He publicly admitted doing this before, and iirc he also bragged about this one but even if he didn't, there was enough proof that he did this.
So he gets to choose: take a jury trial when there is absolutely no reasonable doubt, with enough evidence that he was a long term asshole, and possibly get a life sentence. Or take a plea deal and settle for 20.

In his case, taking the 20 was probably the best choice because a trial would in all likelihood have resulted in a guilty verdict and longer sentence.

Actually, a HUGE difference between the US and my country is that normal police do not have to consider that every traffic stop or intervention could result in being shot at. Cops in the US are on a hair trigger because getting shot at is a very real possibility. In most Western european countries for example, cops do not walk up to a situation expecting to be shot at.

Actually, if you think that something like that (causing terror and potential life threatening harm) is for giggles, then yes, that makes you messed up.
'what does this button do' type of things are stupid and reckless.
'I know it is dangerous and traumatizing to the targets, but I really don't give a damn.' is messed up

And if it then results in death, then a long prison sentence IS warranted because he knew fully well what the end result of a swatting can be. It is really no different from playing Russian roulette with someone else's head. And he knew it.

I suspect this is not just a matter of adding admin accounts with a fixed password.

I manage a large production control system in a pharma plant. The software is from a well known vendor (in that industry) and comes with a lot of certifications. There are no hard coded user accounts, though there are privileged accounts that I know the password of because I set them up. But regardless of the fact that I know those passwords, this is an enormous pile of software comprised of services, user applications, scripting engines, background process, etc, and different parts of the software are running distributed over 15 different servers. As a collection, some of that software is 30 years old and cobbled together from lots of pieces from lots of different sources.

I come from a software developer background, doing mostly kernel level work, interprocess communication, software infrastructure etc. When I look at the pile of software I have been managing for over a decade now, I see many ways to abuse running services or schedulers, and making do things they are not supposed to.

Not because I can 'log in' as a service account, but because I know for example that one of those privileged accounts is getting information from some place in order to determine what to do, and because of an oversight or bug, I can affect the information telling that account what to do. Due to less than perfect design (or possibly because of legacy software that cannot easily be changed) I could piggy back a script or executable on top of something else and have that executed in a privileged manner.

So I really think that this is not so much a cisco developer adding in privileged accounts. After all that would be trivial enough to find in code audits. But it is much more likely that there are ways to influence what a privileged process inside the cisco system is doing. The term 'backdoor' implies a much bolder and intentional issue, which I really don't think is going on here.

And since Cisco has developers who are very much at home in their own software, it doesn't really surprise me that they can look at their own code, and figure out things that may have unexpected vulnerabilities.

If you can reasonably be assumed to have suspected that the address was going to be used in a malicious way, then giving it out would be reckless endangerment.

It has it's pro's and cons.

On the plus side, she is very practical and pragmatic. And she is perfectly ok with me spending (some of) my evenings in the shop without being upset.
On the flip side, if I want to be hugged, I have to ask for one. And then internally she is probably counting 'one Mississippi, two Mississippi, three Mississippi' and we're done. Last time I bought a surprise box of expensive chocolates, her reaction was 'I didn't really have a need for this, but ok...'

As I said, there are good sides and bad sides to having a partner who is very practical.

I have family time as well, normally every evening. We eat together and sped time together.

But outside that, every free minute goes into my blade smith hobby which turned into a side business long before FiF became a thing.
I have a large network of friends around the world that I talk to / communicate with on a daily basis. There are yearly events I travel to to meet with them and hang out in real life. Some of my best real life friends live on a different continent and I try to visit them or meet up when it is possible.

My oldest child has always been interested in knife making, and has started learning to forge things and make things in my shop. My youngest has her own tool box and often spends time with me in the shop, hammering nails into pieces of wood to write names and hearts and stuff like that. They love hanging out in my shop and doing creative things. And my wife isn't the huggy feeling person needing constant attention. We have our time together mostly during the weekend.

They used the BSD stack in the Windows 2000 era temporarily because they didn't have a decent one at that time.
That has been replaced a long time by a native Microsoft one.

I thought the mindset of open source was that YOU did things how YOU wanted to do them, and provide the source so that people can fork if they disagree?
That is after all why there are over a thousand text editors for linux.
That is why you have X.org and X386 if I recall correctly.
VIM and emacs.
etc.

My guess is that no matter what Microsoft does, you will complain about it.

Full disclosure: I work in big pharma.

The problem is that the decision making process of a medical person in routine conditions (i.e. not field emergencies etc) is only supposed to depend on things that were approved for medical use. Not only drugs go through very strict procedures. Things like heart monitors etc do to IF they are used for medical purposes.

If you wear a cheap fitbit knockoff to help you with cardio training, you can do that for personal use, but your doctor is not going to consider that anything but indicative. That fitbit is not medically certified. It has an unknown accuracy. It may not work correctly in some conditions, etc. He is not going to hinge his diagnosis on what your fitbit tells him unless it is corroborated by alternate and certified sources. The reason is that unless it is certified, he is not supposed to rely on its information.

So yes, your fitbit might provide him with an original clue, and then he needs to follow up with real medical devices. He is not allowed to rely on that data. And if he does, he opens himself up to severe penalties. Otoh, if he uses a medically certified devices that says 'A', then he can rely on it being 'A' without being required to put that data in doubt if it aligns with his medical opinion.

How about a lot of users and exposure?

I work in a Windows centric enterprise at the moment. But we do have some linux systems. And while I don't have one running at the moment, if I need to test or develop linux software, I need to run linux. What is the likely choice for me: a) deploy an ubuntu VM with a couple of mouse clicks and VMS settings, or b) futz around for possibly hours or days with a generic distro and hope I can get everything to work reliably as expected?

Also, I do think it's a bit silly to let Windows 95 era events influence your decision making process. Ubuntu has nothing to lose by working with Microsoft to enable quick deployment of ubuntu VM on Windows, and a lot of potential gain. This is a way for Microsoft to have a convenient linux deployment for customers who need it, and for ubuntu to reach a lot more users. It's not about how much ubuntu can get from Microsoft.

Because some tools are just plain better on Windows. Quite some years ago I was developing software which needed to run on linux, and the software was multithreaded. The problem was that at the time, debugging multithreaded software on linux sucked donkey balls. Gdb simply could not cope with breakpoints in multithreaded code without crashing.

Visual studio otoh had no such problems, and was both a very handy tool for developing, debugging, and designing the unit tests. So I developed all infrastructure code with full test coverage on Windows, and then transferred it to a linux box and compiled everything with g++

Maybe these days, support for those use cases has improved, but at the time there was no reasonable linux based solution.

First, I am not saying you are wrong in not having kids. If you don't want them, you should definitely not have them. And second, you are right: you probably have a lot more fun than my and my wife. And probably have more sex as well. You probably eat out more, travel more, see movies more, and generally do more of the things typically classified as fun.

But when my youngest daughter brings a pile of her favorite stuffed animals down and snuggles up to me with them, to watch terminator 2 together, or when my oldest daughter comes into my workshop because she wants to forge a firepoker with me (I am a part time smith)... those moments are better than anything I ever did that would be considered classical fun. Those moments are why I love my kids more than anything in the world. That feeling is better than anything I ever experienced as fun before I had kids.

No company on earth is going to spend billions moving their production lines if they're going to end up paying as much or more to make the same thing. That has nothing to do with the US working class.

I work in big pharma.

I am unaware of the specific cases you may be referring to, but whether a component is already tested or not, is only a part of that process. Companies have to prove that a) they make that component exactly as described in the filing, and b) that the result is that particular component. Nothing more, nothing less.

For example, if I make aspirin, I have to make a filing with the FDA, with all the details of what I am going to make, en with an exact description of the process I am going to use, even going so far as dimensions of vessels, mixers, etc. the company I work for makes a specific drug that used to require being made in a 1000 liter reactor. We had to refile for approval for our 2000 liter bioreactors. And this was not simply a matter of rubber stamping. It started with a new audit, investigation, approval process etc.

Even moving a production line to a new plant next door means starting over. When we built our new plant right next to the old one, it took years to get approval. That is just how the regulatory process works. Not just the FDA in the US, but also the FAGG in Europe for example.

From breaking ground for a new plant to getting approval to distribute is a process that can easily take between 5 and 7 years. And this is because there is the need for guarantees on the process and the product, and not just 'best effort' or 'good enough'

Also, one of the additional requirements is that a company needs to prove they have all the organizational processes in place to comply with how a pharma company needs to be run. There is a thing called pharamcopeia which describes all the testing you need to have in place, how to deal with test results, how results need to be escalated, etc. You need to have working processes for dealing with exceptions and deviations, batch review and release, etc.

The product we make can be made by a PHd student with access to a simple million dollar lab. But to make a product that is suitable for intravenous use in compliance with ALL standards, takes a site with about 400 employees, half a billion dollar in initial investment, and ten to 30 million in annual upkeep costs.

Just saying: getting approval for actual use is orders of magnitude more difficult and time consuming than just making the component in a lab.