That feels like a very… hopeful interpretation. Instead of “In my expert opinion there is no non-malicious use of this component, and SysadminX was the only one with possible access.”
Intent is not always necessary, it depends on the charges.
Computer Forensics isn’t a new discipline at this point. People have literally gone to jail for putting in kill switches. It’s possible SysadminX is actually smarter than teams of people that are dissecting what happened after they were fired and is a real life Keyser Soze, but it’s extremely unlikely.
I think the key here is intent. kill switch or not, proving you had the intent to harm is what you’re found guilty of.
can’t prove intent on code that’s had all history wiped from it and sat in prod for several years.
“why does this code exist?” – “IDK” “in your expert opinion why does this exist?” – “I cannot express my expert opinion because of a lack of evidence”
That feels like a very… hopeful interpretation. Instead of “In my expert opinion there is no non-malicious use of this component, and SysadminX was the only one with possible access.”
Intent is not always necessary, it depends on the charges.
Computer Forensics isn’t a new discipline at this point. People have literally gone to jail for putting in kill switches. It’s possible SysadminX is actually smarter than teams of people that are dissecting what happened after they were fired and is a real life Keyser Soze, but it’s extremely unlikely.