Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

San Francisco DA Discloses City's Passwords

Soulskill posted more than 6 years ago | from the you-sure-showed-him dept.

It's funny.  Laugh. 333

snydeq writes "The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's VPN. The passwords were filed this week as Exhibit A in a court document arguing against a reduction in $5 million bail in the case against Terry Childs. Though they placed the passwords in the public record, city prosecutors do seem to think that they are sensitive. InfoWorld's Paul Venezia, who has been following the case closely, provides further analysis of the technical details in the city's case. 'By themselves, [the passwords] would not be enough to allow anyone to access the network via VPN,' Venezia writes, 'but the fact that the city entered them into evidence is quite shocking. At the very least, they'll have to shut down their VPN access for awhile until they've changed them all and modified the configurations of some large number of VPN clients.'"

cancel ×

333 comments

Sorry! There are no comments related to the filter you selected.

Ah HA! (5, Insightful)

clang_jangle (975789) | more than 6 years ago | (#24343005)

AH HA! See, Childs was right , he is the only competent one!

Re:Ah HA! (5, Interesting)

WK2 (1072560) | more than 6 years ago | (#24343129)

Why did the DA even have access to these passwords? Why were they not in hash form? Did Child's have anything to do with that part?

A Whole New World of Questions. (1, Insightful)

Odder (1288958) | more than 6 years ago | (#24343205)

What did the DA want the passwords for? Is Childs really a priavacy protection hero?

Re:Ah HA! (4, Insightful)

GameboyRMH (1153867) | more than 6 years ago | (#24343347)

My first thought. Whenever a password is stored in a form that it could be retrieved (rather than only reset), the users should be notified beforehand, otherwise it's just unethical IMO...not to mention the security issues.

RTFA (5, Informative)

Estanislao Martnez (203477) | more than 6 years ago | (#24343675)

Why did the DA even have access to these passwords? Why were they not in hash form? Did Child's have anything to do with that part?

From the article:

The passwords, discovered on Childs' computer, pose an "imminent threat" to the city's computer network, according to the court filing. Childs could use the names and passwords to "impersonate any of the legitimate users in the City by using their password to gain access to the system," the motion against the bail reduction states.

So, in answer to your questions: probably because the police found them as a result of their investigation, because Childs allegedly kept them in plaintext, and yes, allegedly, Childs had plenty to do with it.

Do you have any other questions? Perhaps the article answers them.

Re:RTFA (2, Insightful)

GaryOlson (737642) | more than 6 years ago | (#24343917)

Do you have any other questions?

Why are these introduced in a bail hearing? Is he going to sell them to buy a plane ticket to a non-extradition country? Could he use a network access password to arrange travel as a third party and avoid prosecution?

These login/passwords were found on his office computer. How the hell do you think he is going to access this computer even if he is free on bail? Something tells me he will have a very hard time obtaining this data.

The reason for password disclosure (5, Informative)

Hanzie (16075) | more than 6 years ago | (#24343759)

from TFA --

The username/password combos were apparently functioning sets. The DA is saying they found them on Child's own computer. The DA is all in a tizzy because Child's could then use these accounts to sneak into the system and cause mischief without getting tracked back.

Right. The only guy in the world with God level access to this network needs fake usernames/passwords so he can 'cause mischief'?

Give me a fucking break. I can think of many reasons for him to have those combos on his personal system.

  1. He's checking to see what naughtiness has already happened with those accounts
  2. He's got accounts so he can log in with a lower level of access and see what's accessible
  3. These are usernames/password combos that he sniffed off the network, during routine security testing.
  4. These are people with accounts that have had some kind of trouble, and he's got them so he can attempt to diagnose problems linked to user level access.
  5. It's a list of post-it pad's he's seen while walking around at work, and he'd been planning to inform the users to change their passwords.
  6. They're the output list of a password security checker.

Apparently the less than brilliant DA's office is unaware that the GOD level admin has the ability to do anything at all on the network and REMOVE ALL TRACES IN THE LOGS afterwards. It's trivial, when you're the one who runs the tattletales.

Dear DA office: IF YOU LOOK HARD YOU'LL UNDOUBTEDLY FIND EVIDENCE TRACY EAVESDROPPING ON THE NETWORK SNIFFING AND ATTEMPTING TO ILLEGALLY PENETRATE THE SYSTEM. IT'S PART OF HIS JOB, MORONS. IF YOU KEEP BRINGING THIS CRAP UP, YOU'LL ONLY LOOK STUPIDER.

Keep this up, and Nifong will have company in the 'worlds dumbest DA's club'

Re:Ah HA! (0)

Anonymous Coward | more than 6 years ago | (#24343879)

According to the article they were retrieved from Child's computer. So from the perspective of the city they were already compromised, since who knows how Child obtained them, or who he gave them too. This basically just reinforcing the need for the users to change their passwords.

Dang! (5, Insightful)

Ungrounded Lightning (62228) | more than 6 years ago | (#24343147)

AH HA! See, Childs was right , he is the only competent one!

Dang! You beat me to posting about it.

Wasn't part of Childs' point that password security in the S.F. government was lax and that divulging the big one in a way that would spread it around was dangerous to the network?

Given that the configurations on the routers weren't saved, the first guy to use that password on them had better be DARNED careful to get them recorded before changing anything or he's likely to break the network big time. So handing it to an administrator, who will hand it to several people, any of whom might leak it, could cause the net to come crashing down.

If all they'll let him do for a handoff is hand off the passwords, I can see how a prima donna BOFH would want to hand the big one directly to his successor, who would then spend the next week carefully recording the configs as-running before making changes or sharing the password with less-skilled delegates.

Not that it's right. But looks to me like the city is making his point for him - which his lawyer should use in a counter-argument at the bail hearing. B-)

Re:Dang! (1)

Jah-Wren Ryel (80510) | more than 6 years ago | (#24343597)

Given that the configurations on the routers weren't saved,

Huh, wuh? Where did you get that from? All I read was that they were not written to flash on the router. That doesn't mean they weren't written to an encrypted file on a tftp server (and can be written out again with admin privs). Bollox up the router? Reboot it and you are back to normal.

Now I haven't seen explicit confirmation that the configs were tftp'able, but unless Childs is some sort of rainman of router configurations there is no way that even he could have managed more than a small handful of them without keeping the configurations stored somewhere - there is just too much configuration info not to keep the configs stored somewhere.

Re:Dang! (1)

Darkk (1296127) | more than 6 years ago | (#24343741)

Given that the configurations on the routers weren't saved,

Now I haven't seen explicit confirmation that the configs were tftp'able, but unless Childs is some sort of rainman of router configurations there is no way that even he could have managed more than a small handful of them without keeping the configurations stored somewhere - there is just too much configuration info not to keep the configs stored somewhere.

He may have stored them either on a USB flash drive or if he is smart some tftp server somewhere on the net encrypted of course.

Enterprise Cicso router is very complicated piece of equipment so it is essential to have a copy of the configuration file somewhere as backup.

Hell, even the cheapo Linksys router got a nice backup feature.

Re:Ah HA! (3, Interesting)

kesuki (321456) | more than 6 years ago | (#24343153)

"AH HA! See, Childs was right , he is the only competent one!"

from TFA: 'Some of the passwords would benefit from a change because they are identical to the VPN log-in name or extremely easy to guess.'

wow, bad passwords, no wonder the guy was worried, using dictionary words is like not having a password as far as hackers are concerned, same deal with identical user/pass combos. i realize they use a encrypted key along with the password, but still...

Re:Ah HA! (4, Insightful)

Volante3192 (953645) | more than 6 years ago | (#24343243)

Bad IT policy, or bad users? IT is sadly not as much a dictatorship as we'd like. If enough users whine, it ends up being policy that passwords get lax. These users "are too important to have to come up with complex passwords incorporating at least 3 different character types in 8 or more characters"

Make password policies too complex, users just write them down. Frying pan, fire...welcome to IT.

Re:Ah HA! (1)

kesuki (321456) | more than 6 years ago | (#24343351)

you should teach users to write down hints that aren't the actual password, but allow them to remember what the password is.

besides, writing down passwords is only bad if you don't protect who can read the paper properly.

Re:Ah HA! (1)

Spy der Mann (805235) | more than 6 years ago | (#24343885)

you should teach users to write down hints that aren't the actual password, but allow them to remember what the password is.

I had tried that with my truecrypt drive... the problem is, even when i remember perfectly what the hint is, i forgot the password :'(

Bye bye truecrypt partition.

Re:Ah HA! (1)

Darkk (1296127) | more than 6 years ago | (#24343755)

Better yet, I've seen users use Post-It notes to write down passwords and guess where they stick it on?

Re:Ah HA! (0)

Anonymous Coward | more than 6 years ago | (#24343869)

$DIETY, don't I know it. I run VPNs where I work, and we just set up a bunch of users in our Risk Management department to be able to log in and retrieve critical data files, using only a logon name, password, and 4-6 digit PIN. Everyone else that gets on the network has to use RSA SecurID tokens, but these users "don't need to be bothered with having to keep track of tokens."

Re:Ah HA! (1)

Maniacal (12626) | more than 6 years ago | (#24343159)

Holy crap. This is great. I can picture Childs in his cell right now doing the "Where the hell is Matt" dance. If he's held on $5 million bail this dipshit should be arrested and held without bail.

Re:Ah HA! (4, Interesting)

Hanzie (16075) | more than 6 years ago | (#24343313)

Hey guys,

If you have any other opinions you'd really like entered into the public record, have at it. I'd say there's a very good chance that this discussion will be entered as evidence by the defense.:)

If anyone is counting, add my vote for the VPN passwords' disclosure being hard evidence that the IT admin was perfectly correct.

That and the fact that the SF network stayed up while the world's hackers KNEW that the network was completely unsupervised.

Frankly, if I were looking to hire somebody, I'd be chipping into this guy's defense fund. Speaking as a real-world IT manager, I'd say this guys judgement is spot on, and his admin skills are amazing.

In my own humble opinion, then SF DA's office is full of idiots.

hanzie.

Re:Ah HA! (5, Insightful)

_Sprocket_ (42527) | more than 6 years ago | (#24343337)

Childs' defense attorney has got to be happy about this.

"Your Honor.. I would like to direct the Court's attention to Exhibit A; the mere existence of which proves our case..."

Re:Ah HA! (1)

yehooti3 (1310213) | more than 6 years ago | (#24343445)

Just classic!

Re:Ah HA! (0)

Anonymous Coward | more than 6 years ago | (#24343575)

Childs was right , he is the only competent one!

In the state of California?

Re:Ah HA! (1)

Atari400 (1174925) | more than 6 years ago | (#24343831)

Exactly who is the DA going to expert witness against Terry Childs, should matters come to trial?

Suddenly Childs seems quite normal (4, Funny)

99luftballon (838486) | more than 6 years ago | (#24343019)

If this is the level of fuckwittage he had to deal with while in his job I'm not surprised he locked others out.

Re:Suddenly Childs seems quite normal (3, Insightful)

ScrewMaster (602015) | more than 6 years ago | (#24343197)

Yeah. It must've been a tough call, though, because he didn't really have the authority to do that, but on the other hand, if he hadn't, the buffoons running that department would caused the city even more grief.

Sounds more like he should have gotten a reward or a medal or something. It's funny, but this is a case of a citizen protecting a government from itself, not the other way around.

Re:Suddenly Childs seems quite normal (1)

teal_ (53392) | more than 6 years ago | (#24343265)

He's like a vigilante!

Re:Suddenly Childs seems quite normal (4, Insightful)

John Hasler (414242) | more than 6 years ago | (#24343391)

> ...he didn't really have the authority to do that...

You don't know what he did. You only know what the aforementioned "fuckwits" allege that he did.

Re:Suddenly Childs seems quite normal (5, Insightful)

actionbastard (1206160) | more than 6 years ago | (#24343901)

"...because he didn't really have the authority to do that..."
But his supervisors and everyone in his department knew he was the only one -the 'go to' guy- that really had the in-depth knowledge to figure out problems and make stuff work. If they let him do that without objection or questioning his reasons, they gave their tacit approval to allow him to operate in the fashion that he did.

Re:Suddenly Childs seems quite normal (3, Insightful)

LaskoVortex (1153471) | more than 6 years ago | (#24343763)

If this is the level of fuckwittage he had to deal with while in his job I'm not surprised he locked others out.

As you are well aware, bureaucracy is ruled mostly by idiots. They are put into places of power with the bureaucracy for precisely this reason. Their idiocy makes them less threatening. Once arriving there, being idiots, they are suspicious of anyone smarter. They especially do not like their own idiocy shoved in their face with the constant superior intellect of those who may happen to come along. Now these idiots can do stupid things, like enter passwords into public record or fire talented sys admins, but they will not get in trouble. Why? Because its better to do the wrong thing because you are stupid than it is to do the right thing that some idiot made against the rules one time.

Then the users will change them right back (2, Interesting)

Homer's Donuts (838704) | more than 6 years ago | (#24343041)

Then the users will change them right back to what they were.

Where I used to work, you had to change your password every month. After you changed it three times, you could it back to the original.

So people just changed their password 4 times.

Re:Then the users will change them right back (0)

Anonymous Coward | more than 6 years ago | (#24343101)

Sounds like you have to use a shitty system. Real systems prevent duplicates, or even similar patterns. It can be a real pain.

Re:Then the users will change them right back (1)

Volante3192 (953645) | more than 6 years ago | (#24343157)

Real systems involve users calling up every few months complaining they forgot their password when they end up changing it...

Password policies (1)

Enderandrew (866215) | more than 6 years ago | (#24343353)

And then you reset their password and make then pick a new one.

Password policies shouldn't be draconian. For instance, changing them frequently isn't likely to help much. I'd rather people have a secure password that they don't write on paper, and keep for a year, rather than force them to change their password every two months and encourage users to write their password down so they remember it.

Re:Then the users will change them right back (2, Interesting)

Timothy Brownawell (627747) | more than 6 years ago | (#24343749)

Sounds like you have to use a shitty system. Real systems prevent duplicates, or even similar patterns. It can be a real pain.

...since real systems also only store a hash instead of the plaintext password, how do they know it's similar?

Passwords can be TOO strong. (5, Interesting)

Jane Q. Public (1010737) | more than 6 years ago | (#24343219)

I attended a lecture some years ago by a Microsoft employee who was high up in their security structure.

He started his speech by asking the audience, "Passwords and policies should be made as strong and secure as possible, right?"

A show of many hands.

He said, "Wrong! It is possible for a password policy to be TOO secure. Let me give you an example. It is possible to set up a security policy in NT that requires a password of at least 8 characters, which must also be mixed case, have at least one numerical digit, and at least one non-alphanumeric character, and which will require a change of password every week."

"As soon as you implement that policy, users will write their password on a post-it note, stick it to their monitor, and replace it with a new one every week. So you see, a password policy CAN be too secure for your own good."

An idiot playing a semantic game. (0, Troll)

Anonymous Coward | more than 6 years ago | (#24343311)

A policy requiring users to commit impossible feats of memory isn't "strong" or "secure" in the first place.

He got people to agree with something obvious, then tried to make them feel stupid by redefining the words he used to make what they agreed with into something ridiculous.

What a fucking asshole. Sounds like MS, all right.

Re:An idiot playing a semantic game. (4, Informative)

techno-vampire (666512) | more than 6 years ago | (#24343503)

No, he wasn't an asshole. He had a very good point that has just gone over your head. To elucidate, if you add too many requirements to user's passwords they can't remember them and need to write them down. Once you get to that point, the passwords aren't strong any more and you've created a security hole by trying to avoid one. There's a limit on how much you can expect the average user to remember when it comes to passwords; go past that and their passwords get less, not more secure.

Re:An idiot playing a semantic game. (3, Interesting)

spinkham (56603) | more than 6 years ago | (#24343677)

I agree with the grandparent, he's just being an ass.
He's using the word "secure" in the original question in a very narrow way. Of course a password policy must be human-centric as well as containing enough randomness to not be brute forced or attacked easily through rainbow tables.
There's education in teaching users how to select strong and yet memorable passwords, and when it's OK to write them down at least partially in your wallet or strong encrypted password store.
He's being an ass because he's asking a complex question, then telling everyone they're wrong and giving a simple smug answer. You can be right and still be an ass. ;-)

An aside is the fact that we rely on passwords too much. Dual factor authentication for internal business use is relatively cheap and easy to set up in windows and linux for login, for ssh, etc. I'm genuinely surprised more people outside of the military don't use it.

Re:An idiot playing a semantic game. (2, Insightful)

jd (1658) | more than 6 years ago | (#24343827)

If you install S/KEY or OPIE on your UNIX or Linux box to manage logins, you will be presented with a random challenge string. You then plug that challenge string and your (relatively simple) password into a one-time pad password calculator, which tells you what to type into the login prompt. Voila: An easy-to-remember password that cannot be cracked by simple lookup tables. As close to perfectly secure as you're likely to get (meeting the criteria in the actual question) without being complex for the user.

Post-it notes aren't a bad solution, if the physical area is secure against unauthorized access, so long as the user is aware of the fact that their account is communal within that area. Which, for a private office, isn't a fatal problem. The cleaners are still a potential vulnerability, but the cleaners have far easier access to all of your personal notes, which are likely to have far more valuable information than your account.

Re:An idiot playing a semantic game. (1)

spinkham (56603) | more than 6 years ago | (#24343903)

Note to moderators: I'm not calling anyone on this forum an ass.. Please read the context before moderating. The ass in question is a security trainer. I know how such people work and think, as I am one.. I might also be an ass, but that's a seperate issue ;-)

mod parent interesting - spending karma here ... (1)

unity100 (970058) | more than 6 years ago | (#24343331)

... to help you weed out useful comments dammit.

Re:Passwords can be TOO strong. (1)

John Hasler (414242) | more than 6 years ago | (#24343419)

> As soon as you implement that policy, users will write their password on a post-it note,
> stick it to their monitor, and replace it with a new one every week.

Which, for some threat models, can be an entirely reasonable thing to do.

Re:Passwords can be TOO strong. (2, Funny)

Ninja Programmer (145252) | more than 6 years ago | (#24343811)

I attended a lecture some years ago by a Microsoft employee who was high up in their security structure.

[...]

"Wrong! It is possible for a password policy to be TOO secure. Let me give you an example. It is possible to set up a security policy in NT that requires a password of at least 8 characters, which must also be mixed case, have at least one numerical digit, and at least one non-alphanumeric character, and which will require a change of password every week."

"As soon as you implement that policy, users will write their password on a post-it note, stick it to their monitor, and replace it with a new one every week. So you see, a password policy CAN be too secure for your own good."

This, by the way, *IS* the policy used internally at Microsoft.

Re:Passwords can be TOO strong. (1)

rossz (67331) | more than 6 years ago | (#24343857)

We have this policy where I'm currently working (without the change-it-weekly madness). I'm trying to get the policy relaxed slightly to something reasonable.

Re:Then the users will change them right back (5, Funny)

clang_jangle (975789) | more than 6 years ago | (#24343367)

I used to work in an office which was a complete free-for-all. Once I had some code I needed to test on a Windows machine (mine was Linux), and I saw that (let's call him) "John", who had a Windows box was away from his desk. Just on a hunch, I sat down and typed his username, and entered "password" for the password (literally). Poof, I was in! So I did my little test thing and was about to log off, when "John" appeared, smiling. He said, "Oh thank God you got my login, I've been locked out of the system all day because I can't remember my password! What is it?" It was perhaps the only time in my life I actually knew what it meant to "be at a loss for words"

IN A COURT EXHIBIT?!?!?!? (3, Interesting)

seanadams.com (463190) | more than 6 years ago | (#24343045)

I had my doubts at first, but this makes it abundantly clear that Childs was right . More right than any of us might have imagined when this spin-doctored story first came out.

In hindsight he took totally reasonable, prudent measures to protect incompetent city officials from themselves. Who knows how they got into that situation, but I won't blame him for anything in light of this, and I sincerely hope a jury wouldn't either.

He should first collect damages himself, and then initiate a class action suit against the city on behalf of all their residents. Maybe put the DA in jail for criminal negligence - in fact I'd venture a guess that he's mentally defective enough to file the charges himself.

Re:IN A COURT EXHIBIT?!?!?!? (1)

seanadams.com (463190) | more than 6 years ago | (#24343463)

he's mentally defective enough

er.. make that "she"

The real question is... (4, Funny)

ActionDesignStudios (877390) | more than 6 years ago | (#24343079)

Does anyone have a torrent of these alleged usernames and passwords?

Re:The real question is... (2, Interesting)

BUL2294 (1081735) | more than 6 years ago | (#24343151)

Now, how long until scan of the username/password document shows up on the court's website as a form of public disclosure??? It wouldn't surprise me if the moronic DA forgot to ask for the exhibit to be sealed...

Re:The real question is... (1, Offtopic)

Zymergy (803632) | more than 6 years ago | (#24343521)

I bet a fat box of PrOn one of the passwords is "12345"...

More evidence... (1, Insightful)

Jane Q. Public (1010737) | more than 6 years ago | (#24343095)

... that Childs made the right decision after all. The prosecution is making his case for him!

Wow. (1, Insightful)

Anonymous Coward | more than 6 years ago | (#24343115)

At least the VPN codes shouldn't be that important. What possible damage can somone do VPNing into a network that has probably been completely obliterated by now?

Network not destroyed (3, Insightful)

Hanzie (16075) | more than 6 years ago | (#24343371)

No, his network hadn't been hammered while he was gone. That's the amazing part. The news reports were quite clear that everything worked while he was in jail.

It'll be fun to see what happens, now that he's been removed from the loop.

Re:Network not destroyed (1)

megaditto (982598) | more than 6 years ago | (#24343873)

It's not his network, it's the city's network. It's the equivalent of you being stupid enough to lock your house one day, and me "helped" you by installing new locks (and keeping the keys).

And what would happen if he got hit by the bus? He configured things without recovery passwords, bootstrap code, console access, or even saving router settings to flash.

I suspect millions' worth of hardware would have been bricked after a trivial event like a faulty power supply or a new device installation. Am I wrong with my guess? (I am not an IT person)

top 5 list (3, Funny)

Anonymous Coward | more than 6 years ago | (#24343139)

The top 5:

password
admin
root
guest
t3rrych1lds1337haxx0r

Being paranoid doesn't mean you're wrong (4, Insightful)

pembo13 (770295) | more than 6 years ago | (#24343149)

Even if the sysadmin referred to as 'Childs' was a paranoid schizophrenic, does not mean he wasn't right.

Re:Being paranoid doesn't mean you're wrong (3, Interesting)

tnk1 (899206) | more than 6 years ago | (#24343415)

I don't think anyone who has ever worked for the government, or even seen government in action doubted that Childs was right. I think that everyone was wondering why he'd sit in jail to bring to light something that's already obvious.

Re:Being paranoid doesn't mean you're wrong (1)

AllIGotWasThisNick (1309495) | more than 6 years ago | (#24343479)

I think that everyone was wondering why he'd sit in jail to bring to light something that's already obvious.

See this previous response here [slashdot.org] . More or less, some people have values/ethics and try to appreciate (in advance) the outcomes of their potential actions.

"Free Terry Childs" T-Shirts (3, Interesting)

peterofoz (1038508) | more than 6 years ago | (#24343155)

So who will be the first to print up and sell t-shirts to support Terry Childs? Perhaps they can also print the SF VPN usernames and passwords on the back. Design suggestions welcome.

Re:"Free Terry Childs" T-Shirts (1, Insightful)

Achromatic1978 (916097) | more than 6 years ago | (#24343359)

Huh? What? It's not his network. He's not some kind of hero. Yeah, there are other idiots in the world, but seriously, anyone seeing Childs as some kind of champion of security is sadly, sorely mistaken.

Re:"Free Terry Childs" T-Shirts (3, Insightful)

kv9 (697238) | more than 6 years ago | (#24343543)

Huh? What? It's not his network. He's not some kind of hero. Yeah, there are other idiots in the world, but seriously, anyone seeing Childs as some kind of champion of security is sadly, sorely mistaken.

what more proof do you need? this action demonstrates he was right. it's not "his" network but I'm pretty sure he was in charge of its security. he tried to keep it secure, for what are now obvious reasons, and he got thrown in jail for it.

Re:"Free Terry Childs" T-Shirts (1)

AllIGotWasThisNick (1309495) | more than 6 years ago | (#24343733)

Are you familiar with the ACM code of ethics [acm.org] ? Section 1.2, Verbatim:

1.2 Avoid harm to others.

"Harm" means injury or negative consequences, such as undesirable loss of information, loss of property, property damage, or unwanted environmental impacts. This principle prohibits use of computing technology in ways that result in harm to any of the following: users, the general public, employees, employers. Harmful actions include intentional destruction or modification of files and programs leading to serious loss of resources or unnecessary expenditure of human resources such as the time and effort required to purge systems of "computer viruses."

Well-intended actions, including those that accomplish assigned duties, may lead to harm unexpectedly. In such an event the responsible person or persons are obligated to undo or mitigate the negative consequences as much as possible. One way to avoid unintentional harm is to carefully consider potential impacts on all those affected by decisions made during design and implementation.

To minimize the possibility of indirectly harming others, computing professionals must minimize malfunctions by following generally accepted standards for system design and testing. Furthermore, it is often necessary to assess the social consequences of systems to project the likelihood of any serious harm to others. If system features are misrepresented to users, coworkers, or supervisors, the individual computing professional is responsible for any resulting injury.

In the work environment the computing professional has the additional obligation to report any signs of system dangers that might result in serious personal or social damage. If one's superiors do not act to curtail or mitigate such dangers, it may be necessary to "blow the whistle" to help correct the problem or reduce the risk. However, capricious or misguided reporting of violations can, itself, be harmful. Before reporting violations, all relevant aspects of the incident must be thoroughly assessed. In particular, the assessment of risk and responsibility must be credible. It is suggested that advice be sought from other computing professionals. See principle 2.5 regarding thorough evaluations.

Re:"Free Terry Childs" T-Shirts (2, Insightful)

LaskoVortex (1153471) | more than 6 years ago | (#24343875)

Huh? What? It's not his network. He's not some kind of hero. Yeah, there are other idiots in the world, but seriously, anyone seeing Childs as some kind of champion of security is sadly, sorely mistaken.

Way to back that up with cold hard reasoning. Oh wait, you didn't. On second look, I can see that you just spewed an emotional appeal meant to make you look righteous and perhaps glean some karma from the deal. Here, let me give a counter-argument with the same level of "insight" (and with exclamation points and the obligatory "Period." ending to boot):

Chids is a champion of security! Anyone who thinks otherwise is sorely mistaken! He was trying to help because of all the idiots he is dealing with. Period.

There is bright future... (2, Funny)

Pig Hogger (10379) | more than 6 years ago | (#24343167)

I can see that there is a bright future in the cluestick market...

Password sniffing (2, Interesting)

FlyingBishop (1293238) | more than 6 years ago | (#24343169)

They seem to be operating under the assumption that Childs was sniffing passwords. Which judging from the case is just stupid. Why would anyone sniff passwords that they had absolute control of? He was sniffing unencrypted messages over the network. Even sans the unrestricted power over the network, I can't imagine Childs has any use for those passwords. Or anyone else for that matter.

VPWhat? (1)

cez (539085) | more than 6 years ago | (#24343171)

Well...declining to comment on the matter...

Erica Derryck, a spokeswoman for the DA's office, declined to comment on the matter. The mayor's office, which supervises DTIS, did not return messages seeking comment for this story

To change the passwords, the city will have to reconfigure the VPN software running on every PC that connects remotely, which it has not yet done, the source said.

Because noone knows wtf they are talking about? Certainly the issue can be contained immediately by cutting VPN access as was mentioned, but even entering in new credentials for everyone wouldn't take that long... oh wait the configuring of each remote client? What does that mean, typing in the new password for these people with VPN access to their network? I deal with VPNs all the time, if they don't have a client they can manage and one that needs personal configuration because the password was compromised, they don't have the right client...even a web based sslvpn would be an improvement from what they are using

Some of the passwords would benefit from a change because they are identical to the VPN log-in name or extremely easy to guess.

...or not using.

Re:VPWhat? (1)

ScrewMaster (602015) | more than 6 years ago | (#24343273)

You're assuming that the people left in that office can manage the basics ... Childs himself didn't seem to think so. That's why he locked them out.

I so wish the guy held out (1)

iminplaya (723125) | more than 6 years ago | (#24343185)

He gave up his only bargaining chip, and he's still locked up.

Re:I so wish the guy held out (1)

ScrewMaster (602015) | more than 6 years ago | (#24343257)

Not really ... he was still trying to do his job. When it became apparent that he was being sold out, he capitulated: the network is no longer his problem. Let the rest of the city's "experts" deal with the functioning network that he left to them: it'll be interesting to see if they can cope.

Re:I so wish the guy held out (1)

iminplaya (723125) | more than 6 years ago | (#24343483)

...the network is no longer his problem.

But being locked is a much bigger problem. And there he is. The old adage holds truer than ever: Trust no one. I would have demanded my immediate release and a written statement that all charges are dropped and no further action would be taken against me, or you get nothing. Let's see them cope with that. Basically, now he's screwed.

HA... Build Slowly.. HAHA.. ok.. HAHAHA (0)

Anonymous Coward | more than 6 years ago | (#24343191)

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA

Maybe this guy wasn't so crazy after all...

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA

I'd love to see the list... (2, Insightful)

religious freak (1005821) | more than 6 years ago | (#24343229)

I've got to say voyeuristically looking at other people's passwords can be pretty entertaining sometimes. I know I've had a few passwords I wouldn't care to have other people know.

This is the tip of the iceberg (4, Interesting)

xenophrak (457095) | more than 6 years ago | (#24343233)

This is unfortunately par for our fine DA. Kamala Harris has proven herself to be an incompetent tool more often that I'd like to hear.

She has angered many San Franciscans by refusing to prosecute violent criminals, and lately, found to have been lax towards the city's worst crime of the year...the murder of a father and his two sons in the Mission by a suspected illegal alien due to the city's stupid sanctuary law.

She should be dragged out, tarred, whipped and ejected from the city, never to return.

Makes me glad I live in the one place ... (2, Funny)

Nutria (679911) | more than 6 years ago | (#24343261)

that has more sense than San Francisco: Louisiana!

Re:Makes me glad I live in the one place ... (2, Funny)

rossz (67331) | more than 6 years ago | (#24343633)

Ouch! That was a cruel comparison.

I'm not saying you are incorrect.

I live about 30 minutes outside of San Francisco. What's frightening about The City is the people who live there assume everyone who criticizes them are ignorant hillbillies.

So in one fell swoop (1)

falcon5768 (629591) | more than 6 years ago | (#24343277)

The DA both PROVED they where wrong in locking him up, AND completely and utterly ruined their case.....all i can say is WOW.

Re:So in one fell swoop (1)

Chris Burkhardt (613953) | more than 6 years ago | (#24343447)

The DA both PROVED they where wrong in locking him up, AND completely and utterly ruined their case

Isn't proving they were wrong in locking him up the same thing as ruining their case?

Likely Typical Reaction: (0, Troll)

theshibboleth (968645) | more than 6 years ago | (#24343287)

Show me exactly where these "secret" usernames and passwords are... Give me an exact hyperlink! I need them for my... project... and I'm too lazy to rtfa!

They wern't using a one way hash? (1)

HaeMaker (221642) | more than 6 years ago | (#24343307)

One way hash passwords have been around FOREVER. I can't believe how stupid this is.

NEVERMIND! (1)

HaeMaker (221642) | more than 6 years ago | (#24343355)

Read TFA... I think they were the VPN Group passwords, i.e. the PSK for the IPSec connection. They still would have to auth after they connected.

Strange they would have a different password per user, unless they were hardware VPN clients.

Re:NEVERMIND! (5, Interesting)

rahvin112 (446269) | more than 6 years ago | (#24343689)

It's government. To think like government in implementing something like VPN you have to conceive a solution that involves the user not having to do anything (other than maybe push a button) and this includes anything other than a standard login box. Second you have to implement this in a way that the user themselves can go home and implement this solution without any site help from anyone and zero technical knowledge. (you don't send an IT person to a State Employees home, that's asking from some kind of lawsuit). Fourth the solution must be as expensive as possible, support some local business (preferable if the business owner is connected politically with one of the local leaders) and require very few extra hours from the already overworked staff.

What does that result in? Hardware VPN boxes plugged into the network router, with the users computer plugged directly into the VPN box. Costs a lot, requires pre-configuration of the box but should require no site visits, idiots can usually successfully plug in boxes with phone support only and any reconfiguration likey requires the box to be brought back into the office as the VPN keys on the boxes are likely hard coded into a configuration on the VPN device. Likely a turn key solution so you have a hefty support contract and the vendor would likely assist with deployment and any reconfiguration resulting in a nice contract fee for reprogramming all the boxes.

My guess is some VPN box provider is going to be doing a service call on every box and netting themselves some nice profit under their support agreement.

Another interesting thing came out in the filing. (4, Insightful)

Ungrounded Lightning (62228) | more than 6 years ago | (#24343329)

According TFA, the thing about his not saving the configs to flash is a CLAIM by the city, not something confirmed by Childs.

So how do they KNOW that, if they don't have the passwords? Did they try rebooting some network boxes and have them not come up? (If so, how is it that the net is still running...)

This is looking more and more like a pointy-haired-boss SNAFU than logic-bomb job-insurance/revenge sabotage.

Re:Another interesting thing came out in the filin (0)

Anonymous Coward | more than 6 years ago | (#24343509)

So how do they KNOW that, if they don't have the passwords? Did they try rebooting some network boxes and have them not come up

'I was wondering about that as well. I hope Childs' lawyer immediately subpoena's the router logs to make sure that the city doesn't wipe the configs in order to save face and frame Childs.

All of your passwords (1)

LM741N (258038) | more than 6 years ago | (#24343341)

are belong to us. Or something like that. its only slightly funny to me any more. A Simpsons reference is always more appropriate.

Uhoh (1)

FST (766202) | more than 6 years ago | (#24343363)

My account details are on there. I hope no one breaks my account or

Post Category (1, Insightful)

Anonymous Coward | more than 6 years ago | (#24343385)

Clearly posting this in the Entertainment category was a perfect fit.

No wonder Childs refused to release them (1)

WillAffleckUW (858324) | more than 6 years ago | (#24343467)

Not only is it true that the IT people there are incompetent, but so are the SFPD and the attorneys in the case.

Next thing you know they'll be surprised when they find out the real problem is somebody else has been stealing them blind every time they leave the cash registers in the parking ticket division unlocked while they go to lunch ...

Read The Article (1)

mysidia (191772) | more than 6 years ago | (#24343529)

Posting these passwords in public creates a security risk, although the passwords are not enough to give a criminal access to the city's VPN. The passwords are so-called "phase one" passwords, and must be combined with a second password to access the network, the source said.

In other words, they have published the group authentication details.

Once the public has had a chance to view the evidence, the network's security will be reduced. But a third party needs also an individual personal username and password to login.

Changing all these authentication details on their VPN concentrator and then on each and every VPN client, is an administrative nightmare.

Some VPN clients may be other routers/concentrators (departments that need secure channels with other office branches)

Employees of the city may have VPN clients installed on multiple computers (i.e. workstations and laptops).

Typing something different when they login is not what it is done. The VPN client will have to be reconfigured after the credentials are changed on the server, in order to log back in, so it's (NUMBER OF WORKSTATIONS, Routers, etc) not merely (NUMBER OF PEOPLE).

So if Childs is tried by a jury of his peers (0, Troll)

WillAffleckUW (858324) | more than 6 years ago | (#24343539)

And those peers are knowledgeable network and security people, how many BILLIONS do you think they'll award Childs for the prudent actions he took that the incompetent fools in the SF government violated once they forced him to release the passwords?

I think I'd pencil it in at five billion US dollars (that's about 100 million EU, for those of you with real currencies) ...

Re:So if Childs is tried by a jury of his peers (1)

Qzukk (229616) | more than 6 years ago | (#24343745)

Sadly, "peers" doesn't mean what we wish it did, and one of the questions during voir dire will almost certainly be "have you ever worked as a network administrator before?" with an affirmative answer as grounds for dismissal from the jury pool.

This IS San Francisco After All (0)

Anonymous Coward | more than 6 years ago | (#24343589)

Top Five Passwords:

Filthy_Sanchez

Sant0rum

D1esel_Dyke

3$Bill

C0ttager

Don't blame me (1)

mrbah (844007) | more than 6 years ago | (#24343595)

I voted for Harvey Dent.

I use OpenVPN (1)

Darkk (1296127) | more than 6 years ago | (#24343621)

My Debian based router uses OpenVPN that uses certificates for authentication. It can also use a RADIUS server to verify the actual user.

Since it's just few users I don't bother with the RADIUS server and each user have his / her own certificate that is unique. So if the person is no longer around I can just disable that certificate in the router. In corporate world nothing should be deleted so least I can show in my router that the certificate is indeed disabled as opposed to simply delete it.

Cashed or Cached Creditials (1)

c0d3r (156687) | more than 6 years ago | (#24343645)

Wooo Hoo!!! Cashed.. or uhm cached credentials.. I can see crackers using their patterns for decryption schemes. Also, who knows if these passwords are used elsewhere.

These are group passwords in IPSEC profiles (5, Informative)

colinmcnamara (1152427) | more than 6 years ago | (#24343653)

From the referenced article - "The passwords are so-called "phase one" passwords, and must be combined with a second password to access the network, the source said. " 99% chance they are using some form of Cisco device as their VPN concentrator (most like a VPN3030, ASA or 7200 series router). If they are these passwords (one per group) are in what is called a pcf file in every employees computer that is allowed to connect. Heck, if you use a Cisco vpn it is on your computer in the following location - C:\Program Files\Cisco Systems\VPN Client\Profiles . The group pass is encrypted with weak encryption that is commonly cracked to allow linux laptops to connect using vpnc. You can do it on the web here - http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode [uni-kl.de]

The thing is, this group password's primary use is to segregate users into different buckets. E.G contractors may have on password, with different authentication methods, while permanent employees are in a different bucket, with their own authentication methods. The key thing, is that once this first password is provided, the end user still has to provide a unique username and password to gain access. So in effect, having the group password alone is meaningless.

On top of that, I frankly would not be surprised or peeved if a network engineer had possession of PCF files for the network he is responsible for. What is next? Is the DA going to try to prosecute him for having diagrams and configs of the network he is managing on his laptop?

Only in SanFransicastan (1)

gelfling (6534) | more than 6 years ago | (#24343685)

Information wants to be freeeeeeee like dirt and hippies and gay pride parades!!!!

For everyone who thinks Childs was right (4, Interesting)

Zakabog (603757) | more than 6 years ago | (#24343687)

Does anyone realize that the passwords would have never been given to the DA's office if it wasn't for his actions? The passwords would then not be part of public record. Do you think the person at the IT office would have made the list of passwords public if Childs left gracefully?

Someone at the the DA's office is the incompetent person in this case, but that does not validate his locking out of everyone competent enough to take care of the system (the people that would have replaced him at the IT department.)

Re:For everyone who thinks Childs was right (3, Insightful)

Enderandrew (866215) | more than 6 years ago | (#24343721)

The fact that the passwords could be harvested in the first place is problematic. I'm a SysAdmin and I should never have access to anyone else's passwords.

Passwords should be encrypted and non-visible. This is standard practice.

this guy will never work in IT again (1)

TRRosen (720617) | more than 6 years ago | (#24343823)

No one will ever hire this guy for an IT position again!

Of course thats because he will retire to a nice tropical island when he gets his settlement from the city!

Re:this guy will never work in IT again (2, Insightful)

Darkk (1296127) | more than 6 years ago | (#24343909)

I wouldn't be too sure about that. He did a good job of running the network without issues. Just he got paranoid about his job.

Just they won't hire him as the main network guy but will use him for experience long as the company keeps good record of the routers and passwords that is accessible by other network admins and audit those passwords every month.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>