Slashdot Mirror
3 of 4 Charges Against Terry Childs Dropped
phantomfive writes "Terry Childs, who was arrested nearly a year ago for refusing to turn over the passwords to San Francisco's FiberWAN network, has been cleared of three of the four charges against him. The dropped charges referred to the attachment of modems to the network; the remaining charge is for refusing to turn over the password. The prosecutor has vowed to appeal, to have the charges reinstated. We have the original story, and the story where Childs tells his side, for those who want a refresher."
Always seemed to me this was not much more than a witch hunt. Why else would them set a bail higher than for killers and rapists?
Onda Technology Institute
I'm sorry but this guy has already had time served. Even if they do find him guilty one year in jail for what he did is far more than enough. Plus 1M bail? Is he a violent criminal? ...
This sounds like a classic story if ignorant people making decisions about technical crime and getting scared. I aim that both at the city and at the judge who set the original bail.
We need special technical trials for things like this within which both the defence and prosecution are allowed to bring in technical witnesses to put the case into perspective for non-technical people (as opposed to "HACKER! Get the pitch forks!").
I opined on the last story that he was playing the 'power game' from the bottom of the political strata. By most accounts he was at the top of the network knowledge, so a technically important guy. 'Network God' doesn't translate into political power and he got burned.
But what else is in the plea deal? I can't help but think there's waaaay more to the story given the political heat this guy brought on himself. Maybe the plea deal keeps him quiet?
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
Link to an old Slashdot story that then links to an archive page that doesn't even have the word Childs on it.
You have to go to page three of the archive to find the bloody interview!
Why the hell is it so difficult to provide direct links to the actual articles?
...sufficient to keep him from being hired...
After this thorough exposure and experience with the legal profession, law firms should be recruiting him. Not to mention his arrogance and narrow focus on a crucial point of fact indicates he would fit well in with lawyers of the same personality traits.
Every mans' island needs an ocean; choose your ocean carefully.
I don't have to read the article to know that. If the charges were dropped, the prosecutor would not be vowing to appeal. When a judge gets rid of charges, they're dismissed. When a prosecutor voluntarily gets rid of charges, then they're dropped.
If someone says he and his monkey have nothing to hide, they almost certainly do.
I'm not really sure that makes sense either but we should know soon. It really just looks like management that was so spectacularly bad that they called in the police to handle a simple workplace dispute. It should have been escalated up the chain away from these clowns to some form of adult supervision before calling in the police.
Just a bit of wild speculation here, but it will be very interesting to find out if the inexperienced "IT security" person that sparked all this off is a relative or lover of the new management that handled this all so badly. If I found a complete stranger wandering about removing hard drives containing sensitive information I would be asking rude questions, taking photos and making threats about calling the police as well. The only way you tell a surprise security audit from a robbery is by having someone known within the company follow them around to avoid STUPID situations like this. If a manager can't get anyone or do it themselves they really have to put in their notice and get a job with less responsibility.
Very wild speculation here, but wouldn't it be funny if the entire thing was revenge for making the new manager's mistress cry?
It's a little known fact that prosecutors cannot be sued for anything they do in court to a defendant. Prosecutors are truly the worst part of the system since they are unaccountable to the public and are rewarded for getting convictions, not enforcing the law wisely. As a profession, they are so corrupt that they make civil lawyers look sympathetic since civil lawyers are at least limiting themselves to cases where you can kinda sorta see how their client was genuinely harmed.
As an ex-employee, it's no longer his call as to "who gets the keys"
Wrong! The SOP was that he was only to turn the passwords over to the Mayor. This has been covered extensively. This requirement DOES go away if you're fired... you don't [by default] have to turn over ANY passwords! Just say "I don't work here any more, and I don't have your passwords." Meanwhile, if you do still work there, then you're still bound by the agreement you already made to follow the policies and procedures, which means he was bound to turn the passwords only over to the mayor.
In other words, the only charge not dismissed by the judge is the only one which he ever should have been accused of (if any) and he has a solid defense against it. We shall see how it plays out, but it is not nearly as cut and dried as you imagine or pretend.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
IIRC, he allegedly changed the Cisco configs but never saved them on NVRAM. You can power-cycle Cisco devices and have a 60-second window to get in without knowing the password That was the big problem.. had he saved the configs to NVRAM, the City could have just power-cycled the devices during a maintenance window, gone in and reset the passwords. But the configs being only in volatile memory meant that if they tried that, the boxes would have lost the config, resulting in the "full system failure"--they City network would have gone down.
So announcing it at a meeting was right out.
The person that should have taken this all into hand and resulted in a normal dismissal instead of an arrest is Chris Vein. He was originally an accountant but many CIOs are and some manage to pick up management skills and familiarity with technology along the way.
Here is what http://blogs.zdnet.com/BTL/?p=4692 says about him:
It's still possible he got there by merit, but it starting to look like a political appointment. On his linkedin page he describes himself as "Delivering strong and effective leadership", which often means someone that fires people for no good reason to show they are "strong" but maybe I've just seen too many bastards in action that like that word. These things may give an insight or maybe not, but the end result of getting the police involved in a workplace dispute demonstrates to me that he is not paticularly effective, let alone the situation where there was only one person that could do the job. BTW San Francisco, do you have your free WiFi from 2006 yet? If not you now know the name of the guy that was in charge of delivering it.
From http://www.linkedin.com/pub/chris-vein/7/110/71b you can see that Chris Vein was a senior advisor at the White House after only three years in the workforce! I do not think such a rise is possible by merit or desirable in an honest government.
I hope this case looks deeply at the motivations behind getting the police involved. I'm also extremely curious as to what the $1million that has to be spent to repair the "damage" is required for and hope the defence and judge push hard for an explanation of this unusual claim
The defense made a motion challenging the evidence and the judge agreed that there was not sufficient evidence to support 3 of the 4 charges. There was no plea here. The court threw out the state's allegations for lack of evidence. There was no evidence because what he did was probably not sufficient as a matter of law (a matter of fact would probably have been decided by a jury). The charges were merely trumped up. Fabricated. Lies.
And yet they still kept this man in jail for a year awaiting trial for a ridiculous amount of bail money for a non-violent crime.
The road to tyranny has always been paved with claims of necessity.
some of the routers where in a place with little security and that is where you may want to use that config.
I withdraw my wild accusation. The security officer was promoted internally to the post and when she rang the CIO to complain about being caught doing what she was previously not authorised to do it doesn't mean she knew him personally. It's looking like office politics that has been mismanaged so badly that it has been allowed to escape into the legal system with some incredibly wild claims to stop it looking like an over-reaction, just triggered by an employee that wouldn't do what he was told without a reason. The secret promotion thing was just too weird, I would expect at least an email saying "your new computer security officer appointed today is X, please assist her in her work" instead of secret security audits by someone secretly assigned to the position. That shows a both a spectacular level of distrust of employees and poor management.
It really looks like he made someone angry and they decided to put him in jail in revenge.
He gave them to the Mayor in person not long after imprisonment. That would be approximately a year ago.
Lets not forget...
I would hire him.
Ya know... that is not always the case. Or to use your vernacular, with emphasis... BULLSHIT! I have administered systems which were secure enough that they would not boot up into single user mode and grant access without the root password, and the drives were secured in such a way that not even pulling the drive and putting it in another system would help... the boot loader required a password to decrypt the filesystem. Given that this machine was up for like 10 years last I knew, when it was finally taken out of commission... reboots were rare. As for exploiting holes in remote access routes, such as through sendmail, http, etc... the only active routes into the system were for Kerberos (e.g. ports like kerberos, kpasswd, and klogin) and considered at the time to be secure short of the resources of the likes of NSA, CIA or DOD.
Now in the particulars of this case, Child's practice of not committing configurations to NVRAM complicates the problem, and makes it even more impossible for the passwords to be recovered. Ever spent some time configuring a router, holding off on the saving to NVRAM to test the configuration, and then lost power? If the scripts to configure the routers were some place only he knew (such as on a USB key, or hidden away some place on a 300GB drive, perhaps in an encrypted file), it was no problem for him if a unit rebooted. But try to reboot to gain access... guess what, you just lost what you were looking to find. And since we are talking about a router, even if he had committed the configuration (and associated password) to NVRAM, how would having physical access help you? Most routers I have seen, the best you can do is to reset to factory defaults with a little magic button, and provide no way to boot off of other media and still access the configuration on the switch. Nor can you pull the drive and put it in another PC and go that route. As someone who helped write the firmware for networking gear, I know. Only those of us who did that work even had a clue on how to get at a shell like environment to get at the stored configuration. But again, we are bitten by the lack of writing to non-volatile storage in this case. And if you are going to try to brute force a password... it would not help if the password for the console access is "KGToNBhChA2ayofcVL1voA". Granted, using such a password on quite a few switches/routers would be stupid, unless you scripted that access (something I have done). But then there are the countermeasures against such brute force attacks, such as delaying login re-attempts for 5-15 seconds, locking accounts after so many failed logins, etc.
So, with all this said, someone needing to try to gain access to some machines had better either hope they have the configurations stored someplace off the switch to enable restoration, or hope that they only have to assume a position of humility (e.g. the mayor asking Childs) in having to ask for the administrator password which has hopefully not been locked down. Because, if that is not the case, they are going to soon be assuming the same position a ex-LEO or child rapist is said to be forced to assume in prison...
Oh... and as for resigning (can one say he was really given a chance to do so properly) and giving the passwords to someone who was not supposed to get them, he could quite possibly be held responsible for the resulting damages if it was contrary to procedures. And given that this has all the appearances of being one pissing match of a turf war... I would be very afraid that that would be the case were I in his position, and as such, the case is IMO totally absurd, and perhaps just has some folks wanting to make a name for themselves...
Helping build UN*X and the Internet since 1981.
Really the classic bit of this story is how the prosecutors included a list of usernames and passwords in their court filing which couldn't have been a better home-run for the defense in terms of 'See what happens when you give the passwords out to these idiots?'.
A year of his life gone though.. This should be a cautionary tale for any IT person.. When things get so bad that you're angry and not making good decisions.. just quit. Find somewhere else, relax. A job at burger king is better than going to prison.
misleading title...as the charges weren't "dropped," they were dismissed by the Judge (yes...I rtfa).
"Dropped" implies that the prosecutor did the "dropping," either due to a plea bargain or because the lack of evidence.
plus I don't like how the Examiner "labels" Childs as a hacker....he was the f*cking sysadmin and essentially the father/protector of the city's fiberWAN.
Especially considering the incompetence with computers and network security policies and practices by other city workers, he was considered the messiah/scapegoat.
(definitely, among those of us who have had to deal with the city govt)
there are plenty of other fish that the prosecutor(s) can fry that are worth the frying.
oh, btw, I can't get the triangle button to add a tag to work anymore.
Well, you don't have to turn the equipment over because of employment, you have to turn it over because your (now former) employer is the rightful owner.
Before they fired him, he was bound by policy NOT to give the password to his boss or co-workers. After he was fired, he wasn't even bound to remember the password at all much less tell someone what it was.
Personally when I leave an engagement where I had passwords, I delete personal accounts and if I was the only person with a role account password, change it to unmemorable junk, write it down, and seal it in an envelope (then forget it). That goes to whoever the policy says should have it ONLY. If others already legitimately have the role passwords I tell them to change it IN WRITING.
If they choose not to have an appropriate transitional arrangement for that to happen, that's it, I'm gone, good luck to ya! I don't remember a thing!
He indicated willingness to give the password to the mayor. Once the mayor could be bothered to get said password from him, he did just that. Too bad they made a big stink of it such that that step took place while he was in jail. As for the claims of millions in damage to "repair" the network, that seems rather unlikely unless they really were the bumbling id10ts Childs makes them out to be. Even then, that's not HIS doing.