San Franciscan network hijacker gets his day in court

Amusingly benevolent dictatorships in computer administration is quite common.

Look at microsoft, it protects users from themselves.

While there is no doubt that some people just cannot be bothered to unravel a large network's problems, or in other words its' mess. The question remains, is this a semi-clever argument used in judicial self-defense?

Quick, lock up your children, they might hurt themselves!

Just a thought.

its impossible even if u are an admin to block and change another admins or even a normal user's password for that matter, you can only delete normal users, or remove passwords, and you cant explicitly without any doubt you cannot delete, or change an admins password other then your own.
it sounds like alot of ppl wanted this guy gone, and they went to great lengths to do it, I dont blame the guy for trying to keep his job

After reading the whole story, i believe he's getting the shaft, he never brought harm to the network, he only refused to allow other administrators access, based on the fact that he felt they weren't competent enough to manage the infrastructure, and for the most part, he was right.

Two points that proved to be funny about this whole ordeal, 1, even after putting him in jail and preventing him from accessing the network, the network continued to hum along just fine for weeks, with no problems what so ever, despite the fact that he refused to give up the passwords to the routers. yep, he was really out to cause harm to the city... 2, the prosecutor in the case proved his point that no one besides him was capable of managing the password list, as soon as he gave up the list, the dumbass prosecutor took that list, the list of passwords to all their servers and routers, and filed it as evidence in the case against him, making that list not only public record but also published it online for the whole world to have, thanks to the cities court records being available online...

He broke the law and should go to jail.
He isn't the only person that could manage the network and is also a total idiot and quite possibly needing professional help.

You wake up with fleas.

Childs is technically correct - he is the only admin who actually valued and was competent enough to oversee security.

And when taking that stance against a sea of "fellow" mob-like government "workers", no doubt, the full force of the legal system will be brought down upon you for exposing the truth.

I don't know for sure, but I presume Childs is a leftist himself, and that's why he was foolish enough to take the job, not realizing that some day, they would come for him too.

$5,000,000 is essentially "no bail". Even State Assembly Speaker Fabian Nunez' son, charged with murder, got a $1,000,000 bail.

How ironic, that for the past seven years, we've heard endless complaints about "The Patriot Act" and other alleged civil rights atrocities committed by the White House, and yet, most of the most heinous abuses come from "Blue State" entities.

Lie low, kiddies. The witch hunts have not yet begun.

I beg to differ. I change normal users passwords and admin passwords frequently as a systems administrator. I have admin rights in my OU (Windows AD enviroment), and any users (admin or not) I can change their passwords. I can't change the passwords of Enterprise admins or admins higher up the AD tree, but it sounds like this bloke was a top level/enterprise admin.

Cheers,
John

Knowing some "govies" myself I can agree with his plea (be it true or not in his case). I have seen this type of people ask admins to give everyone admin priviledges and/or enable the use of simple passwords just because it is convenient for them (and they have the boss power). It would not surprise me if his side of the story turns out to be true.

First this article lacks a lot of the details necessary to make an informed comment.

First this guy administered the Cisco WAN ONLY! He did not have access to user accounts on file servers, etc. He ONLY administered the city's complex WAN infrastructure. This is not run of the mill router stuff. It is very complex and requires an intimate knowledge of both the technology and how this environment is currently configured to avoid making changes that could have very negative effects on both public safety systems and government infrastructure.

The person who demanded the passwords used to be a junior person who was previously denied access to this information because they were not qualified to have access. This person got promoted and all of sudden demanded access. This same person caused a minor network outage in the past.

This admin was correct in the way he handeled the whole ordeal. He properly handed the information over to the mayor when asked in person by the mayor. It would have been improper to give this type of information to anyone else as it would allow them into the police, fire and other public safety networks.

This admin repeatdly wanted a disaster recovery/network continutity plan established that would clearly define who was responsible for the network in the case of outages, downtime, changes, etc. Management did NOT want this as any negative consequences for management actions could NOT be then blamed on the techs, but squarely on management.

The type of security used here was to disable password receovery on the cisco equipment in question. He also never saved the configuration to flash on the devices so the only copy was in RAM on the device. This means if the device was rebooted (required for password recovery) or lost power the config on the device was lost. This was a very effective way of keeping the "techies" and non-authorised people from accessing the configuration files on the devices.

If Childs did not give up the passwords then there was no way for even Cisco to recover the configurations (This is also the way the military protects sensitive equipment.) Cisco techs could rebuild the configurations, but would essentially have to rebuild the entire network. The losses the city claims are not realised losses, but estimates of the time needed to rebuild the configurations in the event they could not get access to the passwords.

While Childs may have been a little paranoid in this situation, I do NOT think he was being malicious and was truly trying to protect the integrity of the network as evidenced byu prior screwups by others that management then tried to blame on Childs.

It is much more likely that they were trying to have Childs do more than a single person is normally capable of doing. Combined with new management who had a bone to pick with Childs. This is probably the source of the trumped up charge of poor performance.

This whole debacle is already a glaring failure of the City of San Fran's management. They handled this whole situation very poorly. The management involved should be fired. Terry Child's should have gone to the mayor first before it got to this point. I personally think Terry has a civil case against the city. Whether he can afford such a case is another matter.