Therein lies the rub of 'telecommuting' and being able to work easily sometimes. I know I've been in environments where the only option was to turn off the 'real time' virus protection, because some products on the market trigger while compiling (a lot of file access and it would check each one), slowing the machines down beyond workability -- in our case our 800 MHz machines compiled code slower than 200 MHz machines are capable of.
Or other environments on the other end, where the programmers couldn't work because they didn't have sufficient access on their machines to debug processes they didn't start (really that was a misconfiguration I now know, but most Windows programmers have been taught they need to be admin on the local machine to work - that's not true but you do need some elevated rights in some cases).
All of us know source code control is vital, and we back it up, but how often do we consider how easy it would be to compromise from the outside?
What a crappy thing to have happened.. while I'd be less concerned about serious competitors using the information (too easy to prove and end up losing at court over), it's more disconcerting to see what use idiot script kiddies and cheat 'h4x0rs' make of the information.. sigh.
At 05:35 PM 10/2/2003 -0500, you wrote:
> "1) Starting around 9/11 of this year, someone other than me was accessing > my > email account. This has been determined by looking at traffic on our email > server versus my travel schedule." > > Im lost... Why did he not change his password?
Because hindsight is 20/20. I would bet that Gabe only recently (today) discovered that someone was using his e-mail account, otherwise he surely would have changed his password and/or disabled his e-mail account until things could be investigated further.
It's so commonplace today for people to expect their Windows computers to do strange things and usually the first thought is "I have a virus". Run a virus scanner and if it doesn't detect anything, then your machine must not be infected, right? <sarcasm>After all, how could you get a virus that no body else knows about?</sarcasm>
I'm sure with all the flurry of activity in the last couple of months for Valve, and Gabe being on the road so much, that nobody really thought twice about spending the time to throughly investigate why Gabe's computer was acting weird. Even worse, I would bet that the virus spread itself to other machines, so that even if Gabe did reformat his machine and get it clean again, as soon as he accessed one of the infected machines, it was back on his machine again. Sometimes those little buggers are REAL hard to get rid of, especially in a corporate network environment.
I feel for the Valve guys and I know how difficult it can be to create secure networks yet still allow internal people to access the external resources that they need on a day-to-day basis. Being a network administrator is not an easy job and there's probably not much the network admins could have done in this case anyway.
Perhaps Valve will restructure their internal network so that the "family jewels" never sit on a machine that has any kind of external Internet access. It makes development tasks more of a pain, but in does help to prevent security breaches.
Jeffrey "botman" Broome
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders