Terry Childs, the San Francisco sysadmin who locked the city out its own network, is going to prison. He was sentenced on Friday to four years but has already served over two years in custody, which will be deducted from his sentence, IDG reports. Childs refused to hand over passwords for the city's network, claiming his boss …
I sort of have a sneaking sympathy...
... for this guy. I have had bosses who insisted on having the root password, though the idea of them logging onto the system kept me awake at night. Still, he might have gone about it another way - I'll think of something :P
I do and I don't have sympathy
I have sympathy because it appears he was dedicated and did architect the network which in itself is an achievement. On the flipside he acted like a paranoid jerk who was deliberately hording knowledge rather than sharing it with people who legitimately needed it. I'm not surprised he got the sack or that he carried it the the extra distance to turn it into a felony.
Terry Childs, the sysadmin who didn't locked the city out its own network
Sorting out fact from fiction in the Terry Childs case
.. the city had claimed it could not access the FiberWAN network's devices. But four days before that bail hearing, the city claimed it had scheduled a power outage at the 1 Market Street datacenter. That power outage would have affected routers and switches running the FiberWAN network.
In the court filing four days later, the city contended that Childs had "booby-trapped" the network to collapse during this power outage by not writing the device configurations to flash on some number of routers. A local news report stated that "experts caught the problem in time and transferred data to permanent files, [Assistant DA Conrad] del Rosario said."
This statement contradicts the city's stance that it had no access to these routers, as there is no way it could have written those configurations to flash, or save them anywhere, on July 19 if it could not access the devices ..
The confrontation that started the standoff
"On Friday, June 20, there was an altercation between Childs and Jeana Pieralde, the new DTIS security manager at the 1 Market Street datacenter in San Francisco. Until her promotion, she had been a city network engineer who worked with Childs"
"Childs disputed this interpretation of events, claiming in court documents that Pieralde was conducting clandestine searches of DTIS employee workspaces and had removed a hard drive from an office when he confronted her. He also denied taking photos of Pieralde"
"the city stated that Childs was placed under surveillance [infoworld.com] and was arrested on the evening of July 12 as he was parking his vehicle near his home in the suburb of Pittsburg. At the time of his arrest, he was found to have $10,000 cash on his person and receipts showing that he had traveled to Sparks, Nevada, where he had looked at renting storage units. Following his arrest, police searched his house and workspaces. Police turned up 9mm and .45 caliber bullets, but apparently no weapons"
"Considering that normal bail for a murder case is $1 million -- one fifth of what Childs' bail was set at -- this filing was unexpected"
"it is a mystery what exactly Jeana Pieralde was doing performing an unannounced, after-hours "security audit" in a City office other than that in which she herself worked. It was during that secret "security audit" on the evening of Friday, June 20th, 2008, in which Jeana Pieralde took a hard drive from another City employee's office and was photographed by Terry Childs as she did so"
"The office from which Pieralde removed the hard drive belonged to DTIS Security Officer Nancy Hastings (who naturally was not present in the office because the "security audit" was being conducted after hours.)" "Terry Childs had returned late to the offices (which do include his office and do not include Jeana Pieralde's office) at about 5:15 P.M. to find Jeana Pieralde (who does not work in those offices) taking a hard drive [wordpress.com] from one of Terry's co-workers offices. Terry photographed this act with the camera in his cellphone"
Rings a bell
Lets not look at Childs in a wholely good light though shall we - from the same article -
"... the city's court filings claim that police found an ID badge and access card of one of Childs' colleagues in his house, and that Childs had lists of usernames and passwords of other city employees, including his direct supervisor, Herb Tong. Childs' having these materials may be difficult to justify, if true. Some of the city's statements on Childs' network configurations indicate that his approach to network security bordered on raw paranoia. "
Some things seem clear from all this, but again only comes from interpretation of court documents (nobody ever lies in court, right!?), Childs was left in a position he shouldn't have been in, the only competent network admin in the whole organisation, almost a certainty, its the same where I work for certain servers/services! Furthermore he developed it from the ground up by the looks of things, and it was his baby. But no matter how you look at it, the good people of San Francisco PAID for the network, and PAID him to install it. He had no right to claim it as his own and deny his superiors the passwords, no matter how incompetent they were. If his head were properly screwed on he'd realise that he should pass on the credentials to them and let them screw the network up - and they'd take the responsibility for it.
There are many grey (and totally opaque) issues here, just what happened between him and Pieralde that day? Just how much of a total hormone induced whacked out bitch is she? Why did he have other peoples logins!? And why did he go out to Sparks, Nevada and stash some stuff? This confuses a lot of things and probably wont ever be untangled.
The DTIS are certainly, making lots and lots of false claims that he had the destruction of the network on his own mind - its clear he loved it too much to do that.
I just get the distinct impression that he lost his perspective on the matter. He didn't want to see his network torn to shreds by his idiot co-workers so he restricted them access. Its clear that he should have just left them to their own devices and let them do their worst, if anything.
Signs of an (at least) slightly disturbed person really, but he probably shouldn't have had everybody come down on him so heavily as the crime doesn't really match the time - 4 years too long!
I think he did the right thing here. His job is protecting the network; and he did that.
Not doing his job
Any network administrator who thinks he's irreplaceable, is the only one who can administer the network and is the only one with the access passwords, is most certainly not doing his job. He is recklessly exposing his organisation to the enormous risk of a single point of failure.
But it's not his network.
Kept in jail for two years while they decide if he is guilty of a crime which would be punishable by 2 years in jail?
They could have saved a lot of money by just jaling him for two years without trial. Justice delayed is justice denied.
Lesson to all sysadmins,...
its not just enough to be right technically, you have to be robust politically.
Terry was probably correct that his boss was the wrong person to hold these passwords, and that the sneaking around of a security person on an unofficial audit was bad, but he has not got the evidence / force of character / leverage / political support to push this issue through to justify his actions. Hence why he is in klink now.
Now if he had evidence of clearcut illegality, or knew of some that could force someones hand, or a sharp legal mind and buckets of charisma, or his uncle was the Mayor, then he would be home free.
Learn to recognise when they are holding all the cards, and when to fold.
Which is why he should have stated his concerns in writing to his boss, his bosses boss etc..... And if all else failed - then he should have resigned, and in the exit interview stated his reasons in detail. Continuing to work with those concerns would not have looked good on his CV if his boss was as unsuitable as Childs seemed to believe, and you can bet that in a degradables/fan interface moment, it would be Childs carrying the can. Jeez, ask for a transfer even.....
Even then, the guys thinking seems more than merely paranoid. Hording usernames and passwords ?
Then again there's an uncomfortable smell about the whole case. The amount of bail, the differences in accounts of events...... I smell politically driven individuals backed into a corner engaged in "Cover Your Ass"......
US justice at work ..
> Kept in jail for two years while they decide if he is guilty of a crime which would be punishable by 2 years in jail?
No, keep him in jail until he cops a plea, US justice at work ...
To get back some passwords? O.o
"Hmmmm, we believe he might have stashed them away on a cruise liner in the Caribbean so, naturally had to check. The Blackjack table was found to be part of his cypher and it was too tough for us to crack"
For that, couldn't they just hire a whole tech support team and just hit the factory reset button, if everything but the passwords was well documented (as it should be) wouldn't take long at all to sort out...$900,000...
900,000 my a__
The mayor went to the jail house. Childs gave him the passwords voluntarily. His sentence is overly harsh. There are rapists in California who've done less time. Worse, no damage was done. I agree, however, that its his duty to make those passwords available to his superiors no matter what. If he fell off a curb and got run over by a streetcar and killed, the city would have been screwed. There was no excuse for his actions. He should have been looking for other employment.
just send them the passwords
And then change them the day after.
passwords for jerks...123abc
"Childs had lists of usernames and passwords of other city employees, including his direct supervisor, Herb Tong. Childs' having these materials may be difficult to justify, if true."
He probably got one to many of the calls that I find so familiar, 6 months after setting up users networks. "do you remember when you set up our network 6 months ago, what was the password?"
I still think his managerial chain was clearly incompetent to let this situation occur, what about disaster recovery tests where he's not allowed to be involved to simulate "loss of critical staff", they clearly hadn't been happening...
No matter how secure a network and server architecture is, there should never be a situation where ONLY ONE person has full administrative access. Even if its just a brown envelope in a fire proof safe opened once a year and updated, you shouldn't ever have the situation San Francisco found themselves in and that is a managerial failure. If he'd been knocked down in the street they would have been in the same situation...
And as for system admin's being paranoid... part of the job specification is to be paranoid! Without being paranoid far more systems would be compromised around the world!
All that being said though to refuse to hand over the passwords when you've been sacked and then jailed is patently someone who is not quite on the right side of sanity...
There is no I in team. There is also no "Its my network" in NOC.
I have experienced both sides of the argument. On the one hand I have had incompetent managers who wanted the root user name and root password. I have also worked with people who built the network themselves, and everyone else was too incompetent to be given any access.
In the first case, as a network admin, you advise Management you dont think it is a good idea such and such gets the passwords. If he f%#ks up the system, you can say "I told you so", and estimate how much overtime it will take to fix it.
In the second case, I worked with a guy who believed everyone else in the company was too incompetent to work on 'his' network. He didnt give any one access to anything, he didnt let anyone make any mistakes, and therefore no-one learnt anything from him. He had all the keys, he had all the passwords. Even simple things like setting up PTR records, he was the only one who did them because he didnt want anyone else logging into servers. The result was a massive backlog of requests, and while he didnt take holidays, if he was hit by the number 46A bus in the morning, the company was screwed.