Slashdot Mirror
Terry Childs Denied Motion For Retrial
snydeq writes "The former San Francisco network administrator who refused to hand over passwords for one of the city's networks has been denied a new trial and is expected to be sentenced Aug. 6. Terry Childs had been due for sentencing Friday but the court instead heard two defense motions, one requesting a new trial and the other for arrested judgment — essentially to have his original conviction overturned. The motions were both denied but the court then ran out of time before the sentencing phase could be conducted."
Given the byzantine nature of the case, I have little doubt it will be appealed until his lawyers realize he's run out of money.
Withhold a password, go to jail.
Not really sure that justice was served here but the guy really was a first-rate dickhead.
This ain't rocket surgery.
Huh? Is the Judge an hourly worker? Did (s)he have to punch a timecard? What am I missing here?
Guy does his job even AFTER he's fired and he goes to prison for it? Ugh.
Sure he had a god-complex, but then again he designed the system from the ground up and was tasked with making it secure. I'd say he went above and beyond the call of duty. This is a notice to network admins that your bosses don't want security or good workers. They want "Yes!" men.
"There is a way that seems right to a man, but its end is the way of death." Proverbs 16:25 (NKJV)
August 6, 2010 will be exactly 65 years after the first Atom Bomb was used in war.
A new kind of security threat? Needs a shrink to solve?
I hate being bipolar; it's awesome!
that is the high security mode that is used some times and they did not use this he just turned off the password recovery forcing you to do a full reset to get back in.
A couple summations:
Let's see:
Terry Childs:
City of San Fran
So I recommend that Terry Childs be put to death just for being a jerk and to make sure non of us ever have to work with him again/interact with him again. Then we fire the City of San Fran CIO and forbid him from ever working in IT again.
(bangs gavel)
Advice: on VPS providers
Dangerous ground indeed. And I suppose you have a MiB flashy thing to erase his knowledge of the network too? After all that is company property...?
Was sentencing delayed because Friday was System Administrator Appreciation Day?
His and your mistake was/is to assume that Slashdot approval equals to Real World (RW) approval (also to remember Hans Reiser trial).
Another examples of RW denial and lunacy at Slashdot are denial of Windows' success in past and denial of iPad's success in present (and those denials ate not over yet).
Remember kids: geeks are really bad in RW smartness. If Slashdot screams "ZOMG! SELL!!!", you buy. And if t's a call to buy, you sell. PROFIT!
Firstly, unless you work in Military or classified networks, I can pretty much guarantee that every IT person uses their home equipment to perform remote admin. Secondly he was a network admin, he's bound to have a few TCP dumps or copies of DBs lying around. Thirdly, every bit of information spouted by non IT-literate managers and spokesmen, has gone through several layers to get to them, so unless it's a tech publication with an inside source take it with a pinch of salt. Finally if he'd been hacking into other city employee's accounts they would have charged him with that.
We don't know what state each device was in. He did have some systems setup with no, or minimal, boot config. Others had recovery disabled. Rebooting them is asking for trouble.
These kinds of (defense) motions are pretty much rote - and for that reason rarely granted. Don't make too much of the fact that they weren't granted.
If you work for the government, expect to be tried and jailed
If you don't like those consequences don't work for the government
This applies to all government jobs
My integrity is worth breaking the rules, but I know that if I rebel against the system in power, it's not likely that they'll publicly appreciate it.
Fight for civil rights or stand up against what you believe to be a corrupt and incompetent system that will only put public information in danger-- either way, you're going to get hurt.
A good person knows this, does it anyway, and just hopes that history can tell the difference between criminal and person with a good cause.
snydeq, tell your puppetmasters at InfoWorld to just give this a rest, won't you? Childs was the kind of uber-dickhead SysAdmin that even normal, run-of-the-mill garden-variety dickhead SysAdmins are afraid to associate with lest they appear as parodies of the type.
He didn't have a higher calling. He's not Batman. This ain't no Ayn Rand novel. He was fired and refused to release property that belonged to his former employer. Period, end of story.
And it *would* be the end of the story if the friggin' Drama Club at InfoWorld would stop flogging it on slashdot..
If I remembered it right, he left the routers with the config just in memory (like running-config on a Cisco). I'd guess the startup config was enough to bring it online, but not enough for it to do it's job. Sounds like a pain in the ass though, if someone were to accidentally unplug a cable at the datacenter. Not only do they have to wait for it to boot back up, but they also have to wait for him to send up the working configuration.
Ya, it'd be a job of getting into machines and cleaning up, but it's not like it's an impossible job. It wouldn't be a job I'd want, but I'm sure there was someone there who knew enough about the network to make educated guesses at the correct configuration.
Serious? Seriousness is well above my pay grade.
He was a front-lines IT grunt. His job was to do whatever his superiors told him to do, barring any requests to do something illegal. If his superiors order him to open the admin interface to the outside world, and change the password to "password"... other than requesting that the demand be put in e-mail to protect his name, he is supposed to do so.
Exactly what criminal law would not allow him to turn passwords over to his management on request, no matter how unqualified they are? None.
Holding your employer's equipment hostage pending an audience with the mayor? Yeah, that was, and is, criminal. It's called extortion.
SirWired
let them outsource
Some were, some weren't. He learned about "no service password-recovery" and thought that was sufficient to keep people from messing with the device and so saved the config. But not all devices support that. And we don't know which are setup like that and which aren't. I'm not rolling those dice.
http://www.cio.com.au/article/255165/sorting_facts_terry_childs_case/?fp=&fpid=&pf=1
The hit by the bus scenario or wants job security comes to my mind in all of this foolishness...
password is password, account is account
How much bollocks can you spew? As well as all the other crap,
a) no, but the passwords couldn't be given to his boss, and couldn't be given over the phone to ANYONE. Those were the rules as written, if you think they're dumb, then you should sack the mayor and manager, not Terry
b) No, he didn't install backdoors. Got anything at all to back that complete bollocks up with? He *did* stop the password reset being allowed over the internet (crackers use the internet. Real employees will have keys to site).
Nope, it changes a lot, if you're not partisan.
* God complex and delusions of grandeur
No evidence. He WAS better at his job than his bosses were at theirs, though.
* Anger management
And did Terry get his boss arrested for cracking? No.
* Obsessive/possessive
Did terry get his boss arrested for keeping "his" passwords? No.
* Paranoid
They were out to get him.
* General creepy behavior
Ooooh! scary!!! Does this even count as a point?
City of San Fran
* Poorly managed IT by definition when only one person knows the passwords to your routers
And demanding a breech of the rules (disclosure of passwords over the phone)
* Budget cuts reduced IT to impossible support levels
You forgot:
* God complex and delusions of grandeur
His boss thought he could DEMAND the passwords. His boss thought he was above the rules
* Anger management
His boss got him thrown in jail because Terry didn't respect his authoritah.
* Obsessive/possessive
Boss thought Terry (after sacking) was still "HIS" employee and the passwords HIS possession.
* Paranoid
They thought Terry was trying to blackmail them.
* General creepy behavior
this entire escapade.
So that would be 1-7 against SF.
the city of san francisco could have decided to hand out the passwords to homeless people and plaster them on freeway billboards. and? who cares. the point is, the passwords were the property of the city of san francisco's, not terry child's. the story begins and ends there
that san franciso would poorly manage network security is almost a fact. i would wager good money on their network being compromised. again, who cares: completely besides the point. terry childs had no right to assert himself as an authority, regardless of how right or wrong he was. therefore, he deserves to be punished for believing he had authority that anyone with a normal ego would understand they do not
i wish people would stop defending this guy. we have enough egomaniacs in this world ruining it. why some slashdotters can't see that terry childs is the exact same kind of egomaniac is beyond me
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
If the city had done that, they would be in jail for security violations, breech of conduct and fined billions.
Terry had a duty to give the passwords to the AUTHORISED person in an AUTHORISED SITUATION. And for following his duty, they jailed him.
accord to terry childs
self-appointed dictator, following his self-appointed duty, of policing san francisco's network policy
he was an egomaniac who overstepped his bounds, and for that, he was jailed, and rightly so
why do people continue defending this asshole?
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
"Childs had processed requests from authorized people before"
Really? One such authorised request came under the "not in front of anyone who isn't authorised to have the passwords either".
Got any link for your assertion?
And how does an AC get modded up for Bollocks like this?
or more exactly, the security system for THEIR network, which the password was the key to
terry childs is like the auto mechanic in that seinfeld episode from the nineties, who doesn't think jerry is treating his car well enough, that he slaved so many hours repairing, so he steals his car. funny on tv, not funny in real life
yes, terry childs and the auto mechanic put a lot of hours and love into their technical efforts. but this in absolutely no way gives them any right to assert any authority
why the hell can't some slashdotters understand this simple concept?
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Terry didn't try to do anything to or with the network. So, by YOUR assertion of deserving jail, Terry doesn't deserve jail and isn't a criminal.
"and every password to everything; all of which will be changed immediately"
Well, they have to do it because after they were given the password to the network, they published them in public.
I guess that the network admin who took over and the prosecuter of this case are both criminals and need to be thrown in jail...
What really confuses me is the vitriol against Terry here, even to the extent of COMPLETELY MAKING SHIT UP just to "prove" he's a crim. Why???
But there's no indication that he's a thief or a scumbag.
This is actually not quite true. Check out Terry Childs juror explains why he voted to convict:
IDG News: Going back, what was the one step he could have done to avoid prison?
Chilton: If he would have simply said, "I will create you an account and you can go in and you can remove my access if you want." If he had created access for someone else, I think that would have resolved it. If he had not decided to leave and go to Nevada a few days later and withdraw US$10,000 in cash, [Childs did this the day before his arrest, while under police surveillance] I think the police may have let it continue on as an employment issue and not a criminal matter.
They don't grade fathers, but if your daughter's a stripper, you fucked up. --Chris Rock
for the world. you can't carry your weight, and the weight of incompetents
understand your boundaries. speak your concerns to the people in charge, and let it go
you don't solve problems by assigning yourself authority you don't have
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Another examples of RW denial and lunacy at Slashdot are denial of Windows' success in past
It depends on what you define as success. I personally haven't heard anyone here deny Window's financial and marketing success in the past. If you read carefully, you might notice that most criticism of Windows is of a technical nature. Things like BSOD and swiss cheese secutity, which most Windows users simply accept as normal, are for technically advanced "geeks" not exactly signs of success.
He gave the passwords to the mayor....
He should have negotiated a plea bargain. The passwords, for release, or a light sentence.
He threw away his only bargaining chip, and let a case go to trial, with odds against him.
Since when does the employment contract for a front-lines IT grunt include the specific password policy for the equipment the grunt will be maintaining?
Do you have a link to this contract?