The sysadmin accused of hijacking San Francisco's network may have surrendered the passwords needed to regain control of key parts of the system, but the move hasn't gotten anyone very far. A judge has refused to lower his $5m bail, and officials say they are still locked out of some portions of the network. The decision came …
And it isn't Friday (yet)
I suppose Simon would be proud.
Of course, as any BOFH knows: ALL managers are stupid. That's why they were promoted to the position!
It's only a matter of time...
...until he is classified as a terrorist and shipped off to Gitmo.
Are we sure
that they aren't locked out because of inability of supposed "engineers" and managers to type properly? Anyway, it isn't hard for them to continue to feign being locked out to take revenge on him for doing his job.....
*mines the one with the big target on the back*
I wonder what they'll do to him if he can't remember all the passwords...
He is charged with counts of tampering with the city's network.
How about some stand-up reporting for a change and post the real actual charge, chapter and verse?
How the f**k can a single person wipe out so many critical networks covering such a wide range of functions?
Sounds to me this is a case of incompetent network design.
It reminds me when I stayed in San Fran for a couple of weeks some years back, one morning a considerable part of the city had lost power.
The cause? A former employee still had door keys to a power distribution station and took it upon himself to wipe out the electricity supply.
They just seem to be so completely inept, it's unreal.
You see all these horror stories, films where hackers wipe out infrastructure services using the internet and you now realise: this could only happen in America. The risk is real.
Am I being Stupid or something.....
Is it really possible to rig a network to fail in the event of a power failure, or if someone carries out maintenance on it. I'd love to know how, has this guy actually gone into every network device and modified the internal code ?
Come on Reg. Let's have an analysis on what he might have done and how he might have done it.
"to protect the system from incompetent managers"
Is there any other kind of manager?
Posted AC coz my boss maigh be reading this...
A network adminstrator charged with "tampering" the network
I'd have thought configuring the network to meet requirements was part of his job description.
"Childs, 43, has been jailed since July 13 on four felony counts of computer tampering.." from the second link to the story on a US site.
Whats his physical location,...
And can we overnight a Register or BOFH t-shirt to him? Think of the publicity!
Still went ahead with scheduled power cycling?
>prosecutors said during a hearing Wednesday that Terry Childs intentionally rigged >the network to fail during maintenance or any time it experience a power failure.
>Childs's decision two days ago to cough up the passwords during a jail-house visit
>by San Francisco Mayor Gavin Newsom came only after a scheduled power outage
>on July 19 failed to trigger the meltdown
So they went ahead with a scheduled power cycle, even though they were under the impression that it would seriously foul up their network?
So either they hoped it would happen, to give them more ammunition for their case , or they were too stupid to work out the consequences of what they were doing, or they're lying.
The Cisco Kid
Apt name for the Childs.
Originally the hero of the silver screen was a murdering criminal of the lowest kind. Soon histrory saw him as an hero.
Politics is ever thus.
Well, they'll let him out Tomorrow
It is sysadmins appreciation day after-all (http://www.sysadminday.com/).
@ Am I being Stupid or something.....
Yes. You haven't been following the whole story. Childs doesn't keep the config for all the devices written into their NVRAM. Every time a box reboots, he has to re-load the configuration (There was some suggestion that Childs may even have deleted these copies of the configs, so it wouldn't be possible to reload them as they don't exist any more). For some of the more remote units he allowed the config to be stored in NVRAM, but with a no service password recovery command.
The network is still working
So all he's done is prevent the non sysadmins from accessing sensitive devices.
Sounds like the right thing to do to me. Principle of least privilege and all...
Thank god he did not use CentOS
As we know from the Tuttle experience, US government managers can jump to the wrong conclusions
@Am I being Stupid or something
The guy configured the routers but then purposely didn't write the config to memory. So when the power goes off they come up blank and they had to call him out to download the config from his PC. He was the only guy on call and the only guy with the passwords so no one new the configs except him. He thought he was god essentially.
Jerk more like
Reset the passwords
You'd have thought that someone else in San Francisco knows how to reset a router/switch password locally. Must have done something unpleasant to the memory to and left the config in flash so they carried on running, so the only way they would boot would be via the network.
So waterboard the chump until his gives up the passwords to the server with the network configs and config brand new devices to replace they ones he's "tampered" with.
See? easy. Now there is the unpleasant matter of my bill.
@ Am I being stupid
"Is it really possible to rig a network to fail in the event of a power failure"?
Apparently he didn't bother saving the routers configuration to the flash memory so the configuration would have been wiped if the power was cycled.
Someone posted a link yesterday to an article which had an interview with one of his workmates who shed a lot more light on the whole situation.
surely it would be possible for the maker of any kit involved to access the device, read the config in NVRAM and write it out to a file and reset the password?
i am over-simplifying something i dont understand?
Now , if its was OS X, you could simply boot from the CD and use the 'Reset Password' Utility....
If he gets shanked whilst banged up...
...they really will be up shit creek. Why don't they get someone to redo the design of the network and replace the lot? Surely he isn't the only CCIE in SF?
I once had a contract where I had to move a network and a bunch of systems where the sysadmins responsible were being made redundant. Needless to say, they didn't provide anything - passwords, diagrams, etc. I broke into the systems and figured out how everything was connected and then re-invented the network in the new location.
"Thank god he did not use CentOS"
Just checked out the Tuttle story. I then checked their website and Taylor has been replaced by "Don Cluck".
A little too close to 'dumb f**k'?
Mine's the one with "I know all about public sector IT" on the back...
Conflict of interest
Is it just me, or is there an inherent conflict of interest in this case?
Is the judicial / court's network part of overall city network which Child's was managing? If so, it would seem pretty darn easy to prove a mis-trial in a higher court as the judge would not be impartial to the proceedings.
SF Sysadmin might have been correct.
See this link for another viewpoint, from someone who knew the man:
Being an admin myself, I might agree with the guy.
Password reset not so easy
In order to reset the password when the current is unknown would require a reload (reboot). Thus if they cannot write running-config to NVRAM or even view running-config then the password reset would work great but they would have a factory reset device after boot up.
Yo SF guys!
If you are reading this ... try:
working? no? what a shame lol!
In the end, it will be shown that he was arrested wrongfully and he will end up suing the city for 5 mil...
A case example...
This incident illustrates why information security and IT audit people keep harping on "segregation of duties" and "dual control."
Maybe some psychology grad student would like to explore why so many network admins/architects are so secretive, but until then, I offer a layman's explaination of what I call: "Ciscoitus."
Ciscoitus: A form of obsessive-compulsive/paranoid persecutory disorder generally afflicting only network administrators and architects, marked by paranoid persecutory delusions that any disclosure of the configuration details of technology (routers, switches, etc.) under their control will result in unjustified and irreparable harm. Behaviors often attributed to this disease are:
1) Compulsive and unremitting need to be constantly aware of the state of the technology under their control. Usually manifested by the construction of various methods of self-torment, such as systems that transmit pages and emails in the middle of the night to notify the afflicted party of subtle or irrelevant events.
2) Concealment of any relevant details of their designs based on the irrational fear that peer review will result in persecution.
3) The irrational but firmly held fast belief that knowledgeable persons in roles of authority (quite often represented by the cohort group of information security practitioners) have conspired to belittle their intellectual efforts.
4) The need to implement technologies of ever-increasing complexity having no actual practical benefit (see definition: MPLS) in order to support their internal concepts of grandeur and to justify their advancement (see definition: resume padding) to positions of greater authority and control.
5) Extreme social isolation and self-imposed social constraint to only those persons who speak the Internetworking Operating System language. Profound behaviors of tribalism and xenophobia to those perceived to be outsiders.
Sounds like a job for Adrian Monk.
"Monk and the Sysadmin".
They cannot blame him for everything - there is no way one person could be running the whole show and then get fired for incompetence, could there?
You know that global warming thing, I hear it is all due to some sysadmin guy in SF, yeah responsible for both world wars as well.
- Nokia: Read our Maps, Samsung – we're HERE for the Gear
- Ofcom will not probe lesbian lizard snog in new Dr Who series
- Kaspersky backpedals on 'done nothing wrong, nothing to fear' blather
- Too slow with that iPhone refresh, Apple: Android is GOBBLING up US mobile market
- Episode 9 BOFH: The current value of our IT ASSets? Minus eleventy-seven...