SF Admin Gives Up Keys To Hijacked City Network

← Back to Stories (view on slashdot.org)

SF Admin Gives Up Keys To Hijacked City Network

Posted by timothy on Wednesday July 23, 2008 @03:25AM from the please-let-this-be-the-end- dept.

snydeq writes "Jailed IT admin Terry Childs relinquished his hold over San Francisco's multimillion-dollar FiberWAN, handing his administrative passwords over to San Francisco Mayor Gavin Newsom, who was 'the only person he felt he could trust.' Childs is still being held on $5 million bail for his lockout of the city's FiberWAN, a case that has been called into question since an insider came forward with details about both the network and Childs himself. The case hinges on No Service Password Recovery commands Childs allegedly configured onto several Cisco devices, as well as dial-up and DSL modems the SFPD has discovered that would allow unauthorized connections to the FiberWAN. Childs intends to 'expose the utter mismanagement, negligence, and corruption at DTIS, which if left unchecked, will in fact place the City of San Francisco in danger,' according to his motion. The Department of Telecom and IS has cut 200 of its 350 IT positions since 2000 — pressure that may have contributed to Childs' actions, according to interviews with current and former DTIS staffers. Newsom secured the passwords without first telling the DTIS that he was meeting with Childs."

59 of 581 comments (clear)

'the only person he felt he could trust.' by UnknowingFool · 2008-07-23 03:31 · Score: 4, Interesting

From my viewpoint, it appears that Mr. Childs wasn't so much a malevolent person as much as he was paranoid and protective. We've all met this admin before. He won't give you any rights that you may need to do your job because you could screw "his computers". I'm not saying what he did was right or legal but he may not be the white cat stroking, maniacally-laughing villain that the initial news reports made him to be.

--
Well, there's spam egg sausage and spam, that's not got much spam in it.
1. Re:'the only person he felt he could trust.' by MightyMartian · 2008-07-23 03:35 · Score: 5, Insightful
  
  ... but he may not be the white cat stroking, maniacally-laughing villain that the initial news reports made him to be.
  No, instead, he's a paranoid monomaniacal prima donna. If it is was me, I'd rather be a white cat-stroking schemer bent on world domination, because the former demonstrates a sick mind.
  
  --
  The world's burning. Moped Jesus spotted on I50. Details at 11.
2. Re:'the only person he felt he could trust.' by kesuki · 2008-07-23 03:41 · Score: 4, Insightful
  
  I'd say the guy is probably suffering from mental illness.
  there are a lot of people who simply never get diagnosed, because they seem to be able to function normally without medication... myself i've had lesser symptoms dating all the way to childhood, but until i had a 'severe' hospitalization requireing symptoms people just didn't think that i was bad off enough.
  
  --
  https://www.gnu.org/philosophy/free-sw.html
3. Re:'the only person he felt he could trust.' by gehrehmee · 2008-07-23 03:46 · Score: 5, Interesting
  
  How is not doing your job criminal exactly? Grounds for dismissal, sure, but jail?
  
  --
  "You know, Hobbes, some days even my lucky rocketship underpants don't help" -- Calvin
4. Re:'the only person he felt he could trust.' by pieterh · 2008-07-23 03:47 · Score: 5, Interesting
  
  Anyone having spent that much effort creating a network - and succeeding - would become paranoid and protective of it. I challenge anyone to invest so much in any project and then happily see it messed up by people who are less competent.
  However the situation is still messed up, the City should never have allowed one person to take on so much responsibility, and at the first sign that he was becoming indispensable, they should have moved him to another project.
  If someone is essential for a project, replace him as soon as you can...
  In fact the whole story is a good case study for outsourcing - a small, competent network firm would have done as good a job, and treated the incompetent managers simply as clients, not bosses.
  The blame lies squarely with the City, not Childs.
  
  --
  My blog
5. Re:'the only person he felt he could trust.' by houstonbofh · 2008-07-23 03:48 · Score: 4, Funny
  
  There is a fine line between the white-cat-stroking genius in James Bond, and the crazy cat lady from the Simpson's.
6. Re:'the only person he felt he could trust.' by funwithBSD · 2008-07-23 03:49 · Score: 4, Funny
  
  Has anyone checked on his wife?
  I am just saying...
  
  --
  Never answer an anonymous letter. - Yogi Berra
7. Re:'the only person he felt he could trust.' by UnknowingFool · 2008-07-23 03:56 · Score: 5, Insightful
  
  I think sometimes people need to see the bigger picture. In my youth, I thought that becoming indispensable meant I was a valuable employee, and I had job security. But I had an epiphany at 2am one morning when I was fixing a problem. I COULD be the only one to fix this problem and be stuck fixing these problems forever. Or I could trust someone else and train them to fix these problems. Could my company find it easier to replace me? Sure, but it's just a job; I'll get other ones. The lost time I could have spent at 2am doing other things (like at home with my family) was worth the compromise. Any of you who missed out on anything because you were at work know what I mean.
  
  --
  Well, there's spam egg sausage and spam, that's not got much spam in it.
8. Re:'the only person he felt he could trust.' by Dekortage · 2008-07-23 03:58 · Score: 4, Insightful
  
  If someone is essential for a project, replace him as soon as you can.
  Replace them? No. Distribute their responsibilities and knowledge? Yes. You still want the brainchild around to give input and support; it's just that you need backup in case they get hit by a bus (or paralyzing delusions of grandeur).
  
  --
  $nice = $webHosting + $domainNames + $sslCerts
9. Re:'the only person he felt he could trust.' by larry+bagina · 2008-07-23 04:02 · Score: 5, Insightful
  
  Hey dreamchaser, this is your boss. I need write access to the email archives. The SEC has been poking around and, well, you know how it goes.
  PS - get back to work.
  
  --
  Do you even lift?
  These aren't the 'roids you're looking for.
10. Re:'the only person he felt he could trust.' by Ihmhi · 2008-07-23 04:04 · Score: 4, Insightful
  
  Hypothetical situation. My job is to keep an eye on a nuclear reactor. It begins to meltdown, and my manager (who isn't trained with the system) instructs me to cool it down. I refuse for [insert reason here].
  That's one of many "not doing your job = crime" situations.
  He was basically blackmailing / extorting the city of San Francisco - keep me on board or you lose access to the server completely.
  
  --
  Random Thoughts From A Diseased Mind (Not For Dummies)
11. Re:'the only person he felt he could trust.' by Hektor_Troy · 2008-07-23 04:09 · Score: 4, Funny
  
  I'm not sure we want to know what you do with your family at 2 AM in the morning. Wife/girlfriend, sure .. but not the rest of your family
  
  --
  We do not live in the 21st century. We live in the 20 second century.
12. Re:'the only person he felt he could trust.' by chill · 2008-07-23 04:11 · Score: 4, Insightful
  
  Hmmm...under what Statutes?
  While employed he was authorized to access those systems. He didn't access them after his employment was terminated, so it isn't Computer Tresspass or anything similar.
  The system works, so he didn't break it.
  While they can certainly fire him for insubordination, I'm not exactly sure what he could really be charged with.
  
  --
  Learning HOW to think is more important than learning WHAT to think.
13. Re:'the only person he felt he could trust.' by shadow349 · 2008-07-23 04:17 · Score: 5, Funny
  
  I'm not sure we want to know what you do with your family at 2 AM in the morning. Wife/girlfriend, sure .. but not the rest of your family
  Obviously, you have never met the Aristocrats.
14. Re:'the only person he felt he could trust.' by WhiplashII · 2008-07-23 04:19 · Score: 4, Funny
  
  It's not wreckless if you crash.
  (Laugh, its a joke!)
  
  --
  while (sig==sig) sig=!sig;
15. Re:'the only person he felt he could trust.' by darkmeridian · 2008-07-23 04:57 · Score: 5, Insightful
  
  Being indispensable in one role will prevent you from being promoted. I was up for a coveted project but it was assigned to a less qualified person because I was too indispensable in my current project. Lest you think management was just letting me down softly, they had me train the person who was assigned the coveted project. That's right. They had me train the person who took the good job, and had me stay on my less-good project because I was really good at my current project.
  I'm now trying to become a manager on the other project. They'll probably say that I don't have any experience in the field and promote the person who has it now, but we'll see.
  
  --
  A NYC lawyer blogs. http://www.chuangblog.com/
16. Re:'the only person he felt he could trust.' by kesuki · 2008-07-23 04:58 · Score: 5, Interesting
  
  "Your mental illness is not real."
  Mine is very real. I doubt you've ever spent 6 months in a hospital trying to tell people that human beings are being infected by a computer virus. (note: the computer virus was real, and i was the only person who could actually get it off the machines, because it was infecting the BIOS and had 'symptoms' like going to the desktop in the middle of a full screen video game, that other people dismissed as being 'real')
  To this date, with medication I still am hazy on if computer viruses can infect human beings, on a bad day, i look for malware in every OS on every computer i have, with every tool available to me, including many useful FOSS tools like dban which allows complete erasure of the drive...
  "You are the product of a society that is unable to deal with stress and disappointment."
  I'll give you that, but you've never gone 6 days unwilling to eat food or drink tap water because it's poisoned, luckily this symptom has been dealt with with medication.
  you've probably never hidden in a basement with aluminum covering you to block the mind control waves either. related to this is using a FM radio from the 1980's and 3 cell phones, wrapped in aluminum foil to see if they really block broadcaster waves. While you're still slightly concerned about the type of high energy particles that can go through entire mountains...
  "Have you ever looked at mental illness in other countries. It is tiny compared to the USA."
  That may be, in a rural environment, telling people about stuff i was worried about every day and shit my family would likely instead of taking me to a doctor, that they couldn't afford would just humor me, and try to keep me eating foods and drinking water. Also, I would likely die at a much younger age, because of the lack of medical treatment overall. Not being treated by doctors is not the same as 'not having mental illness.'
  "You embody the problem with the world today. A lack of conviction and discipline that has spread like wildfire."
  Except my mental illness is real, my doctor even increased my medicines last week, because he though i was having too many symptoms with just 1 medication.
  "Go on with your drug induced normality. You will not be mourned."
  If only the drugs actually caused normality. Mine do not, i still have paranoid thoughts ever single day, they're random and unpredictable, and medication only does so much. I don't hear voices, i don't 'see things' that other people don't see, i don't walk around calling people names that i don't recognize, as if i was in a dream, and i don't wind up in a hospital writing notes about everything that i'm worried about thinking that magically if i write it a system administrator of the universe (it's all just a simulation in a computer after all) would be able to deal with the problems if i simply wrote enough notes...
  I have 4 boxes of various paperwork including my 'note' writing phase.
  you sir, have never been mentally ill so you know not what it is like. you've never been convinced, with you were in a hospital that another mental patient could read your mind, and control you for not looking at the pictures of their family when they asked you nicely to look at the photos.
  
  --
  https://www.gnu.org/philosophy/free-sw.html
17. Re:'the only person he felt he could trust.' by Rene+S.+Hollan · 2008-07-23 05:02 · Score: 4, Insightful
  
  Anyone having spent that much effort creating a network - and succeeding - would become paranoid and protective of it. I challenge anyone to invest so much in any project and then happily see it messed up by people who are less competent.
  Even more so when it's one's job to make sure it runs correctly. IOW, if he does provide access to others, and they screw up, it's his fault.
  While paranoia may have something to do with it, I've found that a reasonable dose of it is healthy. I think, however, that it's more of a case of normal admin paranoia (which is a good thing), coupled with "damned if you do, damned if you don't" workplace policy (e.g. "give him access and you will suffer if he screws up"), that likely led to this paranoia growing to the degree it has.
  Sane, logical, people are often driven "crazy" when forced to work in an illogical environment (where no matter what one does, one is "wrong", and the "correct" choice is the one which has the lowest product of "consequences" multiplied by "likelihood of discovery").
  I recently took the "high road", and paid a hefty price for it: I had been hired to be subcontracted to a large "three letter" telecom firm. The project manager at this firm wanted my SSN. They had no legitimate reason for it: I was being paid (and had SS withholdings taken) by my employer, not them. The manager claimed that it was necessary for me to get an access badge. I responded that I didn't mind signing in every day and getting a temp badge. The manager then claimed it was necessary for a "background check". I responded that I would happily provide my SSN and any other identifying data (date of birth, drivers' license, etc.) to any reputable, well known, background-checking company of their choice. I was reported as "difficult" and reqested that I be removed. While my employer strongly defended my position, in the end, it was not reasonable that I be paid to be idle, we parted ways amicably, and I quicky found (much better!) work elsewhere.
  Turns out the manager in question was allegedly driving those working "for" her as slaves and threatening them with derogatory credit reports from bogus lenders if they did not comply, using one instance of prior theft to justify such "background checks" requiring the SSN.
  It was easy, (though expensive), to walk away from that job. But, in this case, lives may very well hang in the balance no matter what choice Childs makes: refusing raises the possibility of the network "going down". Complying, where he has reasonable belief that others will have a good chance of making the network go down, causing havoc in the city, could border on criminal negligence. As far as criminal charges, what could stick? "Theft?" (of access codes).
  Should he be fired? Perhaps, for insubordination. But, if the management of the city is so bad that backup systems aren't in place, and properly trained IT staff to run networks, this might be the only way to raise awareness of the problem that could really impact lives of the city's residence. He may have very well done a very good deed -- as the story unfolds we'll know more. At this point, like with all accused, he should receive the benefit of the doubt.
  But, regardless of whether he did the "right thing": No good deed goes unpunished, and he should realize this.
  
  --
  In Liberty, Rene
18. Re:'the only person he felt he could trust.' by funwithBSD · 2008-07-23 05:05 · Score: 4, Funny
  
  Yeah, I was hoping to get a Reiser out of someone.
  
  --
  Never answer an anonymous letter. - Yogi Berra
19. Re:'the only person he felt he could trust.' by dubl-u · 2008-07-23 05:06 · Score: 4, Insightful
  
  I thought that becoming indispensable meant I was a valuable employee, and I had job security.
  
  When I was similarly obsessed with handling every problem myself, a friend said to me, "The graveyards are full of indispensable people."
20. Re:'the only person he felt he could trust.' by mabhatter654 · 2008-07-23 05:20 · Score: 5, Informative
  
  the more recent article points out he did not do ANY harm after being fired. The "backdoors" were pointed to a pager. The no recover setting would have been to protect the network settings from stolen hardware wiht physical access... because we all know equipment NEVER goes missing from city offices. Sounds like he was overly paranoid but other than not coughing up the password, did NO wrong.
  In fact, the fact that there was nobody in the department that could identify what he did, and the police had to go to outside people seems to scream that he's innocent of all of the charges.
  As far as the password.. they fired him! No plans made to cover his tasks, or to continue admin services... just give them the password... who knows what they'd accuse him of in 3 months because they don't know what they're doing. Waiting until he's FIRED to ask for documentation is too late... if he's a "criminal" for not giving the info up, they are even more so for not following good security practices and not having this info BEFORE they needed to let him go.
21. Re:'the only person he felt he could trust.' by MickLinux · 2008-07-23 05:34 · Score: 5, Insightful
  
  Let me reply -- I've been there, done that. Not all that, but a little of that.
  Back in 1992, I had a urethane or polyester exposure (I'm not sure which). That gave me hyper allergies, so the doctor put me on prednisone, which in 1/10 cases, causes psychosis.
  He forgot to mention the possible side effects. But that didn't stop me from getting paranoia.
  In my case, I was afraid that someone was putting something in my food to control me. Retrospectively, I think that my brain was essentially diagnosing its own problems, and trying to get me to modify my diet (ummm, could us neurons have a little more of that prednisone please? Or maybe we don't want it after all...)
  Now, my mom just tried to keep me eating good food, and eventually the symptoms went away as the withdrawal effects went away. But it alerted me to the facts that (1) people of high IQ and high-stress jobs are highly likely to get a mental illness (2) I am susceptible, at the very least.
  But my uncle, who works in psychology, mentioned that if you find yourself susceptible to mental illness, it is advantageous to get a lower-stress, more physical job. If need be, take up running (not all out, just 1/2 to 1 hr a day), gardening (pulling weeds is very therapeutic, I find), or a more physical job, or become a high school gym teacher. Also, avoid those situations that tend to make you more paranoid -- give yourself a break; and avoid those habits which you rationally know are insane. He calls this good mental hygiene.
  Based on experience, I think he's right.
  I'm right now an aerospace/ocean engineer by training, and a layout tech for a prestress concrete company by trade. I don't keep a computer or a TV at home, and use the computer minimally aside from that. If I absolutely need web access outside of my work computer, I go to a library.
  I also cultivate a strong relationship with my wife, with my kids, and with Christ, praying as most Christians do. Although my prayers do get answers, I mean that in the sense that most strong Christians do, as well. When I've not been sure what to do, and I've prayed for God to close all the doors except the one he wants me doing, I've trusted him for that, and He's done it (as my wife, who is quite mentally stable, can affirm).
  Last of all, needless to say, I'd say give up any weapons, and any hope of defending yourself against anything even through other means. Pray, and ask Christ to defend you. But as a potentially mentally ill person, if you're going to defend yourself, you're in trouble anyhow. So give that one up, and put your trust in God as your defender: "You who dwell in the shelter of the Lord, who abide in His shadow for Life; say to the Lord 'my refuge, my rock in whom I trust'. And he will raise you up on eagle's wings, bear you on the breath of dawn, and make you to shine like the sun, and hold you in the palm of His hand."
  
  --
  Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
22. Re:'the only person he felt he could trust.' by Plutonite · 2008-07-23 05:52 · Score: 5, Insightful
  
  "You who dwell in the shelter of the Lord, who abide in His shadow for Life; say to the Lord 'my refuge, my rock in whom I trust'. And he will raise you up on eagle's wings, bear you on the breath of dawn, and make you to shine like the sun, and hold you in the palm of His hand."
  And that, I am afraid, is not something that sounds sane at all.. but each to his own.
23. Re:'the only person he felt he could trust.' by kesuki · 2008-07-23 06:11 · Score: 4, Interesting
  
  well there were times where i questioned things, but there were entire weeks, where i blacked out all memories completely, to top things off i had very little contact with other people, other than via the internet, and at night when my dad was home, on the weekends when mom was home i apparently had a few very weird conversations, that upset her... as for myself, i refused to even go to a evaluation for the job service.... i was very wary of people, especially doctors, even though the thoughts are often classic paranoia, and i knew that the thoughts were so overpowering... I was like 'i have to get the virus off the computer' and all i did was basically nothing useful because i couldn't stay coherent long enough.
  i forgot to mention, one day i was convinced by turning the 'power' off at the main breaker, i could stop the virus from infecting things, unless they had battery power....
  my mom eventually talked me into going into a hospital, and i spend my 2 weeks at that hospital trying to get out of the hospital, afraid that there were people there infected by the virus... i wound up hopping to a lot of different hospitals, and finally group homes, when medications seemed to be helping, but i was eventually changed to new meds again, when i had a 3-day relapse.
  they tried me on a lot of different medications. I saw a lot of different people with different mental illnesses. someone else suggested that stress can cause problems, but not all mental illnesses can be treated just by living a low stress life style. it's true i did have stress, had lost like my 3rd job in 1 year, stress from spending too much time in online RTSes trying to win. but then why didn't the symptoms go away, over 4 months while i wasn't doing any of those things? they didn't go away until i was medicated...
  it's nice some people can self treat mild mental illness by not doing stressful work, it's even in the movie office space... for myself, medication was 100% necessary.
  
  --
  https://www.gnu.org/philosophy/free-sw.html
24. Re:'the only person he felt he could trust.' by c6gunner · 2008-07-23 06:30 · Score: 4, Insightful
  
  You surely can't view the obliteration of two cities, of countless lives, loves and relationships as a win.
  It's just about the most decisive win in history. Doesn't get much better than that!
  Oh, wait, you were trying to be sarcastic, right? Gotcha. In that case, I hope you get moded "+5 funny".
25. Re:'the only person he felt he could trust.' by MickLinux · 2008-07-23 08:02 · Score: 4, Informative
  
  That is a quote from a psalm that was made into a song.
  Not any more insane than quoting Aerosmith.
  
  --
  Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
26. Re:'the only person he felt he could trust.' by Stray7Xi · 2008-07-23 10:05 · Score: 4, Insightful
  
  He stopped providing his services when he was fired. He no longer had an obligation to maintain availability to the systems. He couldn't however do something to cause the system access to be unavailable. Had he refused to provide passwords while an employee, it's a different story.
  Otherwise the power company is preventing me "authorized access" to my computer if they turn off my power.
  If refusing to provide information to a former employer is a crime, they can save a lot of money firing people and compelling them to continue to work since it would prevent authorized access for them to stop.
Re:Falling Down by koafc · 2008-07-23 03:32 · Score: 5, Funny

I guess Newsom is an MCSE/CCNA and therefore is trusted.
The more I read the less I know... by Stanistani · 2008-07-23 03:35 · Score: 5, Insightful

This story has a real obvious 'bad guy' in Childs.
Arrogant, supposedly unstable, egotistical.
But there are odd, contrary, little pieces of this tale that intrigue me.
I'd like to see some comprehensive treatment of this tragicomedy written a year from now, when the dust has settled, and Childs' side of the story can be heard as well.

--
You can't talk about Wikipedia's flaws on Wikipedia
1. Re:The more I read the less I know... by tb()ne · 2008-07-23 03:38 · Score: 4, Funny
  
  I'd like to see some comprehensive treatment of this tragicomedy written a year from now, when the dust has settled, and Childs' side of the story can be heard as well.
  Agreed. But only if it's in the form of a Broadway musical.
2. Re:The more I read the less I know... by ColdWetDog · 2008-07-23 03:42 · Score: 5, Funny
  
  I'd like to see some comprehensive treatment of this tragicomedy written a year from now, when the dust has settled, and Childs' side of the story can be heard as well.
  Instead you will get a made-for-TV movie with oodles and oodles of computers running 12 screens each and a funny OS that only have warnings in 100 point sans-serif fonts and backgrounds which look suspiciously like an FBI badge.
  But the hero will be a down-on-his-luck gay single parent who obviously uses a Mac Book Pro to compute the primes needed to crack the passwords (while drinking a triple grande latte and eating a scone).
  Oh, and explosions. It will have lots of explosions.
  Almost forgot the half-naked teenage girls^Wboys (forgot, this was SF).
  
  --
  Faster! Faster! Faster would be better!
3. Re:The more I read the less I know... by salveque · 2008-07-23 03:44 · Score: 5, Interesting
  
  I agree completely.
  There seems to be a lot more going on here than what we see.
  The conspiracy side of me thinks that there's something fishy going on in the department. He found out and got fired because of it. Except he acted fast and hijacked the network. Hence why he only gave the password to the mayor...
4. Re:The more I read the less I know... by RasputinAXP · 2008-07-23 04:02 · Score: 4, Funny
  
  And written by Joss Whedon, starring Neil Patrick Harris.
  We can call it Admin Horrible.
Did anyone else... by 4pins · 2008-07-23 03:35 · Score: 5, Funny

Did anyone else wonder why a SourceForge administrator had the keys to a city's network.

--
I will not mourn that which I never had to lose. - Unknown
1. Re:Did anyone else... by gregbot9000 · 2008-07-23 04:54 · Score: 5, Funny
  
  I can see it now:
  
  Mayor: For your act of bravery we give you the key to the city's network!
  
  Citizen: Uh thanks, I guess I'll use that to download porn, and umm, upload torrents, and stuff...
  
  Mayor: Give use the key back.
Actually ... by Van+Cutter+Romney · 2008-07-23 03:35 · Score: 5, Funny

He was just too embarrassed by the password - ibonkedmymom.

--
Help a man when he is in trouble and he will remember you when he is in trouble again.
1. Re:Actually ... by funwithBSD · 2008-07-23 03:52 · Score: 4, Funny
  
  *sigh* you just targeted the wrong audience.
  He was just too embarrassed by the password - ibonkedmydad
  Fixed!
  
  --
  Never answer an anonymous letter. - Yogi Berra
2. Re:Actually ... by antifoidulus · 2008-07-23 04:14 · Score: 4, Funny
  
  ibonkedmymom
  
  Worst....Apple product.....EVER!
  
  --
  Monstar L
3. Re:Actually ... by Rorschach1 · 2008-07-23 04:36 · Score: 4, Funny
  
  Hey, it's possible. I'll never forget the first time we ran l0phtcrack on our 3000-user domain, back before any password policy was in place. It cracked 60% or 70% of the passwords in the first 30 minutes, and the list was full of good blackmail material.
  I remember scanning down the password list and coming across 'nosexforme'. Then I looked at the user name and collapsed laughing. The guy was someone everyone in the department knew, and he was a friendly, personable guy. Everyone ALSO knew his wife - the Ice Queen, who worked on the financial side and ruled over our department with an iron fist.
  Every person who came over to the console to see what the laughter was about did the same thing - looked at the password, followed the line over to the username, figured out who it was, realized the implication, and collapsed laughing.
  Ok, so it was maybe a little unprofessional of us, but we couldn't help it. And we all liked the guy, so it really engendered more sympathy than ridicule... and reinforced what we all thought of his wife anyway.
Expose mismanagement by grandbastard · 2008-07-23 03:36 · Score: 5, Insightful

"Childs intends to 'expose the utter mismanagement, negligence, and corruption at DTIS, which if left unchecked, will in fact place the City of San Francisco in danger,' according to his motion."
The fact that one employee had complete control over the network should be enough of a sign. Of course this is management, so they're all likely still confused on what's going on and need to have another meeting.
Re:Falling Down by SimonGhent · 2008-07-23 03:37 · Score: 5, Funny

handing his administrative passwords over to San Francisco Mayor Gavin Newsom, who was 'the only person he felt he could trust.'
If he believes that the Mayor is going to be reconfiguring the routers he certainly is a nutjob!

--
simon
Re:Self-defeating by Red+Flayer · 2008-07-23 03:43 · Score: 4, Interesting

So Childs pursues the one course of action that is guaranteed to lead to his never being allowed to look after so much as a toaster, never mind his beloved network. Not very smart.
He's probably hoping for whistleblower protection, and intends to show that he was being terminated wrongfully for threatening to blow the whistle.

It may be a desperation move, but until the facts come out, we don't know. If it turns out that he was being terminated wrongfully, it's possible that the city of SF could be forced to keep him on their payroll... on the other hand, I'd speculate that he's grasping at straws.

I've read some about the "situation", and all I think all we know for certain is that we don't know anything for certain yet.

--
"Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
Re:Not too bad... by redJag · 2008-07-23 03:43 · Score: 4, Funny

You keep using that word. I do not think it means what you think it means.
Re:Do I understand this correctly? by seanadams.com · 2008-07-23 03:47 · Score: 4, Insightful

Mr. Paranoid Admin with a God complex had big freakin' huge vulnerabilities on his precious network?
Attaching old-fashioned modems to the console ports of routers and switches is sometimes done in order to allow the administrator to remotely access the equipment during a major network failure.
It's not an egregious "vulnerability", assuming the console it password protected. That statement was spun to make it sound like they were back doors, when in reality this was likely done for no other reason than to facilitate emergency maintenance.
Please note I am not defending Childs generally. I'm just saying that the way they've minced words in some of these allegations gives me pause.
Miserable Slashdot by db32 · 2008-07-23 03:52 · Score: 5, Insightful

So...I certainly don't know if this guy is crazy or not, but there are a few things that I am surprised the /. crowd really hasn't bothered with.
1. The problems between IT and Management are so bad across the board that there is a famous cartoon relating these problems. This famous cartoon spawned the "PHB" reference. So...to listen to an IT guy complain of incompetent management shouldn't be a surprise at all. Please everyone, raise your hand if you have been handed complete and utter bullshit requirements or policies that some "PHB" without a technical clue has demanded that you implement. Now...raise your hand if you were stupid enough to EVER give them administrative rights over ANYTHING.
2. The media has a fucking field day with "evil hackers". This is so bad that the world "hacker" now means criminal and hordes of geeks wimpering and moaning about how the media stole the word. So...the media reporting on yet another "evil hacker holding city hostage" should be taken with a grain of salt. Sensationalist crap reported by people that have less than 0 IT understanding to the masses who also have less than 0 IT understanding. Million to one odds says that if they actually reported the more technical facts of this case the ratings would be near 0 and this story would have never gotten to be so high profile.
3. He did give the password to the person at the top of the chain of responsibility for this. Which to me sounds like the most appropriate thing to do. If you are so concerned that everyone is an incompetent fool then your only option is to go straight to the top. Imagine how much trouble this guy would be in if he gave out these passwords to a bunch of corrupt and incompetent folks who did bring the city down? At least this way everything continued functioning.

Finally...and most concerning to me is a quote from the article.
But without access to either Childs' passwords or the backup configuration files, administrators would have to essentially re-configure their entire network, an error-prone and time-consuming possibility, Chase said. "It's basically like playing 3D chess," he said. "In that situation, you're stuck interviewing everybody at every site getting anecdotal stories of who's connected to what. And then you're guaranteed to miss something."
Really...so basically these people didn't document ANYTHING. Because config files or not, rebulding your network if you bothered to document things isn't all that hard, it's just time consuming. But straight from their man there they would be stuck interviewing people for anecdotal stories becaues they were too incompetent to bother documenting the network. Nevermind that they seem to have cut their IT staff from 350 to 100 over the last few years. So it sounds like their IT staff was just the favored bucket to take money from, which is hardly new thinking these days. It amuses me to no end when companies/governments treat their IT staff like overpaid housekeeping, largely unneccessary drains on budgets, and an unimportant support function and then scream bloody murder when the shit hits the fan.

--
The only change I can believe in is what I find in my couch cushions.
Just out of curiosity... what if he isn't? by Bomarc · 2008-07-23 03:54 · Score: 4, Interesting

Reading a lot of comments about him being a nut job. My question is - what if he isn't? Is it possible that as a administrator of a SAN/Network, he saw some significant security issues, and when he presented them to his supervisors was slammed for reporting the problem -- including being fired? I know from experience the feeling: Management does not like to know that they've screwed up, and will fight kicking and screaming rather that admit that they've done something wrong. For me -- most recently this includes bogus Business Requirements, and critical Business Requirements that are not being met. I've found significant security holes in the where I currently work. Presented the problems to management. The response - don't call use, we'll call you.
Re:End of the days by legutierr · 2008-07-23 03:55 · Score: 4, Interesting

What was the point of holding back for so long now. Now he just lost the last hope for his negotiation.
Or, he wasn't holding back in order to negotiate, but because he wanted to get the opportunity to tell all of his grievances to the one person who he thought might have the power and wherewithal to "fix" the situation. From reading about the motions that his lawyers have filed in court, it seems that Childs is willing to risk going to jail just to be able to publicize the hard time he's been having at work for the past couple of years. In fact, he might have willingly accepted or even pursued the prospect of prosecution because he knew that he would then have a public forum to air his views, and possibly embarrass his bosses (which, despite their best efforts, he has).
Sounds like a Heroes episode by Spy+der+Mann · 2008-07-23 03:59 · Score: 5, Funny

"Save the network. Save the world."
It Being San Francisco... by Illbay · 2008-07-23 04:00 · Score: 4, Funny

...Couldn't the guy have just MARRIED the computer system, then claimed that it couldn't testify against him under Spousal Privilege?

--
Any technology distinguishable from magic is insufficiently advanced.
Re:LOL, omg the net by eepok · 2008-07-23 04:05 · Score: 4, Insightful

Although I find your delivery crude, I agree with your message.
I would not be surprised in even the slightest if the now-branded "paranoid" admin is hailed as a hero in the future for exposing precisely what he has set out to expose.
200 people in eight years?
Enough security risks to compel him to likely ruin his life for what he believes is a good cause?
Why is it so silly to give the benefit of the doubt to someone who, up until his last action, has been trusted with some of the most valuable information the city has to offer?
What a bad analogy. by oneiros27 · 2008-07-23 04:31 · Score: 5, Interesting

Let's try this one instead:
You're responsible for maintaining a nuclear reactor. Your manager, who has no idea how to actually runs the reactor comes in and demands to be given all of the necessary keys and passwords to the reactor. The reactor is currently working flawlessly, and there is no obvious reason for your manager to need access to the system.
Do you:
A. realize that this could be very bad for the company, and protect the company by refusing to turn over access to an unqualified person?
B. turn over access to the access to an unqualified person, and just hope that they don't do anything which results in anyone's death, or your working 16hr shifts for the next 3 months straight.
I would argue that choosing "B" could be criminally negligent, and that A is the better choice, however, he should also immediately go to HR and explain why he's violating the order.
In this particular case, he might've saved the city of San Francisco millions of dollars in lost productivity from someone getting access who had no clue what they were doing.

--
Build it, and they will come^Hplain.
1. Re:What a bad analogy. by rickb928 · 2008-07-23 05:03 · Score: 5, Interesting
  
  "In this particular case, he might've saved the city of San Francisco millions of dollars in lost productivity from someone getting access who had no clue what they were doing."
  I've worked with this type before. Damn, I've *BEEN* this type before.
  Maybe, maybe not. Sounds like this admin was convinced that the rest of the crew were dangerous idiots. Maybe he's unusually paranoid. I vote for paranoid. Just as dangerous as being right, for different reasons. Imagine serious problems occurring while he is in jail. His propable response might be "See? You need to let me out of here so I can fix this and prevent disaster". Suuuuure... I imagine the authorities will swing the door open and let him out to 'fix' things.
  If for no other reason, this poor admin is incompetent in a novel, or NOT novel way. He has no competent backup. A kidney stone, myocardial infarct, or even a knee replacement would leave him out of commission, and SF exposed to loss of network. Sheesh. You back up data, you should back up staff as well, wherever possible, and this is clearly in the realm of 'possible'. Even 'essential'.
  Of course, the funniest part of this to me is where he claims he can only trust Gavin Newsome. That's F-U-N-N-Y!
  
  --
  deleting the extra space after periods so i can stay relevant, yeah.
Re:Do I understand this correctly? by mccabem · 2008-07-23 04:37 · Score: 5, Informative

Most folks aren't familiar with WAN management, so they probably still don't get what you're saying.
People: Installing backdoors in a WAN saves you a 1+ (sometimes much more than 1+) hour trip somewhere to check a stat or reset a device. Installing backdoors in a LAN is lazy. In other words, the difference is geography. As a WAN manager if you don't have what's called an "out of band" management plan, you're an idiot. (Or you have a micro-sized WAN.) It's also not something that's left secretly, it's planned and secured like any other WAN exposure.
Good luck!
-Matt
Re:Falling Down by PylonHead · 2008-07-23 04:37 · Score: 5, Insightful

unconstitutional state law.
We should be able to work this out. Maybe we can just agree that you get to keep your handguns and I get to get married.

--
# (/.);;
- : float -> float -> float =
Is this irony? by erroneus · 2008-07-23 04:43 · Score: 5, Funny

To have someone ELSE give the "key to the city" to the mayor?
Re:Falling Down by dubl-u · 2008-07-23 04:56 · Score: 4, Funny

I guess Newsom is an MCSE/CCNA and therefore is trusted.
It's actually Newsom's perfect hair that generates a trust enhancement field. Terry Childs saw through this, but recognized the hair as a superintelligent alien symbiont that is on our planet to save us from ourselves, so he gave the passwords directly to the hair.
Re:Falling Down by dubl-u · 2008-07-23 05:02 · Score: 4, Insightful

Martin Luther King once said, "An individual who breaks a law that conscience tells him is unjust, and who willingly accepts the penalty of imprisonment in order to arouse the conscience of the community over its injustice, is in reality expressing the highest respect for the law."
It was also a law that the California Supreme Court later declared unconstitutional, so it seems like in retrospect it was a pretty good call.
Integrity by Pointy_Hair · 2008-07-23 05:14 · Score: 4, Insightful
I agree with many others that point out the gaps in the headlines. The so called "rest" of the story. This circumstance didn't just develop in a week. This case is a classic story of I/T service immaturity - which could be caused by dastardly BOFH's or equally by incompetent management failing to initiate/fund a proper plan. Or both.
Once you strip away the glorius certifications and acronyms that give you credibility, all that's left is your integrity. Terry Childs has gone to jail to keep his intact. So he's either really stupid or really right.
Within the linked article is a link to the original InfoWorld "scoop" that contains copy from a confidential source. That copy contains statements that back Childs as having proposed and promoted an I/T security policy, which would be a first step toward process maturity (having a process in the first place).
My guess is when the dust settles, the story will be as follows:
1. For years Childs unsuccessfully tries to bring I/T service maturity to the city
2. Childs continues keeping things running while excercising some CYA
3. Management finally gets interested or worried enough to hire a "security manager" who then
4. Crashes down on Childs to relinquish control unconditionally and without any explanation or bothering to include him in the process (typical PHB approach)
5. Terry bows up and says "you ain't getting shit from me"
6. New security manager calls the police while preparing a wooden cross and some 20d nails for Childs' hands and feet.
7. Hello this is InfoWorld, how can we help?
Re:Live Free or Die Hard by mabhatter654 · 2008-07-23 05:36 · Score: 5, Informative

he NEVER attacked, nor have they claimed he did. They arrested him and charged him the same day they fired him and he wouldn't give up the password. Then started spewing to the press he "might have" created back doors (lines calling his on-call pager) and sabotaged equipment (not restoring the configs on power cycle to protect the network).. which is already being determined as built-in (but rarely used) features being used correctly. So far the ONLY WRONGDOING they have is refusal to give up the password.
They ARRESTED and managed to get $5M bail for not giving up a password... period.. the rest is misinformation, lack of job skill by his boss, or outright LIES. No wonder he didn't give it up sooner!