SF Admin Gives Up Keys To Hijacked City Network

snydeq writes "Jailed IT admin Terry Childs relinquished his hold over San Francisco's multimillion-dollar FiberWAN, handing his administrative passwords over to San Francisco Mayor Gavin Newsom, who was 'the only person he felt he could trust.' Childs is still being held on $5 million bail for his lockout of the city's FiberWAN, a case that has been called into question since an insider came forward with details about both the network and Childs himself. The case hinges on No Service Password Recovery commands Childs allegedly configured onto several Cisco devices, as well as dial-up and DSL modems the SFPD has discovered that would allow unauthorized connections to the FiberWAN. Childs intends to 'expose the utter mismanagement, negligence, and corruption at DTIS, which if left unchecked, will in fact place the City of San Francisco in danger,' according to his motion. The Department of Telecom and IS has cut 200 of its 350 IT positions since 2000 — pressure that may have contributed to Childs' actions, according to interviews with current and former DTIS staffers. Newsom secured the passwords without first telling the DTIS that he was meeting with Childs."

'the only person he felt he could trust.'

[UnknowingFool]

From my viewpoint, it appears that Mr. Childs wasn't so much a malevolent person as much as he was paranoid and protective. We've all met this admin before. He won't give you any rights that you may need to do your job because you could screw "his computers". I'm not saying what he did was right or legal but he may not be the white cat stroking, maniacally-laughing villain that the initial news reports made him to be.

Re:'the only person he felt he could trust.'

[gehrehmee]

How is not doing your job criminal exactly? Grounds for dismissal, sure, but jail?

Re:'the only person he felt he could trust.'

[pieterh]

Anyone having spent that much effort creating a network - and succeeding - would become paranoid and protective of it. I challenge anyone to invest so much in any project and then happily see it messed up by people who are less competent.

However the situation is still messed up, the City should never have allowed one person to take on so much responsibility, and at the first sign that he was becoming indispensable, they should have moved him to another project.

If someone is essential for a project, replace him as soon as you can...

In fact the whole story is a good case study for outsourcing - a small, competent network firm would have done as good a job, and treated the incompetent managers simply as clients, not bosses.

The blame lies squarely with the City, not Childs.

Re:'the only person he felt he could trust.'

[kesuki]

"Your mental illness is not real."

Mine is very real. I doubt you've ever spent 6 months in a hospital trying to tell people that human beings are being infected by a computer virus. (note: the computer virus was real, and i was the only person who could actually get it off the machines, because it was infecting the BIOS and had 'symptoms' like going to the desktop in the middle of a full screen video game, that other people dismissed as being 'real')

To this date, with medication I still am hazy on if computer viruses can infect human beings, on a bad day, i look for malware in every OS on every computer i have, with every tool available to me, including many useful FOSS tools like dban which allows complete erasure of the drive...

"You are the product of a society that is unable to deal with stress and disappointment."

I'll give you that, but you've never gone 6 days unwilling to eat food or drink tap water because it's poisoned, luckily this symptom has been dealt with with medication.

you've probably never hidden in a basement with aluminum covering you to block the mind control waves either. related to this is using a FM radio from the 1980's and 3 cell phones, wrapped in aluminum foil to see if they really block broadcaster waves. While you're still slightly concerned about the type of high energy particles that can go through entire mountains...

"Have you ever looked at mental illness in other countries. It is tiny compared to the USA."

That may be, in a rural environment, telling people about stuff i was worried about every day and shit my family would likely instead of taking me to a doctor, that they couldn't afford would just humor me, and try to keep me eating foods and drinking water. Also, I would likely die at a much younger age, because of the lack of medical treatment overall. Not being treated by doctors is not the same as 'not having mental illness.'

"You embody the problem with the world today. A lack of conviction and discipline that has spread like wildfire."

Except my mental illness is real, my doctor even increased my medicines last week, because he though i was having too many symptoms with just 1 medication.

"Go on with your drug induced normality. You will not be mourned."

If only the drugs actually caused normality. Mine do not, i still have paranoid thoughts ever single day, they're random and unpredictable, and medication only does so much. I don't hear voices, i don't 'see things' that other people don't see, i don't walk around calling people names that i don't recognize, as if i was in a dream, and i don't wind up in a hospital writing notes about everything that i'm worried about thinking that magically if i write it a system administrator of the universe (it's all just a simulation in a computer after all) would be able to deal with the problems if i simply wrote enough notes...

I have 4 boxes of various paperwork including my 'note' writing phase.

you sir, have never been mentally ill so you know not what it is like. you've never been convinced, with you were in a hospital that another mental patient could read your mind, and control you for not looking at the pictures of their family when they asked you nicely to look at the photos.

Re:'the only person he felt he could trust.'

[kesuki]

well there were times where i questioned things, but there were entire weeks, where i blacked out all memories completely, to top things off i had very little contact with other people, other than via the internet, and at night when my dad was home, on the weekends when mom was home i apparently had a few very weird conversations, that upset her... as for myself, i refused to even go to a evaluation for the job service.... i was very wary of people, especially doctors, even though the thoughts are often classic paranoia, and i knew that the thoughts were so overpowering... I was like 'i have to get the virus off the computer' and all i did was basically nothing useful because i couldn't stay coherent long enough.

i forgot to mention, one day i was convinced by turning the 'power' off at the main breaker, i could stop the virus from infecting things, unless they had battery power....

my mom eventually talked me into going into a hospital, and i spend my 2 weeks at that hospital trying to get out of the hospital, afraid that there were people there infected by the virus... i wound up hopping to a lot of different hospitals, and finally group homes, when medications seemed to be helping, but i was eventually changed to new meds again, when i had a 3-day relapse.

they tried me on a lot of different medications. I saw a lot of different people with different mental illnesses. someone else suggested that stress can cause problems, but not all mental illnesses can be treated just by living a low stress life style. it's true i did have stress, had lost like my 3rd job in 1 year, stress from spending too much time in online RTSes trying to win. but then why didn't the symptoms go away, over 4 months while i wasn't doing any of those things? they didn't go away until i was medicated...

it's nice some people can self treat mild mental illness by not doing stressful work, it's even in the movie office space... for myself, medication was 100% necessary.

Re:Self-defeating

[Red+Flayer]

So Childs pursues the one course of action that is guaranteed to lead to his never being allowed to look after so much as a toaster, never mind his beloved network. Not very smart.

He's probably hoping for whistleblower protection, and intends to show that he was being terminated wrongfully for threatening to blow the whistle.

It may be a desperation move, but until the facts come out, we don't know. If it turns out that he was being terminated wrongfully, it's possible that the city of SF could be forced to keep him on their payroll... on the other hand, I'd speculate that he's grasping at straws.

I've read some about the "situation", and all I think all we know for certain is that we don't know anything for certain yet.

Re:The more I read the less I know...

[salveque]

I agree completely.

There seems to be a lot more going on here than what we see.

The conspiracy side of me thinks that there's something fishy going on in the department. He found out and got fired because of it. Except he acted fast and hijacked the network. Hence why he only gave the password to the mayor...

Just out of curiosity... what if he isn't?

[Bomarc]

Reading a lot of comments about him being a nut job. My question is - what if he isn't? Is it possible that as a administrator of a SAN/Network, he saw some significant security issues, and when he presented them to his supervisors was slammed for reporting the problem -- including being fired? I know from experience the feeling: Management does not like to know that they've screwed up, and will fight kicking and screaming rather that admit that they've done something wrong. For me -- most recently this includes bogus Business Requirements, and critical Business Requirements that are not being met. I've found significant security holes in the where I currently work. Presented the problems to management. The response - don't call use, we'll call you.

Re:End of the days

[legutierr]

What was the point of holding back for so long now. Now he just lost the last hope for his negotiation.

Or, he wasn't holding back in order to negotiate, but because he wanted to get the opportunity to tell all of his grievances to the one person who he thought might have the power and wherewithal to "fix" the situation. From reading about the motions that his lawyers have filed in court, it seems that Childs is willing to risk going to jail just to be able to publicize the hard time he's been having at work for the past couple of years. In fact, he might have willingly accepted or even pursued the prospect of prosecution because he knew that he would then have a public forum to air his views, and possibly embarrass his bosses (which, despite their best efforts, he has).

What a bad analogy.

[oneiros27]

Let's try this one instead:

You're responsible for maintaining a nuclear reactor. Your manager, who has no idea how to actually runs the reactor comes in and demands to be given all of the necessary keys and passwords to the reactor. The reactor is currently working flawlessly, and there is no obvious reason for your manager to need access to the system.

Do you:

A. realize that this could be very bad for the company, and protect the company by refusing to turn over access to an unqualified person?
B. turn over access to the access to an unqualified person, and just hope that they don't do anything which results in anyone's death, or your working 16hr shifts for the next 3 months straight.

I would argue that choosing "B" could be criminally negligent, and that A is the better choice, however, he should also immediately go to HR and explain why he's violating the order.
In this particular case, he might've saved the city of San Francisco millions of dollars in lost productivity from someone getting access who had no clue what they were doing.

Re:What a bad analogy.

[rickb928]

"In this particular case, he might've saved the city of San Francisco millions of dollars in lost productivity from someone getting access who had no clue what they were doing."

I've worked with this type before. Damn, I've *BEEN* this type before.

Maybe, maybe not. Sounds like this admin was convinced that the rest of the crew were dangerous idiots. Maybe he's unusually paranoid. I vote for paranoid. Just as dangerous as being right, for different reasons. Imagine serious problems occurring while he is in jail. His propable response might be "See? You need to let me out of here so I can fix this and prevent disaster". Suuuuure... I imagine the authorities will swing the door open and let him out to 'fix' things.

If for no other reason, this poor admin is incompetent in a novel, or NOT novel way. He has no competent backup. A kidney stone, myocardial infarct, or even a knee replacement would leave him out of commission, and SF exposed to loss of network. Sheesh. You back up data, you should back up staff as well, wherever possible, and this is clearly in the realm of 'possible'. Even 'essential'.

Of course, the funniest part of this to me is where he claims he can only trust Gavin Newsome. That's F-U-N-N-Y!