With great power comes great responsibility (mastery 3)

--Originally published at Mental Droppings of a Tired Student

Let me start this post by repeating the one quote many professors have referenced when teaching my peers and myself:


Indeed, the kind of knowledge acquired by professionals within fields like science and technology, particularly the vast arsenal of skills and practical knowledge acquired in an engineering degree, which can often be used for the greater good  of mankind and attribute great advances to make everyone’s life easier… but it could presumably and easily be used for for evil.


In countless organizations IT personnel are entrusted with the ability to access sensitive and personal data. How they handle this responsibility has much to do with their ethical standards, which is why organizations carefully select people with high standards to protect data. Or do they? I think most of us just don’t want to lose our jobs, or we’re too busy to care.

I can comment on the topic from personal experience, since I was lucky enough to land an internship at HP (right before it mutated into HPE and HP INC), particularly in an IT team that dealt with fairly sensitive data. Everyone in our team had immense power, I mean we had access to virtually any internal information, no matter how confidential. Since our team was L3 (Layer 3), we were in charge of handling issues with high priority that had already been looked at by 3 previous teams who had been unable to solve them. Needless to say we had access to people’s mailboxes, sharepoint websites, yammer accounts, anything that needed fixing really.


Not to brag, but I ramped up unusually quickly within that team. Not because I’m smart or anything like that, but because I’m really nosy and found a sick sense of satisfaction in being able to fix things other people didn’t understand (my poor users).

often than not, sharepoint websites would mysteriously disappear, and we would be asked to restore them. Usually by a terrified user who needed the information within the site desperately (even though there is an option to back up your site and download the content but users rarely bother in exploring a tool beyond the basic needs). With my credentials and a little digging around in the logs I could find out exactly who deleted the site, the date, etc. I don’t understand how someone could accidentally delete a site, but believe me this happens.

I rarely disclosed who had been the genius who deleted it, unless a manager or someone high within the HP hierarchy asked (bullied us into confession)… because I’m not an evil c** I would usually blame migration issues, or simply email them a link of the site when it was up and running again.


Another funny anecdote is not my own to tell, but it’s still quite amusing so I will relate it to you now. HP’s SMTP system is orchestrated by a single person pretty much, let’s call him President Snow. President Snow is the mastermind architect of the system, how the servers interact, the front end, back end, the manner in which traffic is managed, everything. President Snow was quite militant in who touched this structure.

One time President Snow was asked by directives to implement some sort of word filter, that would target inappropriate language and restrict its usage within internal emails. Naturally, President Snow’s concern was that this traffic would be an enormous amount and would require not only resources but lots of manoeuvring in order to be effectively implemented.


So he negotiated a trial period, in which emails containing certain words  would be captured and monitored. Let’s just say the emails captured were quite interesting to say the least. Office affairs, family feuds, usually involving the F word. Needless to say that idea was discarded after the trial period. Sometimes people have personal things going on, and to my knowledge none of the people involved got in trouble. I don’t think they were even informed about this email surveillance witch hunt.

Like knights of the round table, scientists and engineers often have a strong personal code of conduct and unique moral standards. From what I’ve observed this stems from hours of RPGs and D&D, but our flamboyant temperament does not exempt us from forming a part of society and thus having to adhere to guidelines.


In light of this thought, from The Washington Consulting Group and the Computer Ethics Institute, here are the Ten Commandments Of Computer Ethics.

  1. Thou Shalt Not Use A Computer To Harm Other People.
  2. Thou Shalt Not Interfere With Other People’s Computer Work.
  3. Thou Shalt Not Snoop Around In Other People’s Computer Files.
  4. Thou Shalt Not Use A Computer To Steal.
  5. Thou Shalt Not Use A Computer To Bear False Witness.
  6. Thou Shalt Not Copy Or Use Proprietary Software For Which You have Not Paid.
  7. Thou Shalt Not Use Other People’s Computer Resources Without Authorization Or Proper Compensation.
  8. Thou Shalt Not Appropriate Other People’s Intellectual Output.
  9. Thou Shalt Think About The Social Consequences Of The Program You Are Writing Or The System You Are Designing.
  10. Thou Shalt Always Use A Computer In Ways That Insure Consideration And Respect For Your Fellow Humans

I don’t know about you, but to me these seem fairly basic and obvious. Number 6 and 7 are often violated. As for number 9, it’s 2016, if the question “How could people use this to harm other people?” not part of your design process you’re trash. Number three is hilarious by the way, people going through their partner’s emails is quite common.

Some of the most renowned people in silicone valley have violated this moral code and at some point have been involved in legal shenanigans as a consequence of their behaviour.  To mention a few, Mark Zuckerberg, Steve Jobs, Evan Spiegel. Coincidentally these three were and are notorious sexists. How cute…

There is definitely an implicit contradiction in what silicon valley considers a paragon of virtue, it’s the archetype of the entitled frat boy turned entrepreneurial prince who gets rich fast therefore has his disgusting behaviour magically whitewashed by success, money, fame and a half-assed apology on social media. But we’re getting off topic here. Perhaps I will rant about this in another post.

There is such a thing as ethical hacking, but I will be posting about that later on. Long story short, don’t be a snitch, try to be nice and stay tuned for my next blog post.