Forgot your password?
typodupeerror
The Courts Crime IT

Terry Childs Found Guilty 982

Posted by kdawson
from the miss-carriage dept.
A jury in San Francisco found Terry Childs guilty of one felony count of computer tampering. The trial lasted four months. Childs now faces a maximum sentence of five years in prison.
This discussion has been archived. No new comments can be posted.

Terry Childs Found Guilty

Comments Filter:
  • by unity100 (970058) on Tuesday April 27, 2010 @06:58PM (#32005788) Homepage Journal
    he is a sysadmin that refused to disclose passwords to an office which had the prudence to disclose ALL of those LIVE passwords and usernames as evidence in a public court ... exposing personal information of millions of citizens in public databases ...

    i doubt that randomly selected array of 20-30 americans would be able to understand how insanely stupid this is.
    • by gman003 (1693318) on Tuesday April 27, 2010 @07:02PM (#32005826)

      Democracy is a form of government that ensures we are governed as well as we deserve.

    • by aaarrrgggh (9205) on Tuesday April 27, 2010 @08:19PM (#32006724)

      One of the jurors was a network engineer; I'm not quite sure how well you can say that they were collectively uninformed in the matter, although I wholeheartedly disagree with the results.

  • do the right thing (Score:4, Insightful)

    by bugi (8479) on Tuesday April 27, 2010 @07:02PM (#32005822)

    Remind me never to do the right thing ever again.

    • by betterunixthanunix (980855) on Tuesday April 27, 2010 @07:27PM (#32006092)
      I think the lesson to be learned here is to demand legal statements from people that absolve you of responsibility for their stupidity. "You want these passwords? First give me something I can bring to court, so that when you screw up, you cannot try to blame me." The courts have shown that these are the sorts of measures we must take -- not to try to prevent the damage from being done, but to prevent the idiots who cause problems from passing the responsibility off to us.
    • by Sycraft-fu (314770) on Tuesday April 27, 2010 @09:44PM (#32007640)

      Is to perhaps not be knee jerk about what "the right thing," is. Don't presume you know better than everyone, don't presume you are the one with whom the buck should stop and so on. You need to be able to look at the bigger picture. While you might think "the right thing," is for you and only you to have access to the systems because you feel you are the only one smart enough to handle it properly, well consider two things:

      1) What happens if you are rendered unavailable? You could die, become incapacitated, whatever. What happens then if you are the only one who has the keys to get in? All of a sudden "the right thing" turned in to a rather large disaster.

      2) Consider that maybe you aren't as smart as you think you are, or perhaps that everyone else isn't as dumb as you think they are. Perhaps your boss is perfectly capable of having the password as a backup and not using it to cause any trouble. You might not think he's smart enough, but maybe you aren't evaluating the situation fairly.

      Also just remember that you job in IT is customer service, even if you never deal with customers. Your job is to help make computers do what people want them to. They are tools to reach some goal, and you are someone who helps that happen. Part of that means doing what your customers (which are usually your coworkers) want. That doesn't mean giving them everything, but it does mean not being a stone wall that just refuses to do something. Work with people, try to persuade rather than intimidate and so on.

      Finally, when it comes down to it, they aren't your systems, they are the organization's systems and if they want to fuck it up, that's their thing. Argue against it, document your objections, but if that's what they want, let them do it. It isn't your place to stop it.

  • Jury of Peers (Score:4, Insightful)

    by Reason58 (775044) on Tuesday April 27, 2010 @07:03PM (#32005834)
    It is my understanding his employment was specific in that he would only disclose the password to the mayor alone. This never happened, thus he never disclosed the password. This case did not require any technical knowledge to grasp the facts, so I am unsure how the jury could come to this result.
    • Re:Jury of Peers (Score:4, Insightful)

      by robpoe (578975) on Tuesday April 27, 2010 @07:05PM (#32005858)
      They're dumbasses
  • by ff1324 (783953) on Tuesday April 27, 2010 @07:06PM (#32005864)
    Remember that juries are made up of the twelve people who weren't smart enough to get out of jury duty.
  • by Cheerio Boy (82178) * on Tuesday April 27, 2010 @07:06PM (#32005870) Homepage Journal
    What this really all comes down to is that once a company fires you or lets you go you are still obligated to that company.

    I don't care if it's a government organization or a corporation as far as I'm concerned once they let you go there should be no more ties to anyone from either side.

    I guess it's true...the shackles don't come off even if they put you back in the general population.
    • by jd (1658) <imipak&yahoo,com> on Tuesday April 27, 2010 @07:48PM (#32006328) Homepage Journal

      Of course you are. NDAs can last 5+ years, classified information remains classified for 50+ years, and networking between bosses on the golf course lasts forever. These are utterly unavoidable, which is why I believe corporations and governments should have obligations at least as stringent. It has to be symmetrical, or a damn good approximation. (Which is why I believe unions - if implemented and run correctly and fairly - are also essential. "Employment at will" does not exist in reality. What exists is employment at the employer's whim. You can check out any time you like, but you can never leave - until the boss says so. Irritate the wrong boss, and you'll never work in that town, city, State or Country again, because that's how networking works at the upper levels. This makes it impossible to switch jobs, save by your boss' consent. The system is feudal and peons have no say in feudal systems. Peons will get walked over, and there is nothing they can do to stop it, no matter what "employment at will" rights they think they have.)

  • Soooo (Score:5, Insightful)

    by garyisabusyguy (732330) on Tuesday April 27, 2010 @07:06PM (#32005874)

    The lesson here is to do whatever your boss says, even if it is incredibly stupid and will make your job entirely unmanageable...

    Well, I would have to agree that my 'inner security geek', would have had to swallow really hard a few time before stating production passwords over a teleconference with unknown people. Hell, I would expect to be fired just for doing that.

    Damned if you do, damned if you don't. Sometime you just have to suck it up and go look for another job. The sad part is that Terry was probably just a conscientous civil servant, and the boss was a know-nothing political appointee. Terry had probably seen more than a few of these appointed ass-hats come and go, and figured this was just another little tempest that would blow over.

    Poor guy

    • Re: (Score:3, Interesting)

      by SoupGuru (723634)
      If my boss asks me to do something, I generally do it. What if it violates policy? Well, he's more culpable than I am.

      That's the thing. That network is more Childs' boss' than it is his... his boss has more responsibility to it. He wants the password, give it to him and document that you did so. When the network comes crashing down, it's more his fault than yours.... and you're not in jail. Hopefully.
  • by linebackn (131821) on Tuesday April 27, 2010 @07:11PM (#32005924)

    Sound like this could have some bad repercussions for IT folks. Of course all I know about the situation is what has been posted on Slashdot. There could be, and usually is, more to the story. Now that the trial is over with will the court records be posted somewhere?

    • Re: (Score:3, Insightful)

      by slashqwerty (1099091)

      Sound like this could have some bad repercussions for IT folks. Of course all I know about the situation is what has been posted on Slashdot. There could be, and usually is, more to the story. Now that the trial is over with will the court records be posted somewhere?

      That's an excellent question. Throughout this entire case I've felt like I was only getting one side of the story. For example, I haven't seen any quotes from the prosecutor. Prosecuting someone for failing to disclose a password is absurd

  • by droopus (33472) * on Tuesday April 27, 2010 @07:26PM (#32006080)

    Ok the real lesson, sorry to say is: if the Feds want you they will have you. There is a reason why 95+% of indictees plead out. How do I know this? I just emerged from a five year fed sentence at a lovely FCI in Ohio.

    Without getting too detailed...I was a media consultant for a major media multinational. The Feds did not like that my focus was piracy but I would not divulge IPs, nyms or rat anyone. After some rather appalling disinformation was seeded (see Darknet...an utter load of made up BS) I was accused of damaging a portable toilet (I am not making this up) and faced life for 18 USC 844(i) and 18 USC 924(c). I was forced to plead out to a mandatory minimum of five years, which I just finished. (in fact, I'm still in a halfway house).

    The charges and the character assasination were ALL bullshit. But would you have thrown the dice with a jury and risked life? Me neither.

    The feds hate geeks, unless we work for them. Be VERY afraid and very careful. I'll get my life back but the past 52 months were not fun.

    • by Fnkmaster (89084) on Tuesday April 27, 2010 @07:35PM (#32006188)

      Look on the bright side, at least you've still got your 5 digit Slashdot user ID!

  • Boycott (Score:3, Insightful)

    by Anonymous Coward on Tuesday April 27, 2010 @07:30PM (#32006132)

    Look. I know IT doesn't have a union. And I wouldn't want one as a programmer and sysadmin based one everything I've ever seen about a union. But this is the time to speak out through actions.

    Any IT professional of any competence, and with any amount of self respect needs to refuse to do business with ANYONE who services the city of SF--directly or indirectly. I will be, and will indicate as much explicitly to anyone acting for or on behalf of the city--directly or indirectly that until a full pardon and compensation is paid to Childs, and the relevant individuals are removed from office for corruption, I will not provide any professional services.

    If the relevant DA or mayor retires or resigns without reprimand and appropriate court sanctions, I will *never* provide such services.

    Yes, I know many people say Childs acted unprofessionally--that's not the point. By refusing to provide the passwords, it would have been arguably justifiable to fire him. He was arrested for refusing to provide passwords after he was already fired--not his problem any more. Had they arrested him before firing him there *might* have been an argument.

    I refuse to work for any organization that supports this. And I hope that the members of /. refuse to as well, unless or until the city releases far more compelling evidence of destructive intent than has come to light thus far.

    Of course, it's easier for me to say as I'm two states east...but I've a client or two out there.

    • Re:Boycott (Score:4, Interesting)

      by CorporateSuit (1319461) on Tuesday April 27, 2010 @07:58PM (#32006476)
      San Francisco's mayor is one of the most prominent douchebags of recent history. There's no way he would resign unless it meant that he could become governor, senator, or president of the USA by next election. He's an animated golemn, crafted of every negative stereotype of San Francisco there is. When he had every reason to defend Child's actions, he testified against him - condemning what he knew to be an innocent man. What would an egomaniac like that have to gain from stepping down or retracting his testimony against the man when he's busy patting himself on the back for helping put away a dangerous terrorist such as Terry Childs?

      If this was 200 years ago, I'd challenge the man to a duel. "You took 5 years of an innocent man's life away because you could. Just how many innocent men have you knowingly put away for 5 years? 10 years? 20 years? How many innocent lifetimes has your sick ego cost the world? I'm sure the devil will give you a full report when you reach Hell."

      But now, in 2010, I could probably get charges filed against me just for suggesting something like that! It's those damned everchanging laws of propriety...
  • guilty of what? (Score:3, Interesting)

    by SoupGuru (723634) on Tuesday April 27, 2010 @07:34PM (#32006176)
    Are we getting too hung up on the password issue? Was his refusal to divulge the passwords what he's being found guilty of?

    Or is it the fact that if he stepped in front of a bus, the city had no hope of being able to manage the network? My place of employment has "the password list" and it's known to more than one person. If the city allowed Childs to hold all the keys, they're pretty stupid. If they had a policy prohibiting that, I could understand why violating it could get you jail time.
  • Epic fail (Score:4, Insightful)

    by hsthompson69 (1674722) on Tuesday April 27, 2010 @07:34PM (#32006178)

    I wonder how the guys who took over Terry's job feel now. I'd be looking for alternative employment at this point -> like maybe a ditch digger or something that just might not get you pooched by the judicial system.

    Talk about setting a dangerous precedent.

  • by divisionbyzero (300681) on Tuesday April 27, 2010 @07:54PM (#32006420)

    he deserved to be fired, not go to jail. His refusal to hand-over passwords was certainly grounds for firing but it's not clear he broke the law. To a certain extent he is a victim of his own arrogance but also of the ignorance of everyone surrounding him. Maybe he was right? Maybe they all are idiots and he was better off not trusting them? In any case his obligation ended when he was fired.

  • He was wrong (Score:4, Informative)

    by Anonymous Coward on Tuesday April 27, 2010 @07:55PM (#32006436)

    I'm posting anonymously, but I remember some of the folks were really spooked that he'd deleted images off devices and wiped configs so that if they were rebooted, they would no longer pass ANY traffic. The city called us to see if there was a way to recover passwords without rebooting the boxes. A tampering conviction fits.

  • by BengalsUF (145009) on Tuesday April 27, 2010 @10:30PM (#32008096)

    Now that I am able to speak about this case, I can give you my take on the matter as having been a juror on it. Having not been able to read about the case during its duration, I can't replay to everything that's been said about it, but I will at least provide my perspective.

    This case should have never come to be. Management in the city's IT organization was terrible. There were no adopted security policies or procedures in place. This was a situation that management allowed to develop until it came to this unfortunate point. They did everything wrong that they possibly could have to create this situation. However, the city was not on trial, but Terry Childs was. And when we went into that jury room, we had very explicit instructions on what laws we were to apply and what definitions we were to follow in applying those laws.

    This jury was not made up of incompetent people or idiots. Every single person on there was very educated and well-spoken. I myself am a network engineer with a CCIE and thirteen years experience in the field.

    This was not a verdict that we came to lightly. There were very difficult points to overcome in reaching it. We were not allowed to let our emotions or biases determine the matter, because if they could there may have been a different outcome. Quite simply, we followed the law. I personally, and many of the other juror, felt terrible coming to this verdict. Terry Childs turned his life around and educated himself in the networking field on very complex technologies. One different decision by him, or more effective management by the city could have completely avoided this entire scenario. But those are not factors we could consider as a jury. We applied the law as it was provided to us and our verdict was the unfortunate, but inevitable result.

    I'm sure many people posting are of the mindset that he's not guilty because he shouldn't reveal the passwords, some policy says this or that, or whatever. You're entitled to your opinion, but let me tell you that I sat through FIVE MONTHS of testimony, saw over 300 exhibits, and personally wrote over 200 pages of notes. I will guarantee you that no matter what you think of the matter, you do not have the full story, or even 10% of it. I am confident that we reached the correct verdict, whether I like it or not.

    • by Archangel Michael (180766) on Wednesday April 28, 2010 @12:13AM (#32009046) Journal

      Two Words .... Jury Nullification

      This is the worst part of our current system, is that juries are not informed of all the duties that are necessary for them to perform. In this case you were led to believe that your only duty was to judge the facts, and apply those facts to the law.

      However every member of society has every right, while on any jury, to judge not only the facts of the case, but the law and how they are being applied. This is the ONLY real safeguard to a free people, and the real power of the Jury.

      My biggest sadness is that you felt compelled to convict the man, because the fact and the law told you to. Just so you know, you've admitted that you've proven the state has enslaved us all to laws we can't possibly obey.

      Take a look here, and after that, I leave you with two questions ....

      The Average Person [wsj.com] Commits Three Felonies a Day" [amazon.com]

      Question one, are you willing to go to jail for doing something that is right, even if it is against the law?

      If not, why did you do that to someone else?

      • by BengalsUF (145009) on Wednesday April 28, 2010 @01:46AM (#32010050)

        The jury instructions specifically stated that whether or not we agree with the law in question cannot be a factor in determining if the law was actually broken. Regardless, I found nothing objectionable about the law itself and I don't believe any of the other jurors did either. There are plenty of protections within the law in question which protect people which may be acting under a misunderstanding of the facts or acting within the scope of their employment, all of which we weighed in making our decision.

      • by painandgreed (692585) on Wednesday April 28, 2010 @12:44PM (#32017018)

        Two Words .... Jury Nullification

        The idea of jury nullification is great when it's used on a law you don't agree with, not so much when it goes the other way. The reason that lynchers and other civil right abusers could get away with what they did in the 20's and 30's was because of jury nullification. The phrase "no jury will convict me" was speaking about jury nullification. As they could control who got on the juries and that those people had similar morals that did not agree with the law, they did not have to follow the law. Once society loses the rule of law, there's no reason to follow the law for anything. While I don't agree with a lot of laws and would even hazard that some laws are probably even objectively bad, it would be better to change the laws that rely upon jury nullification.

    • by jollyreaper (513215) on Wednesday April 28, 2010 @10:04AM (#32013900)

      This was not a verdict that we came to lightly. There were very difficult points to overcome in reaching it. We were not allowed to let our emotions or biases determine the matter, because if they could there may have been a different outcome. Quite simply, we followed the law.

      This is like that psych experiment where a test subject is given a buzzer and a set of questions. A lab assistant plays the role of another test subject behind a screen. The buzzer is supposed to deliver a shock for every wrong question. It doesn't, of course, but the lab assistant acts like it does. With each wrong question he screams louder, wimpers, begs to stop the experiment. The official-looking SCIENTIST in his WHITE LAB COAT reassures the skeptical test subject that the experiment should continue. Some subjects will walk about but others will keep administering shocks for unanswered questions even after the man behind the screen is no longer making any noises. Unconscious? Dead? Doesn't matter. The man in the white coat told me what to do. He has AUTHORITY.

      If the case never should have come to trial, find him not guilty. The charges are obviously bullshit. Where is it written that conscience and compassion have no place in our courts? Ok, mandatory sentencing says we have to leave our brains at the door but fuck that.

    • by 31415926535897 (702314) on Wednesday April 28, 2010 @01:08PM (#32017452) Journal

      I think this is the saddest thing I might have ever read:

      This case should have never come to be. Management in the city's IT organization was terrible. There were no adopted security policies or procedures in place. This was a situation that management allowed to develop until it came to this unfortunate point. They did everything wrong that they possibly could have to create this situation. However, the city was not on trial, but Terry Childs was. And when we went into that jury room, we had very explicit instructions on what laws we were to apply and what definitions we were to follow in applying those laws.

      Another poster already mentioned Jury Nullification; how can you, as a human being, convict another human being after saying you believe all of that?

      And of course, the city can't be put on trial for it's portion in this, can it? Nobody from the city is going to go to jail (and the city itself won't be legally "incarcerated") no matter how wrong it was. But because of your strict interpretation of the law, and some "common sense" interpretation about who an authorized user was (even though it wasn't legally specified), he has to go to jail and have his life ruined.

      What you did was reprehensible.

"It is better to have tried and failed than to have failed to try, but the result's the same." - Mike Dennison

Working...