source code that USED to be owned by AT&T
did not even qualify for action. Salomon legal stated Salomon has a lower
obligation for third-party copyrights than they did for software they
contracted for themselves, like Sybase. Salomon didn't have a UNIX source
license, so obviously the employee had gotten it elsewhere.
In the following statistic, it was the only non-Salomon source code.
We went from zero monitoring of Internet email traffic to...
> On 3/21/96 we had our first security incident report.
> By 3/26/96 we had an astonishing 38,000 lines of proprietary source code
> We were mentally unprepared. Figuratively we were pulling our hair out
> wondering when the madness would stop.
> It never did.
As I said, the results of keyword monitoring were stunning.
If you look up computer security literature and read up on security incidents,
you'll notice none are more articulate about inside-employee incidents other
than to describe the people as "disgruntled employees".
I'll go over some of the major categories of incidents I encountered.
Keyword monitoring is abstract to most people; these results show
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.2.0
-----END PGP SIGNATURE-----