I suppose Simon would be proud.

Of course, as any BOFH knows: ALL managers are stupid. That's why they were promoted to the position!

...until he is classified as a terrorist and shipped off to Gitmo.

How about some stand-up reporting for a change and post the real actual charge, chapter and verse?

Is it really possible to rig a network to fail in the event of a power failure, or if someone carries out maintenance on it. I'd love to know how, has this guy actually gone into every network device and modified the internal code ?

Come on Reg. Let's have an analysis on what he might have done and how he might have done it.

Is there any other kind of manager?

Posted AC coz my boss maigh be reading this...

I'd have thought configuring the network to meet requirements was part of his job description.

"Childs, 43, has been jailed since July 13 on four felony counts of computer tampering.." from the second link to the story on a US site.

Yes. You haven't been following the whole story. Childs doesn't keep the config for all the devices written into their NVRAM. Every time a box reboots, he has to re-load the configuration (There was some suggestion that Childs may even have deleted these copies of the configs, so it wouldn't be possible to reload them as they don't exist any more). For some of the more remote units he allowed the config to be stored in NVRAM, but with a no service password recovery command.

So all he's done is prevent the non sysadmins from accessing sensitive devices.

Sounds like the right thing to do to me. Principle of least privilege and all...

You'd have thought that someone else in San Francisco knows how to reset a router/switch password locally. Must have done something unpleasant to the memory to and left the config in flash so they carried on running, so the only way they would boot would be via the network.

So waterboard the chump until his gives up the passwords to the server with the network configs and config brand new devices to replace they ones he's "tampered" with.

See? easy. Now there is the unpleasant matter of my bill.

"Is it really possible to rig a network to fail in the event of a power failure"?

Apparently he didn't bother saving the routers configuration to the flash memory so the configuration would have been wiped if the power was cycled.

Someone posted a link yesterday to an article which had an interview with one of his workmates who shed a lot more light on the whole situation.

...they really will be up shit creek. Why don't they get someone to redo the design of the network and replace the lot? Surely he isn't the only CCIE in SF?

I once had a contract where I had to move a network and a bunch of systems where the sysadmins responsible were being made redundant. Needless to say, they didn't provide anything - passwords, diagrams, etc. I broke into the systems and figured out how everything was connected and then re-invented the network in the new location.

See this link for another viewpoint, from someone who knew the man:

http://www.infoworld.com/archives/emailPrint.jsp?R=printThis&A=/article/08/07/18/30FE-sf-network-lockout_1.html

Being an admin myself, I might agree with the guy.

This incident illustrates why information security and IT audit people keep harping on "segregation of duties" and "dual control."

Maybe some psychology grad student would like to explore why so many network admins/architects are so secretive, but until then, I offer a layman's explaination of what I call: "Ciscoitus."

Ciscoitus: A form of obsessive-compulsive/paranoid persecutory disorder generally afflicting only network administrators and architects, marked by paranoid persecutory delusions that any disclosure of the configuration details of technology (routers, switches, etc.) under their control will result in unjustified and irreparable harm. Behaviors often attributed to this disease are:

1) Compulsive and unremitting need to be constantly aware of the state of the technology under their control. Usually manifested by the construction of various methods of self-torment, such as systems that transmit pages and emails in the middle of the night to notify the afflicted party of subtle or irrelevant events.

2) Concealment of any relevant details of their designs based on the irrational fear that peer review will result in persecution.

3) The irrational but firmly held fast belief that knowledgeable persons in roles of authority (quite often represented by the cohort group of information security practitioners) have conspired to belittle their intellectual efforts.

4) The need to implement technologies of ever-increasing complexity having no actual practical benefit (see definition: MPLS) in order to support their internal concepts of grandeur and to justify their advancement (see definition: resume padding) to positions of greater authority and control.

5) Extreme social isolation and self-imposed social constraint to only those persons who speak the Internetworking Operating System language. Profound behaviors of tribalism and xenophobia to those perceived to be outsiders.

Sounds like a job for Adrian Monk.

"Monk and the Sysadmin".

They cannot blame him for everything - there is no way one person could be running the whole show and then get fired for incompetence, could there?

You know that global warming thing, I hear it is all due to some sysadmin guy in SF, yeah responsible for both world wars as well.