Accused Rogue Admin Terry Childs Makes His Case

angry tapir writes "He's been in jail for seven months now, but former San Francisco network administrator Terry Childs says he's going to keep fighting to prove he's innocent of computer crime charges. Childs was arrested on July 12, charged with disrupting the City of San Francisco's Wide Area Network during a tense standoff with management. Infoworld has also conducted an interview with Childs."

Something Important

Is this another 'Won't somebody think of the Childs?' story?

from the yeah-good-luck-with-that dept.

[u38cg]

Thanks for just blowing away presumption of innocence, Taco :-/

Re:from the yeah-good-luck-with-that dept.

[xouumalperxe]

I'd say it's more like blowing away the presumption of functional law enforcement where IT is concerned.

Equal Protection?

[houstonbofh]

"He's been in jail for seven months now,...

I love our entire "Innocent until proven guilty" thing. Unless you are on the wrong side of the celebrity wagon. I bet Paris would be out by now...

Re:Equal Protection?

[PrescriptionWarning]

or possibly he couldn't make bail because he's not as filthy rich as Paris

Re:Equal Protection?

[poena.dare]

Apparently the city of SF is having a wee bit of a problem understanding exactly what a network admin does. I read TFA, the guy sounds sane.

Re:Equal Protection?

[internerdj]

By now? If she'd been in seven hours it would be amazing...

But more seriously wow. I had only heard about this in passing, and didn't know the details. What is an IT person supposed to do? They hire him to be in charge of the network and then ask him to hand out root passwords to anyone important in the city government. At my job they make us swear on everything holy to not give our passwords or pins to ANYONE and probably would have us shot as a penalty if they could get away with it, but even without those restrictions I'm not going to hand out my password to my boss, my boss's boss, or even the CEO of the company.

Re:Equal Protection?

[Lumpy]

It has NEVER been innocent until proven guilty. that fairy tale is simply read to the children to make them smile.

Every lawyer, and person that has even been exposed to the legal system knows. You're guilty, then you have to fight to prove your innocence.

Re:Equal Protection?

[houstonbofh]

Kinda the point... "Bail" should be equally difficult for different people.

Re:Equal Protection?

[MightyYar]

Hey, Paris worked really really hard for all that money and she deserves a little break when it comes to doing hard time.

Re:Equal Protection?

[afidel]

If he's been in jail that long then he waived his right to a speedy trial and was unable to come up with the money for bail.

Re:Equal Protection?

[internerdj]

Giving out the passwords could also lead to jail time. My personal password ties my account to me personally. Apart from all the potential abuses of international trade laws that could happen from my personal email if someone else had access, what if any one of those people put child porn on a rival's computer because they now had the keys? What if it was my computer? These people were willing to not only charge him in court for doing his job but also threw him under the publicity bus too.

Re:Equal Protection?

[madcow_bg]

but even without those restrictions I'm not going to hand out my password to my
boss, my boss's boss, or even the CEO of the company.

I like my job, but preserving it comes pretty damned far behind "my freedom" in order of
my priorities. Jail vs giving out the keys to the kingdom? "Would you like the portcullis
up or down when you arrive, Mr. Barbarian?"

Anyone who chooses prison over a job doesn't count as "principled", they count as an idiot.

P and GP may be talking about the same thing. If I have assigned the keys to take care of the network, and more importantly am liable both morally and legally (morally is needed because of future employments, who knows), then it is plainly a good idea to keep them secret.

However, if my boss or my boss' boss or the CEO asks to have them and most importantly signs a paper that request them, by god, just give it to the man. By having the command in writing you are covered in case something wrong happens with those keys.

If no written order comes, how are they supposed to prove you denied them the request?

Re:Equal Protection?

Nice try, but that analogy/rebuke doesn't really work. Bail is intended to make sure people show up for trial, so it has to be adjusted for the relative impact it will have on the accused.

Re:Equal Protection?

[pla]

Giving out the passwords could also lead to jail time. My personal password ties my account to me personally.

It sounds like Childs had a pretty good clue about network administration - Meaning that he almost certainly didn't "run as root". He also had decent forewarning (most accounts describe this as ongoing for at least six months) that he could expect some bad mojo down the line, and could have taken appropriate steps to isolate his personal access from his professional access well in advance of the issue coming to a head.

Now, if I absolutely had to surrender my personal account, I'd simply change the password to "password" first, and ASAP bulk-email everyone in my address list to say that ownership of my account had changed hands and future contact from that account would not come from me.

Whether or not my employer owns "my" account, they sure as hell don't own my reputation.

Re:Equal Protection?

[HungryHobo]

While at the same time I've seen arguments that it's right that the rich and powerful tend to get more when they sue newspapers and radio stations for defamation because they're more valuable people... I mean their reputation is more valuable.

Lets go the whole hog!
one rule for the rich, one for the poor!
The lazy fuckers!
Probably all criminals anyway!

Hit someone while drunk driving? well since you're rich you're obviously more valuable to society, lets stack the odds in your favor so you don't go to jail!

Speeding? well sure if you make more money in the 20 minutes you save getting to work than it costs you to pay for your speeding ticket then that's perfectly fine!
It just makes economic sense for you to break the law then!

Crime isn't the same as milk or eggs. It's not a comodity. Fines are supposed to be punishment so if a fine is too small to be noticed by one person or so big as to not fit the crime for another then it's not justice. Fines relative to your wealth make perfect sense in that context.
If you get to avoid going to jail because of your daddies money then something is seriously messed up with your legal system.

Re:Equal Protection?

[erroneus]

It is a situation that defies what most people would do to be sure. This leads me to think that there is certainly a LOT more going on than we are able to know. I would guess that perhaps either he is trying to protect his own illegal activities or those of another or is trying to prevent something worse from happening to him at the hands of those above him.

But sometimes, you just have to accept that some people actually do things on principle. For example, a couple of years ago, I left my job because I refused to give up "evidence that could exonerate me." The short of it was that my office's IP address was reportedly being used to share Adobe software via bit torrent. While it was true that I used bit torrent, it was most assuredly not Adobe software. (I'm not completely innocent... there was pr0n involved... legal stuff but still) But there was no software infringement going on as far as I knew. But they wanted me to hand over my personal property for them, in another state, to examine for an undetermined amount of time in order to answer a BSA complaint. I simply packed up my gear and went home. I had much other personal data on my system and was unwilling to share it for any reason. They offered me no assurances of any kind and when I asked them "why would compliance be in my best interests?" they had no answer at all... only silence. Most people at the office agreed with my position.

In the end, I got a better job in fairly short time and no other consequences at all. I learned a lesson but it was not one "hard learned." Still, I was not going to just bend over and give up my personal property and data.

Re:Equal Protection?

[Mr.+Slippery]

but let's say an industrialist works hard to build up a small fortune.

Well, in the real world fortunes are built by leaching off the hard work of others, but we'll pretend.

If he commits the same crime as some high school dropout, the industrialist should have his bail set 1000x higher as a punishment for being successful?

Bail is not a punishment, it's a surety of appearance at trial.

Someone with a metric fuckload of money is going to be more willing to write off a bail of, say, $10,000, and is also more a a flight risk, than an average joe.

(There's also the problem that bails are set so high for the average joe that he often has to pay a bail bondsman a fraction of the bail, rather than put up the whole amount and have it returned when he shows up in court. But that's another issue.)

Re:Equal Protection?

[Inda]

I've said similar on here in the past and not been modded up *grumpy*

It also stems from the fact that we don't lock up innocent people in the western world.

Re:Equal Protection?

[corbettw]

My understanding of the case is they were asking for the router passwords, both login and enable (root). Not his personal passwords. There was no reason not to do so, the guy is an idiot and should've been fired on the spot. Letting him rot in jail for these past seven months is just overkill, though. They should let him go, it's not like he's likely to work in network security again, anyway.

Re:Equal Protection?

[MarkvW]

The presumption of innocence really works.

The presumption of innocence is a rule that applies to criminal trials. All it means (ALL it means) is that the jury cannot convict you unless they find beyond a reasonable doubt that you committed the charged crime. Juries take this very seriously. "Every lawyer" knows that. Juries can be stupid, sometimes, but they very often are stupid on behalf of the defendant. In other words, if they're not sure then they cut the defendant a break. "Every lawyer" who actually does trials knows that, too.

In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

Bail is a different issue. Judges have to assess danger to the community. Sometimes, people who can't make bail rot there before trial. Those people have a remedy, though. They can insist on a speedy trial. Most states have speedy trial rules just for that purpose.

Mr. Childs probably isn't pushing for a speedy trial because the State probably has a strong case against him and he wants to build an effective defense. Defense takes time and preparation. So, I guess that Mr. Childs is sitting in jail (1) because the judge thinks he's a danger to the community; (2) he can't make bail; and (3) he needs the time to prepare his complicated defense.

The presumption of innocence is not a fairy tale in the U.S. It is a plain reality.

Re:Equal Protection?

[Onaga]

The quote that I have issue with is: "or possibly he couldn't make bail because he's not as filthy rich as Paris"

So it's not an issue of making it "as difficult." Some people simply can't afford bail. Rich people tend to afford bail. If you make it high enough that they can't afford it, then there's no point to it. So we're still back to poor people can't afford bail and you can't raise bail high enough where rich people can't afford it. The only other thing one could say is that bail should be lowered for poorer people to a point where it is affordable for everyone. Yes we can.

Re:Equal Protection?

[Curtman]

let me welcome you to Socialist America.

Hey, hey now. It's called "Canada", not "Socialist America".

Re:Equal Protection?

[Mr.+Droopy+Drawers]

Why should it apply to taxation? Taxes are not a social program. It's designed to pay for government.

Oh, and bail is refunded if you show up for court.

Re:Equal Protection?

[ITJC68]

This makes perfect sense!!! Instead of a static fine make it a percentage of your year gross wages!! That way it is fair right?!? The only issue could become that some cities where these celebrities live would purposely look for them so they could get more money. It would be similar to a police cruiser looking for speeders and picking out only the most expensive cars because it would be more likely for them to get more money for the ticket. I know it seems far fetched now but don't put it past some departments or cities. My 2 and half cents.

Re:Equal Protection?

[Chris+Mattern]

I like my job, but preserving it comes pretty damned far behind "my freedom" in order of my priorities. Jail vs giving out the keys to the kingdom? "Would you like the portcullis up or down when you arrive, Mr. Barbarian?"

"I have no gate key."

"Fezzik, tear his arms off."

"Oh, you mean THIS gate key!"

Re:Equal Protection?

[hairyfeet]

I think an example that has been in the news a lot lately would be wholly appropriate and would help illustrate your point: Bernie "I stole 50 billon!" Madoff. Is there anyone who thinks that if that electronic lease was taken off him and he was given 10 million in bail instead that we would ever see old Bernie again? Nope, me neither.

The point of bail is NOT to tax or to punish but to CONTROL. We want you to go to trial. We give you an economic incentive to show up by taking some of your money. But if we let the rich pay what would essentially be the change in their pocket then there is NO economic incentive for them to bother showing up, now is there? And on the flip side by cranking up the bail way beyond the economic incentive barrier you have turned "innocent until proven guilty" into "guilty until somebody takes pity on your or your trial is over" since you are going to rot in jail. That is why many of us have a problem with the way bail is being treated today.

Of course it is just a symptom of the larger cancer that has eaten its way deep into our system, where those with money are allowed to freely bribe.....er lobby their way into and out of anything they want with impunity. But that is for another day. But I am sure they could find a bail number that would provide economic incentive while still letting this guy be with his family. Of course he pissed off city officials so they are most likely using bail as a punishment against the foolish serf.

Re:Equal Protection?

[A+nonymous+Coward]

Oh, and bail is refunded if you show up for court.

"The law, in its majestic equality, forbids the rich as well as the poor to beg in the streets, steal bread, or sleep under a bridge." -- Anatole France

So very useful, to know that if you could only have borrowed a frightful sum of money many times your yearly income, they would let you have it back years later after the wheels of Justice have ground ever so slowly.

Here we have a classic example of how the law screws the less than wealthy. This guy is thrown in jail at taxpayer expense when an ankle bracelet would have been good enough to keep track of him. He also has no income and gets deeper and deeper into debt.

He is being punished for being charged with a crime, not for being guilty.

Is the government going to pay him for lost wages if he is found innocent? Will they keep up mortgage payments while he is in jail before the trial?

I kinda fucking doubt it. You show me the justice.

Re:Equal Protection?

[mtrachtenberg]

Not only does the guy sound sane, it sounds as though he's got grounds to sue the folks who are trying to prosecute him. TFA suggests these incompetents were upset to find (1) a modem that had been in the admin's office since before he started working there, and (2) a modem set up to page him on any problems, and (3) a modem set up to handle emergencies.

Obviously, this was not handled well by either side, but I'm inclined to believe the guy in jail over the clearly incompetent managers.

Re:Equal Protection?

[russotto]

However, the vast majority of people, poor or rich, can post bail through bail bonds, since in general, the vast majority of crimes don't involve people who are very likely to run away.

Bail in this case is $5,000,000. A bail bond would cost $500,000.

So much for the Eighth Amendment.

Re:Equal Protection?

[shadowofwind]

Oh, and bail is refunded if you show up for court.

Not necessarily. I was arrested on a completely made-up charge a couple of years ago, and at the end of it all they kept 10% of my bail for no other reason than profit. It wasn't very much money compared to what I spent defending myself, or having to change jobs because of what the arrest did to my security clearance, but it still pissed me off.

On TV, the cops always interview the accused, to try to ascertain if they've got the right guy. Not necessarily so in real life. Never once did a police officer or prosecutor ever talk to me or look at the copious evidence I gathered in my defense. As far as their interaction with me, the process consisted of them showing up at my door at night with cuffs, then finally dropping the charges on the morning of the jury trial when the prosecutor realized they didn't have anything.

Re:Equal Protection?

[Vancorps]

It doesn't sound like you are involved in network administration if you have such strong opinions about router access which is not something everyone should have access to. There are definitely a few types of devices where it does no good to give higher ups access because the only thing they can do with it is screw it up.

City managers were clearly screwing up as they should have had to at least two admins and both of the admins would then have the login information available to them. Some random Joe should not be logging into my router anymore than I should be monkeying with a nuclear reactor. If you're not trained on the hardware then you shouldn't be working on it in a production environment.

Childs' reaction was definitely in the wrong so there is clearly wrong on both sides but his manager clearly wasn't handling security seriously and had no business asking of Childs' what he did. I don't give my boss my personal passwords either nor does anyone in the company get access to personal passwords as there is no need.

Re:Equal Protection?

[ElizabethGreene]

According to Mr. Childs, the passwords were requested by his skip-skip-level boss, 2 HR people, and an unknown number of people listening in via speakerphone in an unscheduled meeting he was pulled into while onsite at one of the office locations. A Police detective was also standing by.

I can only hope the true story of what happens here comes out eventually.. but that is unlikely.

-e.g.

Re:Equal Protection?

[Civil_Disobedient]

I take it you don't have a mortgage.

Or children.

Re:Equal Protection?

[Drgnkght]

You are an idiot. I suppose his landlord (if he rents) is just going to waive his rent? His insurance company isn't going to want their money? The rest of the world doesn't care why he isn't working. He still has bills that will need to be paid. His lawyer is undoubtably sending him bills as well.

Re:Equal Protection?

[pla]

How do you balance this individual need against an organizations's need for continuity of operations in the event of your death or incapacity to perform work?

A well-defined procedure already exists to handle that possibility - You write all the root-like passwords on a card, possibly with some level of instructions on where and how to use them, seal it in an envelope signed across the flap, and deposit it in (on of) the company's safe deposit box(es).

If the "wrong" people have access to that, then a company has much bigger problems than mere network security.

As that concept applies in this particular instance - It sounds like Childs should never have had sole possession of the router passwords in the first place, so do we blame him or his superiors for that? And as for his "superiors", it sounds like the chain of command here remains very much in question, with only one person involved (other than Childs), his immediate boss, having any clear "right" to those passwords.

Re:Equal Protection?

[Curtman]

<insert obligatory whooshing sound here>

But anyway, I heat my home with natural gas supplied by the government owned distributor, power my devices with power from the government owned electrical utility. Until about 10 years ago I had telephone service from the government telephone company, and bought gas for my car from "Petro Canada", the federal government's own retail gas chain (which they since sold off and privatised). Private hospitals are illegal here, you have to go to the government run free hospital unless you cross the border and have money to burn.

Maybe we're in a grey area somewhere outside of socialism, but most of us see those policies as being socialist, and most of us support them. If you even mention allowing private hospitals here in a public place you're bound to have a mob of people loudly tell you otherwise.

Re:Equal Protection?

[MightyMartian]

But more seriously wow. I had only heard about this in passing, and didn't know the details. What is an IT person supposed to do? They hire him to be in charge of the network and then ask him to hand out root passwords to anyone important in the city government. At my job they make us swear on everything holy to not give our passwords or pins to ANYONE and probably would have us shot as a penalty if they could get away with it, but even without those restrictions I'm not going to hand out my password to my boss, my boss's boss, or even the CEO of the company.

I think a lot of it would depend upon your company's policies. If it's clearly laid out that for you turn over highly sensitive information like root passwords, there has to be some official requests/paperwork/records (which is the way it should be, though I've never worked with such a policy clearly stated), then you're right. However, if you're like a lot of us, without such a formalized process, then it becomes more problematic.

If my boss (who is co-owner in the business), right now, showed up at my door and demanded the root passwords to our critical VPN and file servers, well, I doubt very much I would have a legal leg to stand on in denying the request. What I would do at that point is ask that a waver been drawn up and signed by both of us with a witness clearly stating my concerns at the release of such information, so if the shit hit the fan, it wouldn't be my ass.

If my boss were just a manager at some level, then I would pretty much require someone much higher up okayed the request, and again, I would want a waver making my concerns and/or objections known.

Of course, if the person demanding it is, say, the Mayor, and I was head of the city's IT department, then I doubt very much I would have a legal leg to stand on, and going as far as Childs did is just inviting a legal catastrophe for which I suspect he has only begun to feel the pain from.

One thing it does drive home, and one thing I am going to discuss with my boss is a clear policy on who, when and how critical security information can be released. It really is for both my benefit and the benefit of my employer.

Re:Equal Protection?

[rgviza]

You mistake the original intent of taxes, with the current use of taxes. It's a common mistake for democrats.

And bail is not a social program. You got it backwards. Don't worry, we forgive you. Bail is supposed to be set by the potential danger posed to the community by the perp and the severity of the crime. Since this guy isn't likely to get his job back, this is 0 risk. He also didn't do any damage.

And the fact that bail is refunded when you show up doesn't help you if you can't produce the funds when you need the bail ;)

This guy is getting screwed by people simply because they are pissed off. It's pretty unprofessional of the prosecutor and judge to set bail that high. You could be a cop charged with murder and get and get a lower bail, like this guy http://www3.signonsandiego.com/stories/2009/feb/06/ca-train-station-shooting-020609/?zIndex=49309.

That's also a betrayal of trust. Murderers routinely get $1m bails.

This guy is getting f**ked.

Re:Equal Protection?

[CannedTurkey]

There are many stories in the military of unqualified or otherwise useless individuals being promoted. There are two primary reasons. First, as you said, because it's nearly impossible to have someone fired. Second, because the one thing that accompanies a promotion is a transfer.

Re:Equal Protection?

[A+nonymous+Coward]

I was not arguing homeless vs rich, only normal vs rich. It is ridiculous that Childs has spent 7 months in jail, no pay, expenses mounting. That is where the discrepancy lies. He is being punished for being neither rich nor stone broke.

Re:Equal Protection?

[shadowofwind]

I presume you dealt with a bail bonds corporation?

They are a third party to the whole situation, and their product is getting you released from jail if the court allows this, and sets a bail amount.

No. Bail wasn't more than about $1000, and my wife bailed me out with our money. The police kept the 10%. Like I said, it wasn't a large amount.

legit modems?

[socsoc]

This article gives better reasons for those modems being on the network than previous stories. Doesn't seem so rogue now, does it?

Re:legit modems?

[drinkypoo]

This article gives better reasons for those modems being on the network than previous stories. Doesn't seem so rogue now, does it?

Did it ever seem rogue to people with actual technical experience?

What it seemed to me was stupid. If people above you in the chain of command want to break the network and destroy your security, you have to let them. The only recourse you really have is to demand such things in writing and run them all through your boss. The worst they can do in such a situation is fire you. But your job is to do as you are told, and if they tell you to fuck it all up, then you can either quit or capitulate.

It seems to me like Childs was trying to obey the letter of his job description, without fully considering the ramifications. Certainly he wasn't trying to take over the network - however dumb he might be, I certainly don't believe he's crazy enough to forget about cops and prisons. He surely didn't think that they would be wielded against him for these particular actions, but that was just dumb. Now the city is trying to do everything they can to justify their actions, so they're trotting out bullshit arguments against him (like allegedly holding information he shouldn't, or installing back doors - which frankly are not a bad idea if they are secure back doors. someone 0wns your network, it's nice to be able to get in!)

Odds are, most of us will never know the truth. The only one who knows the full truth of Childs' intentions is himself, and most people aren't all that in-touch with themselves anyway. However, he's had a lot of time to sit and think about it.

Re:legit modems?

[morgan_greywolf]

This article gives better reasons for those modems being on the network than previous stories. Doesn't seem so rogue now, does it?

It only seems rogue when they make ludicrous statements like he put "1,100 modems" on the network.

Anybody with half a brain can think about that statement as say 1) There's no way someone had that many modems and phone lines because would be wayyy too expensive and 2) if you were putting secret modems on the network to 'wreak havoc' (whatever that means), you certainly wouldn't need anything close to 100 of them, let alone 1,100 of them.

If I were confronted with a room full of people not my boss and asked to reveal admin passwords, I wouldn't even try to give them the wrong ones, I would be like "if you need those, you need to ask my boss, not me because I am not authorized to give them to you."

Re:legit modems?

[_Sprocket_]

It should also be noted that Childs handed over passwords to the Mayor while in jail.

Re:legit modems?

[R2.0]

The worst they can do in such a situation is fire you. But your job is to do as you are told, and if they tell you to fuck it all up, then you can either quit or capitulate.

And I believe you've identified the crux of the problem.. Childs was asked to give root access to someone he judged unqualified. Childs refused. Then he was ordered to do so, he refused again, and he was fired. then they said "Give us your password" and Childs said "No - I don't work for you anymore". Then he was arrested.

The SF city government showed their ignorance of how complex computer systems work in 2 ways: first, demanding that a privileged person be given root access to the whole system as if it was a laptop; and second, by only having 1 guy with "the keys to the kingdom". That isn't Childs' fault - I'm sure he would have been more than happy to share the admin load with another employee who was competent enough to do it. But the city government viewed him like a customer call center employee - knowledgeable about computers, but basically replaceable. I'm sure that the guy who fired Childs thought that someone could "hack" the password like it was a Word document.

This was a colossal failure of business management, but because it is a government, they have the police to cover up their mistakes.

Re:Interview?

[riegel]

It sounds like the problem isn't that web journalism is lite but that there really isn't a lot of new information.

Re:CQ?

[macxcool]

According to Wikipedia, either:
Central Queensland
Congressional Quarterly
or
A symbol indicating that the spelling is actually correct, believe it or not.

Does that help?

Re:Interview?

[zzottt]

he couldnt record it nor talk about the trial... not much you can do with 30 minutes

Wait a second?

[tjstork]

You know I was arguing all about either torture the guy and let him walk to get the passwords, thinking that 10 minutes of waterboarding is less damaging than 7 years in prison.

Now, his side says that he's getting tossed into jail for sneaking a few modems onto his desk and not giving out the passwords to the modems he set up? come on now, that's not the story we heard coming from s.f. before and I have to wonder just what passwords s.f. was asking for.

I don't know that I would hire the guy, but, somehow, when all the banks in the fine city of san francisco are sitting there having blown through trillions of dollars, I think maybe s.f. pd needs to be putting some other people in prison besides this guy.

Re:Wait a second?

[drinkypoo]

There is DEFINITELY something else more nefarious going on here, but it's impossible to say what. So far SF has completely mismanaged the case, continually getting technical details wrong and putting a ton of irrelevant yet sensitive information (the VPN access information) into the complaint. Unless they can come up with some better evidence their case looks like complete bullshit. That won't necessarily prevent him being found guilty, though.

The most amazing part of this whole story is...

[yttrstein]

That there's a network admin somewhere that has giant ethical nuts. As anyone with even a day's worth of network admin/engineering experience knows, the loyalty of all network admins can be purchased with A. a fat paycheck or B. a threat of any kind from someone with authority.

Can you imagine even half of the network admins in the united states changing the passwords on their routers and shutting them down until Childs is released?

Yeah, I can't either.

Re:The most amazing part of this whole story is...

[zappepcs]

I thought that too. Huge testicular fortitude by Childs. I think the interviewer noticed something when he mentioned that at the end Childs stopped and said "it's a different world in here" in reference to prison. That is perhaps the point of the blog entry, to show that Childs really isn't a whacko control fr34k with an attitude problem. I'm not saying network admins are that way, just that he was sort of painted that way in the original news headlines. I hope that he gets exonerated. Everyday I have to deal with people that have no clue how computers work, let alone databases or networks.

I also have hopes that Childs being exonerated would reinforce the value of IT staff in general. That is to say that hey, you hired people who know what they are doing. Let them do it and don't mess them around.

Car analogy: Don't micromanage your NASCAR driver or even the engineering staff who build the car.

I guess what I mean is I hope the PHBs get it rough with no reach around on this one.

Re:The most amazing part of this whole story is...

[Zontar_Thing_From_Ve]

Can you imagine even half of the network admins in the united states changing the passwords on their routers and shutting them down until Childs is released? Yeah, I can't either.

I can't either, but probably for different reasons than you.
1. Such actions could cost employers to lose money and might subject those responsible to criminal charges (quite possibly felony charges) similar to Terry Childs.
2. Your suggestion fails to take into account that the legal system (judges, lawyers and police) is mostly comprised of people with extremely limited technical knowledge. Do you really want such people deciding whether you might have a point to this protest? I'm thinking "no". Also, the legal system might be seriously unimpressed with such stunts and look to make examples of everyone who engages in this kind of protest simply to keep it from happening again in the future. Remember, back in the 1980s that President Reagan told the air traffic controllers if they went on strike (which was illegal) that he would fire them all. They went on strike and he did fire them. Nobody in the federal government has been on strike since then.
I read the articles linked to in the main post and I'm still unconvinced that Childs is a "victim". At best he's an idiot for not realizing that the passwords were not his to protect, they were his employer's. At worst he deliberately tried to sabotage the network and is now trying to weasel out of jail time and fines.
Keep in mind that Childs himself now says it wasn't worth it. It doesn't take a rocket scientist to figure out that when your employers says "Give me the passwords" that you do that. It's not his job as a network admin to worry about what will happen to those passwords.

Re:The most amazing part of this whole story is...

[SirGarlon]

That there's a network admin somewhere that has giant ethical nuts.

Only if 100% of what Childs says is true. I'm not so sure I'm ready to believe him -- the circumstances of his confrontation with management suggests there may be layers to this story that aren't making it into the media.

Re:The most amazing part of this whole story is...

[yttrstein]

As an employer, I'll let you in on something:

The reason that punishment has been laid so strongly and swiftly down on Childs is directly because of the power of the position he held. He's being made an example in order to make sure that no other network admins get any bright ideas about exposing their feelings of real ownership and territory that every good network engineer has about their responsibilities (and equipment for that matter).

As an employer, I hope the steps being taken against this man, no matter what his motivations were, are entirely unsuccessful. The world needs fearless and ballsy geeks a lot more than it needs spineless jellyfish who happily do whatever they're told *despite the ethics of it*. There's something deeply disturbing about so many giant brains have willfully given up control of (and responsibility for) their own actions and are all too ready to claim they were "just doing my job".

Pardon my revulsion, but there are those of us who remember where that sort of outlook takes the species.

Re:The most amazing part of this whole story is...

[DeadManCoding]

Are you hiring? Because you definitely wouldn't be the first boss that I got into a spat with, and if you can actually respect my ability to do a job, that's a serious thumbs up from me.

Press Interviews while incarcerated

Not going to comment on Child's innocence or guilt, but I have to wonder whether his lawyer is giving him good advice. I mean, giving an interview to the press which you discuss some case specifics doesn't seem like a very wise thing to do. Even though TFA was just a summary of the interview and did not contain a transcript of it, I'm guessing that the San Francisco prosecutor could subpoena the reporter to turn over a transcript, or recordings and any notes the reporter took to use against Childs.

Giving an interview to the press really screwed over UK hacker Gary McKinnon, who's currently fighting an extradition order to be brought to the US to face charges breaking in to Pentagon computers. His interview by the BBC shortly after he was arrested basically was a full confession of everything he had done and left no wiggle room to create a case for reasonable doubt. The US prosecutor could base his case just on the BBC article alone and probably get a conviction. Of, McKinnon gave the interview before the US filed charges, I think, so he may have thought he was in the clear when the British authorities didn't file their own charges.

Anyway, it just not a smart idea to give interviews to the press while facing criminal charges, and I'm surprised his lawyer let him do it.

In the land of the free

[Dunbal]

he's going to keep fighting to prove he's innocent of computer crime charges.

      Well, good luck with that...

Mmmmm... No.

[Concern]

I hate to say it, but these stories only reinforce for me that Childs is likely guilty.

It seems even clearer that he really did keep passwords to himself, and when asked, refused to hand them over to his management.

Management can ask for them (how can they ever replace a network admin, otherwise?) and they can ask you to hand them over to anyone they say. As Schneier says, they belong to your employer, not you.

These articles imply that it's not "good practice" to give passwords out. If that's really his defense, it's specious and deceptive. If your boss demands a password, you have to give it, by law. If he demands you give it to another person, or 20 other people, you have to give it, by law.

If they do something stupid with it, then maybe _they_ end up in jail. If you want, you can even try catching them at it, being a whistle-blower, help them along with that process. But that's _not_ your problem, as an admin.

I just get the sense of a tense guy who had a personality conflict with his boss (who may have been an ass, or not), and who let his emotions carry him over into criminal conduct. At the most, there are some mistakes in ancillary parts of the charges against him (re. modems), which is unimportant to the main issue.

Re:Mmmmm... No.

[DavidTC]

Well, congratulations on making up laws, but, no, there's no law requiring you tell people passwords, even to their own systems. At all. Barring some sort of court order requiring that, which does not exist in this case.

And that's not what he's charged with. He's charged with, essentially, doing his job, with lots of evidence of doing his job introduced as evidence.

Like keeping detailed diagrams of the network at his house....the network he built by hand.

Or installing network sniffers...commericial network sniffers that monitor the network for viruses and hack attempts, like he was supposed to as part of his job.

Or having a modem installed...that paged him in case of network problems.

Or configuring routers to not let people do a 'password reset'...in unsecured locations, like thousands of network admin do to routers they can't lock up to keep people from screwing with them.

Or confronting someone who claims they're doing an 'audit' of his systems and, as he claims, walking out with a hard drive. (They were doing an audit, but he didn't know that.)

They have decided all this means he was planning to bring the network down for some unspecified reason. Of course he could bring the network, any network admin knows enough to bring the network down. If they don't, they don't know enough to do their job keeping it up.

Re:Mmmmm... No.

[mjeffers]

I completely agree.

This whole situation reminds me of the Seinfeld episode where Jerry's mechanic held his car hostage because he didn't feel Jerry did a good enough job taking care of it.

As much as it may pain network admins to hear it, you don't own your network. You are paid to build and maintain it but your relationship to it is like the mechanic and not like the car owner. If the people who pay you and who paid for the network ask for the keys, give it to them. If you don't, from their point of view you are now holding their property hostage.

Re:Mmmmm... No.

[Quothz]

These articles imply that it's not "good practice" to give passwords out. If that's really his defense, it's specious and deceptive. If your boss demands a password, you have to give it, by law.

What law? In this case, the State's trying t'use "disrupting computer services", which is a California-specific law. From a look at the text, it looks like you only must give the password to your boss if he or she is "authorized" to have it. I'm assuming the charges are based on:

(5) Knowingly and without permission ... causes the denial of computer services to an authorized user of a computer, computer system, or computer network.

The question is whether his bosses were "authorized". If they -aren't-, it's criminal to give them the passwords, under the same section. Tricky. This is a government network in question, so the matter of authorization may not be clear. I have trouble with the scenario in which the police CIO, a military information defense worker, a couple of engineers, and especially a human resources rep would have authorization for administrative control of the city's network without a city policy-level decision being made at the mayoral or legislative level.

Even in a business environment, the question of authorization can be sticky, and again is best-handled by a top-level policy decision.

Other states have different laws; check your local listings. There's no universal law I'm aware of that says your boss has the right to any passwords. Quite the opposite, in California; if you give it up to your boss on demand when he shouldn't have it, and hijinks ensue, you could theoretically be prosecuted. I've trouble picturing that actually happening, but it clearly is not the case that you have to hand it over on request.

As a layman, it looks to me as though Childs was correct in refusing to give out the passwords (although I'm not familiar with any relevant city policies granting authorization, again I'm pretty darned sure the HR guy isn't supposed to have 'em). Giving out incorrect passwords was a bad move, but easily attributed to the pressure of the surprise party.

The techie media is getting it right...

[DigitalSorceress]

If things went down like Childs said, then he was indeed doing his job correctly. I've got root level access to all our Linux servers and several of our AD domains due to the work I do. However, I'm not the network admin. I would not give any of the passwords to anyone (including my boss, the head of IT), and instead would direct the requester to our head network/infrastructure guy.

I happen to know that he would refuse to just give out root passwords to management just because they wanted it. The only people with that level of access are those who need it for their work. This is how things SHOULD BE.

Now if Childs was the only one with the passwords (which from the standoff, I guess he was), then he may be guilty of forgetting that you NEVER put all your eggs in one basket. Were I in Childs' position, I would have been concerned what would happen to my network should I get hit by a bus. However, I can't believe he wouldn't have a PFY to share the info with. You always gotta have a second.

Re:Press Interviews while incarcerated

[R2.0]

I get the impression that his defense is not going to be "I didn't do it" but "I did it, but it's not a crime"

Personally I think he's holding out for the fat paycheck at the end of the inevitable lawsuit, and good for him. This whole thing is about the city of SF trying to save face.

Power struggle.

[Vellmont]

It seems to me the whole thing is really about a power struggle with a recalcitrant employee. Someone with a lot of authority in City Government sicked Johnny Law after this guy when he refused to give out the admin passwords. The city then calls up the media, lets out the dogs, scarlet letter, the whole 9 yards.

In reality, is failing to reveal an admin password a criminal offense? Have we really gotten so strange in this day and age that some passwords are now considered "property"?

I have no problem with him being fired. He sounds like a control freak who took the whole system to be his personal baby. But the charges against him sound more like someone is pissed off, and trying to take it out through the court system.

Re:Power struggle.

[hobbit]

I do, because stealing something doesn't change ownership.

If, however, I employ you to keep my car keys from me when I'm drunk, and you give them to me anyway, on the basis that I asked you to and I'm your employer, are you doing your job?

Now, of course, this analogy breaks down because they fired him, so it wasn't his job to withhold passwords from them any more. But the question remains, was it his legal obligation to provide them?

Re:CQ?

[Jeremy+Erwin]

CQ or Cadit Quaestio means "the spelling (or the simple fact) has been checked and double checked", so there's no need to check it again. As it was editorial markup, it should not have appeared in the published version of the story.

If something you mark as CQ later turns out to be wrong (because you haven't bothered to check), well that's egg on your face, isn't it?

what is actually claimed in the affivadit ..

[viralMeme]

Does anyone find it curious that the city managers claim they couldn't get access to the system without Childs passwords. I mean how difficult is it technically to reset a password, especially with physical access to the system. And with most reported 'news' nowadays, the facts keep changing with each new itteration:

Sep 10 2008 "The SF rogue admin Terry Childs installed a 'terminal server,' which appears to be a router, on the city's network, but investigators haven't been able to find or log into it"

"Childs has become increasingly hostile at work and defiant toward certain managers and has failed to comply with standard work procedure, as described above by the only system administrator situation"

"On the late afternoon of Friday 6-20-08, Security Manager J. Pieralde was conducting an audit inventory of equipment at the OMP Data Center. As she proceeded with her work, she was confronted by Childs and Childs began taking pictures of her, using his SF Owned cell phone. Pieralde became so concerned for her personal safety that she locked herself in a room and contacted Director R. Robinson by cell phone, informing him of (S) Childs' behavior .."

"Over the last months, Childs has refused and not authorized or allowed any other system administrators to the FiberWAN .."

"
"
"The Labor Relations representative, Mr. Leung, then informed Childs that because of his insubordination and his failure to answer questions by a superior of his insubordination and his failure to answer questions by a superior he was being suspended from his employment .."

" Childs' City owned work cell phone, pager, ID cards, and access cards were taken from him .."

"Approximatly, an hour later, a page was received on the pager and a check of messages revealed a message from one of the routers . .Security Director J. Pieralde .. highly suggests that Childs still had current system admin rights .."

"Mr. Maupin was also able to determine that Mr' Childs had, in fact, intentionally configured multiple Cicso network devices with a command that erases all configuration date in the event that someone tries to restore administrative access or tries to perform disaster recovery. This command was created for military applications that require deployment of network devices in areas that may have the possibility of hostile forces that could get physical access to network devices .."

Does anyone else apart from me think this is technologically nonsense

Re:what is actually claimed in the affivadit ..

[GameMaster]

The whole thing stinks, but you never know until we see all the facts.

The picture taking incident could have been him flying off the handle like they make it out to be, or it could have been him taking pictures as cya insurance because he was concerned she might mess up (EIther intentionally or unintentionally) some mission-critical systems. One would wonder why she called a director, and not 911, if she was actually concerned for her personal safety. That makes it sound like, to me anyway, some of the hyperbole they were talking about in the article.

The thing about the router paging his work pager sounds like nothing. I see nothing out of the ordinary for an admin to set up a router to page his work pager if it has problems. How does this, in any way, signify him still having access if he no longer has the pager? He either has the pager (and is thus allowed to contact the network as an employee) or the pager is confiscated from him when he is fired (removing his access to the network). There may be more to the story, but that statement means nothing on it's own.

Re:Interview?

[DavidTC]

Can someone even explain what he's charged with and what his specific actions were?

Refusing to do your job and inform management of passwords is not illegal. (It's pretty strange behavior, but not illegal.)

The only thing I can glean from reading both links is 'three modems', one of this was a DSL one he didn't set up for testing and whatnot, one of them was to operate his pager, and one of them was to link the city's network in emergencies. None of them even vaguely look like backdoors, but, more important, none of them were used as backdoors to a system he had access to anyway. (You don't install secret backdoors in cabinets in your office.)

I know Childs can't talk because his lawyers says not to, but there's a fucking document called a 'arrest report' that actually lays out charges against him and the specific actions he took that were in violation of the law. What are they?

Googling throws a lot of nonsense around, including the fact they've charged him with supposedly planning to use a planned power outage to do something bad, when said power outage wouldn't have affected those system. (And what 'something bad' is very vague.)

And, also, when the police search his house, they found weapons ammo. This is presumably relevant somehow.

yet more 'facts' in the Childs case ..

[viralMeme]

"On Friday, June 20, there was an altercation between Childs and Jeana Pieralde, the new DTIS security manager at the 1 Market Street datacenter in San Francisco. Until her promotion, she had been a city network engineer who worked with Childs"

Why didn't anyone tell Childs of this promotion, and who got her the 'promotion'?

"Childs disputed this interpretation of events, claiming in court documents that Pieralde was conducting clandestine searches of DTIS employee workspaces and had removed a hard drive from an office when he confronted her. He also denied taking photos of Pieralde"

Were there or were there not photographs taken of Pieralde by Childs. Was Pieralde authorized to conduct such audits and where now is this 'SF Owned cell phone', and what exactly did Childs intend to do with these photographs.

"the city stated that Childs was placed under surveillance and was arrested on the evening of July 12 as he was parking his vehicle near his home in the suburb of Pittsburg. At the time of his arrest, he was found to have $10,000 cash on his person and receipts showing that he had traveled to Sparks, Nevada, where he had looked at renting storage units. Following his arrest, police searched his house and workspaces. Police turned up 9mm and .45 caliber bullets, but apparently no weapons"

Like, if he was under surveillance (and his cell/pager conficated), wouldn't they have noticed that he wasn't actually near a computer whern the pager went off ?

"Considering that normal bail for a murder case is $1 million -- one fifth of what Childs' bail was set at -- this filing was unexpected"

-------

"it is a mystery what exactly Jeana Pieralde was doing performing an unannounced, after-hours "security audit" in a City office other than that in which she herself worked. It was during that secret "security audit" on the evening of Friday, June 20th, 2008, in which Jeana Pieralde took a hard drive from another City employee's office and was photographed by Terry Childs as she did so"

"The office from which Pieralde removed the hard drive belonged to DTIS Security Officer Nancy Hastings (who naturally was not present in the office because the "security audit" was being conducted after hours.)" "Terry Childs had returned late to the offices (which do include his office and do not include Jeana Pieralde's office) at about 5:15 P.M. to find Jeana Pieralde (who does not work in those offices) taking a hard drive from one of Terry's co-workers offices. Terry photographed this act with the camera in his cellphone"

Did Pieralde really remove a harddrive. What was the name of this co-worker, where is this harddrive now. What motovated Pieralde to remove the harddrive. What's really going on here. Was Pieralde caught with her-in-th-cookie-jar, and someone decide to frame Childs to distract from something?

By Law? Sources?

[hellfire]

What law says "you must hand out a password to your boss when he requests it or you will be prosecuted as a felon"?

The lawyer in the referenced articles has stated "The response to suspend him was arguably legal. The response to prosecute him is not." That means, if you don't give up a password, you can be suspended or fired, as you could be in any job, but that doesn't mean you can be prosecuted. If you use those passwords for nefarious means after you are fired, then yes you can, but so far the articles don't point to anything Child's did. There have been some wild claims, but InfoWorld has a special report page with articles that seem to call into question the accusations that are being leveled at Childs.

He's not required to presume innocence

[Sycraft-fu]

Courts are. Seems many people on Slashdot misunderstand the whole "Guilty until proven innocent," thing. What that is, is a simple way of stating how burden of proof works in our court system. In US courts, the defense isn't required to prove anything. The defense can present no case at all and the defendant can still go free. The reason is they have no burden. The burden of proof is on the state, the prosecution. They have to prove that the defendant is guilty. So they can't just walk in and say "We accuse the defendant of doing X," and leave it at that. They have to present evidence to prove their case. Thus by design a defendant in court is presumed innocent. Proof of guilt must be offered because a not guilty verdict the the default in absence of proof.

That's all it means. It is just a simple way of summing up our court system. It is NOT a command to the population at large. Individuals are free to believe what they wish, and use whatever standard for evidence they wish. People aren't required to view everyone as innocent until proven guilty in a court of law. They are welcome o hold opinions as they see fit.

So please, but the crap with this. If you think the guy is innocent, or wish to reserve judgment until later, that's wonderful. If others don't, that's also fine.

Re:He's not required to presume innocence

[Korin43]

You're missing the point. Why does the court have to assume that people are innocent until proven otherwise? Because it makes sense. If the police arrest someone, you should wait until they actual present their case to decide if the person is guilty. Sure, there's no legal requirement for you give people a chance to defend themselves, but if you don't, you're still a douchebag.

Re:He's not required to presume innocence

[DancesWithBlowTorch]

That's all it means. It is just a simple way of summing up our court system. It is NOT a command to the population at large.

You are painting a pretty bleak picture of this society. Of course everyone is free to believe whatever they want. But in a civilised society, under the rule of law, we like to let the law rule. That includes giving every man a chance to state their cause in court before judging them. That is indeed a "command to the population at large", although a moral one, not a legislative one.

Re:He's not required to presume innocence

[AK+Marc]

You're missing the point. Why does the court have to assume that people are innocent until proven otherwise? Because it makes sense.

It only makes sense because it's what you believe.

If the police arrest someone, you should wait until they actual present their case to decide if the person is guilty.

The cops presumed them guilty, or they wouldn't have arrested them. So you are already working under a broken premise. Also, court findings are not fact. They either did or did not do what they are accused of. If they did it, that was either against the law or not against the law. Courts find whether the prosecution proved, beyond a reasonable doubt, that the accused did what they are accused of and that it is a violation of the law the prosecutors assert. If they are found to have performed the act, but it wasn't against the law, then they would have been found "guilty" of performing the act, but not guilty of the crime. And even if they found not guilty, that doesn't mean they didn't do it, but that it wasn't proven that they did it.

How about O.J. Simpson? Let's say that he did it. He wasn't found guilty. But that doesn't mean he isn't guilty of committing the crime, just that his guilt couldn't be proven in court. Whether he performed the act or not is *never* changed by the finding of the court. Thus the court isn't a useful gauge of the guilt of someone. It may be highly correlated with guilt, but it never determines it in fact.

Sure, there's no legal requirement for you give people a chance to defend themselves, but if you don't, you're still a douchebag.

Courts are charged with keeping innocent people out of jail. As such, they have a high standard for findings. Civil cases and most people's minds work on a different scale. You just determine which was more likely and that's the answer. It's more likely than not that O.J. Simpson killed. He had a ruling against him in civil court with the reduced standard. So does that mean he killed? Well, he was found not guilty in a court with a higher standard. I'd guess that most people think he did kill. The courts determined he was "responsible." But there wasn't enough to "prove" that he did it.

That's the way it is supposed to work. Everyone thinks you are guilty, but you aren't in jail because they couldn't prove it. If it can't be proven, then you shouldn't spend time in jail. If it is most likely, then there's no reason people shouldn't think you did it. "Presumed Innocent" is a legal standard used in order to give a fair trial. "Presumed Guilty" would have the accused always denied bail, show up in court in prison clothes, and reduce the standard of proof needed to convict. We don't want that, so in court (and only in court) the accused is "presumed innocent." That legal stance is not used anywhere else. Not by the police, and certainly not by the population as a whole.

Re:He's not required to presume innocence

[mangu]

Why does the court have to assume that people are innocent until proven otherwise?

Because it's the state against an individual. "Innocent until proven guilty" is a way to try to rebalance a situation that's rather unsymmetrical: a state organization with enormous means at its disposition is accusing one person. When the state investigates, they can put thousands of officers at the job. They have the power to go anywhere, interrogate anybody, investigate everything.

The accused is alone. No matter how rich he is, he runs the risk of going bankrupt if he tries to match the state in its investigations. And he could go to jail if found guilty. Therefore, it's only fair to give the defendant the benefit of doubt in court.

It's a different situation when it's a citizen against another. I have the right to form an opinion on whether someone is guilty or not without giving him all the leeway a court needs to give, and I have the right to tell my opinion to anybody who will listen. It's not as if my opinion could send anybody to jail.

Re:He's not required to presume innocence

[AK+Marc]

Wow sounds like you're against presumption of innocence (outside of court). Lets hope you're never falsely arrested or framed for child porn. Get off. And have everyone believe you were guilty and only got off because of a technicality, ruining your life for something you didn't even do. And then make a Lifetime movie out of it.

That happens whether I believe in presumption of innocence or not. So why is my personal belief in that an issue?

I'm not saying that Childs doesn't have an axe to grind, but to assume he's guilty of maliciously screwing with what he was hired to maintain on circumstantial evidence is weak and unfair.

Non sequitur. I'm talking about the presumption of innocence. It's a legal instruction, not a moral imperative. I think Childs is not guilty of any crime. He's not been accused of any crime that he had the opportunity to commit. There is no assertion that he accessed the network without permission, nor that he took any action that degraded its performance. The worst thing he did was to say "no" to a former employer. But for Hans Reiser, I thought he was guilty the first time I heard anyting about the case. His statements and actions were aligned with that of a guilty person. There was evidence pointing to him, and little pointing elsewhere. I said so on here multiple times, and people responded with the "you have to presume him innocent." Hell no. He most likely did it, so I can voice my opinion that he's the most likely to have committed the murder (and that it was murder, since she was just "missing" at the time). I don't have to presume innocence. I get to take in all the information available and make a logical determination. It's most likely that Hans did commit murder. The same is true of how I evaluated OJ. He most likely did it. They weren't able to get a guilty verdict like they did with Hans, but I have less than a reasonable doubt that O.J. Simpson committed murder. It doesn't matter that all the information for both OJ and Hans was circumstantial.

Most cases have almost all the evidence being circumstantial, and circumstantial evidence is more reliable than things like eye witness identification of strangers. Finding the body under your house with your bloody fingerprints all over it, the gun, registered in your name, next to the body with a note that says "I did it" with a photo of you and bloody footprints from the body to the shoes that are on your feet as you sit on the couch typing on Slashdot when the police bust in your door. Oh, and you have gunshot residue on your hands. And you told someone yesterday you were going to kill her that night, with a gun, while wearing your favorite Nikes and leave a picture of you next to her with a note that you did it. And that's all still "just circumstantial." Would you think that person innocent? Or might you think they probably did it?

Pretty much

[Sycraft-fu]

People always need to remember you don't own the stuff at work, the company does. Thus it isn't up to you to decide what goes on with it, it is the company's. That means if they wish to make a bad decision, they can. If the owner decides that the root password should be "password" and further that it should be posted on the wall, well that's his decision. You can and should tell him why that's a bad idea but if he says "I don't care, do it," then it over. You can't tell him no, because it isn't your stuff, it's his stuff. You can, of course, quit (and I probably would in that situation), but you can't just refuse and say "It's for your own good."

Now in the scheme of a large company where you don't deal directly with the owner, it is still the same thing. Whoever their designated representative is, makes the decisions. So if you are given a stupid order you tell your boss it's a bad idea. He says do it anyways you go up to whatever level is appropriate (IT supervisor maybe, CEO maybe) and make your concerns known, but you do your job. If they want to be dumb, they can be dumb. Not your place to tell them they can't, and indeed it can be illegal.

Re:Pretty much

[Vancorps]

Where do people get this impression that the company owns everything you do?

This is simply not true by default in the U.S. legal system. It properly does vary a bit from state to state but for the most part things like email are owned by the employee unless specifically stated and agreed upon before employment began.

When you're in IT some things get gray real fast. For instance, my title is network engineer. I write a lot of my own scripts to automate tasks. That code is mine because the company isn't paying me to write code. Our programmer is of course under different restrictions based on who's equipment he's using. Of course it's further grayed by the fact that we both often use our own equipment on company time because it suits a particular need at the time. The issue is quite muddy then on who's is what as far as coding goes.

Things like root passwords should be locked in some sort of safe somewhere in case of emergency but personal passwords should never be stored for any reason and they can't require you to give it up although they can certainly change it anyway and impersonate you despite not giving up passwords. In the end its all about principle.

I half agree with you and half disagree. If a non-technical executive is giving you technical orders then disregarding is often the best policy. The owner of my current company wanted full admin access to all the files on the network. I knew this was inherently dangerous as he in the past has accidentally deleted over 200gigs of content while his computer wasn't behaving at home. Instead I built him a file-server and copied all the data over to it and gave him full access to that so he can't harm production.

There are situations where you do have to give in but in most situations I've ever been in at least standing your ground does a lot more to change things than just bending over and letting an idiot decide password should be the root password.

Re:Pretty much

[The+Notorious+ASP]

Except in a public company, the final word isn't work the IT supervisor (or even CEO) - it's with the shareholders.

The correct answer (and what I have done in the past) is to call internal audit and run it past them. When it bubbles up that not having controls around powerful accounts is going to show up as an exception on your SEC filing the tune will change.

It is everyone's responsibility, network admin up to CEO, to protect the stakeholders.

Re:Pretty much

[mrchaotica]

If the owner decides that the root password should be "password" and further that it should be posted on the wall, well that's his decision. You can and should tell him why that's a bad idea but if he says "I don't care, do it," then it over. You can't tell him no, because it isn't your stuff, it's his stuff. You can, of course, quit (and I probably would in that situation), but you can't just refuse and say "It's for your own good."

You know, this is exactly why professions other than IT have professional licensing. For example, a civil engineer could refuse his boss's request to design an unsafe structure. In fact, he's obligated to refuse, because to do otherwise would get him kicked out of the ASCE and sued. Ditto with doctors and lawyers.

Now, why doesn't IT have something equivalent to this??

Re:Pretty much

[Sycraft-fu]

Sorry, but if you wrote those scripts on company time on company hardware, the scripts belong to them. It was a work for hire.

Now suppose you write the scripts on your own time, at home. Ok then the script is yours. However if you go and give it to the company to use, that copy is theirs. As per copyright law they can't go and distribute it and sell it and such, but they get to keep it unless you had another agreement in place before hand. You can't give them the script and then take it away later just because you feel like it.

However none of this matters as it relates to access to systems they own. The company DOES own all systems they purchased. Doesn't matter how much you like the system, how much you use it, it belongs to them. Thus who gets access and how is up to them. They can decide to make you the only person with the passwords, they can decide everyone in the world gets the passwords. They can do the right thing, or the wrong thing, it isn't up to you.

You can, of course, advise them, try and offer alternatives, explain why their way of doing it isn't the best, but you DO NOT have the right to lock them out of their own systems, even if you believe it is for their own good. When they want the password, you have to give it to them. You are welcome to quit if you think it is a really bad idea, but you can't refuse to hand it over if that is what they finally demand.

Hello from Texas

[jeko]

It also stems from the fact that we don't lock up innocent people in the western world.

Thanks. I just sprayed coffee all over my keyboard. Let me try this in a dialect you might understand.

Son, not only do we lock up innocent people here in the US but, Hell, in Texas we've condemned men to die when their defense attorney didn't even show up in one case, or showed up too drunk to stand straight in another. Up there in Yankeeland, they just caught a judge getting commissions from the prison for sending kids to jail.

Pound for pound, we lock up more people than the Russkies and the Chicoms COMBINED ever did. What, you think they're all guilty? You think Americans are just that much more sinful than all them godless heathens combined?

meanwhile, back in the real world...

[mkcmkc]

In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

A little research will uncover the answer. Say the police break down your door one early morning, shoot your dog, and cuff you and your family. They have an informant that says you're involved in the meth trade. They take it to the DA, who can see it's bullshit, but DA's are measured in pleas and convictions, so he offers you a plea. You can cop to some minor class-D felony and three months in county. Or you can take it to court and put yourself at the mercy of 12 random citizens and/or a judge. Win or lose, you're out your job, your house, quite possibly your spouse, and your life savings. (Not to mention other details not suitable for this family publication.)

If you've got any sense at all, you take the plea. Why? Maybe "because you're guilty...".

That's how the presumption of innocence really works.

Re:meanwhile, back in the real world...

[Rich0]

Yup. Look on the PBS Frontline website for their recent episode on Plea Bargains (you can watch it online). It is a real eye-opener.

One woman was clearly falsely accused but was convicted. It became fairly obvious that she was falsely confused, and so the DA offered her a plea bargain for time served if she pled guilty (one of those cases of the DA being more concerned with a win/loss record than justice). Due to her religious convictions she did not want to plea guilty since she would have to lie and confess to a crime she did not commit. She lost her appeals and is still in prison for a crime she professes she did not commit, and she could have been free today if she only confessed to it. What motive could she possibly have for not confessing, other than a desire to be honest? And yet as a society we both punish her and bear the expense of imprisoning her.

Plea bargains are a the natural result of barter between somebody with everything to lose and somebody with nothing to lose. Threaten an innocent person with 30 years in prison and they have tremendous incentive to accept a year or two of punishment for a crime they didn't commit. Sure, in some cases I think that plea bargains are a good concept, but they're being wielded in a fundamentally unfair way. It should be the goal of the DA to seek justice, not convictions.

Re:meanwhile, back in the real world...

[rantingkitten]

For the day to day legal BS average people are likely to encounter the situation is just as bad. I doubt the police are going to break down my door and accuse me of running a meth lab, but let's look at something as common as traffic violations.

Your court date will roll around and you'll plead not guilty. A trial date will be set, meaning you'll have to schedule your life around that, and try to get a lawyer to help. The average person isn't expected to fully understand the law, because it's so nuanced and convoluted, which is why defense attorneys with years of specialized training exist. The average person is expected to fully abide by the law he doesn't understand, though, which may suggest a problem with the system, but nobody will question it during this process.

On your trial date you'll speak to some self-important prosecutor or solicitor who acts on behalf of the government. He'll treat your minor case like it's the crime of the century. Depending on your demeanor he may offer a deal of some sort, which usually entails you pleading guilty to a somewhat lessor offense. What he probably won't tell you is that if you reject this offer, and make him go through the hassle of an actual trial, he'll push for the maximum possible punishment the law allows, regardless of any circumstances up to that point, because he doesn't want to do more work.

This is justice in America.

If you take his deal, you've just pleaded guilty to an offense you may not have even committed, and is probably something so stupid no one should care even if you did do it, but you're intimidated into the plea by his legal jargon and the fact that, as an average Joe, you don't have the time, money, or resources devoted to fighting it. You'll pay a few hundred dollars in fines and be on your way, with an arrest record, a criminal history, and completely out the hundreds you spent for the bond, the fine, the impound, the attorney, and anything else. The state will pat itself on the back for a job well done for cleaning up the mean streets of dangerous scum like you.

If you don't take his deal you'll be put on trial. For minor offenses you may not even get a jury of twelve average Joes who will sympathize with you; the state has found a loophole and called this an "administrative matter", meaning you'll get tried by a judge, who will claim to be impartial but is on the state's payroll and has a vested interest in making sure things turn out in the state's favor, not to mention his clouded view of every person who appears before him as a criminal.

The judge will ignore everything you say, and your attorney will be mostly powerless since the time for deal-making is over and all he can do is try to object to the prosection's evidence. There will be little evidence to which he can object, though, since for most minor offenses there aren't any significant witnesses or material bits of evidence. Nothing but the policeman's word and charge on the books, often, and this will be taken as wholly sufficient to pronounce you guilty, whereupon you'll pay a huge fine, face possible jail time, and be in worse shape than you had you just meekly submitted instead of trying to assert your right as an American to a fair and impartial trial.

If you're very lucky, you may win your case and be pronounced "not guilty". You spent time in jail, have an arrest record, paid a pretty penny to bondsmen and lawyers and impound lots, had to take time off work, stressed the hell out of yourself dealing with this. Thousands of dollars later the state will send you on your way without so much as a "sorry about the trouble".

This is justice in America.

Create thousands upon thousands of arbitrary, meaningless laws which serve no public good, which citizens can't keep track of or reasonably comprehend, then leap out from behind the bushes to scream "GOTCHA!" when they may break one, rubbing your hands with glee that you can extract more money from the citizens. Punish them for daring to question the authority of the state. That's justice in America, and when you create laws just for the purpose of turning otherwise normal people into criminals, you cause them to lose all respect for the law.

I did, long ago.

Actually, you've just rebuilt the classic argument

[jeko]

...against plea-bargaining.

In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

Amazing. You just asserted that presumption of innocence is a reality, and in the same breath insinuated all people who go to trial are guilty. If Einstein was right, and genius is the ability to hold two contradictory ideas in your head at the same time, then your mental acuity is astonishing indeed.

The whole point of plea bargaining is to reduce the number of cases that go to trial. Plea bargaining works because you can't predict the jury's decision with certainty. If you look at the possible outcomes of plea-bargaining, it guarantees innocent men will end up in prison.

Suppose you're innocent. Suppose you're innocent, but unlucky, and the circumstances make you look guilty. Suppose you're an unpopular minority. Suppose you pray to the wrong god. Suppose you're just ugly. Suppose you just look like "that type." Suppose you don't come from around here. Suppose you've never caught a break in your life. Suppose there are any one of a million reasons why twelve random people off the street could drop you in a hole without any good reason and not lose any sleep over it.

Suppose you have children. Suppose you have family who depend on you. Suppose The Authorities come to you and tell you, "Boy, you don't push us on this, and we'll let you out in a couple of years. But if you make us go all the way, we'll make sure you don't ever see the light of day again, and when we put you in jail, we'll make sure Bubba is waiting for you with a dress."

Take a random sample of a thousand innocent men, and sure, some of those men will have the moral courage and fortitude to tell you to go to Hell and take me to trial. Some of those men will lack that courage, and take your bargain out of fear. Most of those men will run a quick and dirty risk/reward calculation in their head, and realize that the best option is to take the deal -- because that's how you arranged it.

Plea bargaining is a foul and filthy practice that guarantees a miscarriage of Justice in a certain percentage of cases. That's why not every Western nation allows it.

But your arguments have nothing to do with the facts -- they have to do with your fears. It's terrifying to live in a world where innocent men can routinely go to prison. It's terrifying to live in a world where going to prison means a good chance of rape and brutality. It's terrifying to live in a world where the authorities actually use that threat of rape against you without conscience. It's terrifying to live in a world where any random mouth-breathing high-school-droput with a badge can destroy your life with trumped-up evidence. It's terrifying to live in a world where you can hear cops threaten to club children, where you hear cops threaten to plant fake drug evidence against teenagers, where you see cops shoot prone and begging men in the back...

It's terrifying to live in a world where simply browsing YouTube can give you video evidence of all of this.

So, your cognitive dissonance blasts away at full force, and you tell yourself innocent people don't go to jail because anyone who goes to jail is not innocent. You pillow your head on that circular logic, and while you dream you live in a pretty and just world you make it that much harder for the rest of us to fix the problems...
       

Re:Aw, come on, now...

[Savantissimo]

we shoot straighter

That's what's referred to as "gun control" here in Texas.

Re:If others don't think the guy is innocent...

[Toonol]

No, they're morons if they're positive he's guilty. Thinking he's guilty is a reasonable conclusion based on what evidence they've seen... so long as they remain open to revising they're view as more is learned.

People aren't courts of law, and we would not be able to function if we were held to legal standards of proof in all our beliefs and decisions.

probably a bad sign for Childs

[ffflala]

I'd like to think his defense is reasonable, but then I thought the same thing about Reiser's case.