Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

SF Admin Gives Up Keys To Hijacked City Network

timothy posted more than 6 years ago | from the please-let-this-be-the-end- dept.

Government 581

snydeq writes "Jailed IT admin Terry Childs relinquished his hold over San Francisco's multimillion-dollar FiberWAN, handing his administrative passwords over to San Francisco Mayor Gavin Newsom, who was 'the only person he felt he could trust.' Childs is still being held on $5 million bail for his lockout of the city's FiberWAN, a case that has been called into question since an insider came forward with details about both the network and Childs himself. The case hinges on No Service Password Recovery commands Childs allegedly configured onto several Cisco devices, as well as dial-up and DSL modems the SFPD has discovered that would allow unauthorized connections to the FiberWAN. Childs intends to 'expose the utter mismanagement, negligence, and corruption at DTIS, which if left unchecked, will in fact place the City of San Francisco in danger,' according to his motion. The Department of Telecom and IS has cut 200 of its 350 IT positions since 2000 — pressure that may have contributed to Childs' actions, according to interviews with current and former DTIS staffers. Newsom secured the passwords without first telling the DTIS that he was meeting with Childs."

cancel ×

581 comments

Sorry! There are no comments related to the filter you selected.

Also, he gave up his ass cherry (-1, Flamebait)

larry bagina (561269) | more than 6 years ago | (#24305107)

being in prison, and in San Francisco.

Re:Also, he gave up his ass cherry (0, Offtopic)

nategoose (1004564) | more than 6 years ago | (#24305267)

Sounds like you have experience with this.

Re:Also, he gave up his ass cherry (-1, Flamebait)

larry bagina (561269) | more than 6 years ago | (#24305605)

Yeah, I popped your mom's ass cherry. She was a little scared, being "surprise sex" and all, but I think she enjoyed it.

Falling Down (-1, Redundant)

Saint Stephen (19450) | more than 6 years ago | (#24305149)

This guy clearly has stability issues. What a nutjob.

Re:Falling Down (5, Funny)

koafc (718334) | more than 6 years ago | (#24305201)

I guess Newsom is an MCSE/CCNA and therefore is trusted.

Re:Falling Down (5, Funny)

SimonGhent (57578) | more than 6 years ago | (#24305281)

handing his administrative passwords over to San Francisco Mayor Gavin Newsom, who was 'the only person he felt he could trust.'

If he believes that the Mayor is going to be reconfiguring the routers he certainly is a nutjob!

Re:Falling Down (3, Insightful)

PRMan (959735) | more than 6 years ago | (#24305743)

If he trusts a mayor that has no problems violating state laws when it suits his purpose, he has a lot to learn...

'the only person he felt he could trust.' (4, Interesting)

UnknowingFool (672806) | more than 6 years ago | (#24305193)

From my viewpoint, it appears that Mr. Childs wasn't so much a malevolent person as much as he was paranoid and protective. We've all met this admin before. He won't give you any rights that you may need to do your job because you could screw "his computers". I'm not saying what he did was right or legal but he may not be the white cat stroking, maniacally-laughing villain that the initial news reports made him to be.

Re:'the only person he felt he could trust.' (5, Insightful)

MightyMartian (840721) | more than 6 years ago | (#24305243)

... but he may not be the white cat stroking, maniacally-laughing villain that the initial news reports made him to be.

No, instead, he's a paranoid monomaniacal prima donna. If it is was me, I'd rather be a white cat-stroking schemer bent on world domination, because the former demonstrates a sick mind.

Re:'the only person he felt he could trust.' (4, Funny)

funwithBSD (245349) | more than 6 years ago | (#24305517)

Has anyone checked on his wife?

I am just saying...

Re:'the only person he felt he could trust.' (0)

Anonymous Coward | more than 6 years ago | (#24306053)

Has anyone checked on his wife?

he has a wife ?

Re:'the only person he felt he could trust.' (1)

JWSmythe (446288) | more than 6 years ago | (#24306119)

I'm thinking of manic paranoid delusional. Or in more modern terms, bipolar.

    He believes he's the only one who can save the world (or the network in this case).

    Everyone, including staff are out to get him.

    And of course, he did counterproductive things which caused more trouble than they solved.

    I'd prefer to be the evil mastermind, "stroking" a "cat", with my evil laugh (evil laugh already in place).

Re:'the only person he felt he could trust.' (0)

dreamchaser (49529) | more than 6 years ago | (#24305317)

It doesn't matter what his motivation was. The moment his bosses asked for the access and he refused he became a criminal, if in fact that is what happened.

Re:'the only person he felt he could trust.' (5, Interesting)

gehrehmee (16338) | more than 6 years ago | (#24305437)

How is not doing your job criminal exactly? Grounds for dismissal, sure, but jail?

Re:'the only person he felt he could trust.' (4, Insightful)

Ihmhi (1206036) | more than 6 years ago | (#24305769)

Hypothetical situation. My job is to keep an eye on a nuclear reactor. It begins to meltdown, and my manager (who isn't trained with the system) instructs me to cool it down. I refuse for [insert reason here].

That's one of many "not doing your job = crime" situations.

He was basically blackmailing / extorting the city of San Francisco - keep me on board or you lose access to the server completely.

Re:'the only person he felt he could trust.' (1)

Joe The Dragon (967727) | more than 6 years ago | (#24305993)

nuclear reactors are controlled by the NRC and not some PHB who is clueless.

Re:'the only person he felt he could trust.' (0)

Anonymous Coward | more than 6 years ago | (#24305817)

Criminal negligence? Or you do not have anything like that in your laws?

Re:'the only person he felt he could trust.' (2)

neoform (551705) | more than 6 years ago | (#24305855)

Purposefully damaging the company you work for is grounds for penalty.

If a bus driver purposefully crashes the bus, someone could have gotten hurt, he should be charged with wreckless endangerment, much the same way this guy should be..

Re:'the only person he felt he could trust.' (4, Funny)

WhiplashII (542766) | more than 6 years ago | (#24306059)

It's not wreckless if you crash.

(Laugh, its a joke!)

Re:'the only person he felt he could trust.' (1)

wattrlz (1162603) | more than 6 years ago | (#24305989)

There are certain professions that are not allowed to go on strike because doing so would endanger too many lives. I know doctors can't strike. I'm pretty sure firemen and police officers aren't usually allowed to either. I hope air traffic controllers aren't allowed to strike...

Re:'the only person he felt he could trust.' (1)

Provocateur (133110) | more than 6 years ago | (#24306145)

Well, he was looking forward to the conjugal visits.

Re:'the only person he felt he could trust.' (5, Insightful)

larry bagina (561269) | more than 6 years ago | (#24305737)

Hey dreamchaser, this is your boss. I need write access to the email archives. The SEC has been poking around and, well, you know how it goes.

PS - get back to work.

Re:'the only person he felt he could trust.' (4, Insightful)

chill (34294) | more than 6 years ago | (#24305901)

Hmmm...under what Statutes?

While employed he was authorized to access those systems. He didn't access them after his employment was terminated, so it isn't Computer Tresspass or anything similar.

The system works, so he didn't break it.

While they can certainly fire him for insubordination, I'm not exactly sure what he could really be charged with.

Re:'the only person he felt he could trust.' (4, Insightful)

kesuki (321456) | more than 6 years ago | (#24305361)

I'd say the guy is probably suffering from mental illness.

there are a lot of people who simply never get diagnosed, because they seem to be able to function normally without medication... myself i've had lesser symptoms dating all the way to childhood, but until i had a 'severe' hospitalization requireing symptoms people just didn't think that i was bad off enough.

Re:'the only person he felt he could trust.' (5, Interesting)

pieterh (196118) | more than 6 years ago | (#24305451)

Anyone having spent that much effort creating a network - and succeeding - would become paranoid and protective of it. I challenge anyone to invest so much in any project and then happily see it messed up by people who are less competent.

However the situation is still messed up, the City should never have allowed one person to take on so much responsibility, and at the first sign that he was becoming indispensable, they should have moved him to another project.

If someone is essential for a project, replace him as soon as you can...

In fact the whole story is a good case study for outsourcing - a small, competent network firm would have done as good a job, and treated the incompetent managers simply as clients, not bosses.

The blame lies squarely with the City, not Childs.

Re:'the only person he felt he could trust.' (5, Insightful)

UnknowingFool (672806) | more than 6 years ago | (#24305645)

I think sometimes people need to see the bigger picture. In my youth, I thought that becoming indispensable meant I was a valuable employee, and I had job security. But I had an epiphany at 2am one morning when I was fixing a problem. I COULD be the only one to fix this problem and be stuck fixing these problems forever. Or I could trust someone else and train them to fix these problems. Could my company find it easier to replace me? Sure, but it's just a job; I'll get other ones. The lost time I could have spent at 2am doing other things (like at home with my family) was worth the compromise. Any of you who missed out on anything because you were at work know what I mean.

Re:'the only person he felt he could trust.' (4, Funny)

Hektor_Troy (262592) | more than 6 years ago | (#24305859)

I'm not sure we want to know what you do with your family at 2 AM in the morning. Wife/girlfriend, sure .. but not the rest of your family

Re:'the only person he felt he could trust.' (5, Funny)

shadow349 (1034412) | more than 6 years ago | (#24305997)

I'm not sure we want to know what you do with your family at 2 AM in the morning. Wife/girlfriend, sure .. but not the rest of your family

Obviously, you have never met the Aristocrats.

Re:'the only person he felt he could trust.' (1)

wattrlz (1162603) | more than 6 years ago | (#24306117)

All night Disney-movie marathon? Perhaps watching a meteor shower or getting home from vacation. Besides, who said his kids were all that young? Maybe they're all sitting around the dining room table drinking beer and catching up. The real issue is, as a /.er, how'd GPP find time to mate and start a family?

Re:'the only person he felt he could trust.' (1)

OneMadMuppet (1329291) | more than 6 years ago | (#24305943)

I used to have a similar attitude, until it occured to me that if you can't be replaced, you can't be promoted. Or go on holiday...

Re:'the only person he felt he could trust.' (4, Insightful)

Dekortage (697532) | more than 6 years ago | (#24305677)

If someone is essential for a project, replace him as soon as you can.

Replace them? No. Distribute their responsibilities and knowledge? Yes. You still want the brainchild around to give input and support; it's just that you need backup in case they get hit by a bus (or paralyzing delusions of grandeur).

Re:'the only person he felt he could trust.' (1)

hesaigo999ca (786966) | more than 6 years ago | (#24305923)

I don't quite agree totally with your argument, there still needs to be someone who is in ultimate charge of the project or team lead if you will. Whether this person needed to be the only person with this access is not the point, the point was he was trying to tell the upper management of the security risks already in place , and when no one would listen, and just wanted to get rid of him, he decided that for the good of everyone using this network (you and me) that we should be protected, so attack then give the keys and say 'see i told you so'.

Maybe now they will look into this more closely and inspect what he was saying, and now that the people know about it too, they can't sweep it under a rug later if it still occurs after the fact,
there would be a criminal lawsuit against them if after knowing about it, they still didn't fix the problem.

Sometimes, you need to sacrifice yourself for the good of the many, even if in the process, you get labeled a bad guy. I know I am not a bad guy, and I would have done something similar (although hind site is 20/20 so I would have planned immunity with the FBI behind closed doors or something).

Re:'the only person he felt he could trust.' (0)

Anonymous Coward | more than 6 years ago | (#24306037)

"If someone is essential for a project, replace him as soon as you can..." I think that's crazy. Replace him? Perhaps you meant get someone else up to speed? Advocating loosing institutional knowledge on any project is just plain stupid. If they guy is important find ways to distribute his knowledge around to others. Heck, make him the project lead and limit his programming time so he's forced to delegate the work to others, but replacing him will only complicate matters and slow things down.

"In fact the whole story is a good case study for outsourcing - a small, competent network firm would have done as good a job, and treated the incompetent managers simply as clients, not bosses." It's my experience that when you end up replacing said company because they loose the next bidding cycle that the transition periods can be ugly. More so since the old company may have decided to write you off as a future customer and therefor has no incentive to actually respond to problems. No, I'm not sure outsourcing critical infrastructure where government mandates competitive bidding every couple of years is the best solution...

Re:'the only person he felt he could trust.' (4, Funny)

houstonbofh (602064) | more than 6 years ago | (#24305497)

There is a fine line between the white-cat-stroking genius in James Bond, and the crazy cat lady from the Simpson's.

The more I read the less I know... (5, Insightful)

Stanistani (808333) | more than 6 years ago | (#24305241)

This story has a real obvious 'bad guy' in Childs.

Arrogant, supposedly unstable, egotistical.

But there are odd, contrary, little pieces of this tale that intrigue me.

I'd like to see some comprehensive treatment of this tragicomedy written a year from now, when the dust has settled, and Childs' side of the story can be heard as well.

Re:The more I read the less I know... (4, Funny)

tb()ne (625102) | more than 6 years ago | (#24305311)

I'd like to see some comprehensive treatment of this tragicomedy written a year from now, when the dust has settled, and Childs' side of the story can be heard as well.

Agreed. But only if it's in the form of a Broadway musical.

Re:The more I read the less I know... (4, Funny)

RasputinAXP (12807) | more than 6 years ago | (#24305733)

And written by Joss Whedon, starring Neil Patrick Harris.

We can call it Admin Horrible.

Re:The more I read the less I know... (0)

Anonymous Coward | more than 6 years ago | (#24306077)

i so so so second this.

Re:The more I read the less I know... (0)

Anonymous Coward | more than 6 years ago | (#24305835)

What a mental image: Middle aged over weight guy with scruffy beard doing pirouettes with jazz hands while giant cat6 and fiber optic cables rise and sway to the music in a laser light show spectacular.

Re:The more I read the less I know... (5, Funny)

ColdWetDog (752185) | more than 6 years ago | (#24305375)

I'd like to see some comprehensive treatment of this tragicomedy written a year from now, when the dust has settled, and Childs' side of the story can be heard as well.

Instead you will get a made-for-TV movie with oodles and oodles of computers running 12 screens each and a funny OS that only have warnings in 100 point sans-serif fonts and backgrounds which look suspiciously like an FBI badge.

But the hero will be a down-on-his-luck gay single parent who obviously uses a Mac Book Pro to compute the primes needed to crack the passwords (while drinking a triple grande latte and eating a scone).

Oh, and explosions. It will have lots of explosions.

Almost forgot the half-naked teenage girls^Wboys (forgot, this was SF).

Re:The more I read the less I know... (1)

xtracto (837672) | more than 6 years ago | (#24305713)

I take that you didn't like 24 uh?

Re:The more I read the less I know... (1)

umghhh (965931) | more than 6 years ago | (#24306081)

Why should they be half naked? Why not go all the way?

Re:The more I read the less I know... (5, Interesting)

salveque (1221584) | more than 6 years ago | (#24305411)

I agree completely.

There seems to be a lot more going on here than what we see.

The conspiracy side of me thinks that there's something fishy going on in the department. He found out and got fired because of it. Except he acted fast and hijacked the network. Hence why he only gave the password to the mayor...

Re:The more I read the less I know... (1, Interesting)

Anonymous Coward | more than 6 years ago | (#24305729)

If this is the case, he really messed up. He dealt with it in completely the wrong way. Now he is in jail and at the mercy of the conspirators. What he should've done is left a way to maintain access to the computer... And leaked what ever they were doing using wikileaks. He probably acted in the heat of the moment and let the adrenalin do the thinking.

Re:The more I read the less I know... (2, Interesting)

Anonymous Coward | more than 6 years ago | (#24305933)

The last story indicated he was eavesdropping on their network activity. That's how he knew to lock the network down before they came to fire him. He probably has PLENTY of dirt on the dirtbags. He probably not only gave the password to the mayor, but also the key to an encrypted file somewhere that will totally fsck all those people who are chasing Childs. This sounds like the tip of an iceberg to me :-)

Re:The more I read the less I know... (1)

penfold69 (471774) | more than 6 years ago | (#24305651)

But there are odd, contrary, little pieces of this tale that intrigue me.

Me too. It's obvious the entire story hasn't come out yet.

There are fairly easy rebuttals to a lot of the media hype surrounding this story. Remote DSL/modem access to the network is an obvious DR tool that seems to have been twisted to be 'an evil back door'.

Sure, the guy may have a God complex. Hell, he's completed the CCIE exam which places him in a *very* small pool of people. He's also apparently designed and configured the entire FibreWAN network. He's proud of it and probably rightly so. How many sysadmins here would honestly let some incompetent come and screw up their network? Sure, his judgement of incompetent may be off the mark but c'mon.

I hope we get more details of this. There has to be a helluva lot that we're not being told.

P.

Did anyone else... (5, Funny)

4pins (858270) | more than 6 years ago | (#24305247)

Did anyone else wonder why a SourceForge administrator had the keys to a city's network.

Re:Did anyone else... (0)

Anonymous Coward | more than 6 years ago | (#24305483)

Did anyone else wonder why a SourceForge administrator had the keys to a city's network.

No. Lots of people work on things in their spare time that aren't part of their day jobs.

For example, where I live (Toronto), an emergency room physician wrote a novel that won the country's top prize for literature.

Re:Did anyone else... (1)

Anonymous Coward | more than 6 years ago | (#24305917)

No, because many of us realize that abbreviations usually can refer to several different things. We then iterate through those different things, often using previous knowledge we have about current events or history, until we find the match that makes the most sense. When in doubt, we will look to the story for clarification. However, some people (like you) stop at the first thing that enters their heads and sit there going "But that doesn't make any sense."

Actually ... (5, Funny)

Van Cutter Romney (973766) | more than 6 years ago | (#24305251)

He was just too embarrassed by the password - ibonkedmymom.

Re:Actually ... (0, Redundant)

Van Cutter Romney (973766) | more than 6 years ago | (#24305463)

Oh c'mon. The mods have no sense of humor...

Re:Actually ... (4, Funny)

funwithBSD (245349) | more than 6 years ago | (#24305571)

*sigh* you just targeted the wrong audience.

He was just too embarrassed by the password - ibonkedmydad

Fixed!

Re:Actually ... (4, Funny)

antifoidulus (807088) | more than 6 years ago | (#24305949)

ibonkedmymom

Worst....Apple product.....EVER!

Re:Actually ... (1)

CheeseTroll (696413) | more than 6 years ago | (#24306105)

Y'know, that's actually a great way to ensure that you don't give out your password to coworkers. You know, the "Oh, just use my login this time to make it work" kind of situation, where you intend to change your password afterward but often forget.

Expose mismanagement (5, Insightful)

grandbastard (1312837) | more than 6 years ago | (#24305257)

"Childs intends to 'expose the utter mismanagement, negligence, and corruption at DTIS, which if left unchecked, will in fact place the City of San Francisco in danger,' according to his motion."

The fact that one employee had complete control over the network should be enough of a sign. Of course this is management, so they're all likely still confused on what's going on and need to have another meeting.

Re:Expose mismanagement (2, Funny)

gx5000 (863863) | more than 6 years ago | (#24305427)

I swear I heard the Dilbert cartoon voice as I read your
most insightful post ;-)

I for one welcome our new Paranoid Admin Overlords

(BOfH till I die!)

End of the days (1)

saveonweb (939227) | more than 6 years ago | (#24305271)

What was the point of holding back for so long now. Now he just lost the last hope for his negotiation.

Re:End of the days (0)

Anonymous Coward | more than 6 years ago | (#24305625)

Since this is a (semi-)government network, I suspect they will never use his password anyway.
They prefer to spend money on a new system, so they can get bribes from another company. All they need to do now is make up some lame excuse that the password didn't work or didn't magically solve the lack brain cells.

Re:End of the days (4, Interesting)

legutierr (1199887) | more than 6 years ago | (#24305637)

What was the point of holding back for so long now. Now he just lost the last hope for his negotiation.

Or, he wasn't holding back in order to negotiate, but because he wanted to get the opportunity to tell all of his grievances to the one person who he thought might have the power and wherewithal to "fix" the situation. From reading about the motions that his lawyers have filed in court, it seems that Childs is willing to risk going to jail just to be able to publicize the hard time he's been having at work for the past couple of years. In fact, he might have willingly accepted or even pursued the prospect of prosecution because he knew that he would then have a public forum to air his views, and possibly embarrass his bosses (which, despite their best efforts, he has).

Self-defeating (1)

Harold Halloway (1047486) | more than 6 years ago | (#24305273)

So Childs pursues the one course of action that is guaranteed to lead to his never being allowed to look after so much as a toaster, never mind his beloved network. Not very smart.

Re:Self-defeating (4, Interesting)

Red Flayer (890720) | more than 6 years ago | (#24305391)

So Childs pursues the one course of action that is guaranteed to lead to his never being allowed to look after so much as a toaster, never mind his beloved network. Not very smart.

He's probably hoping for whistleblower protection, and intends to show that he was being terminated wrongfully for threatening to blow the whistle.

It may be a desperation move, but until the facts come out, we don't know. If it turns out that he was being terminated wrongfully, it's possible that the city of SF could be forced to keep him on their payroll... on the other hand, I'd speculate that he's grasping at straws.

I've read some about the "situation", and all I think all we know for certain is that we don't know anything for certain yet.

Do I understand this correctly? (0, Troll)

GameboyRMH (1153867) | more than 6 years ago | (#24305285)

The case hinges on No Service Password Recovery commands Childs allegedly configured onto several Cisco devices, as well as dial-up and DSL modems the SFPD has discovered that would allow unauthorized connections to the FiberWAN.

Mr. Paranoid Admin with a God complex had big freakin' huge vulnerabilities on his precious network?

Re:Do I understand this correctly? (4, Insightful)

seanadams.com (463190) | more than 6 years ago | (#24305469)

Mr. Paranoid Admin with a God complex had big freakin' huge vulnerabilities on his precious network?

Attaching old-fashioned modems to the console ports of routers and switches is sometimes done in order to allow the administrator to remotely access the equipment during a major network failure.

It's not an egregious "vulnerability", assuming the console it password protected. That statement was spun to make it sound like they were back doors, when in reality this was likely done for no other reason than to facilitate emergency maintenance.

Please note I am not defending Childs generally. I'm just saying that the way they've minced words in some of these allegations gives me pause.

Re:Do I understand this correctly? (1)

budgenator (254554) | more than 6 years ago | (#24305507)

Mr. Paranoid Admin with a God complex had big freakin' huge vulnerabilities on his precious network?

Nobody ever assumes that an evil cr/hacker will find the hidden backdoor installed for Mr Paranoid Admin's personal use. The other thing is since SF had no security policy in place, how do you determine a connection is unauthorized anyways? The biggest problem I see is too many people making network management decisions on the fly, it's hard to see the big picture when your flying by the seat of your pants.

Re:Do I understand this correctly? (2, Interesting)

_Shad0w_ (127912) | more than 6 years ago | (#24305587)

I suspect "unauthorized" in this context might well mean "Childs".

It's not unheard of to have dialup access to a network device, in case you're locked out from the network facing side; I don't know if someone who is as, apparently, paranoid as Childs is would give them self such a fall back though.

Re:Do I understand this correctly? (3, Interesting)

jimicus (737525) | more than 6 years ago | (#24305663)

The case hinges on No Service Password Recovery commands Childs allegedly configured onto several Cisco devices, as well as dial-up and DSL modems the SFPD has discovered that would allow unauthorized connections to the FiberWAN.

Mr. Paranoid Admin with a God complex had big freakin' huge vulnerabilities on his precious network?

It sounds to me like Mr. Paranoid Admin was so paranoid that people had started to do what they tend to do when Mr. Paranoid Admin is so paranoid they can't get anything they need done.

They'd started to work around him.

Net result: All sorts of little unauthorised connections popping up.

In being too paranoid, you wind up creating exactly the situation you fear the most: a network with lots of uncontrolled, unknown systems appearing creating security holes where none previously existed. Doesn't matter how many fancy "no unauthorised access" features your infrastructure has, sooner or later someone's going to succeed in working around them. The last thing you need to do is give them an incentive.

Re:Do I understand this correctly? (0)

Anonymous Coward | more than 6 years ago | (#24305929)

That's the stupid SFPD trying to make a common, standard industry practice seem suspicious and criminal. If you administer a network and you don't have a fallback remote access setup in the event of a serious network problem, then you deserve to be fired on the spot. It isn't a vulnerability if it's setup correctly, which it was given the fact that the SFPD knew about RA, but still couldn't access the network.

Not too bad... (2, Insightful)

courteaudotbiz (1191083) | more than 6 years ago | (#24305327)

At least, the guy didn't go to work on his last day of work with a gun, shoot the people and kill himself... He does have some stability issues, but he still has some morale.

Re:Not too bad... (4, Funny)

redJag (662818) | more than 6 years ago | (#24305395)

You keep using that word. I do not think it means what you think it means.

tFROST PIST (-1, Troll)

Anonymous Coward | more than 6 years ago | (#24305367)

Have their mom3nts

LOL, omg the net (2, Interesting)

gx5000 (863863) | more than 6 years ago | (#24305377)

I just love the way people judge others they will never meet from tabloid tidbits.
I'm not saying I agree with his methods but we have no idea what really went on here
and if we're talking about 200 IT jobs lost in the last eight years and security
being a joke this guy might end up a hero...and for any of you young goofballs out there
with ass cherry jokes, your pot smoking will more likely get you there...this guy will
be playing tennis and knitting at the very worse...

I just wish we could have proof of age on the Net so we didn't have to tolerate
the "anonymous effect".

Cheers.

Re:LOL, omg the net (0)

Anonymous Coward | more than 6 years ago | (#24305735)

> I just wish we could have proof of age on the Net > so we didn't have to tolerate the "anonymous effect". Unfortunately, I think you've confused "age" with "maturity".

Re:LOL, omg the net (4, Insightful)

eepok (545733) | more than 6 years ago | (#24305795)

Although I find your delivery crude, I agree with your message.

I would not be surprised in even the slightest if the now-branded "paranoid" admin is hailed as a hero in the future for exposing precisely what he has set out to expose.

200 people in eight years?
Enough security risks to compel him to likely ruin his life for what he believes is a good cause?

Why is it so silly to give the benefit of the doubt to someone who, up until his last action, has been trusted with some of the most valuable information the city has to offer?

Re:LOL, omg the net (0)

Anonymous Coward | more than 6 years ago | (#24305861)

What makes you think the idiots are all young? Old people can be equally dumb. In my life I've found little correlation between stupid jackasses and age - maybe you've had different experiences.

Childs is like most admins (0, Redundant)

pietromenna (1118063) | more than 6 years ago | (#24305425)

Childs in this case acted like most network admins act: just being paranoid and not allowing other people to replace them. It is completly fair that he goes to jail.

expose the utter mismanagement (1)

wiredog (43288) | more than 6 years ago | (#24305495)

If a paranoid monomaniacal prima donna sysadmin holding the network hostage won't do that...

Miserable Slashdot (5, Insightful)

db32 (862117) | more than 6 years ago | (#24305567)

So...I certainly don't know if this guy is crazy or not, but there are a few things that I am surprised the /. crowd really hasn't bothered with.
1. The problems between IT and Management are so bad across the board that there is a famous cartoon relating these problems. This famous cartoon spawned the "PHB" reference. So...to listen to an IT guy complain of incompetent management shouldn't be a surprise at all. Please everyone, raise your hand if you have been handed complete and utter bullshit requirements or policies that some "PHB" without a technical clue has demanded that you implement. Now...raise your hand if you were stupid enough to EVER give them administrative rights over ANYTHING.
2. The media has a fucking field day with "evil hackers". This is so bad that the world "hacker" now means criminal and hordes of geeks wimpering and moaning about how the media stole the word. So...the media reporting on yet another "evil hacker holding city hostage" should be taken with a grain of salt. Sensationalist crap reported by people that have less than 0 IT understanding to the masses who also have less than 0 IT understanding. Million to one odds says that if they actually reported the more technical facts of this case the ratings would be near 0 and this story would have never gotten to be so high profile.
3. He did give the password to the person at the top of the chain of responsibility for this. Which to me sounds like the most appropriate thing to do. If you are so concerned that everyone is an incompetent fool then your only option is to go straight to the top. Imagine how much trouble this guy would be in if he gave out these passwords to a bunch of corrupt and incompetent folks who did bring the city down? At least this way everything continued functioning.

Finally...and most concerning to me is a quote from the article.
But without access to either Childs' passwords or the backup configuration files, administrators would have to essentially re-configure their entire network, an error-prone and time-consuming possibility, Chase said. "It's basically like playing 3D chess," he said. "In that situation, you're stuck interviewing everybody at every site getting anecdotal stories of who's connected to what. And then you're guaranteed to miss something."
Really...so basically these people didn't document ANYTHING. Because config files or not, rebulding your network if you bothered to document things isn't all that hard, it's just time consuming. But straight from their man there they would be stuck interviewing people for anecdotal stories becaues they were too incompetent to bother documenting the network. Nevermind that they seem to have cut their IT staff from 350 to 100 over the last few years. So it sounds like their IT staff was just the favored bucket to take money from, which is hardly new thinking these days. It amuses me to no end when companies/governments treat their IT staff like overpaid housekeeping, largely unneccessary drains on budgets, and an unimportant support function and then scream bloody murder when the shit hits the fan.

Re:Miserable Slashdot (2, Insightful)

Trojan35 (910785) | more than 6 years ago | (#24306137)

Usually, when shit hits the fan (as in, firing 60% of your workforce), your operation is understaffed. The very first thing people start skipping is documentation. And that's true everywhere, not just IT.

Hackers (0)

Anonymous Coward | more than 6 years ago | (#24305593)

Dont they know the password is "GOD" or "Sex"

Just out of curiosity... what if he isn't? (4, Interesting)

Bomarc (306716) | more than 6 years ago | (#24305609)

Reading a lot of comments about him being a nut job. My question is - what if he isn't? Is it possible that as a administrator of a SAN/Network, he saw some significant security issues, and when he presented them to his supervisors was slammed for reporting the problem -- including being fired? I know from experience the feeling: Management does not like to know that they've screwed up, and will fight kicking and screaming rather that admit that they've done something wrong. For me -- most recently this includes bogus Business Requirements, and critical Business Requirements that are not being met. I've found significant security holes in the where I currently work. Presented the problems to management. The response - don't call use, we'll call you.

Well... (-1, Redundant)

Anonymous Coward | more than 6 years ago | (#24305643)

What was the password?
I would love to learn the word(s) that held SF hostage.

Re:Well... (1)

Spy der Mann (805235) | more than 6 years ago | (#24305791)

I would love to learn the word(s) that held SF hostage.

Sourceforge was held hostage? GAAAAAAAAAAAH! *Jumps out the window*

Re:Well... (3, Funny)

wasted (94866) | more than 6 years ago | (#24305937)

...I would love to learn the word(s) that held SF hostage.

Political_Correctness ?

Possible to crack? (2, Interesting)

cwgatling (1258130) | more than 6 years ago | (#24305649)

It'd be interesting to know the length and characters involved in the passwords. And if it would have been possible to brute force them (within reasonable time)or use rainbow tables. I'm guessing maybe not.

Sounds like a Heroes episode (5, Funny)

Spy der Mann (805235) | more than 6 years ago | (#24305695)

"Save the network. Save the world."

It Being San Francisco... (4, Funny)

Illbay (700081) | more than 6 years ago | (#24305707)

...Couldn't the guy have just MARRIED the computer system, then claimed that it couldn't testify against him under Spousal Privilege [wikipedia.org] ?

Too Embarassed to tell passwords (1)

gatkinso (15975) | more than 6 years ago | (#24305719)

Adter all, "ILoveGoATSex100Times@nighT"... well... what can he say?

Difference? (2, Insightful)

Evildonald (983517) | more than 6 years ago | (#24305727)

There appears to be a very fine line between a ransoming malcontent and a fanatical whistleblower. I wonder with which brush he will be painted with when all the dust has settled.

Perfect Storm (1)

iXiXi (659985) | more than 6 years ago | (#24305759)

You take an extremely intelligent(genius level eccentric?) and over work them. Their work ethic is an issue in and of itself as they take ownership and pride to a fault. You combine that with maybe some social skill deficit and a bad temper. What you get is a time-bomb in any respect. You add in that his management created a catalyst with the lack of competent support to bleed off some of the stress and BOOM ! I think the city should take some of the blame. Their audit and procedures were also to blame for this breach of continuity. There are a lot of situations in government where the entire chain of command would be canned, especially in the military.

The Fountainhead (3, Interesting)

slashkitty (21637) | more than 6 years ago | (#24305761)

The more I read about this story, the more it reminds me of "The Fountainhead". This lone, brilliant man fighting the mediocrity of committees and less achieved managers. The government is NO place for a person like this. He'd be much better off running his own company with no bosses.

why do that, the fool (1)

oliverthered (187439) | more than 6 years ago | (#24305763)

If he's going to go to prison anyway (which is a sure thing after what he did) then why not be able to sit there with a little grin on your face knowing that you really screwed them over.

now he's going to prison and he didn't even get much out of it.

was there a crime (2, Insightful)

TRRosen (720617) | more than 6 years ago | (#24305801)

I'm not sure they can even establish any kind of crime in this case. Its been made clear that there was no intent to shut out the city, It was really just a case of an over protective geek securing his network. Until a new security guy (who I bet is pretty dumb and just as arrogant) got pissed when he realized the security on the network wasn't just to lock out those of lesser authority (that might purposely cause damage) but those of lesser knowledge (that might accidentally cause damage)and the later included him.

you really can't claim the his knowledge of the password as property of the city and access to the network was never blocked (only to changing his configurations). City could have rebooted an used a new configuration at any time.

lets face it there really is no precedent for charging someone for not giving up a password.

Re:was there a crime (1)

Pvt_Ryan (1102363) | more than 6 years ago | (#24306047)

Fuck, He is luck he ain't in the UK.. Not giving up your password is automatic Jail Time here..

meaning no disrespect to the guy... (-1, Troll)

corbettw (214229) | more than 6 years ago | (#24305805)

I hope he rots in jail for a good long time. Not because I bear him any particular ill will, but so that he can be an object lesson to the legions of system/network/database admins out there (and right here, on this site) who think that just because they've been hired to maintain and protect an organization's systems/networks/databases, that they somehow own those resources.

They don't; you don't. Your employer does. If management is screwing up, you document their screw ups and document your objections to them. Then you do what they told you to do, anyway. When it blows up (and it will), you go back to your documentation and show anyone who will listen that you warned them. You absolutely do not refuse to turn over passwords when told to do so.

And for the management types who are reading this, start rotating your admins among different projects, at least annually. Take the Linux expert and put him in charge of Active Directory; take the Windows expert and put him in charge of the SAN; take the SAN guy and put him in charge of the Cisco and Foundry routers. Shake things up, force people to work outside of their comfort zones. Not only will it encourage your staff to constantly learn (which is a good thing with geeks, we like learning), it will make sure your documentation is top notch since everyone knows they're going to depend on that documentation to do their jobs. It'll also avoid single points of failure in your staff, like this guy became. Not doing this because it's "hard" is an excuse, not a reason; nothing worth doing is easy, that doesn't make it any less worthwhile.

As for poor Mr. Childs, I feel for the guy, I really do. But he has no one to blame for his situation but himself, and unless he has reams and reams of documentation of the many times he warned management not to do what he thought was so horrible (and unless the network does blow up, as predicted), he'll never work in IT again.

All of you young admins out there: learn from his mistakes, and don't repeat them.

"qwerty" (1)

gatkinso (15975) | more than 6 years ago | (#24305829)

That's my guess.

Afer all until 5 minutes ago, it served me well on Slashdot for >10 years (or hgowever long I have had this account).

Gavin Newsome is a fuckhead and an asshole (-1, Troll)

Anonymous Coward | more than 6 years ago | (#24305873)

One of his precious illegal aliens that he gives sanctuary to just murdered a man and his two sons because their car was in his way. Fuck Newsom. Fuck him to hell.

You reading this by any chance Gavin? Fuck you. Their blood is on your hands, you cocksucking shithead motherfucker.

Ooo! Danger! (2, Informative)

Quiet_Desperation (858215) | more than 6 years ago | (#24305985)

will in fact place the City of San Francisco in danger

Well, there's already enough danger thanks to Mayor Gavin Newsom's policies.

http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2008/07/21/BA5C11SK2S.DTL&type=printable [sfgate.com]

It never occurred to this brain dead megabozo that when you say "Come one come all to our sanctuary. We'll hide you!" that there will be bad people to take advantage of that? A complete and utter tool.

An anonymous source? (1)

DaveV1.0 (203135) | more than 6 years ago | (#24306013)

An anonymous source is worthless without independent, named source verification.

Clearly he is delusional... (0, Troll)

roster238 (969495) | more than 6 years ago | (#24306035)

"expose the utter mismanagement, negligence, and corruption at DTIS"

As if we don't already know the city of SF is horribly mismanaged and grossly out of touch with the rest of the planet.

key to the city (1)

mgiuffrida (1303757) | more than 6 years ago | (#24306041)

So he gave the key to the city to the mayor.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?