In the course of developing software for companies, it is a common, although unadmitted practise to leave backdoors in the applications so that they would be able to bypass certain steps in the process of development. For obvious reasons, I can’t say what is being done, however, one system engineer decided to take a step further. He locked the system up before leaving his company.

While some may think that it’s a human resource and perhaps technical issue that the company should clear up with the systems engineer, this person, as mentioned in the article below, became the first guy to be hauled to court under the Computer Misuse Act. While this is somewhat a case of “randsomware”, the reverse may result in the same kind of prosecution. Meaning, if you leave the company leaving loopholes and backdoors (knowingly or unknowingly), there’s a chance that you may run into trouble with the law.

So while all software engineers feel that there is sometimes a need to create a backdoor for convenience, do take a note of where the backdoors are and remember to close all of them. When it comes to fingerpointing, especially when confidentiality of information is compromised, very few people can be spared of it.

Editor: Special thanks to reader Onlooker for pointing out this article.

A SYSTEMS engineer has been hauled to the criminal courts by his former employers for allegedly sabotaging a computer software he developed.

SMC Marine Services has accused Thangavelu Boopathiraja, 36, of secretly setting passwords within the program before leaving the company.

The password protection, discovered months after his resignation, has left the company unable to check, modify or upgrade the system, lawyers for SMC told a district court on Friday, at the start of the hearing.

SMC is taking criminal action against Thangavelu under the Computer Misuse Act, for preventing access to the computer program without authority.

This is believed to be the first private prosecution involving the act.

Thangavelu denies setting the passwords and has claimed trial.

The defence’s position is that SMC’s prosecution of Thangavelu is malicious and is aimed at putting him out of business.

Thangavelu, a former Indian national who is now a Singapore citizen, was employed by SMC between February 2004 and August 2006.

SMC is in the business of transporting bulk cargo using tugboats and barges.

At the time, Thangavelu was developing a vessel monitoring system that allowed real-time information, such as fuel usage, to be sent from the vessels to SMC’s office.

According to the prosecution’s opening statement, the software tool that is used to write the source codes allow a programmer to add password protection features.

But these passwords can only be set knowingly and not inadvertently, said the statement.

The firm says that Thangavelu was not authorised to configure the system such that a password was required to retrieve source codes.

Anyone convicted of preventing access to a computer without authority can be fined up to $10,000 or jailed up to three years or both.

Article obtained from straitstimes.com on 14th June 2008



Reader's Comments

  1. Onlooker | June 15th, 2008 at 7:51 pm

    I like (real) Talents (like those 36% from NASA) too but the point now is that a lot of those who come aren’t really up to standard (B.CS Script Kiddies!!).
    Imagine at the 80’s you are considered not up to standard if your English is not good but now Tom,Dick and Harry can come and just work (especially with FT HR and management who open countryman employment backdoor) without regards and not even bothering to study English here.
    If that company (SMC) have a call for solution,I would recommend the IT man ager some development methods (mentioned b4) but would prefer a Singaporean worker (my opinion).
    Also make sure the IT man ager know about the back door (for testing) and that it is well documented aka commented IE easily removable for the next better programmer.
    The point is Quality comes with a price. Cheap is only good until it cause problems.
    In this case they would have fare better with a Poly diploma holder in Singapore.(Yes some of them are really quite good during industrial attachments).

Leave a Comment

%d bloggers like this: