[jamescun]

> While his root access gave Gisse access to private data stored on a large number of customer websites, there's no evidence he used it, the Hostgator executive said.

I think the article is quick to jump to the conclusion that he was attempting to be malicious with his actions however this could be a case of Hanlon's razor.

His actions could easily be attributed to a less-than-aware sysadmin developing his own solution to get around often arduous security restrictions. Stupid, yes. Malicious, no.

[roel_v]

%| You serious? A dude backdooring several system utilities, giving him access to 2700 customers' data and applications, and you're defending him with 'it's just all a mistake' nonsense?

[gvb]

He attempted to access the HostGator from outside computers: Hetzner Data Center in Nuremberg, Germany, and efnet.pe (Peru) are mentioned in the article. The Hetzner access was the day after he was dismissed.

Malicious, yes. Stupid, absolutely.

[tracker1]

If he hasn't accessed any of these systems since he was terminated, he could state that it was for "emergency" access to remote systems upon other compromises. Since most of these systems are likely headless, then remote access is the only way to get in. A lot of remote exploits will nuke SSH, and other access tools, so having a "backdoor" is often a good idea.

That said, it's still likely that this guy is just a douche with a bad attitude, and deserves everything he has coming. Big difference between this, and "stealing" a bunch of reports that were government funded, and open to any and all users on the school network they were accessed from.

[homosaur]

I don't think this would work. Installing your own solution on customer facing hardware? Might get you out of prosecution, but I think you'd have a nearly impossible time explaining that.