Developer gets 4 years for activating network “kill switch” to avenge his firing
Disgruntled developer was caught after naming the “kill switch” after himself.
Hasnain says:
Whither code review?
“But the most damaging to Eaton Corp. was code that Lu named after himself, "IsDLEnabledinAD," which the DOJ translated as an abbreviation for "Is Davis Lu enabled in Active Directory."
That "kill switch" was designed to "lock out all users if his credentials in the company’s active directory were disabled," the DOJ said Thursday. And it worked flawlessly, "automatically activated" when Lu "was placed on leave and asked to surrender his laptop" in 2019. It locked out "thousands of company users globally," and no one had a clue what was going on.”
Posted on 2025-08-23T05:30:09+0000