Inside the mind - and config - of Terry Childs
Terry Childs's lawyer, Erin Crane, offered the court some insights into the Childs' motivations in changing SF's network passwords.
She will argue today for a reduction in his $5 million bail, perhaps to something closer to the bail set for common murderers ($1 mil.) In her written motion for the bail reduction, she explained Childs' actions -- and she hinted that if Childs is taken to trial, it will be a rip-roaring event:
"Mr. Childs intends to not only disprove (felony computer tampering) charges, but also expose the utter mismanagement, negligence and corruption at (the Technology Department) which, if left unchecked, will in fact place the city of San Francisco in danger."
And she explained that Childs has "good reason" to protect his networks from managers.
"His co-workers and supervisors had in the past maliciously damaged the system themselves, hindered his ability to maintain it ... and shown complete indifference to maintaining it themselves."He was the only person in that department capable of running that system," Crane said. "There have been no established policies in place to even dictate who would be the appropriate person to hand over the password to." The defense attorney added that "to the extent that Mr. Childs refused to turn over the password ... this was not a danger to the public."
Childs has a record it seems. Twenty-four years ago he was convicted of aggravated battery. But, Crane said, "He served time for those mistakes and changed his life," got an education and rose "to the top of his field." But in other court filings, we are starting to learn more about how Childs configured the network. PC World's Paul Venezia explains:
According to an affidavit from James Ramsey, an inspector with the San Francisco Police Department, he and other investigators discovered dial-up and DSL (digital subscriber line) modems that would allow an unauthorized connection to the FiberWAN. He also found that Childs had configured several of the Cisco devices with a command that would erase critical configuration data in the event that anyone tried to restore administrative access to the devices, something Ramsey saw as dangerous because no backup configuration files could be found. This command, called a No Service Password Recovery is often used by engineers to add an extra level of security to networks, said Mike Chase, regional director of engineering with FusionStorm, an IT services provider that supports Cisco products. But without access to either Childs' passwords or the backup configuration files, administrators would have to essentially re-configure their entire network, an error-prone and time consuming possibility, Chase said. "It's basically like playing 3D chess," he said. "In that situation, you're stuck interviewing everybody at every site getting anecdotal stories of who's connected to what. And then you're guaranteed to miss something."
One final point on the IT-management tension in SF. Richard Isen, IT chapter president with Childs' union, the International Federation of Professional and Technical Engineers, Local 21, told Venezia:
"There is a lot of sympathy (for Childs), only because there is a basic feeling that management misunderstand what we actually do and doesn't appreciate the complexity of the work."