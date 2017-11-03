Tech Companies Have a History of Giving Low-Level Employees High-Level Access (theoutline.com) 6
A reader shares a report (condensed for space): In the summer of 2010, Google fired a 27-year-old site reliability engineer named David Barksdale after it discovered that Barksdale had been accessing the Google accounts of four teens he met through a local Seattle tech group. The spying went on for months before it was reported, Gawker's Adrian Chen wrote at the time. In one incident Chen described, a 15-year-old refused to tell Barksdale the name of his new girlfriend; Barksdale broke into the teen's Google Voice account, listened to messages to get the name, then taunted him with it and threatened to call her. Google was contrite, saying publicly that it "carefully control[s] the number of employees who have access to our systems" and monitors for abuses by rogue employees. [...] The rogue Twitter customer service employee who momentarily deactivated President Trump's account on Thursday night brought this issue to mind. Twitter has 3,898 employees, according to Wikipedia, for 330 million monthly users, a ratio of one employee for every 84,658 users. This means that a single employee may have a ton of power over loads of users, but the value of a single user is low. Their privacy may seem insignificant in light of the greater mob. [...] At Uber, employees regularly abused its "God View" mode to spy on the movements of celebrities, politicians, and even ex-spouses.
This is no tech company problem. (Score:1)
All, really all, big organizations have this problem. Just ask Manning and Snowden; classic cases of too much access to too much information.
So governments, corporations, every organization needs to give power over information and access to the lowly peons or those peons can't do the lowly jobs they are supposed to do.
You can put in controls, access walls and shit, but if you do it, your administrative overhead will go through the roof. Someone like Google might sorta be able to pay for all of this, but it
Wow (Score:2)
First this guy and then James Damore, Google hires some real winners...
Not a good example (Score:2)
This story stinks of hand waving. Just because someone realizes that "account access" means "account access", doesn't mean it's high level access. When you add finer grained controls, you get middle tech who's sole job is to vet access (now the lower level just performs a bit of social engineering and it's old status quo).
David Barksdale's story is a low level employee with low level access. If the application needs frequent adjustment at the account level, of course you hire a bunch of cheaper-than-average