The Trial of Terry Childs Begins

snydeq writes "Opening arguments were heard today in the trial against IT admin Terry Childs, who was arrested 18 months ago for refusing to hand over passwords to the San Francisco city network. InfoWorld's Paul Venezia, who has been following the case from the start, speculates that the 18-month wait is due to the fact that 'the DA has done no homework on the technical issues in play here and is instead more than willing to use the Frankenstein offense: It's different, so it must be killed.' On the other hand, the city — which has held Childs on $5 million bail despite having already dropped three of the four charges against him — may have finally figured out 'just how ridiculous the whole scenario is but is too far down the line to pull back the reins and is continuing with the prosecution just to save face,' Venezia writes. The trial is expected to last until mid-March. San Francisco Mayor Gavin Newsom, to whom Childs eventually gave the city's network passwords, will be included in the roster of those who will testify in the case — one that could put all admins in danger should Childs be found guilty of tampering."

All admins

[RichardJenkins]

Surely you mean all admins who refuse to provide passwords when asked by an authorised official at the company they set the passwords for?

Re:All admins

[tdobson]

There is a potential for problems if a very manager with very insecure security tendencies asks a sysadmin for very important passwords. In some circumstances, the sysadmin might feel justified not handing the passwords over as it would compromise the security of the existing system.

Re:All admins

[DJRumpy]

It doesn't matter since in this case, the people this guy works for asked for the passwords. He is completely free of guilt should they screw things up and no court would hold him responsible for doing exactly what his duties required him to do.

He never owned these passwords, the hardware, the systems, or the infrastructure he worked on. When the owners asked for the password, he should have noted his concerns, and given them up.

Re:All admins

[DarkOx]

The answer is obvious. You simply put it in writing that in your professional opinion someone without an educational background or specific vocational training related the security and operation of whatever system you are dealing with should not operate its administrative features. You than state that you cannot be solely responsible for security or system failures if you are not permitted to be the gatekeeper. You then hand over the passwords if your employer or client agrees.

There is really no problem here at all.

Re:All admins

[remmelt]

Except when they still ass rape you for killing their system. Yes, this happens. You're the admin, you're responsible! Sucks to be you! Sure, you have some bullshit in writing, but who cares? Go look for another job! Oh, you want to sue us now? Go right ahead, see who has the deeper pockets.

Either way, you lose.

Re:All admins

[QuantumRiff]

If someone higher ranking than me from our accounting division wants the Domain admin password, should I hand it to them? What about the head marketing person? How do you determine who it is "Safe" to hand over the passwords to?

Re:All admins

[tibman]

I remember it being different than that. He wasn't supposed to tell anyone other than the mayor what the password was. Some new manager showed up one day and said "Hey, what's the password?" He says "I can't tell you." So the new manager called the police. Then as soon as the mayor showed up and asked for the password, Mr Childs told him.

As far as i remember, there was zero authorized officials at the company to receive the password.

Re:All admins

[L4t3r4lu5]

He did just that. The "Authorised official" you refer to was the Mayor, who he dutifuly revealed the password to when asked. Who he didn't reveal the password to was his line manager / supervisor, who he was expressly forbidden from doing so by district policy.

It's not his fault for knowing the policy better than his own supervisor. He followed it to the letter, but his boss got his knickers in a twist and decided to get him arrested. I hope he's made to choke down that choice with a lovely pink slip in his Christmas stocking.

Re:All admins

[canajin56]

Except he did have a lot to worry about, if you read about it. What happened is he caught a former coworker who got promoted to a different department, without his knowledge. He thought she was fired because she just vanished, and he never saw her again. He catches her searching through peoples desks, and removing hard drives from their computers. She claims he was taking illegal pictures of her and disrupting her "secret audit", which is why she had him arrested and held on a $5 million bond. (The "illegal pictures" he took never surfaced). That's right, he was arrested before being fired, and before refusing to give up the password. The "refused to give up the password" was when she called him in jail and demanded it. Still a woman who, as far as he knows, was fired, not promoted, demands the password over speakerphone in a police station. He says no way. His boss pipes in over the speaker phone and says "Just do whatever she says, or else", and he says no, it's against corporate policy to discuss that sort of thing over speakerphone where anybody can pipe in, but if the boss or the mayor calls in person without speakerphone, he will. They hung up and told the police to process him.

He never owned these passwords, the hardware, the systems, or the infrastructure he worked on. When the owners asked for the password, he should have noted his concerns, and given them up.

As far as he knows, an ex-employee was breaking in and snooping though peoples files and desks. And I guess she must be blackmailing his boss, for the boss to be says "do what she says or else". If Childs doesn't own the network, how do you reason this middle management fuck owns it?!!? The OWNERS didn't ask shit. At any rate, for him to have given the password like that violated company policy, which he told them, he told them they had to get it in person, and they REFUSED. He told them he'd tell the Mayor, he told the police, who refused to tell him what he was being held on, that he would tell the Mayor, who as the people's representative, is the owner of the network. At this point, people ran with the fact that he was a corporate spy of some sort, because his CITY OWNED CELL HAD A CAMERA IN IT JUST LIKE ALL CELLS, and also he used a firing range, highly illegal, only outlaws use firearms, remember! He also was looking at storage space, a clear crime. When all he really did was refuse to give a password to a co-worked who was "fired" but actually secretly promoted to conduct "secret audits" by searching desks and desktop HDs at midnight on a Friday night. And, to repeat, he was arrested and charged before he even was asked for the password. AND he was asked for the password in a way that was against corporate policy, and also possibly a felony.

Frankenstein Offense?

[zmnatz]

Then will Mr. Childs employ the Chewbacca Defense?

Re:Why is this guy being treated as a Martyr to IT

The owners of the network are the public. An employee should act in the best interests of the employer at all times -- even if doing so conflicts with the views of immediate superiors.

Network Design?

[DarthBart]

Why was the network designed so that one single account (or password) held the keys the kingdom? That's just stupid.

"Administrator" groups for Windows machines
Multiple root SSH keys and/or Kerberos logins for Unix boxen
TACACS user-based authentication for routers.

If the dude just left and said "I'm done with you folks, no I'm not handing over my passwords", then fine...go into the user admin system, nuke his passwords and get on with your life.

If the dude deliberately went in and reset passwords and changed network access before walking and then tried to blackmail the city, then that's sabotage/blackmail/downright illegal and should be punished.

If the dude walked out without giving passwords to anyone and the system was poorly designed so that admin passwords had to be forcefully recovered via single user mode or the like, then the city should just eat crow, lick their wounds, and install a real network AAA system.

What would have happened if the dude had been run over by a beer truck on the way to work? Would the city have been screwed as well?

Dude.

Re:Why is this guy being treated as a Martyr to IT

[NitroWolf]

This guy denied access to the owners of that network. Just because there isn't a law to fit the crime doesn't mean he is innocent of wrong doing. Hell, it's not a stretch to say that for a time, before they recovered it, he had stolen the entire network from them.

Take your word smithing and semantics and stick 'em where the sun don't shine. What he did was wrong for it, and he needs to be punished.

What do you mean "Just because there isn't a law to fit the crime doesn't mean he is innocent of wrong doing." That's exactly what it means. If there's no law to fit his "crime," then by definition there is no crime committed. Perhaps he's guilty of being an asshat, but doesn't mean he's criminally liable according to your definition.

It's quite a stretch to say he had stolen the entire network. In fact, it's absolutely false. They could have done a hard admin reset on the routers and affected systems and been back in complete control of them. They chose not to, for various legitimate reasons, but the network remained in the possession of the legitimate owners.

You complain about word smithing and semantics yet that's exactly what you are doing. What he did may be wrong, but the question as to whether any laws were broken is far from a given. To punish him for breaking no laws would be absurd and your assertion that he should is equally absurd.

He was in a catch 22

[onyxruby]

I was initially very skeptical of Childs until additional information came out about the case that changed the story notably.

Their policy prohibited Childs from simply handing passwords over to his boss, when asked by the mayor he handed them over as requested. I think the bigger issue is one of policy on security and a lack of industry best practices by the city. What holds the greater weight, policy or your bosses request? Depending on where you work, handing over your passwords to anyone can readily be a criminal infraction. At a minimum they could have asked Childs to create an additional account with full administrative access and that account could then have been used to disable Childs account.

I know at my employer I am not allowed to share my passwords with anyone, including my supervisor. I have an official backup with equivalent access to myself and my refusal to hand over passwords would not prevent anyone else from taking over for me. If my employer wanted they could simply reset my password and gain access to my account. The issue in San Francisco is there wasn't anyone else who had equivalent access to begin with. Their network was complex and the city had cut to the bone on staffing ahead of time.

Lessons can be learned from this from a management standpoint, the city took an antagonistic approach and did not update their policy and instead asked Childs to break it. Their security personal should have known industry best practices and instead asked Childs to violate them and hand over his password. Ultimately the case showed incompetence in city management and embarrassed them, and that's the only reason I can think of the city pressed the case.

Fired him first?

[Mathinker]

> the people this guy works for asked for the passwords

My impression was, that in a nice show of cluelessness, they decided to fire this guy first, and then ask him for the passwords which they didn't have (i.e., they didn't have any plan of action if he got run over by a bus or otherwise dropped dead).

Re:Fired him first?

[PopeRatzo]

When you are fired from work, you can't simply raid your cubicle and take everything in it.

The sweet Humanscale Freedom High-back chair in plum vellum with the graphite frame in which I am now sitting begs to differ.

Re:Fired him first?

[GaryOlson]

No, not irrelevant. Termination of employment means a termination of responsibilities in both directions:
the employer does not provide any services to you; and, you are not obligated to provide any services to the ex-employer. Those passwords are not the property of the employer; but merely a method for controlling the assets of the employer. The failure of the employer to implement methods to regain control of their assets is not the ex-employees problem.

Re:Fired him first?

[Spazztastic]

When you are fired from work, you can't simply raid your cubicle and take everything in it.

The sweet Humanscale Freedom High-back chair in plum vellum with the graphite frame in which I am now sitting begs to differ.

You bastard! I replaced you and now I'm sitting on a milk crate!

Terry Childs and the female boss

[viralMeme]

"On Friday, June 20, there was an altercation between Childs and Jeana Pieralde, the new DTIS security manager at the 1 Market Street datacenter in San Francisco. Until her promotion, she had been a city network engineer who worked with Childs"

Sorting out fact from fiction in the Terry Childs case (InfoWorld)

.. the city had claimed it could not access the FiberWAN network's devices. But four days before that bail hearing, the city claimed it had scheduled a power outage at the 1 Market Street datacenter. That power outage would have affected routers and switches running the FiberWAN network.

In the court filing four days later, the city contended that Childs had "booby-trapped" the network to collapse during this power outage by not writing the device configurations to flash on some number of routers. A local news report stated that "experts caught the problem in time and transferred data to permanent files, [Assistant DA Conrad] del Rosario said."

This statement contradicts the city's stance that it had no access to these routers, as there is no way it could have written those configurations to flash, or save them anywhere, on July 19 if it could not access the devices ..

Re:anyone here who defends this man

[LaminatorX]

Childs deserves defense not because he appropriately handled a showdown with management he had no hope of navigating successfully, clearly he did not. Rather, he should be defended against having the prosecutorial powers of the city leveled against him and being deprived of his freedom for many months over a matter that should have gone no further than the termination of his employment.

Re:anyone here who defends this man

[schon]

So what you're saying is that because he was accused of something, he is automatically guilty even though the accusations where later withdrawn?

I sure as hell hope that you never wind up on a jury for *anyone*.

Re:How so "stolen"?

Nah, more like the chauffeur refusing to give the keys of the Rolls to the empty headed daughter. He did hand them over to dad.
Heh, that's nearly a car analogy.

Re:Childs should get twenty years

[Coren22]

so you would rather that he broke the policy that was given to him with regard to passwords and let unauthorized people have access? The city policy only allowed him to give passwords to the Mayor, which he did as soon as he was allowed to. If you are fired, and some random people ask you to give up the password, would you? If you say yes, then you will end up at the wrong end of a lawsuit, as that would make you criminally culpable in whatever havoc those people caused on the network.
   

For the love of God...

[L4t3r4lu5]

Will people please stop posting that Terry Childs was "being an ass about it"?! He didn't give up the passwords to his supervisor because policy prevented it. It would be a breach of contract (potentially criminally negligent) for him to divulge the passwords requested to anybody but the Mayor.

Guess who got the passwords as soon as they asked? That's right!

THE MAYOR.

End of subject, folks. Stop posting about him "being an ass" or "getting what he deserves" or "setting a bad example." He set the best example by not caving in and handing the "keys to the realm" to some new face he didn't know the technical knowledge of, and was specifically prevented from releasing by the very policy which kept him employed.

This is a PR campaign to save face and nothing else. Someone high up the food chain did something idiotic (calling the police instead of HR / legal dept) and blew things out of proportion. Now they have to see it through, or they'll look like fools and lose their jobs. CYA territory.

I hope the lot of them are fired, and Terry gets to sue every last one.

Re:Why is this guy being treated as a Martyr to IT

[jc42]

Bail should be set as a deterrent to flee before a trial is finished, not to keep someone indefinitely in a cell.

And this is probably why they did it. His bosses probably knew (or were told by their lawyers) right off that they didn't have a chance of convicting him of anything. So they used one of the standard legal ruses to keep him in jail while they delayed the trial. It's not especially unusual for people to be jailed before a trial for longer than the longest legal sentence. It's even done when conviction couldn't get a jail sentence at all. The idea is to keep someone in jail as long as you can, by any means that will work. Then it doesn't much matter if the court exonerates them; you've shown that you can incarcerate them sufficiently long without a trial.

Parts of the US Bill of Rights were designed to prevent this sort of imprisonment. It hasn't worked very well in this case. And it's not the first time that such things have been done in the US. Anyone not aware of this problem is naive and ignorant of history.

The only real question is whether he can get restitution from the courts afterwards. History says he probably won't.

This sort of story is why I gave up on security/admin jobs early on. I read some stories similar to this, and figured out that the non-technical people above my immediate boss were highly likely to pull such stunts, perhaps with me as a chosen victim. The only way to win that game is not to play it, because the higher ups can see all the cards and do all the shuffling. Of course, when I and thousands of others started figuring this out, it inevitably led to our current sorry state of widespread computer insecurity.

One thing we might add to this story is a question about whether SF will be able to hire a competent person to replace him. I certainly wouldn't want to interview with them, except maybe to see if I could get some inside information about their current policies (after which I'd simply ignore any job offers).

One thing I'd suggest to anyone in his position: If your superiors demand that you give admin passwords to non-technical people, you should hand in your resignation along with the passwords. Tell them right out why you consider this a threat to your own legal safety as well as the computer systems. Chances are they won't be surprised, because they knew what was planned. After all, anyone with the root passwords can edit any file and fake lots of evidence, including the timestamps on files.

Re:Childs should get twenty years

[natehoy]

I worked for a company that performed services for companies that had a lot of personal information. Our systems were kept pretty tight.

For a while, I was the only IT person in the company. I had the primary passwords for much of the company's infrastructure, and the policy manual that was worked up allowed me to give those passwords to two other people on request - the President and my departmental Vice President of the company. The VP was three rungs up the ladder from me.

Neither had the chops to do anything with the passwords, but of course they could easily have hired someone who did. I also had to keep the current passwords in an offsite lockbox at a local bank and only the three of us had access to that box. That way, if I got hit by a bus (or terminated for cause, quit under suspicious circumstances, or whatever) the company could continue operations smoothly.

My boss's boss walked in my office one day and asked for a password for one of the main systems. After a long, involved, and rather unpleasant conversation, I was threatened with termination if the passwords were not handed over. As I started to pack my crap up, the President walked in the room and thanked me for my diligence in following security protocol. It was a surprise audit. I don't think I would have been terminated if I had handed over the passwords, but I'm sure my clearance to possess them would have been revoked in a very large hurry. And that would have been the correct action to take.

There are circumstances where you DO NOT have the authority to give information to your boss. If there is a policy against it, the policy trumps your boss's ability to ask you for the information.

I don't know for sure the policies in place at this particular department, but it is very possible that the boss was not authorized for that information. Passwords and security information do not necessarily follow the chain of command - they follow a chain of responsibility and/or trust, and that isn't always perfectly aligned with the chain of command. If Childs' boss was not authorized for the information, he did the right thing in insisting that the information be turned over to the people his security protocol manual specified.

If Childs' boss WAS authorized for the information by policy, and Childs honestly felt the boss would misuse the information for something illegal and/or was gunning for Childs, then his actions may or may not be justifiable in this case - he's going to have to produce some proof that his boss had an illegitimate purpose. That could be tough.