Terry Childs's Slow Road To Justice 253
snydeq writes "Deep End's Paul Venezia provides an update on the City of San Francisco's trial against IT admin Terry Childs, which — at eight weeks and counting — hasn't even seen the defense begin to present its case. The main spotlight thus far has been on the testimony of San Francisco Mayor Gavin Newsom. 'Many articles about this case have pounced on the fact that after Childs gave the passwords to the mayor, they couldn't immediately be used. Most of these pieces chalk this up to some kind of secondary infraction on Childs's part,' Venezia writes. 'Just because you give someone a password doesn't mean that person knows how to use it. Childs's security measures would have included access lists that blocked attempted logins from non-specified IP addresses or subnets. In short, it was nothing out of the ordinary if you know anything about network security.' But while the lack of technical expertise in the case is troubling, encouraging is the fact that the San Francisco Chronicle's 'breathless piece reporting on the mayor's testimony' drew comments 10-to-1 in Childs's favor, which may indicate that 'public opinion of this case has tilted in favor of the defense,' Venezia writes. Of course, 'if [the trial] drags into summer, Childs will have the dubious honor of being held in jail for two full years.' This for a man who 'ultimately protected the [City's] network until the bitter end.'"
Sure they could have been readily used. (Score:5, Informative)
'Just because you give someone a password doesn't mean that person knows how to use it. Childs's security measures would have included access lists that blocked attempted logins from non-specified IP addresses or subnets. I
Don't use a non-specified IP address.
Or more specifically: graph a console cable, plug it into the device, and do what you need to do.
That an unskilled individual would not necessarily be able to easily use them does not mean Childs did anything wrong.
In fact, this is exactly how things should be -- in case the password is compromised, there should be additional layers of defense (IP access lists), to prevent convert abuse of accidentally leaked passwords.
No one password should ever give anyone free reign over a critical network, without at least also having physical access or passing through a designated management point.
Re:Both sides behaved terribly (Score:5, Informative)
His employer was the city. His job was to keep the passwords safe from everyone except the Mayor. When the mayor finally asked for them, I understand he gave them to him. Was there something in there that I missed?
Re:Both sides behaved terribly (Score:5, Informative)
"People authorized by city policy or law to have those passwords most likely included any number of his bosses on up the chain of command"
You are guessing incorrectly, the actual county policy has been previously posted, and indeed, the mayor was the only person authorised. Whether that's an oversight or not, that was the policy.
"but let's not try to pretend that he didn't violate rules and/or laws."
He didn't. You are welcome to prove that he did, but so far you are only guess despite no evidence to support your case.
Re:Both sides behaved terribly (Score:5, Informative)
His employer was the city. His job was to keep the passwords safe from everyone except the Mayor. When the mayor finally asked for them, I understand he gave them to him. Was there something in there that I missed?
I'm pretty sure that's not in his job description. The Mayor is not the 'head of IT', and normally most mayors would NOT know the network passwords. Why would they?
It was in his contract.
Re:Both sides behaved terribly (Score:5, Informative)
I can't say that I have read his official job description but I'm pretty sure that "keep the passwords to yourself and the mayor of a major metropolitan city" wasn't it. It was probably "to keep the passwords safe from people not authorized to have them."
If I remember correctly, they tried to get the passwords out of him after he was released from the city's employment. If that's the case, his job description no longer factored in.
"You're fired. Give me the network passwords."
"Sorry, that is no longer my job."
"I'm calling the police."
LK
Re:Both sides behaved terribly (Score:3, Informative)
Re:Both sides behaved terribly (Score:5, Informative)
He did. There was a written policy from his employer that he was not to disclose those passwords under any circumstances and he followed that policy to the letter.
If that's not what was wanted, I guess it shouldn't have been the policy. Note that the incident where he was finally jailed was when he refused to disclose them on a conference call where he couldn't possibly know who might be listening.
Re:Both sides behaved terribly (Score:3, Informative)
I'm still curious about the events leading up to this such as the other dismissals and the odd snooping around. It really looks like office politics and cleaning out the workplace to replace with cronies and putting an awkward obstacle in jail.
From looking at what's been released so far I can't see where he violated either the law or their rules.
Re:The Mayor's Testimony (Score:4, Informative)
And no, da mayor does not get to tell the prosecutor to drop a case. Maybe in Chicago, but not in most cities. The real question is why the prosecutor went balls-out for 5 million dollars bail. BTW, the trial judge already tossed 4 of the 5 indictments. Just arresting the guy for a few days was enough to send the message "don't be a prick".
Re:How about men like that dumb mayor? (Score:5, Informative)
Re:Overstepped bounds (Score:5, Informative)
In particular, sitting on all access and passwords and refusing to share or divulge them is effectively the last refuge of someone who's on a power trip, or about to get let go and is trying to delay that.
Except that the policy of SanFran (quoted in a response to previous article on Slashdot, so I'm going to be lazy and let you do your own damn research for once) SPECIFICALLY required that he not reveal the passwords to anyone but the mayor, and certainly not to someone on an open fucking conference call to which anyone else, especially the "spy girl" who he had turned in when he caught her rummaging through shit after hours, might have been party.
He delivered the passwords, AS PER WRITTEN SANFRAN POLICY, to the Mayor in a face-to-face meeting. That is what was required of him by SanFran code. The people who tried to get him to break that policy are the idiots who should lose their jobs and be on trial.
Re:Disagreeing with the majority here... (Score:5, Informative)
Re:Overstepped bounds (Score:5, Informative)
This is rapidly becoming myth rather than fact-based.
The overall policy page is:
http://www.sfgov.org/site/coit_index.asp?id=56853 [sfgov.org]
The security policy is specifically:
http://www.sfgov.org/site/coit_page.asp?id=79251 [sfgov.org]
Which, basically, says "follow this inter-county planning document":
http://www.sfgov.org/site/uploadedfiles/dtis/coit/Policies_Forms/CCISDA_security.pdf [sfgov.org]
The password policy in CCISDA states:
(pp 32 of the document)
Though the "Do not tell anyone your password" sect
Re:Men like these... (Score:2, Informative)
Terry Childs refused to divulge the passwords to anybody he didn't know were entitled to get the passwords. That's the appropriate security procedure: You do not give passwords to people that claim that they should get them, you give them to somebody you know should have access to them. If I had called you after you had quit somewhere, you shouldn't give me the passwords - because you have no idea who I am.
Eivind.
Re:Both sides behaved terribly (Score:1, Informative)
How did you get this far down before making a comment and not see one of the earlier comments about how the mayor WAS the only legally constituted authority who could ask for the passwords?
Re:Men like these... (Score:3, Informative)
Re:Men like these... (Score:4, Informative)
Well, surrendering a master password to persons unknown on a conference call isn't what I'd call responsible.
Nice try. While there were people on a conference call in the room, that's not the whole story. An excerpt from this article [computerworld.com] clearly states:
I think his boss and the COO were quite qualified to meet the "need to know" requirement.
Re:Men like these... (Score:3, Informative)
So you mean that someone who wasn't authorized to have the passwords didn't ask you to hand them over while on a speakerphone conversation with an unknown number of potentially unauthorized people on the other end? All totally in contravention of your password policy? Because that's what happened to Terry Childs.
Re:Both sides behaved terribly (Score:4, Informative)
Yes, it is.
Sorry, but even though he is not employed there, he still has access to sensitive information. I'm sure he was under several covenants signed as a condition of employment and continuing for some period after employment.
Otherwise, he could literally go to the Chinese, passwords in hand, and sell that information to them .0000000001 seconds after calling his boss and saying "I quit!"
I know most jobs I've worked have confidentiality agreements that require that I keep company information confidential even after my employment is terminated (for any cause), and I can be sued if I violated those covenants.
Once he was no longer a part of the infrastructure, his only known authentication of someone who can get the information is an elected official. The Mayor could have directed him to give the information to a designee, but the Mayor decided to get the information personally. Unfortunately, the people the Mayor brought in didn't actually know how to use the passwords, but Childs disclosed what he was asked to disclose to the only person he clearly knew retained authorization to it.
I can't personally think of another way he could have ethically fulfilled his responsibility to the city while following the procedures (which you can find on the Web, by the way) he was required to follow.
Re:Both sides behaved terribly (Score:5, Informative)
On the other hand, there's no reason that he couldn't have remembered them and just given them up.
But there are. If you look on the city's IT site, you will find the IT policy. Around page 23, IIRC, you'll see the rules under which you can divulge passwords. There are three specific rules that are important:
1. Don't do it over the telephone.
2. Don't ever tell your boss any password.
3. Don't ever divulge any password in the presence of anyone unknown to you.
They dragged him in a meeting room at the police station where he was doing some wiring work, filled the room with people he didn't know, initiated a conference call over a speakerphone, told him he was being transferred, and asked him to recite the passwords.
Umm, what did he do wrong by saying "NO"? He was, at that time, still an employee. He was bound by policy not to divulge the information under those circumstances.
Then he was fired.
At that point, he had no obligation to give the passwords up any more, and was probably bound by a nondisclosure agreement that would be violated if he HAD given them up. So his logical course would then be to go home and do his best to forget the passwords. His employer shitcanned him because he tried to follow their rules and they didn't like it.
There is no rule in the City IT policy that says you need to give up a password when asked. However, there was one that any "system" passwords (as opposed to "user" passwords) needed to be in a central secure database, and it's up for discussion as to whether he did in fact violate that policy. If he did, then there was an obligation to disclose it, but then the question becomes, to whom?
He offered to divulge the passwords to the only person he KNEW was authorized to receive them - an elected official. The Mayor agreed to accept the passwords, and he gave them up. They Mayor, as an elected official, is then authorized to hand the passwords off to anyone else he chooses.
Then the passwords didn't work because the people the Mayor gave them to apparently didn't understand how the network was configured.
If the City is still unable to access the network, they need to acknowledge that Childs was following THEIR rules when he refused to cooperate, apologize, release him with back pay, and ask nicely for him to come back for a short-term consulting gig so he can teach his successor how to run the network. At which point, the successor changes all the passwords, Childs loses all access to the network, and gets a nice letter of recommendation stating that his ethical standards at protecting information he is charged with protecting are so high that he's willing to go to jail rather than violate them.