San Francisco's 'rogue' sysadmin still being paid while in jail
Mayor says bricked IT system won't affect ability to govern
Posted in Management, 16th July 2008 11:20 GMT
Watch Now : Virtual Machine Movement with Hyper-V
San Francisco’s officials were squirming with embarrassment today as it emerged that they are still paying the salary of the banged-up sysadmin accused of locking down the city’s IT network and refusing to divulge the password.
The City has been forced to call in help from Silicon Valley, including engineers from Cisco, to help it access its own data after irate techie Terry Childs allegedly set a master password giving him exclusive access to the network. The city’s mayor says this could take up to eight weeks.
Terry Childs, a 43-year-old from the Bay Area city of Pittsburg, was arraigned yesterday on four charges of computer tampering, the San Francisco Chronicle reports. He was swiftly returned to the jail cell where he has been marking time since being remanded over the weekend in lieu of $5m bail.
Childs is accused of locking city officials out of their brand new FibreWan network, which stores around 60 per cent of the city’s data after a run-in with the city’s head of security, the Chronicle reports. When he was arrested, he allegedly gave the city a bogus code, and has now gone completely silent.
According to the Chronicle, Childs was asked to leave his post on July 9 for alleged insubordination.
But even though Childs has been locked up since the weekend, and is refusing to help the city get back into its system, San Francisco continues to pay his $126,000 annual salary, though it says they will convene a meeting on whether Childs should be place on “unpaid leave”, possibly as early as this Thursday.
Further embarrassment for the city came when it emerged that Childs is a convicted felon. According to the Chron, he was convicted of aggravated robbery and aggravated burglary charges dating back to 1982, and was on probation or parole until 1987. Childs apparently disclosed his convictions to the city when he applied for his job five years ago.
San Francisco mayor Gavin Newsom sought to reassure the city’s residents and demonstrate his own technical expertise, insisting to reporters: "There's nothing to be alarmed about, save the inability to get into the system and tweak the system.”
"Nothing dramatic has changed in terms of our ability to govern the city," he added, something will be no surprise to anyone who’s had the joy of dealing with San Francisco’s politically correct but often self-serving municipal bureaucracy.
At least Newsom identified what makes BoFHs run amok: "He was very good at what he did, and sometimes that goes to people's heads and we think that's what this is about." ®
Watch Now : Virtual Machine Movement with Hyper-V
COMMENTS
DUH. This shit happens all the time
If I had to count how often this kinda shit happens, I'd be too damn busy to bill for it.
I have a consulting business and many of my clients have been in this situation as they never asked their employees, previous employees, or contractors for the passwords. In most cases someone set something up and neglected to document.
I recently picked up a "customer" whose previous computer consulting company was a "bunch of idiots," per the business owner. He proceeded to tell me they had done shitty work, which is why they were working with me, and they hadn't paid them. So after 45 hours of work I performed, including hacking my way into their firewall (they didn't know the password and the previous company wouldn''t divolve), I fixed all the minor fixes they needed and made some vast improvements.
Much to my suprise when they also refused to pay me and are currently onto another consulting company. I called their previous company and they relayed a similar story which they had come in for a week or two of work...which was to replace the previous "shitty company." So, when the new company called me to get the passwords...I told them to run away before they wasted time and were fruitless in their work. Needless to say, I still have the password, and I don't care if they got in or not. I haven't been called or contacted by this "non-paying" company.
On the flip side, I would assume Terry probably has a shitty moron boss who didn't think to get the password to "job share" a new guy or to allow this guy to take a vacation. If his manager was too inept to get this password before letting him go, the manager should also be let go for being an innept moron! The "devised a way to spy on email" bit the media is pushing is again ill-informed. Use Ethereal, its a free tool to monitor the traffic on the network. Amazingly email and most other traffic comes across in clear text. This is not magical, or malicious. The guy was probably doing his job, by watching traffic and this manager is simply trying to Cover his Ass. He probably fears, he was watching email and a simple network monitor program is his out to his more innept upper management.
Go Terry! We know you didn't disable accounts, there probably were no other accounts with <root> access. Its just good to know we are more feared than murderers or rapists in SanFranFreako! I guarantee if this guy was smart he saved every email his boss sent and will make the SanFran government look like the fools they are.
Insubordination?
Insubordination? Isn't that management speak for "not immediately complying with some brain dead plan from a bunch of high up wafflebrains "?
Re: Convicted Felon
RW, you state in your post:
Sure, from time to time another crime will be committed by a convicted felon, but hey! crimes get committed by lots of people who've never transgressed the law before.
First , I am not sure where you get your statistics "from time to time". Actually it is close to a third of violent criminals that will end up back in prison on another charge within 3 years of their release. (source http://www.ojp.usdoj.gov/bjs/reentry/recidivism.htm).
As indicated in the stories about this incident, allegedly he has once again committed another felony by changing the credentials needed to access the systems and refusing to supply it. Whatever the twisted logic is behind his actions, he is still violating the law by "stealing" access to the systems.
@ Tom
Fuck off yourself, fool. If you genuinely feel you are intelligent enough and inclined enough to comment on an El Reg article, I suggest reading it first. As another commenter put it so succinctly -
"Tom, you were *replying* to someone saying he hadn't been found guilty, and that he hadn't yet argued his case.
It takes a fairly big misreading of the article to still be confident enough that he'd been found guilty to reply to someone like you did without double-checking the article first"
Also, get off your high horse and stop thinking you are actually important enough that I would address my comments specifically to you (notwithstanding this one). Many people commented with things amounting to "lock him up and throw away the key". I refer you back to my original comment, and several similar by others since - "He has been *accused* of these things, not *convicted* of them" and I am tired of the "hang 'em and flog 'em brigade", when it has been proven, consistently, and over time, that violence begats violence, and treating people like criminals turns a large proportion of them into criminals. Give people a decent education and a proper appreciation for each other, and life in general, and many of the problems in societies around the world fall. There are exceptions to every rule - psychopaths and sociopaths are numerous, just to name a few - but I find if you give respect, you get it. If you are a rude, ignorant twat who cannot even bring himself to accept he fucked up, then expect to be abused.
Idiot.
Guilty of crimes against data?
Its amazing that you can do more time and have higher bail for data than for killing someone. As one who once managed a 'mission critical' system, I can understand what he's doing. There were times when I entertained similar ideas...
The new Office Garage series:
Enabling efficient data center monitoring
Top 10 SIEM implementer’s checklist
