Slashdot Mirror
SF Admin Gives Up Keys To Hijacked City Network
snydeq writes "Jailed IT admin Terry Childs relinquished his hold over San Francisco's multimillion-dollar FiberWAN, handing his administrative passwords over to San Francisco Mayor Gavin Newsom, who was 'the only person he felt he could trust.' Childs is still being held on $5 million bail for his lockout of the city's FiberWAN, a case that has been called into question since an insider came forward with details about both the network and Childs himself. The case hinges on No Service Password Recovery commands Childs allegedly configured onto several Cisco devices, as well as dial-up and DSL modems the SFPD has discovered that would allow unauthorized connections to the FiberWAN. Childs intends to 'expose the utter mismanagement, negligence, and corruption at DTIS, which if left unchecked, will in fact place the City of San Francisco in danger,' according to his motion. The Department of Telecom and IS has cut 200 of its 350 IT positions since 2000 — pressure that may have contributed to Childs' actions, according to interviews with current and former DTIS staffers. Newsom secured the passwords without first telling the DTIS that he was meeting with Childs."
Most folks aren't familiar with WAN management, so they probably still don't get what you're saying.
People: Installing backdoors in a WAN saves you a 1+ (sometimes much more than 1+) hour trip somewhere to check a stat or reset a device. Installing backdoors in a LAN is lazy. In other words, the difference is geography. As a WAN manager if you don't have what's called an "out of band" management plan, you're an idiot. (Or you have a micro-sized WAN.) It's also not something that's left secretly, it's planned and secured like any other WAN exposure.
Good luck!
-Matt
You must be new here.
Some of us keep the fact that we are married, and have children, a secret.
Oops!
Bearded Dragon
the more recent article points out he did not do ANY harm after being fired. The "backdoors" were pointed to a pager. The no recover setting would have been to protect the network settings from stolen hardware wiht physical access... because we all know equipment NEVER goes missing from city offices. Sounds like he was overly paranoid but other than not coughing up the password, did NO wrong.
In fact, the fact that there was nobody in the department that could identify what he did, and the police had to go to outside people seems to scream that he's innocent of all of the charges.
As far as the password.. they fired him! No plans made to cover his tasks, or to continue admin services... just give them the password... who knows what they'd accuse him of in 3 months because they don't know what they're doing. Waiting until he's FIRED to ask for documentation is too late... if he's a "criminal" for not giving the info up, they are even more so for not following good security practices and not having this info BEFORE they needed to let him go.
he NEVER attacked, nor have they claimed he did. They arrested him and charged him the same day they fired him and he wouldn't give up the password. Then started spewing to the press he "might have" created back doors (lines calling his on-call pager) and sabotaged equipment (not restoring the configs on power cycle to protect the network).. which is already being determined as built-in (but rarely used) features being used correctly. So far the ONLY WRONGDOING they have is refusal to give up the password.
They ARRESTED and managed to get $5M bail for not giving up a password... period.. the rest is misinformation, lack of job skill by his boss, or outright LIES. No wonder he didn't give it up sooner!
That is a quote from a psalm that was made into a song.
Not any more insane than quoting Aerosmith.
Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
No, because we all read the part about where he disabled the ability to do exactly what you suggested he do.
Vintage computer games and RPG books available. Email me if you're interested.