Giving Low-Level Employees High-Level Access (theoutline.com) 102
A reader shares a report (condensed for space): In the summer of 2010, Google fired a 27-year-old site reliability engineer named David Barksdale after it discovered that Barksdale had been accessing the Google accounts of four teens he met through a local Seattle tech group. The spying went on for months before it was reported, Gawker's Adrian Chen wrote at the time. In one incident Chen described, a 15-year-old refused to tell Barksdale the name of his new girlfriend; Barksdale broke into the teen's Google Voice account, listened to messages to get the name, then taunted him with it and threatened to call her. Google was contrite, saying publicly that it "carefully control[s] the number of employees who have access to our systems" and monitors for abuses by rogue employees. [...] The rogue Twitter customer service employee who momentarily deactivated President Trump's account on Thursday night brought this issue to mind. Twitter has 3,898 employees, according to Wikipedia, for 330 million monthly users, a ratio of one employee for every 84,658 users. This means that a single employee may have a ton of power over loads of users, but the value of a single user is low. Their privacy may seem insignificant in light of the greater mob. [...] At Uber, employees regularly abused its "God View" mode to spy on the movements of celebrities, politicians, and even ex-spouses.
Re: (Score:2)
Because APK has been spouting crazy shit for years now (Alexander Peter Kowalski/AlecStaar)
https://arstechnica.com/civis/... [arstechnica.com]
http://www.thorschrock.com/200... [thorschrock.com]
Took awhile to understand your post, due mostly to the Novella you linked to.
APK aka Alecstaar https://arstechnica.com/civis/... [arstechnica.com] (banned again).
Alexander Peter Kowalski post http://www.thorschrock.com/200... [thorschrock.com]
You've done given Google many of your handles.
Conundrum... (Score:2)
There are many very boring and mundane things that require elevated privileges.
Creating accounts
Granting permissions
Patching servers
etc.
In fact, it's deadly dull and a complete pain in the ass.
Not stuff that would really keep some senior technical employee interested.
Re: Conundrum... (Score:2)
Division of responsibility so that individuals do not have too much power is costly solution. You can save a lot of money if a your low level techs have uber powerful permissions.
Having delegated rights to create users on a domain level, and/or assign permissions to something or other does not make one a database administrator/owner (unless it is the databae itself one must grant permissions to). Giving the tech domain admin right
Re: Wow such an elitist attitude. (Score:2)
Without volunteers, conscription would take its place. Ask the folks who fought in Vietnam how they felt about it.
Be happy there are volunteers.
Re: (Score:2)
Often there is an underestimation on what people can do, also the more mature person usually doesn't want the extra access.
So the low level person may get full access because the organization figures what can they do, while the person may be actually rather smart and know what to do with all that data. Also the developers know if there is a problem, they will be first to get a finger pointed at them, so by demanding that they don't have access to that info, means that they weren't the ones who messed it
customer service can get to script driven (Score:2)
customer service can get to script driven and some cases all users must hit level 1 first. Also there can be a push to give all customer service the rights to do basic on/offs so they can do a quick fix.
Re: (Score:2)
Are the NOC staff responsible for diagnosing and resolving issues when a server fails?
This typically requires administrator privileges. On the Windows side, most OS utilities require elevation. While it's easier to get granular permissions on Linux, it's also very hard to configure a system that can be managed without any sudo users.
While you may benefit from more permissions, your NOC team requires administrative access to do their jobs. Maybe they could use lower privileges 80-90% of the time, but sooner
This is no tech company problem. (Score:2)
All, really all, big organizations have this problem. Just ask Manning and Snowden; classic cases of too much access to too much information.
So governments, corporations, every organization needs to give power over information and access to the lowly peons or those peons can't do the lowly jobs they are supposed to do.
You can put in controls, access walls and shit, but if you do it, your administrative overhead will go through the roof. Someone like Google might sorta be able to pay for all of this, but it
Re: (Score:1)
Re: (Score:3)
Back in the 90's I worked in IT for the state govt. I found out in my first month that I had more access to the data systems than the Director or our agency.
He had to call me to get access to certain accounts.
Plus, I soon found out my IT badge would open every door in HQ. Security guard told me that "You computer guys are allowed to go anywhere."
Wow (Score:1)
In one incident Chen described, a 15-year-old refused to tell Barksdale the name of his new girlfriend; Barksdale broke into the teen's Google Voice account, listened to messages to get the name, then taunted him with it and threatened to call her.
First this guy and then James Damore, Google hires some real winners...
Re: (Score:1)
When you give them godly powers, they start acting like gods. You know, disguising themselves as golden "rain" and getting innocent ladies pregnant.
Not a good example (Score:2)
This story stinks of hand waving. Just because someone realizes that "account access" means "account access", doesn't mean it's high level access. When you add finer grained controls, you get middle tech who's sole job is to vet access (now the lower level just performs a bit of social engineering and it's old status quo).
David Barksdale's story is a low level employee with low level access. If the application needs frequent adjustment at the account level, of course you hire a bunch of cheaper-than-average
Re: (Score:2)
Which is why you got the TS clearance. That's how clearances work, after all?
When I got mine, and during the re-investigation after 7 years, I had friends I hadn't spoken to in years contact me and ask me what was going on. Turns out they don't pay much attention to the people you list? Those people only serve as a springboard for the people you didn't list.
Those are the folks who get the really juicy questions.
It's also how they weed out those who are likely to do b
BOFH could read your mail (Score:1)
Back in the old days, the local Bastard Operator From Hell could read all of your mail on the local system. Now, Google is the global bastard reading the mail of everyone in the world.
The people demand centralized monopolies. This is what the people get.
Got It (Score:2)
Re: Got It (Score:1)
Our build server has access to prod, but I don't. I can still trigger the build though, so technically I'm deploying to prod.
This is how it should be because there's a log of everything. Sure, I could write some script that exploits the build server permissions, but that script is in source control with my name on it and requires a code review.
Some teams just suck at security. My last company checked the production security credentials into source control so that the deployer could access them. So anyone wi
Not how it works (Score:2)
>Twitter has 3,898 employees, according to Wikipedia, for 330 million monthly users
Both Twitter and Facebook outsourced "user operations teams" in god forsaken places like Algiers, Albania, Tunis and so on.
They do dirty stuff like porn filtering, and banning
Low level or low paid? (Score:5, Insightful)
Re: (Score:1)
You pay more for the role, you hire a more competent person, who is able to get the job done.
The problem is people who have to accept minimum wage jobs. Their lives are typically a 'never ending parade of problems'. Which is why they are only _worth_ minimum wage, not the other way around.
Re: (Score:3)
Jesus dude, stop humping that strawman.
It's not just about competency (Score:3)
Re: (Score:2)
Chicken or egg.
People have to be competent enough to earn enough to have a stable life, or they are fucked and even less employable
Fire the minimum wage twit, and pay someone competent. Then the job gets done.
Re: (Score:2)
Re: (Score:2)
Ford discovered that good pay got him the best workers. Like I said.
It's not like he just raised everybody's pay. He hired the best available workers and paid enough to keep them.
He was kind of an asshole about it, knowing he could throw in conditions of employment like 'right to inspect home without notice', 'no drinking off the job' etc.
Re: (Score:2)
Re: (Score:2)
People learn to be competent. Best to start early. You might still have time.
Re: It's not just about competency (Score:2)
You have to pay people enough because if you don't, and they have high level access, they are ripe for recruitment from outside organizations willing to pay them more for the access they have.
Low paid employee won't think twice about it. One with a nice paying job most certainly will.
Re: (Score:2)
Re: (Score:1)
I don't think it's about software engineers (Score:2)
Re: I don't think it's about software engineers (Score:1)
Nope, even as a lowly QA contractor I've had production access at major tech companies. They didn't intentionally give me access but they also did a terrible job of protecting access.
Case in point, several major recent data breaches involved default database passwords in production.
Re: (Score:2)
Re: (Score:1)
In other news (Score:5, Insightful)
Maids clean rooms of VIP's.
Abuse of data access is nothing new (Score:3)
I see many other posts making the same point, and I'll add my specific story from the 1980s.
In 1987, I was doing some work for a local chain of auto-body shops that had some software to do job pricing. In the process of understanding how the business worked, I got to know some of the guys who did sheet metal, welding, body repair, mechanical, etc. These were your typical blue-collar young males for the most part.
In the corner of the main shop area there was a dedicated terminal (VT100ish) and modem for connecting to the state DMV mainframe, where you could do basic queries. There were a couple legit uses for it, which is why the shop had it, but the only time I saw it used was by a couple of the guys who would enter the license plate number of cars they saw driven by pretty women, to pull up the registration info to find out the names and addresses of the car's owner. No checks or balances or access control; the logon info was taped on the side of the terminal. Any access logs would have been somewhere in Austin.
Totally creepy stuff then, still creepy 30 years later.
Same applies to high level employees (Score:3)
Level of employment does not equal trustworthiness of employees. In fact, often the higher you go the worse they get.
What's a "site reliability engineer"? (Score:5, Funny)
In engineering school, that major didn't exist - nor does it anywhere. Is it like a "Sanitation Engineer"?
Or "software engineer"? Or "domestic engineer"?
I get calls all the time form recruiters saying I'm an engineer. I say, "No. I'm a programmer."
"Oh, we're looking for engineers."
"My bad. I just read specs and develop software according to those specs."
"OHHHHHH! You are a software engineer!"
"I am?!"
"Yes!"
"OK. So, what's a programmer?"
"He's someone who takes specs and implements them in the programming language of choice."
"Ah. So, what's a software engineer?"
"He's someone who takes specs and implements in the programming language of choice using engineering principles."
"Ok. So, Thermo is involved?"
"What do you mean by 'Thermo'?"?
"Never mind. So, whatever - programmer, engineer, god, ....whatever the title is, I'll take the job."
"You have a problem with your attitude."
"....."
Re: (Score:1)
This is slashdot, and serious technical discussions aren't had here anymore, but I'm willing to try.
Serious answer: a site reliability engineer is someone that implements best-practices and theories regarding incident response, disaster recovery, business continuity, high availability, and graceful failure at a singular geographic location
It is an important job that does save companies far more money than any singular engineer of other persuasion can create. Without at least hiring a consultant to do the wo
Not surprising... ask the janitor (Score:5, Interesting)
This is not surprising in the least. On a physical level, the person who likely has the most access is the janitor or cleaning staff.
Almost any access can be abused, if someone feels vindictive enough. An electrical worker can toss a dead rat in an opened panel, and the arc flash likely would take out a good amount of power in the building.
Having access controls to minimize things are critical, but even with those in place, there is a point where the problem changes from a technological issue to a HR issue, of why someone is that pissed and vindictive in the first place... and why they were cleared for access.
Re:Not surprising... ask the janitor (Score:5, Interesting)
On a physical level, the person who likely has the most access is the janitor or cleaning staff.
Back in the day, the people companies worried most about were the secretaries. They knew everything because they typed up and made the copies of everything. Today we have sysadmins and customer support, same deal. And get off my lawn.
Re: (Score:2)
some times the only locks on power panels are the lock out / tag out ones.
Re: (Score:2)
some times the only locks on power panels are the lock out / tag out ones.
Most deadfronts unscrew from the box--1/4" Flathead or #2 Robertson. To quote the US Army: "Locks are delay devices".
Re: (Score:2)
"low level" employees are the ones doing the work (Score:5, Insightful)
Hence they need "high level" access. This is well-known and unlikely to change.
Stop giving Google all the data. (Score:1)
Great Jeebus Almighty. People have insisted on giving all human communication to either Google or Facebook. Email for example used to be distributed - if your local BOFH was malicious, at least he didn't have access to the entire world's email, at once. But no, that wasn't good for the mouth breathing masses. Everyone insisted that a couple of advertising companies should get access to everything. All email, all instant messages, all voice chat.
Because, of course, advertising companies have our best in
Misleading description (Score:5, Insightful)
The ability to login to a customer's account and check basic information to verify identity, reset a password, or turn off an account is NOT high-level access.
Minimum wage customer service representatives REQUIRE this level of access to customers' accounts to answer basic support requests or investigate problems. When Xyzuser calls in or e-mails to request their account disabled or request a troubleshooting assist, some low-level user is going to answer this request.
There's no way around that, other than companies SHOULD be very tight with auditing, and make sure to challenge any action on a customer account that doesn't have an explanation and a support ticket opened by someone else.
Re: (Score:2)
You give the employees access to buttons that say "Reset password" or "Disable account" and not carte blanche admin access to change any parameter they like.
You often run into the problem of rarely used but essential permissions. The typical response is to give them out widely "so we have them when we need them" and then to audit the use of those privileges.
Most people say they're going to do that, and then don't bother with the auditing at all. Or maybe they do review the usage for a while, and then they stop "because nothing ever happens".
Modern identity management applications will provide temporary just-in-time privileges, but most of them are a complete pa
At my site... (Score:1)
Was asked to give a relatively low level employee administrative access to a system of ours facing customers. I thought it was a test, so I refused. Then got escalated to executives and had to relent. It didn't have any sensitive data on it, but the integrity of the data was important.
Of course prior to relenting, I took all legitimate content update channels offline, made a backup, and then blew the system away and restored from backup when that employee was done, to be extra paranoid.
"High Level Access" (Score:3)
This isn't high level access. High level access means telecom, email and backup files of senior execs, possibly access to the people in question to support them, proximity to their cubes, permission to listen in on board meetings, that sort of thing. These high level employees aren't usually very good with data (or any more discrete), you probably wouldn't necessarily want them managing it.
It's all necessarily low level access. But clearly they are not protecting customer data well, or putting a high value on privacy.
Really really stupid (Score:3)
I work for a well-known financial company. I guarantee you that if I accessed the information of any even marginally well known celebrity, public figure, even a notable individual, I would be asked why and expected to offer clear evidence of the need. I occasionally see personally identifiable information for any of our clients, and I do not pursue any I happen to come across that I recognize, and of course I would not.
I would also be asked if I accessed MY information - that usually results in one warning. Then dismissal.
But it's evident these Internet companies haven't worked out the confidentiality protections they should have in place, and so we read these reports. Kinda sad.
Re: (Score:1)
The big difference is that the financial services sector has monetary and legal reasons for not fucking around with this stuff. Twitter... um, it's a glorified wall for putting shit up, and they've only lost what, like 2 billion, and just now are they maybe going to break even this quarter?
To put it another way, you're at a financial company, and you close your doors and take all the info with you, you could be in a ton of trouble, because you own the money of all of these people. Twitter closes its doors
Re: Really really stupid (Score:2)
See, you're doing it wrong.
You steal your coworkers credentials and use that to access that information.
You would be impressed with the information you can gather by setting up a mirror port on a switch paired with wireshark.
Re: Really really stupid (Score:2)
0. Using a co workers's credentials gets your both fired on the spot.
1. Physical access to networking equipment is restricted by lock and key. Installing a switch of your own world be grounds for dismissal and prosecution. It's been tried.
Re: (Score:2)
Is that really high level access? (Score:3)
Take Twitter: If an account is taken over and used for malicious purposes, you want the first level support to be able to freeze it without having to go through a bunch of checks. That's not really that high a level of power, it's what's required to do the job.
Not just tech companies. (Score:3)
Think Bradley/Chelsea Manning an E-4 specialist who was entrusted with access to an astonishing breadth of sensitive information. Manning was, according to other soldiers, bullied to the point of a nervous breakdown during basic training, and yet even after that they moved him (as she was then) right into training as an intelligence analyst.
Assange cultivated Manning with methods anyone who'd read a LeCarré novel: pick out someone emotionally vulnerable and work to gain their trust.
Somebody's got to handle the grunt work of managing sensitive information, either in the military or private sector; but it's not going to be someone who spent four years at West Point or getting an engineering degree. But just because a job doesn't require *those* particular credentials doesn't mean anyone can or should do it.
The problem isn't that low level people have access to sensitive information; the problem is that organizations are sloppy about hiring people for those positions because they aren't high status jobs.
Re: (Score:3)
the problem is that organizations are sloppy about hiring people for those positions because they aren't high status jobs.
This is exactly the issue. Sometimes you have to pay well for a low-skill job because you don't want to risk having an idiot or a junkie doing it.
Somewhere, someone paid good money for a background investigation so that someone else could be a janitor. Because even the most sensitive labs have floors and bathrooms, and you don't pay an engineer $200K to clean the tiles and unclog the toilets.
Skills, reliable performance, and trustworthiness all play into an individual's value in the labor market, and some c
wrong wording (Score:3)
I think the issue is "tech companies give many employees priviliges to do things because it works, and then those things have unexpectedly important consequences that weren't realized because it's a young company doing something no one else did before".
That it was called God View is troubling enough. (Score:3)
At Uber, employees regularly abused its "God View" mode to spy on the movements of celebrities, politicians, and even ex-spouses.
And, yea, on the Seventh day, God saw that the driver was at 5th and Elm and that it was Good. (... insert chanting in Latin ... )
Low level techs do the most high level troubleshoo (Score:1)
Many years ago I was a entry level Data Tech that started at a very tender young age at a now very big tech company. Most of the time we were the ones doing the system level troubleshooting that required high level access, we did all the troubleshooting from oracle DB performance issues, to fixing the entire phone systems when it would crash on the weekends. We had global sudoers access, we had the master local passwords for all of the network gear, and we had a bunch more access. The only access we did
I really thought we were decent people (Score:1)
For starters, let me state that it's my opinion that this Google person did something truly disgusting.
But what I find even more disgusting is that this person is mentioned with his full name in global, regular media. He is only 27 years old. He has to work for about 40 more years. Was it really neccessary to destroy his life over this? I don't think so.
Where I live it is common that even the heaviest criminals' identities are protected. More often than not only their first name and the first letter of the
Screw the loaded term "low level" (Score:2)
You have to give these people all these powers but ideally you audit them and have a way of backing out any changes they make. (The only thing I can think of that you really can't back out of a system is if someone reports you dead to the credit bureau. Sorry Jesus). The admins, programmers and anyone else who has access to the raw data generally are not audited.
Barksdale you say (Score:1)
Okay (Score:2)
So on this note, how much access do you all have at your company and where do you sit in the corporate food chain ?
Me, I'm just a faceless employee. One who has enable mode access to nearly every router and switch ( even the core systems ) in the entire company. Scary level of power if you think about it.
Someone has to do the work though and it certainly isn't going to be some executive type who wouldn't know what an enable mode prompt looked like if you threw it at them.
So, many tech companies ( especial
Suspending an account is a low level privilege (Score:2)
You want an oncall person to be able to quickly stop a contraversy or even a legal liability to the company. So if a Twitter employer sees a lot of crap coming out a high profile account, you want to be able to quickly shut it off to limit damage.
Oh wait...