Re: SETI@home as Malware?

My 2 cents;

The administrator in question shouldn't have used a personal Seti@Home account; this wreaked of self interest. It would have been better for him, if he had used a generic school account, and not take personal credit for it.

In his defense, ATI bundles Folding@Home with all of its drivers. Most manufactures throw so much boat-ware on new systems these days it becomes necessary to sanitize new systems before deployment. That's fine for a small company, trying to do that for a school district becomes a nightmare.

As far as the power, and equipment wear and tear issue go. One could argue that it is better to keep the systems on, rather than off. It's difficult to perform maintenance on systems while users are activity using them. Power supplies like to stay on, I'm sure you could find evidence that when systems stay on they fail less. Computers generating more heat, means that building HVAC systems, didn't have to work as hard in the winter, but had to work harder in the summer.

In the School Districts defense, the threat of metered Internet still looms heavy. Metered Internet will be the death of distributed computing projects like Seti@Home. If metered Internet becomes fact, then the bandwidth issues associated with projects like Seti@Home, will have to be looked at with a microscope.

Everything has it's place. The science lab would have been an appropriate venue for Seti@Home. Not every computer in the school however. My experience with system administration in an educational environment, has been that the educators I've spoken to, want to keep the environment as open as possible. They are more reactive, than proactive, which could explain a lot of this.

Even to this day, Drexel will process DMCA take down orders, but really doesn't do anything else. There really aren't student firewalls per-say. There is anti-virus(Symantec EP Protection given out freely), initial account creation scans, mandatory anti-virus checks, policies that encourage security, but it really stops there(things may have changed). Administration and faculty I would hope are handled differently.

For example, I had a strong 8 character password on my school e-mail account. It was hacked, and SPAM started going out. I never gave it out to anyone. So that means it was either electronically stolen(other mail account information stored on the computers I used weren't affected), brute forced, or sold my Drexel insiders to spammers (happened after I left the university). My account was never locked, in fact I had to tell them about the problem. I never got a warning of any authentication errors.

Do I think internal power struggles, and personal politics played in to this, most definitely. Having been on the wrong side of politics myself, I can vouch that it really sucks.

Do I think that many of us take liberties with the systems we are entrusted with, yes. I personally have my own infrastructure which in most cases is better that anything that work has. So I have no trouble keeping work and home separate. I tend to be a company person, but that is just me. There are many times when I use home stuff for work; just because it's more efficient to do so. I also work for a small company, and try and help them out as much as possible, especially in these times.

In work some people can be entrusted with empowerment, others cannot. The larger the organization the harder it is to do this. I think it comes down to the employee empowerment issue. If you can't trust your employees to do make the correct, responsible, and appropriate decisions than stuff like this will happen. I think, in all, it was blow out of proportion. The administrator in question made the right decision by resigning. Management, and their lack of understanding, about the details of technology, continues, and IMHO be the most at fault.

The excuse I don't understand, doesn't cut it anymore. Management needs to understand the duties of the personnel they are responsible for, and ask questions.

Re: SETI@home as Malware?

I agree with you. When anything is "iffy", it is better to be safe than sorry.

Re: SETI@home as Malware?

What she said. I still feel that 7 years is an awfully long time to figure out that there's a major issue. A 3rd party auditor should have been called in after the first poor performance evaluation. But I digress, different entities will run their business as they see fit, my views on performance management do not reflect the majority of businesses, or school districts as the case may be.

Re: SETI@home as Malware?

That makes more sense now that they've said how many machines were being used.

Re: SETI@home as Malware?

I'm sure we all know that most management that isn't IT aware, most of the time has no idea what IT is doing. They probably looked at it for a while that the network was running and he was probably making excuses for whatever problems were arising. But that only works for so long, and they probably had a third party look over the issues and determine that something else was wrong.

I did see an article yesterday that he was running it on 5000 machines, so I revised my formula in the previous post. It would seem that their estimate of $1.2M is pretty close to losses related to power. I don't see that number as being unreasonable over the course of 7 years.

Our place spends about $700,000/y on electricity.

Re: SETI@home as Malware?

Sounds to me like this guy was just flat out bad at his job, and lazy. Apart from the stolen equipment found in his home, the rest of the article simply makes this guy out to be a shitty guy to have in charge of IT. Malware, I dunno, sure SETI cranks up the power bill, but boinc is something that can easily be disabled/removed by the end user. Of course he shouldn't have put it on there to begin with, but in the end, all of the "damage" he did could have been avoided with intelligent decisions by others, case in point "he didn't install firewalls"... fire him and get someone who will. He got a poor evaluation, where I come from, that means get your act together in x number of weeks, or pack up your desk. This guy did some dumb things, but who is more foolish? The fool, or the fool who allows him to act foolishly?

Re: SETI@home as Malware?

Of course not, but I think that's part of what makes it hilarious

Re: SETI@home as Malware?

Even if the policy was ambiguous, he was told to remove it and apparently didn't. At that point, he should have been terminated. I do have a feeling that the SETI installation was only a small part of his failings. They found school property at his home, that he apparently wasn't supposed to have there. That's theft. I agree with Prez, the only reason this is news is because of SETI.

Re: SETI@home as Malware?

Let's just assume it was one of the many other distributed computing programs, but not SETI@Home. Would this be national news? No.

Re: SETI@home as Malware?

I'm just thinking about this from the legal angle (yes, I did a few pre-law classes back in the day). Personally, I'd love to see the school district's rulebook. If any use policies or employee policies did not EXPLICITLY include language that bans this type of activity but did make provision for "educational" use, then the fact that it was SETI would make a difference. But it would matter because it supports educational research, not because it had something to do with aliens of course. If the language in any of the policies is ambiguous or allows for undefined "use for educational purposes", then this could get some or all charges against the guy dropped. You guys are right that it's irresponsible of the guy to pull this crap in the first place and that the media is having way too much fun with the story though.

Re: SETI@home as Malware?

If the program itself isn't the issue, why is it even mentioned as a reason to fire the guy?

Those points are only as valid as they are for any other program. I've yet to see a program that doesn't consume some resources. If they'd at least argued that the program consumed X amount of resources over a "typically idle" PCs, they might have a real issue. However, if they'd done that, then the question becomes have they done a comparison to full idle state vs. a running screen saver, or even SETI@home vs a screen saver. It would be interesting to see if they do ban screen savers (for example) have they fired (or even warned) any other employees who run screen savers of their kids or kittens for wasting resources.

Sure, and it may be a valid reason for the firing, depending on the circumstances.

I still think there are some wider policy issues here, and in its actions that the district may be opening a huge can of worms.

Re: SETI@home as Malware?

Maybe I'm missing where they even alluded to it being dark and evil. It would seem their points are valid.

Plus...

Sounds like he was asked to remove it and didn't, that would be insubordination and probably enough reason for this termination.

Re: SETI@home as Malware?

There's some truth to that, at least as far as those people go who have never heard of SETI. Although, from my perspective, it sure seems that the district is pushing a legitimate program as that something that's evil. After all, it's one of the four points mentioned as part of his separation.

Re: SETI@home as Malware?

Like I mentioned above, the whole SETI angle is what made this story anything more than a local story. Remove SETI@Home and this is your run-of-the-mill "he did a crappy job" story. But mention aliens and suddenly it goes nationwide.

Re: SETI@home as Malware?

Maybe SETI should take away all his credits since they were acquired inappropriately.