Accused rogue admin Terry Childs makes his case
IDG News Service - He's been in jail for seven months now, but former San Francisco network administrator Terry Childs said he's going to keep fighting to prove he's innocent of computer crime charges.
Childs was arrested on July 12, charged with disrupting San Francisco's wide-area network during a tense standoff with management.
In his first interview since the arrest, given a week ago, Childs contended that he did nothing illegal while working for the city and argued that his actions, depicted as criminal by prosecutors, were in line with standard network security practices. The criminal court case before him prevented him from commenting in much detail on the case, but he outlined his defense in recently filed court documents, describing a tense July 9 standoff with police and city officials.
That afternoon Childs "unwittingly" found himself in a surprise meeting in the city's Hall of Justice, where he maintained network facilities. At the meeting were his boss, DTIC Chief Operations Officer Richard Robinson, San Francisco Police Department CIO Greg Yee and human resources representative Vitus Leung. On the phone were engineers, listening in to confirm whether the passwords he gave were correct.
They were not, and within days Childs was charged with disrupting computer services and faced further counts of unauthorized network access. He faces seven years in prison if convicted.
The July 9 meeting was the culmination of a long-simmering dispute between Childs and his managers, who had been seeking administrative passwords to the network since at least February. Childs had refused to provide the passwords, apparently because he feared that they would be shared with management or outside contractors, according to court filings.
Even though it went against the orders of his supervisors, Childs was doing his job by refusing to hand over the passwords to a roomful of people, his attorney Richard Shikman argued in the filings. "The response to suspend him was arguably legal. The response to prosecute him is not," he wrote.
The Terry Childs case can seem like a cautionary tale of the power wielded by the people in charge of computer systems. Or it can seem like a poignant reminder of how dedicated employees can be thwarted at the whim of management.
Childs is no angel. He has already served four years in Kansas prison on aggravated robbery and aggravated burglary charges, stemming from an incident that occurred when he was a teenager.
Three of the charges against Childs in the San Francisco case stem from modems that were found in his office.
Prosecutors said these modems provided illegal access to the city's network, but in court filings, Childs' lawyer said they were used for work. One was set up to dial out to Childs' pager any time a problem popped up on the city's network. The second was a DSL modem that had been set up even before Childs was hired at DTIS, used to connect to the Internet and test access to the city's network. The third was for emergency use only, designed to connect city computers to a disaster recovery site so that the city's network could be up and running in the event of an emergency.
"The existence, use and nature of modems are within the scope of the employment of a network engineer," his attorney argued in court filings.
Childs may have felt justified in refusing to hand over the passwords to strangers, but obviously something happened to lead up to the tense July 9 showdown, said Bruce Schneier, a noted computer security expert and chief security technology officer at BT. "That's not a normal day at the office," he said. "It does seem strange. It feels like there is more to the story than we know."
"The passwords are owned by the city, so as an employee he's obligated to give them up to his boss," Schneier added.
If he had to do it all over again, that's exactly what Terry Childs would do. "I'd have gotten out before it came to this," he said last week. "I have a great house ... and I'm on the verge of losing it since I'm in here. I'm out of a job, and don't know what'll happen with all this."
Childs's lawyer has moved that the charges against him be dropped. A hearing on that motion is set for Feb. 27.
InfoWorld's Paul Venezia contributed to this story.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!