Terry Childs, the net admin arrested on July 12, 2008 for disrupting San Francisco's wide-area network, still sits in the City of San Francisco's county jail. But is he guilty of what he is accused of, or was he just doing his job?
Terry Childs, the net admin arrested on July 12, 2008 for disrupting San Francisco's wide-area network, still sits in the City of San Francisco's county jail. He says he did nothing illegal while working for the city and argued that his actions, depicted as criminal, were in line with standard network security practices.
According to this piece from InfoWorld, a court filing made back in late July opposing the bail for Childs claimed the following:
- Childs configured a number of routers and switches with 'no service password-recovery,' which would prevent anyone from recovering the passwords without losing the IOS image and configuration.
- He removed the start-up configuration from some devices, leaving them operational via the running config, but they would be lost during a power outage or reboot.
- There were various methods that Childs could have used to gain access to the FiberWAN, including "wireless access devices to different departments."
- In his work area and home, they found lists of usernames and passwords, including the password of his supervisor. He also apparently had installed sniffers on the network.
The author of the InfoWorld piece, Paul Venezia, makes some great points both in support of and against these claims. Venezia followed the case closely, which culminated in his actually conducting an interview with Childs at the jail.
It makes some interesting reading and poses the ultimate question: Was Childs actually committing a crime, or was he just doing his job, becoming a victim of the worst case ever of company executives not understanding just what IT does?