Slashdot Mirror
Fate of Terry Childs Now In Jury's Hands
snydeq writes "Closing arguments concluded Monday in the city of San Francisco's case against Terry Childs, the network administrator charged with violating California hacking laws by refusing to hand over network passwords for the city's FiberWAN during a 12-day period in 2008. Childs was charged in July 2008 and has been held on $5 million bail ever since. The highly technical trial, which featured testimony from San Francisco Mayor Gavin Newsom and Cisco Chief Security Officer John Stewart, has dragged on for nearly six months. By Monday, five of the 18 jurors and alternates selected for the trial had dropped out, and the remaining jurors seemed relieved to see the arguments wrap up as they left the courtroom Monday afternoon. They will return Tuesday to start their deliberations. Childs faces five years in prison if he is convicted for disrupting service to the city's computer system by withholding administrative passwords — a verdict that, if rendered, puts all IT admins in danger."
The written policy was that he only gave the passwords to the mayor in a secure setting.
People besides the mayor tried to get the passwords.
The mayor tried to get the passwords in a non-secure setting.
They grossly over-reacted and were probably trying to violate their own written policies.
If they can force you to violate policies or go to jail for up to 5 years, then you don't want to be in that job since the penalty for violating written policies may be just as draconian.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
Mod parent down. His job was to keep the network secure, and the people demanding the passwords didn't have a right to know them. He told the mayor instead.
This is, of course, after they fired him without demanding the passwords first.
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
Helpful links:
Jul 15, 2008
Aug 23, 2009
Dec 15, 2009
Mar 03, 2010
It's funny that you think you're safe because of policy. As another has already said better, so did he.
Oh, but that won't happen to anybody else, right?
I support the Slashcott and will not be reading or commenting from 2/10/14 to 2/17/14. Beta is steaming pile of dog shit
Though hosted on a San Francisco government site, that document self-identifies as being the product of a trade organization composed of County sysadmins (and it does not list the "City and County of San Francisco" as one of the Counties whose members contributed.) Indeed, "San Francisco" doesn't appear in the document at all.
Can you also post a link to a place on the site where the city says they adopted this document as their policy?
(Also the quoted text doesn't support the allegation that the password was only to be "disclosed to the mayor in a secure setting". "Mayor" doesn't appear in the document, and "chief" only appears as part of "chief information security officer", not "chief executive".)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
The important point is that he was asked to give up that information after he was fired.
Incorrect. Please read the case history before repeating misinformation.
He was just being a dick. He used the policy as an excuse but 'the mayor tried to get the passwords in a non-secure setting' is just fucking bullshit.
Following policy is not an excuse, it's the right thing to do. If the mayor tried to get the passwords with 15 unauthorized personnel within earshot, it's a non-secure setting and he should not have given it up.
The city policy expressly states that you should not give your passwords out to your boss. The only people who were to receive the passwords were those who required the passwords to fulfill their daily job duties. Childs was the only person on staff who fit that description, and as such, it was against policy to give out the passwords to anybody else (except the mayor in a secure setting).
He may well have been a dick, and he probably could have diffused the whole situation, but that doesn't mean he isn't right, and it doesn't mean his bosses should be allowed to throw him in jail for following policies that could very well have landed him in jail for not following.
They aren't nuclear launch codes and it was the highest man on the totem pole.
There very well could have been legal ramifications for handing out those passwords to unauthorized personnel. That includes his bosses.
I've got a news flash for you - in 12 days, management that doesn't know shit about networks can really fuck things up bad if they are allowed to mess with it. They were the last people he should have been giving access to, and anybody who actually works with this equipment knows that.
Imagine what would have happened if he had immediately turned over the passwords, management started mucking about, and they accidentally shut down half the network? You know what would happen then? This guy would have been fired for violating City policy, and possibly held legally responsible for the costs incurred. God forbid anybody should die in the process, then he's really fucked.
The fact is, from what I can tell anyway, Childs did the responsible thing but his bosses went on a fricking power trip and had him thrown in jail without ever following the proper procedure for any of this. The assholes here are the management, even if the guy is a dick.
Admins should just run the country rather than doing their jobs as their told.
Just want to point out that this guy is on trial precisely because he was doing his job as he was told.
Security is mostly a superstition... Avoiding danger is no safer in the long run than outright exposure. - Helen Keller
This keep cropping up in this thread, and I don't know why. The policy is online, and does not contain the word "Mayor", or the phrase "designated agent", or any of the many other things that are supposedly in it. So he did not follow policy in this respect.
What is in the policy is the actual policy for system level passwords, and the enable password for network kit is definitely a system level password. It states:
"All production system-level passwords must be part of the security administered global password management database."
Simple, clear, and Childs was definitely in breach of it: only he has these enable passwords, and did not put them in the database.
For him to argue that the rules for personal passwords applied to system-level passwords and take it to ridiculous extremes - well, this was always bound to end in tears.
Under the very same anti-hacker law that Childs is being tried for breaking, had he given the passwords to the wrong people after his termination he could be held criminally responsible.
In other words, you don't give the keys over to the janitor when you are terminated, you give the keys over to the authorized representative. If he is in a situation where he doesn't know exactly who is authorized, then the right thing to do is to hang on to them until he knows that the person he is giving access to really is supposed to have access. You can get yourself in an assload of trouble for not doing this. To get in an assload of trouble even if you do it puts IT administrators between a rock and a hard place.
Once an authorized representative requested the passwords, he gave them to him. The mayor was almost certainly higher than necessary to get this done, but he may have been the only person Childs knew for a fact was authorized and could and whom he could also verify the identity.
These were passwords to Cisco routers and switches. He didn't lock anybody out, nobody else was ever authorized access in the first place! The first article to come out about this case said Childs changed everyone else's password and only granted himself access. That's patently absurd - the Cisco equipment they were using only takes two passwords - one to get into the router/switch, and one to make configuration changes. That's it. There are no other passwords to change, and he kept them the same accross the entire network. Because there are no other passwords to change, it is absolutely critical that only those who need to know the password know the password. According to company policy, nobody else needed to know the passwords, since he was the only one who worked on the equipment, and therefore nobody else was authorized to know the passwords. The city policy expressly forbids giving the passwords to your boss if your boss is not already authorized to know them.
The way it sounds to me like it happened was something like this: Childs's bosses wanted the passwords because they did not trust him having sole possesion of the passwords. He refused to give them the passwords because they were not authorized to know the passwords. At this point, instead of calling up someone who was authorized to receive the passwords (the CISO, according to city policy) and having Childs give them the passwords, they held a big meeting - including a teleconference - and demanded he give up the passwords or they would fire him. They may have done this because Childs was being a dick about the whole situation, but the fact is even if there was an authorized individual he could give the passwords to at this meeting, he couldn't share because there were unauthorized people present. At this point, they fired him, and when he refused to give the passwords up (because the people asking were still not authorized) they had him arrested under California's anti-hacking laws. They drummed up all sorts of nonsense charges, but the only thing that had any chance of sticking was the password issue, and even then it took a year and a half to build the case. In any case, as soon as he was able to give the passwords to an authorized individual - and only an authorized individual - he readily gave them up.
It's worth noting that things were running smoothly until the guy's bosses were finally able to access the system, at which point things started to break because they didn't know what the hell they were doing.
Kinda makes you think the policy was there for a reason, huh?
Security is mostly a superstition... Avoiding danger is no safer in the long run than outright exposure. - Helen Keller
County policy document
Section 4.1, page 32.
"All production system-level passwords must be part of the security administered global password management database."