Accused rogue admin Terry Childs makes his case
IDG News Service - He's been in jail for seven months now, but former San Francisco network administrator Terry Childs said he's going to keep fighting to prove he's innocent of computer crime charges.
Childs was arrested on July 12, charged with disrupting San Francisco's wide-area network during a tense standoff with management.
In his first interview since the arrest, given a week ago, Childs contended that he did nothing illegal while working for the city and argued that his actions, depicted as criminal by prosecutors, were in line with standard network security practices. The criminal court case before him prevented him from commenting in much detail on the case, but he outlined his defense in recently filed court documents, describing a tense July 9 standoff with police and city officials.
That afternoon Childs "unwittingly" found himself in a surprise meeting in the city's Hall of Justice, where he maintained network facilities. At the meeting were his boss, DTIC Chief Operations Officer Richard Robinson, San Francisco Police Department CIO Greg Yee and human resources representative Vitus Leung. On the phone were engineers, listening in to confirm whether the passwords he gave were correct.
They were not, and within days Childs was charged with disrupting computer services and faced further counts of unauthorized network access. He faces seven years in prison if convicted.
The July 9 meeting was the culmination of a long-simmering dispute between Childs and his managers, who had been seeking administrative passwords to the network since at least February. Childs had refused to provide the passwords, apparently because he feared that they would be shared with management or outside contractors, according to court filings.
Even though it went against the orders of his supervisors, Childs was doing his job by refusing to hand over the passwords to a roomful of people, his attorney Richard Shikman argued in the filings. "The response to suspend him was arguably legal. The response to prosecute him is not," he wrote.
The Terry Childs case can seem like a cautionary tale of the power wielded by the people in charge of computer systems. Or it can seem like a poignant reminder of how dedicated employees can be thwarted at the whim of management.
Childs is no angel. He has already served four years in Kansas prison on aggravated robbery and aggravated burglary charges, stemming from an incident that occurred when he was a teenager.
Three of the charges against Childs in the San Francisco case stem from modems that were found in his office.
Prosecutors said these modems provided illegal access to the city's network, but in court filings, Childs' lawyer said they were used for work. One was set up to dial out to Childs' pager any time a problem popped up on the city's network. The second was a DSL modem that had been set up even before Childs was hired at DTIS, used to connect to the Internet and test access to the city's network. The third was for emergency use only, designed to connect city computers to a disaster recovery site so that the city's network could be up and running in the event of an emergency.
"The existence, use and nature of modems are within the scope of the employment of a network engineer," his attorney argued in court filings.
Childs may have felt justified in refusing to hand over the passwords to strangers, but obviously something happened to lead up to the tense July 9 showdown, said Bruce Schneier, a noted computer security expert and chief security technology officer at BT. "That's not a normal day at the office," he said. "It does seem strange. It feels like there is more to the story than we know."
"The passwords are owned by the city, so as an employee he's obligated to give them up to his boss," Schneier added.
If he had to do it all over again, that's exactly what Terry Childs would do. "I'd have gotten out before it came to this," he said last week. "I have a great house ... and I'm on the verge of losing it since I'm in here. I'm out of a job, and don't know what'll happen with all this."
Childs's lawyer has moved that the charges against him be dropped. A hearing on that motion is set for Feb. 27.
InfoWorld's Paul Venezia contributed to this story.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Alert Logic for PCI DSS Compliance To achieve PCI DSS compliance, you must identify and remediate all critical vulnerabilities detected during PCI scans. Threat Manager streamlines this process by...
- Cybersecurity Imperatives Reinvent Your Network Security With Palo Alto Networks The Rise of CyberSecurity
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts