Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rough Justice For Terry Childs

Posted by timothy on from the might-not-like-the-aftershocks dept.

snydeq writes "Deep End's Paul Venezia sees significant negative ramifications for IT admins in the wake of yesterday's guilty verdict for Terry Childs on a count of 'denial of service.' Assuming the verdict is correct, Venezia writes, 'shouldn't the letter of the law be applied to other "denial of service" problems caused by the city while they pursued this case? In particular, to the person or persons who released hundreds of passwords in public court filings in 2008 for causing a denial of service for the city's widespread VPN services? After all, once the story broke that a large list of usernames and passwords had been released to the public, the city had to take down its VPN services for days while they reset every password and communicated those changes to the users.' Worse, if upheld on appeal, the verdict puts a vast number of IT admins at risk. 'There are suddenly thousands of IT workers all over the country that are now guilty of this crime in a vast number of ways. If the letter of the law is what convicted Terry Childs, then the law is simply wrong.'"

4 of 418 comments (clear)

  1. Re:Not trying to be a troll here, but... by TENTH+SHOW+JAM · · Score: 4, Informative

    If the superintendent of a school district says - "Whats the password for root on the server?" You tell them.

    No you don't. Ever. You say "Go to the safe and get them yourself. Don't forget to sign the register." When Superintendent bleats that it is needed NOW! your answer is to point them to the safe. Terry Childs did not put the passwords in the safe and deserves to go down for that.

    --
    A sig is placed here
    To display how futile
    English Haiku is
  2. Re:Not trying to be a troll here, but... by MushMouth · · Score: 5, Informative

    According to the network engineer who was a juror on the case (so I am guessing that he knows far more details about it than you or I)....
    He didn't refuse to just give his "password" but to give any access at all to the core routers, removed any way of password retrieval without doing a full system reset, and would not provide the configurations to these routers.

    On top of that, there were emails and witnesses that made it appear that Childs was doing this all to make it such that only HE had access.

  3. Re: Initiative by biryokumaru · · Score: 5, Informative

    Actually, this is the best thing I've read on the subject, by far.

    --
    When you're afraid to download music illegally in your own home, then the terrorists have won!
  4. Re:The case is very simple by nomadic · · Score: 5, Informative

    The way I read it, he was following the policy (law) to the letter.

    He was required to store system passwords in a central repository. He violated the policy by failing to do this.