Extortion works
.
It all started at the PyCon Conference in Santa Clara this past
week when a couple of guys made a couple of crude jokes about “forking software
repositories” and “big dongles.” A dongle is a piece of hardware with some
software present on it that’s used as a key to unlock software so that one may
use it. Its purpose is to prevent unauthorized copying and distribution. In
this instance, the reference to the term was anatomical rather than
cryptographic. The inappropriate jokes violated the conference code of conduct.
Adria Mitchell, who sat in front of the men, reported them
to the conference administrators who escorted them out of the session. She also
snapped their picture and posted comments about the incident to Twitter and her
blog. http://butyoureagirl.com/14015/forking-and-dongle-jokes-dont-belong-at-tech-conferences/http://butyoureagirl.com/14015/forking-and-dongle-jokes-dont-belong-at-tech-conferences/
Adria Mitchell wasn’t just any old blogger or conference
attendee, though. She had a fairly influential position in Developer Relations
at Sendgrid, a company that sends bulk commercial Internet communications. Her
position in Developer Relations is important in the events that transpired.
One of the men was let go by his company, PlayHaven, in
response to the post. After his dismissal, the man who was fired allegedly
posted that he was a father of three and that he was disappointed because he
really liked the job. Developers responded by demanding on the pastebin site
that Mitchell also be fired.
On Thursday, March 21, Sendgrid came under a distributed
denial of service attack and a number of developers cancelled their accounts.
Adria Mitchell’s personal site also came under attack and she received death
and rape threats. By afternoon Thursday, Sendgrid issued word on Twitter and
Facebook that they fired Mitchell. The Sendgrid Facebook post stated, “Effective
immediately, SendGrid has terminated the employment of Adria Richards. While we
generally are sensitive and confidential with respect to employee matters, the
situation has taken on a public nature. We have taken action that we believe is
in the overall best interests of SendGrid, its employees, and our customers. As
we continue to process the vast amount of information, we will post something
more comprehensive.”
What’s the take-away from this? Well, like I said, I think
we can certainly take away the fact that extortion works. Sendgrid’s site was
down for most of the day on Thursday, the day that many newsletters and press
releases are sent. The company capitulated to the demands of its attackers.
However, Ms. Mitchell didn’t fire the man who lost his job, PlayHaven
did. Nobody targeted PlayHaven.
We can expect to see litigation come out of this—criminal, civil,
employment and commercial. Websites and services were hacked. Distributed
denial of service attacks took down services that lost thousands, if not
hundreds of thousands of dollars. People were threatened with physical harm. People
lost their jobs, perhaps wrongly. Companies didn’t have their e-mailings go out
on time due to Sendgrid being down. And for what? Because a couple of guys made
some inappropriate sexual comments at an industry conference. Perhaps we can
all learn something in hindsight from this about the value of treading lightly.
While this is an extreme example, it is the reality of our world today. A
simple post caused this damage. Before any of us acts or renders advice in
response to a situation, we really need to give pause and consider the possible
ramifications of our actions.