Quantcast

My new hero

sanjuro

Tube Smuggler
Sep 13, 2004
17,373
0
SF
bwhahahahaa!

S.F. officials locked out of computer network

Jaxon Van Derbeken, Chronicle Staff Writer

Tuesday, July 15, 2008
"This involves compromising a public system that we rely ...

(07-14) 19:23 PDT SAN FRANCISCO -- A disgruntled city computer engineer has virtually commandeered San Francisco's new multimillion-dollar computer network, altering it to deny access to top administrators even as he sits in jail on $5 million bail, authorities said Monday.

Terry Childs, a 43-year-old computer network administrator who lives in Pittsburg, has been charged with four counts of computer tampering and is scheduled to be arraigned today.

Prosecutors say Childs, who works in the Department of Technology at a base salary of just over $126,000, tampered with the city's new FiberWAN (Wide Area Network), where records such as officials' e-mails, city payroll files, confidential law enforcement documents and jail inmates' bookings are stored.

Childs created a password that granted him exclusive access to the system, authorities said. He initially gave pass codes to police, but they didn't work. When pressed, Childs refused to divulge the real code even when threatened with arrest, they said.

He was taken into custody Sunday. City officials said late Monday that they had made some headway into cracking his pass codes and regaining access to the system.

Childs has worked for the city for about five years. One official with knowledge of the case said he had been disciplined on the job in recent months for poor performance and that his supervisors had tried to fire him.

"They weren't able to do it - this was kind of his insurance policy," said the official, speaking on condition of anonymity because the attempted firing was a personnel matter.

Authorities say Childs began tampering with the computer system June 20. The damage is still being assessed, but authorities say undoing his denial of access to other system administrators could cost millions of dollars.

Officials also said they feared that although Childs is in jail, he may have enabled a third party to access the system by telephone or other electronic device and order the destruction of hundreds of thousands of sensitive documents.

Authorities have searched Childs' home and car for a device that could be used in such an attack, but so far no such evidence has been found.

As part of his alleged sabotage, Childs engineered a tracing system to monitor what other administrators were saying and doing related to his personnel case, law enforcement officials said.

Childs became the target of suspicions inside the technology agency this year, and the case was referred for police investigation in late June, authorities say.

At a news conference announcing Childs' arrest, District Attorney Kamala Harris was tightlipped about what his motive may have been.

"Motive is not necessarily an element of a crime," Harris said. "This city employee committed four felonies."

She added, "This involves compromising a public system that we rely on. Its integrity has been compromised."

The system continues to operate even though administrators have limited or no access, officials said.

"Right now our system is up and running and we haven't had any problems so far," said Ron Vinson, chief administrative officer for the Department of Technology.

Vinson said the city is "working around the clock" to make sure the system is maintained and operable.

Nathan Ballard, a spokesman for Mayor Gavin Newsom, said the mayor was "confident that (the Department of Technology) is doing everything necessary to maintain the integrity of the city's computer networks."

Childs appeared in court Monday but did not have a lawyer assigned to him.

Childs, according to payroll records, earned $126,735 in base pay in 2007 and additional premium pay of $22,534, for a total of $149,269. Vinson said the extra money was apparently compensation for being on-call as a trouble-shooter.
 

SkaredShtles

Michael Bolton
Sep 21, 2003
67,775
14,142
In a van.... down by the river
"Officials also said they feared that although Childs is in jail, he may have enabled a third party to access the system by telephone or other electronic device and order the destruction of hundreds of thousands of sensitive documents."

I'm sure they don't do backups there. :rolleyes: :D
 

$tinkle

Expert on blowing
Feb 12, 2003
14,591
6
^^^ just what i was thinking. ffs, this is a production system, not some beta-skeeting-roll-your-pwn-ubuntu thang
 

sanjuro

Tube Smuggler
Sep 13, 2004
17,373
0
SF
This reminds me of the ancient days of computer roll-outs, where there was only one or two techs in an entire company who knew enough to run the computers, so they became invaluable.

I don't know how they let one 5 year employee lock up the entire city network of systems.
 

sanjuro

Tube Smuggler
Sep 13, 2004
17,373
0
SF
Alleged cyber-hijacker in court; lawyer calls $5 million bail 'crazy'

Jaxon Van Derbeken, Chronicle Staff Writer

Tuesday, July 15, 2008

(07-15) 11:48 PDT SAN FRANCISCO -- The San Francisco city computer engineer facing charges of cyber-tampering for allegedly taking over the city's computer network appeared in court today but did not enter a plea.

Terry Childs, 43, of Pittsburg, appeared to be calm as he stood next to his attorney, deputy public defender Mark Jabobs, at the brief hearing in San Francisco Superior Court. Childs spoke only once, when he agreed to appear again in court Thursday for his arraignment on four felony counts of computer tampering.

Outside court, Jacobs suggested the case against Childs was overblown and the result of a "misunderstanding."

"Well obviously, it's an odd case," Jacobs said.

Authorities said that over the course of three weeks, Childs systematically took over access to the city computer server that stores records including officials' e-mail, payroll files, confidential law enforcement documents and jail inmates' bookings.

The five-year employee of the city Department of Technology is accused of blocking out all other administrators by changing their access codes.

When police asked him to divulge the code he created that gave him exclusive access, Childs first gave a bogus code and then refused to provide the correct one, even under the threat of arrest, authorities said.

He was arrested Sunday and is being held on $5 million bail, an amount that Jacobs called "crazy."

"I don't know why it's so high," Jacobs said. "I don't know what they're thinking over there.

"I don't think he's a threat," Jacobs said. "He didn't kill anybody, and murderers usually get a $1 million bail, so you do the math. Someone out there is really scared of something, and I don't know what that is."

Erica Derryck, a spokeswoman for District Attorney Kamala Harris, said that "there seems to be a threat to public safety, and bail was set accordingly." She did not elaborate on what that threat was.

Officials have said they feared that Childs may have enabled a third party to gain access to the computer system by telephone or other electronic device and order the destruction of hundreds of thousands of sensitive documents. However, they have found no evidence of such a device in searches of his home and car.

Prosecutors have not said what motive Childs might have had for denying other administrators access to the computer system. But authorities say Childs had recently been disciplined for poor performance on the job and that his bosses had been trying to get him fired.

E-mail Jaxon Van Derbeken at jvanderbeken@sfchronicle.com.
I'm am still stunned about the computer illiteracy of the legal participants (besides the defendant).

Considering it sounds like this guy could get his hands on a IPhone and delete millions of dollars of data, I would think this guy is a massive threat.

Would it be any different than if I welded the doors shut to a bank, then stood there with a flamethrower, threatening to burn all the money?
 

$tinkle

Expert on blowing
Feb 12, 2003
14,591
6
seems that the more secure a system can potentially be, the more wide open it actually is, mostly due to complexity of common understanding.

exhibit a: selinux
 

SPINTECK

Turbo Monkey
Oct 16, 2005
1,370
0
abc
I'm am still stunned about the computer illiteracy of the legal participants (besides the defendant).

Considering it sounds like this guy could get his hands on a IPhone and delete millions of dollars of data, I would think this guy is a massive threat.

Would it be any different than if I welded the doors shut to a bank, then stood there with a flamethrower, threatening to burn all the money?
Umm, yeah, it'd be a lot different b/c

the bank did not hire you to weld their doors
you are physically threatening them.

Now if the bank hired you to protect their assets and you hid the key, that would be similar.

Greed of corporate leaders think they can overwork few and bully workers over pay, thinking no one would risk their job over minimized or shallow labor. Even if they did, leaders think no one would risk their freedom and go to jail. Well, revolutionaries of this country did in the 16 and 1700's. THis guy is still making his point, even though I'm sure the real issues are very covered up. T

The irony is people will blame this guy for an insecure system with poor leadership and no oversight which will ultimately cost millions and risk information. Why aren't his leaders being held accountable?? What were they doing in place of learning this system? THis stuff (corporation leader/gov't, tracking software) is so corrupt

Hey, let's volunteer our DNA and give up our guns. both will be in good hands.

:popcorn:

I'm actually glad Opie isn't around to disagree w/me on this stuff ;)
 

sanjuro

Tube Smuggler
Sep 13, 2004
17,373
0
SF
Greed of corporate leaders think they can overwork few and bully workers over pay, thinking no one would risk their job over minimized or shallow labor. Even if they did, leaders think no one would risk their freedom and go to jail. Well, revolutionaries of this country did in the 16 and 1700's. THis guy is still making his point, even though I'm sure the real issues are very covered up. T

The irony is people will blame this guy for an insecure system with poor leadership and no oversight which will ultimately cost millions and risk information. Why aren't his leaders being held accountable?? What were they doing in place of learning this system? THis stuff (corporation leader/gov't, tracking software) is so corrupt

Hey, let's volunteer our DNA and give up our guns. both will be in good hands.

:popcorn:

I'm actually glad Opie isn't around to disagree w/me on this stuff ;)
What are you talking about? This is a guy who was paid six figures who changed all the passwords when no one was looking, not because of some injustice but because he was about to get fired.

And trust me, after they fix this, there will be a lot of guys fired for allowing this.
 

SPINTECK

Turbo Monkey
Oct 16, 2005
1,370
0
abc
What are you talking about? This is a guy who was paid six figures who changed all the passwords when no one was looking, not because of some injustice but because he was about to get fired.

And trust me, after they fix this, there will be a lot of guys fired for allowing this.
You labeled the thread this guy is my new hereo, and I agree. Guy was paid six figures and then disciplined by his boss who would have fired him earlier. I don't think 126K is alot of money for that kind of responsibility. Sounds like they should have put a team of 3 to 5 guys on this, but some lean/six sigma management didn't see the need and were to lazy to learn their own code.

This is a drop in the bucket of how data can be vulnerable, so I'll put in a jab about keeping our DNA private unless CONVICTED of a crime because if one guy can do this, many can.

I was trying for a bushism by pulling guns into this weak technology age because guns keep your freedoms........and seem to make every RM thread worth reading:)
 

sanjuro

Tube Smuggler
Sep 13, 2004
17,373
0
SF
I probably should have posted this in the lounge. I bet ten thousand "experts" would join in the fun.
 

$tinkle

Expert on blowing
Feb 12, 2003
14,591
6
i sorta did in the mustache thread, with the 'burly mustachioed man' reference.
 

binary visions

The voice of reason
Jun 13, 2002
22,161
1,261
NC
You labeled the thread this guy is my new hereo, and I agree. Guy was paid six figures and then disciplined by his boss who would have fired him earlier. I don't think 126K is alot of money for that kind of responsibility. Sounds like they should have put a team of 3 to 5 guys on this, but some lean/six sigma management didn't see the need and were to lazy to learn their own code.
Since you were intimately involved with the management of the project, could you give us a few more details about the laziness of the involved employees and the management?

You're just guessing. Taking wild shots in the dark about how you speculate this might have come about. The reality is this guy thought he was getting canned, so he locked up his system. That's all you know. A properly designed system should be very hard to unlock if the person with top administrative access locks it up, no matter how much knowledge they have.

You can blame it on "the man" if you want, but your speculation is totally unfounded and your assumptions about how the computer systems operate/secure themselves are pretty far out there.

I haven't the foggiest idea about how this guy chose to lock the systems down but all it would take is some installation of cryptography software to completely encrypt and lock up all the systems in the company with no burden on anyone else in the company to have "learned the system."

I think the whole thing is pretty funny, actually.
 

syadasti

i heart mac
Apr 15, 2002
12,690
290
VT
Sounds like zero disaster recovery planning in the design and implementation of this system if its all known and trusted to one employee. Bad form on the city's part.
 

sanjuro

Tube Smuggler
Sep 13, 2004
17,373
0
SF
Follow-up

S.F. mayor gets keys to city's computer

Phillip Matier,Andrew Ross

Wednesday, July 23, 2008

(07-22) 18:11 PDT SAN FRANCISCO -- "The first thing I want you to know, Mr. Mayor, is that when you walk out of this room, you will have the computer codes."

Those words - delivered to Mayor Gavin Newsom by imprisoned city computer tech Terry Childs in a small, fourth-floor room at city jail Monday - signaled the beginning of the end of the weeklong standoff in which San Francisco officials found themselves in the embarrassing position of being locked out of their own computer system.

Childs - whom some have described as a friendly, hard worker at the city Technology Department, and others have labeled an over-the-top control freak - has been sitting in jail since July 13 on $5 million bail, after being arrested for reconfiguring key passwords in the city's computer system.

A team of code crackers brought in from Cisco Systems had been working around the clock to try to decipher Childs' codes, but with only marginal success.

"It wasn't cheap and I just couldn't see us keep spending that kind of money," Newsom said.

Then, out of the blue, Childs' lawyer, Erin Crane, called the mayor's office Monday afternoon, offering a jailhouse meeting.

Childs, according to the lawyer, was ready to give up the codes - but only to the mayor, who had gone out of his way in his public comments not to portray Childs as some sort of monster.

Newsom didn't hesitate. Without asking the city attorney for an opinion or giving a heads up to police or the district attorney, he was at the Hall of Justice in half an hour.

With Crane by his side, Childs told Newsom about the computer system he'd set up and how all the current problems sprang from a series of misunderstandings.

Crane didn't let him go on for too long, and Childs got to the business at hand, asking for a pen.

He then wrote out a very long computer code.

"This better be right," Newsom said.

"It is," Childs assured him, but asked the mayor to deliver it in person to the Cisco specialists - not to the city's computer brass.

Newsom took the code to the city computer center and gave it to a Cisco techie, who found that it didn't work - prompting a call-back to Crane.

"He said you would be calling and you would be upset," the lawyer said. "He forgot to give you the protocols to go along with the code" - and she read the accompanying computer prompters to the mayor over the phone.

By Tuesday morning, the system was back in the hands of the city.
This guy sounds disgruntled, like he needs to talk to the Mayor, who he probably has never met and has nothing to do with his job, to give back the password.
 

$tinkle

Expert on blowing
Feb 12, 2003
14,591
6
i also read yesterday his bail is set to 10X that of the avg arraigned murderer.

you think he could angle for the "sanctuary city" status like dude who offed that family?
 

sanjuro

Tube Smuggler
Sep 13, 2004
17,373
0
SF
i also read yesterday his bail is set to 10X that of the avg arraigned murderer.

you think he could angle for the "sanctuary city" status like dude who offed that family?
I think this is special circumstances:

1. He is extremely hostile, and there is ample proof of that.
2. The damage he could cause is easily in the hundreds of thousands, by just logging into their network (which I am sure he left a few backdoors).

Tech rigged S.F. computer meltdown, prosecutors say

Jaxon Van Derbeken, Chronicle Staff Writer

Thursday, July 24, 2008

(07-23) 12:09 PDT SAN FRANCISCO -- Terry Childs envisioned the ultimate revenge on his bosses, prosecutors say - the meltdown of the city's computer network at the flick of a switch.

And it would come not directly at the hands of Childs, but during routine system maintenance at the building that houses the city's Technology Department.

The alleged plot was discovered before the computer network that handles law enforcement documents, payroll records, officials' e-mail and other sensitive city records was shut down for scheduled maintenance last Saturday, an action that would have vaporized numerous files because of a booby-trap Childs had installed, prosecutors said in court documents filed Wednesday.

Childs, 43, has been jailed since July 13 on four felony counts of computer tampering after he allegedly locked his bosses at the Technology Department out of the system and refused to hand over the password he had created.

In arguing against a defense request to lower his $5 million bail, prosecutors said Childs had set up more than 1,000 computer modems in locked cabinets and other hiding places, including at least one in a room at the Hall of Justice that even police didn't know existed, to tinker with the system without his bosses knowing it.

Childs didn't hand over the access codes to the computer system until a jailhouse meeting with Mayor Gavin Newsom on Monday - two days after the network was to have been taken down for the routine maintenance.

"He had a malicious intent to destroy the entire network," prosecutor Conrad del Rosario said.

Childs' lawyer, Erin Crane, called the allegation "spurious" and said Childs is the victim of bosses who resent his expertise.

"When they couldn't get rid of him," they created a false image of a "rogue employee" out to terrorize the city, Crane said.

After a Superior Court hearing Wednesday, Judge Lucy Kelly McCabe refused to lower bail. Childs remains in the city jail pending a hearing Sept. 24.
 

sanjuro

Tube Smuggler
Sep 13, 2004
17,373
0
SF
More of the article:

Run-in with security chief

According to prosecutors' court filing, Childs' actions first came to authorities' attention the evening of June 20 when the city's new chief of network security, Jeana Pieralde, conducted an audit of the FiberWAN network housed at One Market Street Plaza.

His bosses were already worried that Childs was being increasingly hostile toward supervisors and had taken over a room and installed a bank of computers, prosecutors said. They didn't know exactly what he was doing.

Childs was upset that no one had told him of the audit and used his cell phone to photograph Pieralde. Frightened, she locked herself in an office and later reported the incident to police.

Crane said Childs was angry that Pieralde was "(going) through his things" and had photographed her because she was taking away a device that didn't belong to her.

A supervisor in the Technology Department, Rich Robinson, also filed a police report about the incident and quoted Childs as saying, "I'm ready for you, Rich."

Childs denies threatening anyone, Crane said.
Surprising find

On July 9, after supplying his bosses with passwords to the system that turned out to be false, Childs was suspended.

The following week, with system administrators locked out of their network and Childs sitting in jail, a consultant advising the city discovered that Childs had rigged the network so that files would be erased if someone tried to figure out what the proper password was, prosecutors said.

Childs had created an ability to track anyone who tried to get into the system, kept his own e-mail server and had been using the modems locked in storage cabinets to create a private network, prosecutors said.

The consultant, Anthony Maupin, also found that because Childs had fashioned his makeshift system to run off temporary, short-term memory, a power outage - such as turning off the computer for maintenance - would mean full system failure, del Rosario said.

The system was rigged that way in May by a user named Maggot617 , a city computer analysis showed. Prosecutors say "Maggot" was Childs.

"This setup or configuration is contrary to any logic of protecting the system," del Rosario said. Childs was well aware of the scheduled system shutdown last Saturday, he said. "The defendant had a note on his desk reflecting this power outage."
Secret room

On Monday, when Childs supplied three user names and an access code to Newsom, officials learned they could use them to get onto the system only at a computer in a room at the Hall of Justice that even police technology experts were unaware of.

Investigators say they are still worried about the modems hidden away in locked filing cabinets in public buildings around the city. Maupin told prosecutors that city officials estimate there are 1,100 such modems. Childs could still gain access to the network through any of them and create more mischief, prosecutors say.

In arguing that his bail not be lowered, prosecutors said a search of Childs' Pittsburg home turned up a co-worker's identification. They said they fear he could impersonate other employees to obtain access to the network.

They also said he had $10,000 cash on him when he was arrested, supporting their fear he would be a flight risk if released.

Childs' attorney maintains Childs is being scapegoated by incompetent officials resentful of his abilities in computer network management. The modems he installed in locked cabinets, she said in a bail reduction motion, were for the "sole purpose of maintaining the system."

Some of the protections, she said, were put in place after Childs concluded that a colleague inadvertently infected the city's network with a virus two years ago. It was Childs who put up the firewalls, with management approval, she said.

E-mail Jaxon Van Derbeken at jvanderbeken@sfchronicle.com.
 

$tinkle

Expert on blowing
Feb 12, 2003
14,591
6
Terry Childs juror explains why he voted to convict
Though Juror #4 had sympathy for Terry Childs, holding San Francisco's network hostage was breaking the law
By Robert McMillan, IDG News Service
April 28, 2010 09:41 PM ET

Terry Childs' guilty conviction struck a nerve with IT staffers this week.

Here was a man who, by all accounts, was good at his job, though lacking in interpersonal skills. Suddenly, on July 9, 2008, he's pushed into a tense situation -- a hostile conference call with the human resources department, his boss and even a police officer, all listening in, and told to hand over the passwords to the City of San Francisco's FiberWAN network, which he helped build. He chokes and hands over bogus passwords. Later, he argues that he did this because nobody in the room was qualified to have administrative access to the network.

IT people are used to being held accountable for bad decisions made by their superiors, and some people who've read about the case feel some sympathy for Mr. Childs. After all, the city's network never went down, and Childs eventually did hand over control of the FiberWAN to San Francisco Mayor Gavin Newsom -- the only person Childs felt was competent to have the passwords.

"How exactly was he breaking the law?" wrote one Slashdot poster, reacting to news of Childs' conviction. "[H]e refused to disclose the passwords when the person requesting them did not follow proper protocols."
more at link, of course
 

sanjuro

Tube Smuggler
Sep 13, 2004
17,373
0
SF
I don't know what you do for a living, but I work as a computer administrator for many years.

First and foremost: I don't own the computers I work on. This isn't life or death if they fail. And if I screw up at the job, I get fired.

It is very easy to cover up computer mistakes. Last week, I attached the wrong disks to a system. I removed the mapping with a few mouse clicks, so no harm done.

Imagine I had routed an oil pipeline incorrectly? Plugged an electrical line into the wrong socket?

If your boss says, hand it over, even if it is a prelude to termination, you better do it.

Frankly, whoever managed him did a horrible job by having only one person as the lynchpin. I've seen shops like that, and it is a bad place to work.
 
Last edited:

$tinkle

Expert on blowing
Feb 12, 2003
14,591
6
I don't know what you do for a living, but I work as a computer administrator for many years.
20th yr in every aspect of the sw life cycle, so i can appreciate what a mismanaged tool this guy was.
Frankly, whoever managed him did a horrible job by having only one person as the lynchpin. I've seen shops like that, and it is a bad place to work.
i'm on a fedex contract right now, and i'm the sidekick to 'the man', & if he goes rogue, ups shares should spike 10% the next week. luckily, he's got his schit together morally/ethically, which is a relief. yeah, i've worked w/ prima donnas, & every day you think of a way to silkwood their brakelines...just as soon as we get the next block release out the door...