The Trial of Terry Childs Begins

snydeq writes "Opening arguments were heard today in the trial against IT admin Terry Childs, who was arrested 18 months ago for refusing to hand over passwords to the San Francisco city network. InfoWorld's Paul Venezia, who has been following the case from the start, speculates that the 18-month wait is due to the fact that 'the DA has done no homework on the technical issues in play here and is instead more than willing to use the Frankenstein offense: It's different, so it must be killed.' On the other hand, the city — which has held Childs on $5 million bail despite having already dropped three of the four charges against him — may have finally figured out 'just how ridiculous the whole scenario is but is too far down the line to pull back the reins and is continuing with the prosecution just to save face,' Venezia writes. The trial is expected to last until mid-March. San Francisco Mayor Gavin Newsom, to whom Childs eventually gave the city's network passwords, will be included in the roster of those who will testify in the case — one that could put all admins in danger should Childs be found guilty of tampering."

Re:All admins

[tdobson]

There is a potential for problems if a very manager with very insecure security tendencies asks a sysadmin for very important passwords. In some circumstances, the sysadmin might feel justified not handing the passwords over as it would compromise the security of the existing system.

Terry Childs and the female boss

[viralMeme]

"On Friday, June 20, there was an altercation between Childs and Jeana Pieralde, the new DTIS security manager at the 1 Market Street datacenter in San Francisco. Until her promotion, she had been a city network engineer who worked with Childs"

Sorting out fact from fiction in the Terry Childs case (InfoWorld)

.. the city had claimed it could not access the FiberWAN network's devices. But four days before that bail hearing, the city claimed it had scheduled a power outage at the 1 Market Street datacenter. That power outage would have affected routers and switches running the FiberWAN network.

In the court filing four days later, the city contended that Childs had "booby-trapped" the network to collapse during this power outage by not writing the device configurations to flash on some number of routers. A local news report stated that "experts caught the problem in time and transferred data to permanent files, [Assistant DA Conrad] del Rosario said."

This statement contradicts the city's stance that it had no access to these routers, as there is no way it could have written those configurations to flash, or save them anywhere, on July 19 if it could not access the devices ..

Re:anyone here who defends this man

[LaminatorX]

Childs deserves defense not because he appropriately handled a showdown with management he had no hope of navigating successfully, clearly he did not. Rather, he should be defended against having the prosecutorial powers of the city leveled against him and being deprived of his freedom for many months over a matter that should have gone no further than the termination of his employment.

Re:All admins

[vvaduva]

It's called CYA - report it to your direct manager, if you are overridden, have it all in writing for the blame game which is certain to happen later.

Re:Childs should get twenty years

[Coren22]

so you would rather that he broke the policy that was given to him with regard to passwords and let unauthorized people have access? The city policy only allowed him to give passwords to the Mayor, which he did as soon as he was allowed to. If you are fired, and some random people ask you to give up the password, would you? If you say yes, then you will end up at the wrong end of a lawsuit, as that would make you criminally culpable in whatever havoc those people caused on the network.
   

Re:Childs should get twenty years

[Moryath]

The water treatment plants were amongst the infrastructures that he disabled.

Uhm, come again?

Nothing was "disabled." Nothing was turned off. The situation was quite simply that the routers were secured down to the point where, without having admin credentials, someone could not CHANGE them. This is not "negligent", this is smart design.

Then we get to the exorbitant bail amount, the fact that he's being held in lockup without a bail reduction even though better than 3/4 of the case has been dropped due to lack of evidence, and the fact that he in fact gave the passwords up to a competent authority (the SF Mayor, aka his boss's boss's boss), and it looks like a kangaroo court in process. The DA's office doesn't have much, if anything, of a case but they're desperate to justify what they have done so far so they just keep pushing along.

I'll offer you a choice. You are being reassigned to a new area. Your "boss", the blithering idiot who still keeps his password in a sticky note on his monitor and who holds a bitchfest every time he's told he has to pick a password that actually conforms to complexity requirements rather than using "god", demands a ton of passwords with root-level access. You've seen numerous situations before where the "admin at the time" (e.g. you) has been turned into the fall guy for shit going wrong or security breaches, when it's obvious to anyone doing any research that the real problem is some moron boss with less brain cells than teeth, an MBA, and a napoleon complex.

What. Do. You. Do?

Re:Why is this guy being treated as a Martyr to IT

[jc42]

Bail should be set as a deterrent to flee before a trial is finished, not to keep someone indefinitely in a cell.

And this is probably why they did it. His bosses probably knew (or were told by their lawyers) right off that they didn't have a chance of convicting him of anything. So they used one of the standard legal ruses to keep him in jail while they delayed the trial. It's not especially unusual for people to be jailed before a trial for longer than the longest legal sentence. It's even done when conviction couldn't get a jail sentence at all. The idea is to keep someone in jail as long as you can, by any means that will work. Then it doesn't much matter if the court exonerates them; you've shown that you can incarcerate them sufficiently long without a trial.

Parts of the US Bill of Rights were designed to prevent this sort of imprisonment. It hasn't worked very well in this case. And it's not the first time that such things have been done in the US. Anyone not aware of this problem is naive and ignorant of history.

The only real question is whether he can get restitution from the courts afterwards. History says he probably won't.

This sort of story is why I gave up on security/admin jobs early on. I read some stories similar to this, and figured out that the non-technical people above my immediate boss were highly likely to pull such stunts, perhaps with me as a chosen victim. The only way to win that game is not to play it, because the higher ups can see all the cards and do all the shuffling. Of course, when I and thousands of others started figuring this out, it inevitably led to our current sorry state of widespread computer insecurity.

One thing we might add to this story is a question about whether SF will be able to hire a competent person to replace him. I certainly wouldn't want to interview with them, except maybe to see if I could get some inside information about their current policies (after which I'd simply ignore any job offers).

One thing I'd suggest to anyone in his position: If your superiors demand that you give admin passwords to non-technical people, you should hand in your resignation along with the passwords. Tell them right out why you consider this a threat to your own legal safety as well as the computer systems. Chances are they won't be surprised, because they knew what was planned. After all, anyone with the root passwords can edit any file and fake lots of evidence, including the timestamps on files.