San Francisco City Council regained access to its own computer network today after Mayor Gavin Newsom convinced network administrator Terry Childs to give them the passwords. Childs is in jail until he can raise $5m in bail. He is accused of blocking all access to the city's network and routers by resetting passwords. He …
This report shows only half the story. This Admin didn't steal or re-set any passwords. He had possession of the passwords from the very start and he, and he alone, knew what they were. His bosses demanded them off him, he decided they weren't to be trusted with messing with his network and said no. They fire him. He still says no. Bosses call police.
Sounds like an over possessive admin, but maybe he had his reasons. Either way, this is a whole different story from the way its been presented. He wasn't a rogue admin, he was the sole admin, which also makes his bosses liable in a number of ways.
So the password is 1, 2, 3, 4, 5?
That's the stupidest password I've ever heard in my life! The kind of thing an idiot would have on his luggage!
Childs and the PFY
What'll we do tomorrow, Terry?
The same thing we do everyday, PFY.
Plot to take over the world!
From a link posted about it earlier:
A key point made in the e-mail is that Childs' managers and coworkers all knew that he was the only person with administrative access to the network. In fact, it was apparently known and accepted in many levels of the San Francisco IT department. Again, quoting from the e-mail:
“This is where it gets tricky for the prosecution, IMO, because the localized authentication, with Terry as sole administrator, has been in place for months, if not years. His coworkers knew it (my coworkers and I were told many times by Terry's coworkers, 'If your request has anything to do with the FiberWAN, it'll have to wait for Terry. He's the only one with access to those routers'). His managers knew it.
"Other network engineers for the other departments of the City knew it. And everyone more or less accepted it.
"No one wanted the thing to come crashing down because some other network admin put a static route in there and caused a black hole; on the other hand, some of us did ask ourselves, 'What if Terry gets hit by a truck?' If a configuration is known and accepted, is that 'tampering'?”
My source appears to believe that Childs' motivation was the antithesis of tampering, and that Childs did everything possible to maintain the integrity of the network, perhaps to a fault:
“He's very controlling of his networks -- especially the FiberWAN. In an MPLS setup, you have 'provider edge' (PE) routers and 'customer edge' (CE) routers. He controlled both PE and CE, even though our department was the customer; we were only allowed to connect our routers to his CE routers, so we had to extend our routing tables into his equipment and vice versa, rather than tunneling our routing through the MPLS system.”
He shouldn't be in gaol at all!
He should be free to hold the secrets he was entrusted with -until payment was made for the knowledge he was allowed to leave his employment with.
You don't sack a man in that position until you have made him release his secrets. Once you stop paying him you can't expect any different.
Must be Gomer Pyle's Dumber Brother
Surprise, Surprise, Surprise
"Many have questioned why Childs' bail is so high and how he apparently so easily gained complete control of the city's computer system."
The very fact they this sort of activity still brings surprise should tell us something about those who confess to not understand how easily it was done.
Idiots who are surprised at this must also be surprised that babies puke and pee.
That would be the combination to the air shield.
I know what the password was
Seriously though I can see why he did what he did (known many retarded idiots who shouldnt be trusted with a spoon let alone network access) but at the same time once he left he should have turned it over right away if only to laugh when the new people made a royal mess of everything seeing as he was no longer responsible. Then again he would problem have still been arrested cause the new people would have denied they messed it up and blamed it on some sort of logic bomb that was hidden.
/Paris because, well shes been as Fu#!ed as this guy would have been one way or the other.
I'm surprised he didn't use his knowledge to gain a bit more leverage, such as a written undertaking not to pursue the matter. Or forget them, even...
I'd walk a mile for a calomel.
I can only imagine how part of the conversation went...
"What's the password?...And if you say swordfish, I'LL LOSE IT!!"
real life BOFH story
nice one mate.
Is mayor a code word for sodium penthanol
Normally it is a word with the Abbott ;), perhaps they don't have one in San Fran.
So this story looks like this:
Man with passwords gets fired, and they expect him to remember those passwords after the trauma of being fired, and hand them over?
He has not done anything wrong, and his is on 5,000,000 dollars bail!
It beggars belief that San Fookedcisco (as it is now known), did not have contingency plans in place. And one has to wonder if the person this guy reported to was the mayor, therefore only the mayor should have been the recipient.
There potentially is one hell of an interesting counter claim case here. I hope he has played it by the letter, and I have a suspicion he has, who knows what their security docs say, perhaps even something like: 'you may not divulge any IT passwords of the system, except directly to the person you report to.' Those security docs, that 'people' always recommend you do first - may just have shot themselves in the foot with this one.
The only man with a higher rank that did not fire him.
ALL started with an audit............
When Childs get out of prison id like to buy him a beer :)
- Does Apple's iOS 7 make you physically SICK? Try swallowing version 7.1
- Fee fie Firefox: Mozilla's lawyers probe Dell over browser install charge
- Pics Indestructible Death Stars blow up planets with glowing KILL RAY
- Hands on Satisfy my scroll: El Reg gets claws on Windows 8.1 spring update
- Video Snowden: You can't trust SPOOKS with your DATA