Re: Breaking into computers you don't own..
1. No one was "caught." The issues were reported by Dave. In fact neither the county nor the state could tell if they had EVER had a data breach. The state was very clear about that.
2. Dave stopped as soon as he proved the holes were real. There was no rummaging around inside someone else's system. He did not take any information, either.
3. Dave not only reported the holes, he showed them how to find the holes. After explaining where the holes were, they still could not find them. So, he showed them how to fix the holes and gave them Best Practices going forward. The state asked for a written report, which he provided. They gave him permission to go into the system. When Dave found they did not even have the most basic tools to detect intruders, he provided them with those software tools.
4. The FDLE did not actually investigate. They just tried to find a law they felt Dave broke (which is not an applicable law in this case), and tried to figure out how to nail him on it. They reported the current Supervisor's claims as fact without investigating. The claims turned out to be false. The FDLE did not put a real IT person on the case and STILL does not understand what happened or how it happened. The only dates they used they received from Dave and I, in cooperating into the investigation of why the holes were left there for years to begin with. The investigation is supposed to be into the Gross Negligence of the state and county. However, the FDLE is allowing themselves to be used as political pawns by a corrupt politician.
Don't buy into this nonsense. Your comments just make you look very uniformed.
Biting the hand that feeds IT
