Forgot your password?
typodupeerror
Networking IT

Accused Rogue Admin Terry Childs Makes His Case 397

Posted by CmdrTaco
from the yeah-good-luck-with-that dept.
angry tapir writes "He's been in jail for seven months now, but former San Francisco network administrator Terry Childs says he's going to keep fighting to prove he's innocent of computer crime charges. Childs was arrested on July 12, charged with disrupting the City of San Francisco's Wide Area Network during a tense standoff with management. Infoworld has also conducted an interview with Childs."
This discussion has been archived. No new comments can be posted.

Accused Rogue Admin Terry Childs Makes His Case

Comments Filter:
  • by Anonymous Coward on Wednesday February 18, 2009 @10:40AM (#26901641)
    Is this another 'Won't somebody think of the Childs?' story?
  • by u38cg (607297) <calum@callingthetune.co.uk> on Wednesday February 18, 2009 @10:44AM (#26901675) Homepage
    Thanks for just blowing away presumption of innocence, Taco :-/
    • by xouumalperxe (815707) on Wednesday February 18, 2009 @11:08AM (#26901953)
      I'd say it's more like blowing away the presumption of functional law enforcement where IT is concerned.
    • by Sycraft-fu (314770) on Wednesday February 18, 2009 @12:45PM (#26903191)

      Courts are. Seems many people on Slashdot misunderstand the whole "Guilty until proven innocent," thing. What that is, is a simple way of stating how burden of proof works in our court system. In US courts, the defense isn't required to prove anything. The defense can present no case at all and the defendant can still go free. The reason is they have no burden. The burden of proof is on the state, the prosecution. They have to prove that the defendant is guilty. So they can't just walk in and say "We accuse the defendant of doing X," and leave it at that. They have to present evidence to prove their case. Thus by design a defendant in court is presumed innocent. Proof of guilt must be offered because a not guilty verdict the the default in absence of proof.

      That's all it means. It is just a simple way of summing up our court system. It is NOT a command to the population at large. Individuals are free to believe what they wish, and use whatever standard for evidence they wish. People aren't required to view everyone as innocent until proven guilty in a court of law. They are welcome o hold opinions as they see fit.

      So please, but the crap with this. If you think the guy is innocent, or wish to reserve judgment until later, that's wonderful. If others don't, that's also fine.

      • by Korin43 (881732) on Wednesday February 18, 2009 @01:58PM (#26904193) Homepage
        You're missing the point. Why does the court have to assume that people are innocent until proven otherwise? Because it makes sense. If the police arrest someone, you should wait until they actual present their case to decide if the person is guilty. Sure, there's no legal requirement for you give people a chance to defend themselves, but if you don't, you're still a douchebag.
        • Re: (Score:3, Interesting)

          by AK Marc (707885)
          You're missing the point. Why does the court have to assume that people are innocent until proven otherwise? Because it makes sense.

          It only makes sense because it's what you believe.

          If the police arrest someone, you should wait until they actual present their case to decide if the person is guilty.

          The cops presumed them guilty, or they wouldn't have arrested them. So you are already working under a broken premise. Also, court findings are not fact. They either did or did not do what they are accuse
        • by mangu (126918) on Wednesday February 18, 2009 @06:56PM (#26909089)

          Why does the court have to assume that people are innocent until proven otherwise?

          Because it's the state against an individual. "Innocent until proven guilty" is a way to try to rebalance a situation that's rather unsymmetrical: a state organization with enormous means at its disposition is accusing one person. When the state investigates, they can put thousands of officers at the job. They have the power to go anywhere, interrogate anybody, investigate everything.

          The accused is alone. No matter how rich he is, he runs the risk of going bankrupt if he tries to match the state in its investigations. And he could go to jail if found guilty. Therefore, it's only fair to give the defendant the benefit of doubt in court.

          It's a different situation when it's a citizen against another. I have the right to form an opinion on whether someone is guilty or not without giving him all the leeway a court needs to give, and I have the right to tell my opinion to anybody who will listen. It's not as if my opinion could send anybody to jail.

      • by DancesWithBlowTorch (809750) on Wednesday February 18, 2009 @02:06PM (#26904271)

        That's all it means. It is just a simple way of summing up our court system. It is NOT a command to the population at large.

        You are painting a pretty bleak picture of this society. Of course everyone is free to believe whatever they want. But in a civilised society, under the rule of law, we like to let the law rule. That includes giving every man a chance to state their cause in court before judging them. That is indeed a "command to the population at large", although a moral one, not a legislative one.

  • Equal Protection? (Score:5, Insightful)

    by houstonbofh (602064) on Wednesday February 18, 2009 @10:45AM (#26901695)
    "He's been in jail for seven months now,...

    I love our entire "Innocent until proven guilty" thing. Unless you are on the wrong side of the celebrity wagon. I bet Paris would be out by now...
    • by PrescriptionWarning (932687) on Wednesday February 18, 2009 @10:51AM (#26901763)
      or possibly he couldn't make bail because he's not as filthy rich as Paris
      • by houstonbofh (602064) on Wednesday February 18, 2009 @10:59AM (#26901839)
        Kinda the point... "Bail" should be equally difficult for different people.
        • by MightyYar (622222) on Wednesday February 18, 2009 @11:08AM (#26901951)

          Hey, Paris worked really really hard for all that money and she deserves a little break when it comes to doing hard time.

        • It should be equally reasonable. After all, the state hasn't proven anything.

    • Re:Equal Protection? (Score:5, Interesting)

      by poena.dare (306891) on Wednesday February 18, 2009 @10:52AM (#26901765)

      Apparently the city of SF is having a wee bit of a problem understanding exactly what a network admin does. I read TFA, the guy sounds sane.

      • Re:Equal Protection? (Score:5, Informative)

        by mtrachtenberg (67780) on Wednesday February 18, 2009 @12:34PM (#26903049) Homepage

        Not only does the guy sound sane, it sounds as though he's got grounds to sue the folks who are trying to prosecute him. TFA suggests these incompetents were upset to find (1) a modem that had been in the admin's office since before he started working there, and (2) a modem set up to page him on any problems, and (3) a modem set up to handle emergencies.

        Obviously, this was not handled well by either side, but I'm inclined to believe the guy in jail over the clearly incompetent managers.

    • Re:Equal Protection? (Score:5, Interesting)

      by internerdj (1319281) on Wednesday February 18, 2009 @10:54AM (#26901775)
      By now? If she'd been in seven hours it would be amazing...

      But more seriously wow. I had only heard about this in passing, and didn't know the details. What is an IT person supposed to do? They hire him to be in charge of the network and then ask him to hand out root passwords to anyone important in the city government. At my job they make us swear on everything holy to not give our passwords or pins to ANYONE and probably would have us shot as a penalty if they could get away with it, but even without those restrictions I'm not going to hand out my password to my boss, my boss's boss, or even the CEO of the company.
      • by pla (258480)
        but even without those restrictions I'm not going to hand out my password to my boss, my boss's boss, or even the CEO of the company.

        I like my job, but preserving it comes pretty damned far behind "my freedom" in order of my priorities. Jail vs giving out the keys to the kingdom? "Would you like the portcullis up or down when you arrive, Mr. Barbarian?"

        Anyone who chooses prison over a job doesn't count as "principled", they count as an idiot.
        • by internerdj (1319281) on Wednesday February 18, 2009 @11:10AM (#26901977)
          Giving out the passwords could also lead to jail time. My personal password ties my account to me personally. Apart from all the potential abuses of international trade laws that could happen from my personal email if someone else had access, what if any one of those people put child porn on a rival's computer because they now had the keys? What if it was my computer? These people were willing to not only charge him in court for doing his job but also threw him under the publicity bus too.
          • by pla (258480) on Wednesday February 18, 2009 @11:27AM (#26902181) Journal
            Giving out the passwords could also lead to jail time. My personal password ties my account to me personally.

            It sounds like Childs had a pretty good clue about network administration - Meaning that he almost certainly didn't "run as root". He also had decent forewarning (most accounts describe this as ongoing for at least six months) that he could expect some bad mojo down the line, and could have taken appropriate steps to isolate his personal access from his professional access well in advance of the issue coming to a head.

            Now, if I absolutely had to surrender my personal account, I'd simply change the password to "password" first, and ASAP bulk-email everyone in my address list to say that ownership of my account had changed hands and future contact from that account would not come from me.

            Whether or not my employer owns "my" account, they sure as hell don't own my reputation.
            • Re: (Score:3, Insightful)

              by corbettw (214229)

              My understanding of the case is they were asking for the router passwords, both login and enable (root). Not his personal passwords. There was no reason not to do so, the guy is an idiot and should've been fired on the spot. Letting him rot in jail for these past seven months is just overkill, though. They should let him go, it's not like he's likely to work in network security again, anyway.

              • Re: (Score:3, Insightful)

                by Vancorps (746090)

                It doesn't sound like you are involved in network administration if you have such strong opinions about router access which is not something everyone should have access to. There are definitely a few types of devices where it does no good to give higher ups access because the only thing they can do with it is screw it up.

                City managers were clearly screwing up as they should have had to at least two admins and both of the admins would then have the login information available to them. Some random Joe should

          • Re:Equal Protection? (Score:4, Interesting)

            by erroneus (253617) on Wednesday February 18, 2009 @11:37AM (#26902299) Homepage

            It is a situation that defies what most people would do to be sure. This leads me to think that there is certainly a LOT more going on than we are able to know. I would guess that perhaps either he is trying to protect his own illegal activities or those of another or is trying to prevent something worse from happening to him at the hands of those above him.

            But sometimes, you just have to accept that some people actually do things on principle. For example, a couple of years ago, I left my job because I refused to give up "evidence that could exonerate me." The short of it was that my office's IP address was reportedly being used to share Adobe software via bit torrent. While it was true that I used bit torrent, it was most assuredly not Adobe software. (I'm not completely innocent... there was pr0n involved... legal stuff but still) But there was no software infringement going on as far as I knew. But they wanted me to hand over my personal property for them, in another state, to examine for an undetermined amount of time in order to answer a BSA complaint. I simply packed up my gear and went home. I had much other personal data on my system and was unwilling to share it for any reason. They offered me no assurances of any kind and when I asked them "why would compliance be in my best interests?" they had no answer at all... only silence. Most people at the office agreed with my position.

            In the end, I got a better job in fairly short time and no other consequences at all. I learned a lesson but it was not one "hard learned." Still, I was not going to just bend over and give up my personal property and data.

        • by madcow_bg (969477) on Wednesday February 18, 2009 @11:13AM (#26902017)

          but even without those restrictions I'm not going to hand out my password to my
          boss, my boss's boss, or even the CEO of the company.

          I like my job, but preserving it comes pretty damned far behind "my freedom" in order of
          my priorities. Jail vs giving out the keys to the kingdom? "Would you like the portcullis
          up or down when you arrive, Mr. Barbarian?"

          Anyone who chooses prison over a job doesn't count as "principled", they count as an idiot.

          P and GP may be talking about the same thing. If I have assigned the keys to take care of the network, and more importantly am liable both morally and legally (morally is needed because of future employments, who knows), then it is plainly a good idea to keep them secret.

          However, if my boss or my boss' boss or the CEO asks to have them and most importantly signs a paper that request them, by god, just give it to the man. By having the command in writing you are covered in case something wrong happens with those keys.

          If no written order comes, how are they supposed to prove you denied them the request?

          • Pretty much (Score:4, Insightful)

            by Sycraft-fu (314770) on Wednesday February 18, 2009 @12:51PM (#26903289)

            People always need to remember you don't own the stuff at work, the company does. Thus it isn't up to you to decide what goes on with it, it is the company's. That means if they wish to make a bad decision, they can. If the owner decides that the root password should be "password" and further that it should be posted on the wall, well that's his decision. You can and should tell him why that's a bad idea but if he says "I don't care, do it," then it over. You can't tell him no, because it isn't your stuff, it's his stuff. You can, of course, quit (and I probably would in that situation), but you can't just refuse and say "It's for your own good."

            Now in the scheme of a large company where you don't deal directly with the owner, it is still the same thing. Whoever their designated representative is, makes the decisions. So if you are given a stupid order you tell your boss it's a bad idea. He says do it anyways you go up to whatever level is appropriate (IT supervisor maybe, CEO maybe) and make your concerns known, but you do your job. If they want to be dumb, they can be dumb. Not your place to tell them they can't, and indeed it can be illegal.

            • Re: (Score:3, Insightful)

              by Vancorps (746090)

              Where do people get this impression that the company owns everything you do?

              This is simply not true by default in the U.S. legal system. It properly does vary a bit from state to state but for the most part things like email are owned by the employee unless specifically stated and agreed upon before employment began.

              When you're in IT some things get gray real fast. For instance, my title is network engineer. I write a lot of my own scripts to automate tasks. That code is mine because the company isn't pay

              • Sorry, but if you wrote those scripts on company time on company hardware, the scripts belong to them. It was a work for hire.

                Now suppose you write the scripts on your own time, at home. Ok then the script is yours. However if you go and give it to the company to use, that copy is theirs. As per copyright law they can't go and distribute it and sell it and such, but they get to keep it unless you had another agreement in place before hand. You can't give them the script and then take it away later just beca

            • Re: (Score:3, Insightful)

              by mrchaotica (681592) *

              If the owner decides that the root password should be "password" and further that it should be posted on the wall, well that's his decision. You can and should tell him why that's a bad idea but if he says "I don't care, do it," then it over. You can't tell him no, because it isn't your stuff, it's his stuff. You can, of course, quit (and I probably would in that situation), but you can't just refuse and say "It's for your own good."

              You know, this is exactly why professions other than IT have professional l

          • Re:Equal Protection? (Score:5, Informative)

            by ElizabethGreene (1185405) on Wednesday February 18, 2009 @01:28PM (#26903799)

            According to Mr. Childs, the passwords were requested by his skip-skip-level boss, 2 HR people, and an unknown number of people listening in via speakerphone in an unscheduled meeting he was pulled into while onsite at one of the office locations. A Police detective was also standing by.

            I can only hope the true story of what happens here comes out eventually.. but that is unlikely.

            -e.g.

        • by Chris Mattern (191822) on Wednesday February 18, 2009 @12:15PM (#26902799)

          I like my job, but preserving it comes pretty damned far behind "my freedom" in order of my priorities. Jail vs giving out the keys to the kingdom? "Would you like the portcullis up or down when you arrive, Mr. Barbarian?"

          "I have no gate key."

          "Fezzik, tear his arms off."

          "Oh, you mean THIS gate key!"

      • Re: (Score:3, Insightful)

        by MightyMartian (840721)

        But more seriously wow. I had only heard about this in passing, and didn't know the details. What is an IT person supposed to do? They hire him to be in charge of the network and then ask him to hand out root passwords to anyone important in the city government. At my job they make us swear on everything holy to not give our passwords or pins to ANYONE and probably would have us shot as a penalty if they could get away with it, but even without those restrictions I'm not going to hand out my password to my

    • by Lumpy (12016) on Wednesday February 18, 2009 @10:55AM (#26901791) Homepage

      It has NEVER been innocent until proven guilty. that fairy tale is simply read to the children to make them smile.

      Every lawyer, and person that has even been exposed to the legal system knows. You're guilty, then you have to fight to prove your innocence.

      • Re:Equal Protection? (Score:5, Interesting)

        by Inda (580031) <slash.20.inda@spamgourmet.com> on Wednesday February 18, 2009 @11:47AM (#26902425) Journal
        I've said similar on here in the past and not been modded up *grumpy*

        It also stems from the fact that we don't lock up innocent people in the western world.
        • Hello from Texas (Score:5, Insightful)

          by jeko (179919) on Wednesday February 18, 2009 @12:57PM (#26903369)

          It also stems from the fact that we don't lock up innocent people in the western world.

          Thanks. I just sprayed coffee all over my keyboard. Let me try this in a dialect you might understand.

          Son, not only do we lock up innocent people here in the US but, Hell, in Texas we've condemned men to die when their defense attorney didn't even show up in one case, or showed up too drunk to stand straight in another. Up there in Yankeeland, they just caught a judge getting commissions from the prison for sending kids to jail.

          Pound for pound, we lock up more people than the Russkies and the Chicoms COMBINED ever did. What, you think they're all guilty? You think Americans are just that much more sinful than all them godless heathens combined?

      • by MarkvW (1037596) on Wednesday February 18, 2009 @12:03PM (#26902637)

        The presumption of innocence really works.

        The presumption of innocence is a rule that applies to criminal trials. All it means (ALL it means) is that the jury cannot convict you unless they find beyond a reasonable doubt that you committed the charged crime. Juries take this very seriously. "Every lawyer" knows that. Juries can be stupid, sometimes, but they very often are stupid on behalf of the defendant. In other words, if they're not sure then they cut the defendant a break. "Every lawyer" who actually does trials knows that, too.

        In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

        Bail is a different issue. Judges have to assess danger to the community. Sometimes, people who can't make bail rot there before trial. Those people have a remedy, though. They can insist on a speedy trial. Most states have speedy trial rules just for that purpose.

        Mr. Childs probably isn't pushing for a speedy trial because the State probably has a strong case against him and he wants to build an effective defense. Defense takes time and preparation. So, I guess that Mr. Childs is sitting in jail (1) because the judge thinks he's a danger to the community; (2) he can't make bail; and (3) he needs the time to prepare his complicated defense.

        The presumption of innocence is not a fairy tale in the U.S. It is a plain reality.

        • by mkcmkc (197982) on Wednesday February 18, 2009 @01:26PM (#26903775)

          In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

          A little research will uncover the answer. Say the police break down your door one early morning, shoot your dog, and cuff you and your family. They have an informant that says you're involved in the meth trade. They take it to the DA, who can see it's bullshit, but DA's are measured in pleas and convictions, so he offers you a plea. You can cop to some minor class-D felony and three months in county. Or you can take it to court and put yourself at the mercy of 12 random citizens and/or a judge. Win or lose, you're out your job, your house, quite possibly your spouse, and your life savings. (Not to mention other details not suitable for this family publication.)

          If you've got any sense at all, you take the plea. Why? Maybe "because you're guilty...".

          That's how the presumption of innocence really works.

          • Re: (Score:3, Interesting)

            by Rich0 (548339)

            Yup. Look on the PBS Frontline website for their recent episode on Plea Bargains (you can watch it online). It is a real eye-opener.

            One woman was clearly falsely accused but was convicted. It became fairly obvious that she was falsely confused, and so the DA offered her a plea bargain for time served if she pled guilty (one of those cases of the DA being more concerned with a win/loss record than justice). Due to her religious convictions she did not want to plea guilty since she would have to lie and c

          • For the day to day legal BS average people are likely to encounter the situation is just as bad. I doubt the police are going to break down my door and accuse me of running a meth lab, but let's look at something as common as traffic violations.

            Your court date will roll around and you'll plead not guilty. A trial date will be set, meaning you'll have to schedule your life around that, and try to get a lawyer to help. The average person isn't expected to fully understand the law, because it's so nuanced and convoluted, which is why defense attorneys with years of specialized training exist. The average person is expected to fully abide by the law he doesn't understand, though, which may suggest a problem with the system, but nobody will question it during this process.

            On your trial date you'll speak to some self-important prosecutor or solicitor who acts on behalf of the government. He'll treat your minor case like it's the crime of the century. Depending on your demeanor he may offer a deal of some sort, which usually entails you pleading guilty to a somewhat lessor offense. What he probably won't tell you is that if you reject this offer, and make him go through the hassle of an actual trial, he'll push for the maximum possible punishment the law allows, regardless of any circumstances up to that point, because he doesn't want to do more work.

            This is justice in America.

            If you take his deal, you've just pleaded guilty to an offense you may not have even committed, and is probably something so stupid no one should care even if you did do it, but you're intimidated into the plea by his legal jargon and the fact that, as an average Joe, you don't have the time, money, or resources devoted to fighting it. You'll pay a few hundred dollars in fines and be on your way, with an arrest record, a criminal history, and completely out the hundreds you spent for the bond, the fine, the impound, the attorney, and anything else. The state will pat itself on the back for a job well done for cleaning up the mean streets of dangerous scum like you.

            If you don't take his deal you'll be put on trial. For minor offenses you may not even get a jury of twelve average Joes who will sympathize with you; the state has found a loophole and called this an "administrative matter", meaning you'll get tried by a judge, who will claim to be impartial but is on the state's payroll and has a vested interest in making sure things turn out in the state's favor, not to mention his clouded view of every person who appears before him as a criminal.

            The judge will ignore everything you say, and your attorney will be mostly powerless since the time for deal-making is over and all he can do is try to object to the prosection's evidence. There will be little evidence to which he can object, though, since for most minor offenses there aren't any significant witnesses or material bits of evidence. Nothing but the policeman's word and charge on the books, often, and this will be taken as wholly sufficient to pronounce you guilty, whereupon you'll pay a huge fine, face possible jail time, and be in worse shape than you had you just meekly submitted instead of trying to assert your right as an American to a fair and impartial trial.

            If you're very lucky, you may win your case and be pronounced "not guilty". You spent time in jail, have an arrest record, paid a pretty penny to bondsmen and lawyers and impound lots, had to take time off work, stressed the hell out of yourself dealing with this. Thousands of dollars later the state will send you on your way without so much as a "sorry about the trouble".

            This is justice in America.

            Create thousands upon thousands of arbitrary, meaningless laws which serve no public good, which citizens can't keep track of or reasonably comprehend, then leap out from behind the bushes to scream "GOTCHA!" when they may break one, rubbing your hands with glee that you can extract more money from the citizens. Punish them for daring to question the authority of the state. That's justice in America, and when you create laws just for the purpose of turning otherwise normal people into criminals, you cause them to lose all respect for the law.

            I did, long ago.

        • by jeko (179919) on Wednesday February 18, 2009 @01:57PM (#26904177)

          ...against plea-bargaining.

          In the U.S., less than five percent of cases go to trial. That means that less than five percent of people ever test the presumption of innocence. Why? Maybe because they're guilty . . .

          Amazing. You just asserted that presumption of innocence is a reality, and in the same breath insinuated all people who go to trial are guilty. If Einstein was right, and genius is the ability to hold two contradictory ideas in your head at the same time, then your mental acuity is astonishing indeed.

          The whole point of plea bargaining is to reduce the number of cases that go to trial. Plea bargaining works because you can't predict the jury's decision with certainty. If you look at the possible outcomes of plea-bargaining, it guarantees innocent men will end up in prison.

          Suppose you're innocent. Suppose you're innocent, but unlucky, and the circumstances make you look guilty. Suppose you're an unpopular minority. Suppose you pray to the wrong god. Suppose you're just ugly. Suppose you just look like "that type." Suppose you don't come from around here. Suppose you've never caught a break in your life. Suppose there are any one of a million reasons why twelve random people off the street could drop you in a hole without any good reason and not lose any sleep over it.

          Suppose you have children. Suppose you have family who depend on you. Suppose The Authorities come to you and tell you, "Boy, you don't push us on this, and we'll let you out in a couple of years. But if you make us go all the way, we'll make sure you don't ever see the light of day again, and when we put you in jail, we'll make sure Bubba is waiting for you with a dress."

          Take a random sample of a thousand innocent men, and sure, some of those men will have the moral courage and fortitude to tell you to go to Hell and take me to trial. Some of those men will lack that courage, and take your bargain out of fear. Most of those men will run a quick and dirty risk/reward calculation in their head, and realize that the best option is to take the deal -- because that's how you arranged it.

          Plea bargaining is a foul and filthy practice that guarantees a miscarriage of Justice in a certain percentage of cases. That's why not every Western nation allows it.

          But your arguments have nothing to do with the facts -- they have to do with your fears. It's terrifying to live in a world where innocent men can routinely go to prison. It's terrifying to live in a world where going to prison means a good chance of rape and brutality. It's terrifying to live in a world where the authorities actually use that threat of rape against you without conscience. It's terrifying to live in a world where any random mouth-breathing high-school-droput with a badge can destroy your life with trumped-up evidence. It's terrifying to live in a world where you can hear cops threaten to club children, where you hear cops threaten to plant fake drug evidence against teenagers, where you see cops shoot prone and begging men in the back...

          It's terrifying to live in a world where simply browsing YouTube can give you video evidence of all of this.

          So, your cognitive dissonance blasts away at full force, and you tell yourself innocent people don't go to jail because anyone who goes to jail is not innocent. You pillow your head on that circular logic, and while you dream you live in a pretty and just world you make it that much harder for the rest of us to fix the problems...
                 

    • Re: (Score:3, Informative)

      by afidel (530433)
      If he's been in jail that long then he waived his right to a speedy trial and was unable to come up with the money for bail.
    • I think you are wrong about Paris she would not be out by now rather I expect that she would be the first to go down.
  • From The Fancy Article:

    He's been in jail for seven months now, but former San Francisco network administrator Terry Childs [cq] says he's going to keep fighting to prove he's innocent of computer crime charges.

    What does the CQ stand for?

    • Re: (Score:3, Informative)

      by macxcool (1370409)
      According to Wikipedia, either:
      Central Queensland
      Congressional Quarterly
      or
      A symbol indicating that the spelling is actually correct, believe it or not.

      Does that help?
      • Didn't you ever listen to Jodie Foster in 'Contact' ?

        CQ, this is W9GFO. CQ, this is W9GFO here. Come back
  • I know I don't RTFA often enough but did the "interview" strike anyone as a bit thin? I'm more use to the format of question and answer and I got ten paragraphs that had a glorious 7 sentences of actual quotes from the subject of the interview. None of which touches on what he did, why he did it and only the faintest hint and why he feels that he's not guilty.

    Looking at it I get the feeling that the reason I don't bother with the articles as much anymore is because web journalism is simply too lite in all
    • Re: (Score:2, Informative)

      by riegel (980896)
      It sounds like the problem isn't that web journalism is lite but that there really isn't a lot of new information.
    • Re:Interview? (Score:4, Informative)

      by zzottt (629458) on Wednesday February 18, 2009 @11:00AM (#26901851) Journal
      he couldnt record it nor talk about the trial... not much you can do with 30 minutes
      • And that's fine in and of itself but at the same time why present it as newsworthy? While I'm sure there are many here who are concerned at the outcome of all of this it doesn't seem right to just hash the same old stuff just to pump out an article. I'm speaking more to the tone of respectable journalism than anything Childs is facing overall.

        I suppose it's a tad better than the latest top 10 TechRepublic article but there is a good reason that stuff never gets too much coverage here.
    • Re:Interview? (Score:4, Insightful)

      by DavidTC (10147) <slas45dxsvadiv D ... neverbox DOT com> on Wednesday February 18, 2009 @12:02PM (#26902619) Homepage

      Can someone even explain what he's charged with and what his specific actions were?

      Refusing to do your job and inform management of passwords is not illegal. (It's pretty strange behavior, but not illegal.)

      The only thing I can glean from reading both links is 'three modems', one of this was a DSL one he didn't set up for testing and whatnot, one of them was to operate his pager, and one of them was to link the city's network in emergencies. None of them even vaguely look like backdoors, but, more important, none of them were used as backdoors to a system he had access to anyway. (You don't install secret backdoors in cabinets in your office.)

      I know Childs can't talk because his lawyers says not to, but there's a fucking document called a 'arrest report' that actually lays out charges against him and the specific actions he took that were in violation of the law. What are they?

      Googling throws a lot of nonsense around, including the fact they've charged him with supposedly planning to use a planned power outage to do something bad, when said power outage wouldn't have affected those system. (And what 'something bad' is very vague.)

      And, also, when the police search his house, they found weapons ammo. This is presumably relevant somehow.

  • legit modems? (Score:5, Interesting)

    by socsoc (1116769) on Wednesday February 18, 2009 @10:58AM (#26901821)
    This article gives better reasons for those modems being on the network than previous stories. Doesn't seem so rogue now, does it?
    • Re:legit modems? (Score:5, Insightful)

      by drinkypoo (153816) <martin.espinoza@gmail.com> on Wednesday February 18, 2009 @11:19AM (#26902073) Homepage Journal

      This article gives better reasons for those modems being on the network than previous stories. Doesn't seem so rogue now, does it?

      Did it ever seem rogue to people with actual technical experience?

      What it seemed to me was stupid. If people above you in the chain of command want to break the network and destroy your security, you have to let them. The only recourse you really have is to demand such things in writing and run them all through your boss. The worst they can do in such a situation is fire you. But your job is to do as you are told, and if they tell you to fuck it all up, then you can either quit or capitulate.

      It seems to me like Childs was trying to obey the letter of his job description, without fully considering the ramifications. Certainly he wasn't trying to take over the network - however dumb he might be, I certainly don't believe he's crazy enough to forget about cops and prisons. He surely didn't think that they would be wielded against him for these particular actions, but that was just dumb. Now the city is trying to do everything they can to justify their actions, so they're trotting out bullshit arguments against him (like allegedly holding information he shouldn't, or installing back doors - which frankly are not a bad idea if they are secure back doors. someone 0wns your network, it's nice to be able to get in!)

      Odds are, most of us will never know the truth. The only one who knows the full truth of Childs' intentions is himself, and most people aren't all that in-touch with themselves anyway. However, he's had a lot of time to sit and think about it.

    • This article gives better reasons for those modems being on the network than previous stories. Doesn't seem so rogue now, does it?

      It only seems rogue when they make ludicrous statements like he put "1,100 modems" on the network.

      Anybody with half a brain can think about that statement as say 1) There's no way someone had that many modems and phone lines because would be wayyy too expensive and 2) if you were putting secret modems on the network to 'wreak havoc' (whatever that means), you certainly wouldn't need anything close to 100 of them, let alone 1,100 of them.

      If I were confronted with a room full of people not my boss and asked t

  • Wait a second? (Score:4, Interesting)

    by tjstork (137384) <todd.bandrowskyNO@SPAMgmail.com> on Wednesday February 18, 2009 @11:00AM (#26901855) Homepage Journal

    You know I was arguing all about either torture the guy and let him walk to get the passwords, thinking that 10 minutes of waterboarding is less damaging than 7 years in prison.

    Now, his side says that he's getting tossed into jail for sneaking a few modems onto his desk and not giving out the passwords to the modems he set up? come on now, that's not the story we heard coming from s.f. before and I have to wonder just what passwords s.f. was asking for.

    I don't know that I would hire the guy, but, somehow, when all the banks in the fine city of san francisco are sitting there having blown through trillions of dollars, I think maybe s.f. pd needs to be putting some other people in prison besides this guy.

    • Re:Wait a second? (Score:4, Interesting)

      by drinkypoo (153816) <martin.espinoza@gmail.com> on Wednesday February 18, 2009 @11:13AM (#26902021) Homepage Journal

      There is DEFINITELY something else more nefarious going on here, but it's impossible to say what. So far SF has completely mismanaged the case, continually getting technical details wrong and putting a ton of irrelevant yet sensitive information (the VPN access information) into the complaint. Unless they can come up with some better evidence their case looks like complete bullshit. That won't necessarily prevent him being found guilty, though.

  • by yttrstein (891553) on Wednesday February 18, 2009 @11:01AM (#26901859) Homepage
    That there's a network admin somewhere that has giant ethical nuts. As anyone with even a day's worth of network admin/engineering experience knows, the loyalty of all network admins can be purchased with A. a fat paycheck or B. a threat of any kind from someone with authority.

    Can you imagine even half of the network admins in the united states changing the passwords on their routers and shutting them down until Childs is released?

    Yeah, I can't either.
    • by zappepcs (820751) on Wednesday February 18, 2009 @11:13AM (#26902015) Journal

      I thought that too. Huge testicular fortitude by Childs. I think the interviewer noticed something when he mentioned that at the end Childs stopped and said "it's a different world in here" in reference to prison. That is perhaps the point of the blog entry, to show that Childs really isn't a whacko control fr34k with an attitude problem. I'm not saying network admins are that way, just that he was sort of painted that way in the original news headlines. I hope that he gets exonerated. Everyday I have to deal with people that have no clue how computers work, let alone databases or networks.

      I also have hopes that Childs being exonerated would reinforce the value of IT staff in general. That is to say that hey, you hired people who know what they are doing. Let them do it and don't mess them around.

      Car analogy: Don't micromanage your NASCAR driver or even the engineering staff who build the car.

      I guess what I mean is I hope the PHBs get it rough with no reach around on this one.

    • Re: (Score:3, Insightful)

      Can you imagine even half of the network admins in the united states changing the passwords on their routers and shutting them down until Childs is released? Yeah, I can't either.

      I can't either, but probably for different reasons than you.
      1. Such actions could cost employers to lose money and might subject those responsible to criminal charges (quite possibly felony charges) similar to Terry Childs.
      2. Your suggestion fails to take into account that the legal system (judges, lawyers and police) is mostly comprised of people with extremely limited technical knowledge. Do you really want such people deciding whether you might have a point to this protest? I'm thinking "no". A

      • by yttrstein (891553) on Wednesday February 18, 2009 @11:32AM (#26902233) Homepage
        As an employer, I'll let you in on something:

        The reason that punishment has been laid so strongly and swiftly down on Childs is directly because of the power of the position he held. He's being made an example in order to make sure that no other network admins get any bright ideas about exposing their feelings of real ownership and territory that every good network engineer has about their responsibilities (and equipment for that matter).

        As an employer, I hope the steps being taken against this man, no matter what his motivations were, are entirely unsuccessful. The world needs fearless and ballsy geeks a lot more than it needs spineless jellyfish who happily do whatever they're told *despite the ethics of it*. There's something deeply disturbing about so many giant brains have willfully given up control of (and responsibility for) their own actions and are all too ready to claim they were "just doing my job".

        Pardon my revulsion, but there are those of us who remember where that sort of outlook takes the species.
    • by SirGarlon (845873) on Wednesday February 18, 2009 @11:23AM (#26902127)

      That there's a network admin somewhere that has giant ethical nuts.

      Only if 100% of what Childs says is true. I'm not so sure I'm ready to believe him -- the circumstances of his confrontation with management suggests there may be layers to this story that aren't making it into the media.

    • by Sam Lowry (254040)

      That's a good plan for a nation-wide strike.

  • by Anonymous Coward on Wednesday February 18, 2009 @11:06AM (#26901925)

    Not going to comment on Child's innocence or guilt, but I have to wonder whether his lawyer is giving him good advice. I mean, giving an interview to the press which you discuss some case specifics doesn't seem like a very wise thing to do. Even though TFA was just a summary of the interview and did not contain a transcript of it, I'm guessing that the San Francisco prosecutor could subpoena the reporter to turn over a transcript, or recordings and any notes the reporter took to use against Childs.

    Giving an interview to the press really screwed over UK hacker Gary McKinnon, who's currently fighting an extradition order to be brought to the US to face charges breaking in to Pentagon computers. His interview by the BBC shortly after he was arrested basically was a full confession of everything he had done and left no wiggle room to create a case for reasonable doubt. The US prosecutor could base his case just on the BBC article alone and probably get a conviction. Of, McKinnon gave the interview before the US filed charges, I think, so he may have thought he was in the clear when the British authorities didn't file their own charges.

    Anyway, it just not a smart idea to give interviews to the press while facing criminal charges, and I'm surprised his lawyer let him do it.

  • by Dunbal (464142) on Wednesday February 18, 2009 @11:08AM (#26901945)

    he's going to keep fighting to prove he's innocent of computer crime charges.

          Well, good luck with that...

  • Mmmmm... No. (Score:2, Insightful)

    by Concern (819622) *

    I hate to say it, but these stories only reinforce for me that Childs is likely guilty.

    It seems even clearer that he really did keep passwords to himself, and when asked, refused to hand them over to his management.

    Management can ask for them (how can they ever replace a network admin, otherwise?) and they can ask you to hand them over to anyone they say. As Schneier says, they belong to your employer, not you.

    These articles imply that it's not "good practice" to give passwords out. If that's really his def

    • by Unnngh! (731758)
      To offer a slightly different perspective: If he felt that management was going to misuse the passwords to compromise the security of the network, he was best off sticking to his guns, as it would have come back on him, not management, if the security was compromised. Corruption at the top levels is not unheard-of. It just doesn't sound like that's what happened. In situations like this, people typically work out some compromise, like bringing in outside contractors with limited permissions or with a sep
    • Re:Mmmmm... No. (Score:5, Interesting)

      by DavidTC (10147) <slas45dxsvadiv D ... neverbox DOT com> on Wednesday February 18, 2009 @12:13PM (#26902781) Homepage

      Well, congratulations on making up laws, but, no, there's no law requiring you tell people passwords, even to their own systems. At all. Barring some sort of court order requiring that, which does not exist in this case.

      And that's not what he's charged with. He's charged with, essentially, doing his job, with lots of evidence of doing his job introduced as evidence.

      Like keeping detailed diagrams of the network at his house....the network he built by hand.

      Or installing network sniffers...commericial network sniffers that monitor the network for viruses and hack attempts, like he was supposed to as part of his job.

      Or having a modem installed...that paged him in case of network problems.

      Or configuring routers to not let people do a 'password reset'...in unsecured locations, like thousands of network admin do to routers they can't lock up to keep people from screwing with them.

      Or confronting someone who claims they're doing an 'audit' of his systems and, as he claims, walking out with a hard drive. (They were doing an audit, but he didn't know that.)

      They have decided all this means he was planning to bring the network down for some unspecified reason. Of course he could bring the network, any network admin knows enough to bring the network down. If they don't, they don't know enough to do their job keeping it up.

    • By Law? Sources? (Score:5, Insightful)

      by hellfire (86129) <`moc.liamg' `ta' `vdalived'> on Wednesday February 18, 2009 @12:36PM (#26903087) Homepage

      What law says "you must hand out a password to your boss when he requests it or you will be prosecuted as a felon"?

      The lawyer in the referenced articles has stated "The response to suspend him was arguably legal. The response to prosecute him is not." That means, if you don't give up a password, you can be suspended or fired, as you could be in any job, but that doesn't mean you can be prosecuted. If you use those passwords for nefarious means after you are fired, then yes you can, but so far the articles don't point to anything Child's did. There have been some wild claims, but InfoWorld has a special report page [infoworld.com] with articles that seem to call into question the accusations that are being leveled at Childs.

    • Re:Mmmmm... No. (Score:4, Insightful)

      by Quothz (683368) on Wednesday February 18, 2009 @01:12PM (#26903581) Journal

      These articles imply that it's not "good practice" to give passwords out. If that's really his defense, it's specious and deceptive. If your boss demands a password, you have to give it, by law.

      What law? In this case, the State's trying t'use "disrupting computer services", which is a California-specific law. From a look at the text [nsi.org], it looks like you only must give the password to your boss if he or she is "authorized" to have it. I'm assuming the charges are based on:

      (5) Knowingly and without permission ... causes the denial of computer services to an authorized user of a computer, computer system, or computer network.

      The question is whether his bosses were "authorized". If they -aren't-, it's criminal to give them the passwords, under the same section. Tricky. This is a government network in question, so the matter of authorization may not be clear. I have trouble with the scenario in which the police CIO, a military information defense worker, a couple of engineers, and especially a human resources rep would have authorization for administrative control of the city's network without a city policy-level decision being made at the mayoral or legislative level.

      Even in a business environment, the question of authorization can be sticky, and again is best-handled by a top-level policy decision.

      Other states have different laws; check your local listings. There's no universal law I'm aware of that says your boss has the right to any passwords. Quite the opposite, in California; if you give it up to your boss on demand when he shouldn't have it, and hijinks ensue, you could theoretically be prosecuted. I've trouble picturing that actually happening, but it clearly is not the case that you have to hand it over on request.

      As a layman, it looks to me as though Childs was correct in refusing to give out the passwords (although I'm not familiar with any relevant city policies granting authorization, again I'm pretty darned sure the HR guy isn't supposed to have 'em). Giving out incorrect passwords was a bad move, but easily attributed to the pressure of the surprise party.

  • by DigitalSorceress (156609) on Wednesday February 18, 2009 @11:22AM (#26902109)

    If things went down like Childs said, then he was indeed doing his job correctly. I've got root level access to all our Linux servers and several of our AD domains due to the work I do. However, I'm not the network admin. I would not give any of the passwords to anyone (including my boss, the head of IT), and instead would direct the requester to our head network/infrastructure guy.

    I happen to know that he would refuse to just give out root passwords to management just because they wanted it. The only people with that level of access are those who need it for their work. This is how things SHOULD BE.

    Now if Childs was the only one with the passwords (which from the standoff, I guess he was), then he may be guilty of forgetting that you NEVER put all your eggs in one basket. Were I in Childs' position, I would have been concerned what would happen to my network should I get hit by a bus. However, I can't believe he wouldn't have a PFY to share the info with. You always gotta have a second.

  • Power struggle. (Score:5, Interesting)

    by Vellmont (569020) on Wednesday February 18, 2009 @11:24AM (#26902143) Homepage

    It seems to me the whole thing is really about a power struggle with a recalcitrant employee. Someone with a lot of authority in City Government sicked Johnny Law after this guy when he refused to give out the admin passwords. The city then calls up the media, lets out the dogs, scarlet letter, the whole 9 yards.

    In reality, is failing to reveal an admin password a criminal offense? Have we really gotten so strange in this day and age that some passwords are now considered "property"?

    I have no problem with him being fired. He sounds like a control freak who took the whole system to be his personal baby. But the charges against him sound more like someone is pissed off, and trying to take it out through the court system.

    • Have we really gotten so strange in this day and age that some passwords are now considered "property"?

      If I steal the keys to your car, who owns your car?

    • He got arrested because even after they fired him he wouldn't give them the passwords. How are they supposed to manage the network if the only guy who knows the passwords is the guy you fired?
      So by refusing to give them the passwords when they fired him, he was denying them access to their property. On the other hand, I agree with the people who think this whole situation smells of a bigger problem somewhere.
  • Does anyone find it curious that the city managers claim they couldn't get access to the system without Childs passwords. I mean how difficult is it technically to reset a password, especially with physical access to the system. And with most reported 'news' nowadays, the facts keep changing with each new itteration:

    Sep 10 2008 "The SF rogue admin Terry Childs installed a ' terminal server [infoworld.com],' which appears to be a router, on the city's network, but investigators haven't been able to find or log into it"
    • by GameMaster (148118) on Wednesday February 18, 2009 @12:02PM (#26902623)

      The whole thing stinks, but you never know until we see all the facts.

      The picture taking incident could have been him flying off the handle like they make it out to be, or it could have been him taking pictures as cya insurance because he was concerned she might mess up (EIther intentionally or unintentionally) some mission-critical systems. One would wonder why she called a director, and not 911, if she was actually concerned for her personal safety. That makes it sound like, to me anyway, some of the hyperbole they were talking about in the article.

      The thing about the router paging his work pager sounds like nothing. I see nothing out of the ordinary for an admin to set up a router to page his work pager if it has problems. How does this, in any way, signify him still having access if he no longer has the pager? He either has the pager (and is thus allowed to contact the network as an employee) or the pager is confiscated from him when he is fired (removing his access to the network). There may be more to the story, but that statement means nothing on it's own.

  • by viralMeme (1461143) on Wednesday February 18, 2009 @12:13PM (#26902767)
    "On Friday, June 20, there was an altercation between Childs and Jeana Pieralde, the new DTIS security manager at the 1 Market Street datacenter in San Francisco. Until her promotion, she had been a city network engineer who worked with Childs"

    Why didn't anyone tell Childs of this promotion, and who got her the 'promotion'?

    "Childs disputed this interpretation of events, claiming in court documents that Pieralde was conducting clandestine searches of DTIS employee workspaces and had removed a hard drive from an office when he confronted her. He also denied taking photos of Pieralde"

    Were there or were there not photographs taken of Pieralde by Childs. Was Pieralde authorized to conduct such audits and where now is this 'SF Owned cell phone', and what exactly did Childs intend to do with these photographs.

    "the city stated that Childs was placed under surveillance [infoworld.com] and was arrested on the evening of July 12 as he was parking his vehicle near his home in the suburb of Pittsburg. At the time of his arrest, he was found to have $10,000 cash on his person and receipts showing that he had traveled to Sparks, Nevada, where he had looked at renting storage units. Following his arrest, police searched his house and workspaces. Police turned up 9mm and .45 caliber bullets, but apparently no weapons"

    Like, if he was under surveillance (and his cell/pager conficated), wouldn't they have noticed that he wasn't actually near a computer whern the pager went off ?

    "Considering that normal bail for a murder case is $1 million -- one fifth of what Childs' bail was set at -- this filing was unexpected"

    -------

    "it is a mystery what exactly Jeana Pieralde was doing performing an unannounced, after-hours "security audit" in a City office other than that in which she herself worked. It was during that secret "security audit" on the evening of Friday, June 20th, 2008, in which Jeana Pieralde took a hard drive from another City employee's office and was photographed by Terry Childs as she did so"

    "The office from which Pieralde removed the hard drive belonged to DTIS Security Officer Nancy Hastings (who naturally was not present in the office because the "security audit" was being conducted after hours.)" "Terry Childs had returned late to the offices (which do include his office and do not include Jeana Pieralde's office) at about 5:15 P.M. to find Jeana Pieralde (who does not work in those offices) taking a hard drive [wordpress.com] from one of Terry's co-workers offices. Terry photographed this act with the camera in his cellphone"

    Did Pieralde really remove a harddrive. What was the name of this co-worker, where is this harddrive now. What motovated Pieralde to remove the harddrive. What's really going on here. Was Pieralde caught with her-in-th-cookie-jar, and someone decide to frame Childs to distract from something?
  • by ffflala (793437) on Wednesday February 18, 2009 @06:44PM (#26908909)

    I'd like to think his defense is reasonable, but then I thought the same thing about Reiser's case.

After an instrument has been assembled, extra components will be found on the bench.

Working...