San Francisco's mayor gets back keys to the network
Gavin Newsom meets with Terry Childs
IDG News Service - San Francisco Mayor Gavin Newsom met with jailed IT administrator Terry Childs on Monday, convincing him to hand over the administrative passwords to the city's multimillion-dollar wide-area network.
Childs made headlines last week when he was arrested and charged with four counts of computer tampering, after he refused to give over passwords to the Cisco Systems switches and routers used on the city's FiberWAN network, which carries about 60% of the municipal government's network traffic. Childs, who managed the network before his arrest, has been locked up in the county jail since July 13.
On Monday afternoon, he handed the passwords over to Mayor Newsom, who was "the only person he felt he could trust," according to a declaration filed in court by his attorney, Erin Crane. Newsom is ultimately responsible for the Department of Telecommunications and Information Services (DTIS) where Childs worked for the past five years.
Mayor Newsom secured the passwords without first telling DTIS about his meeting with Childs, according to DTIS chief administrative officer Ron Vinson, who added, "We're very happy the mayor embarked on his clandestine mission."
The department now has full administrative control of the network, he said in an interview Tuesday night.
It's likely that Childs had a lot to tell the mayor when the two met.
Childs' attorney has asked the judge to reduce Childs' $5 million bail bond, describing her client as a man who felt himself surrounded by incompetent people and supervised by a manager who he felt was undermining his work.
"None of the persons who requested the password information from Mr. Childs ... were qualified to have it," she said in a court filing.
Childs intends to disprove the charges against him but also "expose the utter mismanagement, negligence and corruption at DTIS, which if left unchecked, will in fact place the City of San Francisco in danger," his motion reads.
Vinson dismissed the allegations. "In Terry Childs' mind, obviously he thinks the network is his, but it's not. It's the taxpayers'," he said. "The reason he's been sitting in jail is because he denied the department and others access to the system."
The court filings help explain just how this happened.
According to an affidavit from James Ramsey, an inspector with the San Francisco Police Department, he and other investigators discovered dial-up and DSL modems that would allow an unauthorized connection to the FiberWAN. He also found that Childs had configured several of the Cisco devices with a command that would erase critical configuration data in the event that anyone tried to restore administrative access to the devices, something Ramsey saw as dangerous because no backup configuration files could be found.
This command, called a No Service Password Recovery, is often used by engineers to add an extra level of security to networks, said Mike Chase, regional director of engineering at FusionStorm, an IT services provider that supports Cisco products.
But without access to either Childs' passwords or the backup configuration files, administrators would have to essentially re-configure their entire network, an error-prone and time-consuming possibility, Chase said. "It's basically like playing 3-D chess," he said. "In that situation, you're stuck interviewing everybody at every site getting anecdotal stories of who's connected to what. And then you're guaranteed to miss something."
Without the passwords, the network would still continue to run, but it would be impossible to reconfigure the equipment. The only way to restore these devices to a manageable state would be to knock them offline and then reconfigure them, something that would take weeks or months to complete, disrupt service and cost the city "hundreds of thousands, if not millions of dollars," Ramsey claims.
Crane argues that these monitoring devices were installed with management's permission and were critical to the smooth functioning of the network. They would page Childs when the system went down and allow him to remotely access the network from his personal computer in case of an emergency.
In interviews, current and former DTIS staffers describe Childs as a well respected co-worker who may have gone too far under the pressure of working in a department that had been demoralized and drastically cut as the city moved forward with plans to decentralize IT operations.
About 200 of the department's 350 IT positions had been cut since 2000, mostly to be relocated to other divisions within city government, said Richard Isen, IT chapter president with Childs' union, the International Federation of Professional & Technical Engineers, Local 21.
Despite his conflict with some in the department, Childs has a lot of support there, Isen said. "There is a lot of sympathy, only because there is a basic feeling that management misunderstands what we actually do and doesn't appreciate the complexity of the work."
Paul Venezia is senior contributing editor with InfoWorld.
- SANS: Next-Generation Datacenters = Next-Generation Security This whitepaper takes a look at some new technology that may allow security teams to implement more flexible and capable protection models in...
- SANS: Protecting Virtual Endpoints with McAfee Server Security Suite Essentials SANS review of McAfees Server Security Suite Essentials that address some of the emerging challenges of securing virtual platforms and cloud environments.
- Safeguarding the Next-Generation Data Center Use of virtual and cloud servers has exploded. Unfortunately, security often lags behind. McAfee recommends looking at innovative solutions in order to erect...
- Aberdeen: Securing the Evolving Datacenter This report highlights ways security technologies and services are evolving to provide the visibility and control needed to deploy workloads flexibly in the...
- Is SQL Server AlwaysOn really as powerful? Tips and Tricks from the field With the introduction of AlwaysOn, Windows Clustering Services is now more critical than ever.
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center... All Legal White Papers | Webcasts