Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

One admin's missing password leaves San Francisco in a lockdown state

By Michael Hatamoto, BetaNews

July 18, 2008, 5:00 PM

A former San Francisco city computer network administrator remains in a Bay Area jail after pleading not guilty to four charges of computer tampering. Meanwhile, the city's computer network is in limbo.

Prior to his arrest, Terry Childs, 43, of Pittsburg, California, managed to manipulate the city's computer system, creating a password that has effectively locked out all other city network administrators. As an employee in the San Francisco Department of Technology Information Services, he helped create a new network used for the San Francisco FiberWAN (wide-area network), his former defender said.

The FiberWAN network is responsible for controlling the city's e-mails, law enforcement records, payroll, and personal records. It controls 60 percent of the city's municipal data that also includes lawyer information and 311 information system.

In an interview today with the San Francisco Chronicle, Childs' attorney, Erin Crane, characterized his client as willing to cooperate, but may only turn over the password city officials need to operate their network after negotiations have concluded. Crane described Childs as more than the network's administrator -- indeed, as its architect.

Childs pleaded not guilty yesterday in San Francisco Superior Court, and is now being held in custody on $5 million bail. He will next face a bail hearing on Wednesday, July 23.

The public defender who initially defended Terry Childs, Mark Jacobs, removed himself from the case over suspected conflict of interest, after it was learned his own records were among those included in the files that Childs still holds hostage.

Specifically, Childs stopped authorized network users from accessing to parts of the network they should be authorized to use, and also enabled his own access to sections of the network to which he should have been restricted while he worked for the city, San Francisco district attorney spokespeople said.

Computer security experts have been quick to chastise the city for letting one person have access to the entire system, while recommending each person should only have access to a piece of the network. Aside from Childs, it's believed five or six people are expected to have accounts enabling universal access to everything in the network, though the identity or whereabouts of those individuals has not been made known.

In another mistake, the city apparently did not keep adequate system backups, which they could have used to restore the network and its passwords by now. Even so, it's unknown if there are any backups of the system and password, and if Childs also locked the administrator account from those backups.

There has been no data breach, no tampering with the system itself, and the only problem at the moment is that everyone is locked out, city officials confirmed.

San Francisco Mayor Gavin Newsom, city officials, and Cisco engineers are still trying to resolve network issues about five days after the initial incident. Earlier in the week, Mayor Newsom said it could take up to eight weeks to fully restore the network to working order, costing the city thousands of dollars in resources. But the eight week prediction is a worst-case scenario, in which an entirely new infrastructure would have to be built, and the current network dismantled.

During a press conference earlier in the week, Mayor Newsom described Childs as a "rogue employee" who became "a bit maniacal and full of himself."

The network restoration could happen much faster and easier with cooperation from Childs, who had said several times that he does not plan to help the city fix the network. After Childs' first court appearance, attorney Crane said this an entire issue was nothing but a misunderstanding, that the media and public had blown out of proportion.

Although the D.A. has not released the full criminal complaint against Childs, and what would have led him to do this, local Bay Area media outlets reported an alleged dispute between Childs and one of his managers. Unconfirmed reports indicate he was to be suspended on July 9 for alleged insubordination.

With little known details available out the case, the media, both professional admins and the general public have already formed their own opinion about the case, saying it's ludicrous that someone who has yet to hurt someone is being held on $5 million bail. Others, however, said effectively hijacking an entire city's computer network and holding it hostage is the wrong course of action, regardless of what grievances he has against his employers.

Even though Childs remains in police custody, he is still receiving paychecks from his $127,735 per year salary. Moving forward, the city of San Francisco hopes to work with Childs and his attorney to resolve the network issues in a timely matter, though specific talks are taking place behind closed doors.

Add a Comment

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By imafurby

posted Jul 21, 2008 - 3:02 PM

No surprise. San Francisco is being mismanaged by the worst collection of fools, criminals and downright destructive, America haters that possibly the best scenario is a major earthquake which totally destroys it. Believe me, the place will burn to the ground, because if the Fire Dept. is run like the city is, they won't be able to cope. The mess will make 1906 look like a family cook out.

Maybe it might rid the place of the human rats that mostly inhabit it and they could start over.

Score: 0

By preinterpost

posted Jul 21, 2008 - 8:57 AM

Assuming he did it it's probably no technological genius but merely abuse of trust. Trust that most IT professionals enjoy to do their jobs efficiently. This whole drama will back fire on these people who'll probably have to deal with a lot more bureaucratic overhead to get their jobs done going forward. If he is guilty I hope they come down hard on him and set an example.

Score: 0

By Tenoq

posted Jul 20, 2008 - 7:37 PM

I'm sorry, but I couldn't help but laugh when I read this story. The naivety of those in power when it comes to IT&T is simply astounding. We've seen it many times in court cases dealing with computer crimes, copyright infringement, etc - and now a city has handed the keys to all their data to just one man?

In some ways the bureaucrats deserve it. Still, Childs obviously isn't in the right, and needs to dealt with appropriately. Would like to hear his side of the story, though. :)

Score: 0

By Sven123456789

posted Jul 20, 2008 - 12:16 PM

Keep the bum in Jail. Another tech scum locked up.

Score: 0

By mjm01010101

posted Jul 21, 2008 - 12:39 AM

His password is sven123456789 !

Score: 0

By DatabaseBen

edited Jul 20, 2008 - 12:04 PM

obviously he thinks he will go down in time as being famous for holding the testicles of that government at bay.

but he forgets that it is san francisco.

instead he is nothing more than a technician and a fat slob who thinks that he is somekind of genius by sabotaging the system with his own password.

but why, a lack of promotion or raise for sitting at the desk all day and eating donuts and blaming the world for his misery?

wouldn't be surprised if he is one of those Microsoft MVP's.

Score: 0

By mjm01010101

posted Jul 21, 2008 - 12:41 AM

Most Microsoft MVP's wouldn't have the faintest clue when it comes to fiber nets, I'm thinking... Perhaps you are thinking a Cisco cert?

Score: 0

By foxfyre

edited Jul 20, 2008 - 7:22 AM

So much speculation about the speculation based upon previous speculation in reference to another's speculation based upon the assumption as a result of the obvious lack of accurate and hard information, it is hilarious to listen to the "it should be easy" pronouncements.

The show is consists as much in the media frenzy and the amazing number of 'analytical responses' by folks who lack any real understanding of exactly what is going on.

But what it does illustrate is that in the posterior of Silicon Valley, the concept of multi-layered distributed security and administration utilizing best practices for security, change management and policies and procedures is anathema.

They have gotten exactly what they planned for due to their lack of adherence to best practices.

But, please don't let me interrupt the "it should be easy to...." speculation based upon a clue-less interpretation of exactly what the complete nature of the problem is. After all, why should the lack of facts preclude anyone from posting the definitive answer?

And as easy as it is to crack passwords, it is equally interesting to see that they have this far failed.

It will be interesting to hear the rest of the story.

Score: 0

By betavirus1025

posted Jul 19, 2008 - 6:39 PM

The password should be quite simple to figure out. It has to be some combination of gay marriage, anal sex or illegals

Score: 0

By zezinho

posted Jul 19, 2008 - 9:47 AM

Let's trust the cloud with our data. This surely can't happen there.

Score: 0

By mjm01010101

posted Jul 21, 2008 - 12:42 AM

Funny you say that. Amazon S3 was down for 3 hours today. Not sporadically, DOWN, for 3 hours. Crazy. Amazon is fairly silent on it, also.

Score: 0

By mshulman

edited Jul 19, 2008 - 9:47 AM

One thing the article seems to miss a little bit or not make clear enough as the access people don't have is to the fibernet network - apparently it isn't affecting server access if you are local to it.

The guy is a highly trained cisco expert and really managed that part of the network. From another article I read, Cisco has become involved to help resolve the issues. All the passwords on the devices he managed can be reset if you are physicaly at them.

Score: 0

By AWEInCA

posted Jul 21, 2008 - 6:01 PM

mshulman,
The article was indeed confusing and one sided. I believe your answer to be accurate. The media sure can make a big deal of things and get people all worked up.

Score: 0

By rupp17

edited Jul 19, 2008 - 9:02 AM

OMG!

Were the defendant making some kind of point I bet he would have given up by now. fire him, revoke pension ( though it's prolly in the form of a 401k and you can't)

Other side of the matter. That the city has physical access and can't recover is BAD or not so bad. I mean where the need isn't so dire to take " physical reset measures " shutting the equipment down and restoring from there says it's not as bad as they make out. And or they have NO idea, No restore backs either thus making a physical reset and restore worse than the disease. Fire the manager for not having it under control already.....

And the Judge should get off his lazy but, escort the defendant to his work place and say " FIX IT PLEASE". If the dude is not mentally ill it should be a no brainer.

Lastly, If the defendant has nothing to do with the problem then it sucks to be him.

Score: 0

By luke2

edited Jul 18, 2008 - 7:10 PM

Has any one ask Mr.Childs Nicely,May we please have the password?

Score: 0

By Treb

edited Jul 19, 2008 - 6:51 AM

If it were the AF, it would probably be a 10 minute fix...followed by a 3 hour bootup. Of course, I know that system and now the one in this article...could take the 8 weeks.

Score: 0

By ronaldmaustin

edited Jul 19, 2008 - 5:42 AM

And after 14 paragraphs of "he said she said" Mr. Hatamoto surmises, "With little known details available out the case, the media, both professional admins and the general public have already formed their own opinion about the case." Gee, do ya think? That wouldn't include you, would it Hatamoto?

Score: 0

By ronaldmaustin

edited Jul 19, 2008 - 4:48 AM

It is false that "everyone is locked out" of anything at all. That scumbag Newsom, who has sex with his staff's wives, even admits so himself. The City and DA argue only that it is "locked out of" the router which prevents the remaining administrators from locking anyone else, like a court clerk, out of the system. $5 million bail? I'd say if someone shot the judge dead who upheld that bail, that person would be released on $1 million bail. What the hell is going on in San Francisco?

Score: 0

By flibberyGiveIt

posted Jul 19, 2008 - 2:05 PM

http://www.infoworld.com...-network-lockout_6.html

My guess is the new security chief demanded all
of the passwords, he and Childs "discussed" the
matter (probably not physically), and eventually
their bosses called the DA.

(I can imagine a security guy saying "I need all
the PWs. How can the network be secure if I don't
have all of 'em!" and an answer like "how can a
network be secure if anybody can access it!") :p

And so far as I can tell they are actually locked
out of _changing_ the network.

Score: 0

By anexpert

edited Jul 19, 2008 - 12:14 AM

Authorized people can get locked out of a network for both legitimate and unintentional technical reasons that involve no criminal actions on the part of the network administrator(s). While it's possible that the lockout was intentional and criminal, only an expert analysis of the system can determine the cause and nature of the lockout. If these morons can't get network access when they have physical control, then any claims they make should be considered highly dubious and unfounded.

Score: 0

By PatrynXX

posted Jul 18, 2008 - 9:45 PM

Yeah just your standard warning in every MCSE class. Do'h. my ol teach probably already knows about it.

Score: 0

By webrock

edited Jul 18, 2008 - 8:28 PM

another case of a mal-adjusted, socially inept computer nerd exacting revenge the only way he knows. the same ilk create malware, viruses, and spyware

Score: 0

By gawd21

posted Jul 18, 2008 - 10:31 PM

Would you rather he ran a muck killing people?

Score: 0

By ronaldmaustin

posted Jul 19, 2008 - 4:52 AM

He probably wishes he had at this point. If he killed people, he'd be out for $1 million instead of $5 million bail.

Score: 0

By fbarcenas

edited Jul 18, 2008 - 8:06 PM

I believe there has to be more to this than what is being told. I would like to hear the guys side of the story.

Score: 0

By webrock

posted Jul 18, 2008 - 10:25 PM

he can have no story that justifies his juvinile actions

Score: 0

By ronaldmaustin

posted Jul 19, 2008 - 5:02 AM

How do you even know what his actions were? I've been reading stories about this for over an hour and I still can't find one that is more than rumor and innuendo. The most concrete thing I can find is that he is alleged to have done $200,000 damage. The mayor himself denies this and says that there are no damage figures but that everything is normal.

This story is feeding on itself. The prosecutors and police don't know what they are allegeing in the first place. They don't understand it so they take the suspect's "disgruntled" boss at his word. Then the mayor runs with it and alleges something entirely different. A judge doesn't know what to think. He doesn't know whether it's just a forgotton password, or the start of World War 3 in the Bay area. So he leaves the bail at $5 million. Then the uninformed "journalist" gets ahold of it, figues there MUST be some reason why someone is being held on $5 million bail, so he repeats the allegations. Maybe even embellish it a little... "sources allege", etc. Then the bottom feeder on the food chain, YOU, thoughtlessly passes judgement based upon third hand information of something YOU don't even understand.

SF's computer systems aren't being held hostage. The criminal justice system is held hostage by the paranoia of uninformed people. The attorneys didn't even know how to operate a computer in college, so they became attorneys and judges! So they know the law, but they can't understand the facts. Err towards caution and suspend the Constitution. Seems to happen more and more in this country.

Score: 0

By Gungistoker

posted Jul 18, 2008 - 8:02 PM

"Even though Childs remains in police custody, he is still receiving paychecks from his $127,735 per year salary."

----

Nice job if you can get it.

Score: 0

By mjm01010101

posted Jul 21, 2008 - 12:45 AM

Isn't that minimum wage in SFO? It is the most expensive (housing) city in the country, right?

Score: 0

By ajm2008

edited Jul 18, 2008 - 7:51 PM

Umm.. They should have started at least brute force attack on the system by now. What SF prob needs to do is hand over their system to the FBI and a team of hackers.

Score: 0

By ronaldmaustin

posted Jul 19, 2008 - 5:04 AM

If this was genuine the FBI would have been on it by now. This is a petty grudge between some IT people and it's going to make your whole city look bad. Whether the guy did any real damage or not.

Score: 0

By iamacyborg

edited Jul 18, 2008 - 8:43 PM

Lets say his password was 10 characters with numbers, letters, and symbols. (Say a pool of 70 possible characters (26 upper, 26 lower, 10 numbers, and 8 symbols))

The number of possible password combos to brute force would be

2,824,752,490,000,000,000

Better get cracking...

Or better yet - check for sticky-notes underneath his keyboard tray.

Score: 0

By Scary Guy

posted Jul 19, 2008 - 3:35 AM

That's also assuming you know his login name. That's also assuming it doesn't lock you out after X number of failed attempts.

Score: 0

By Josh Geller

edited Jul 18, 2008 - 7:27 PM

Go Terry!

Score: 0

By gawd21

posted Jul 18, 2008 - 7:08 PM

I am loving every word of this. This is great! LMAO I love it!

Score: 0

By Cairobeta

posted Jul 18, 2008 - 7:02 PM

Wow. This is a case of security gone bad. Used to be that all you had to worry about was keeping the bad guys out. Now with security these days you can also lock out people that should have access. This is especially true with encrypted backups these days. If the right people don't have the keys it's the same as not backing up at all.

Score: 0

By overlandpark

edited Jul 18, 2008 - 7:00 PM

Mayor Newsom described Childs as a "rogue employee" who became "a bit maniacal and full of himself."
A statement from Newsom, who has broken the law himself, is laughable. Newson is an idiot and his policies are screwing up a city that already is the laughing stock of the country they pretend to be part of.

Score: 0

By ronaldmaustin

edited Jul 19, 2008 - 5:08 AM

Newsom... What a jerk. I used to like the guy just based upon what I'd heard of him down in LA. Then, when he was screwing his assistant's WIFE behind his back, I rethought the issue and looked into his background. People who like him don't even know what he's about. He just panders to the gays up there, and other liberal causes, but I don't think he is an enlightened individual at all. Just a rich punk who learned a few big words and how to fool people. He will never be Governor.

Score: 0

By malves

posted Jul 19, 2008 - 5:15 PM

"By ronaldmaustin

edited Jul 19, 2008 - 5:08 AM

Newsom... What a jerk. I used to like the guy just based upon what I'd heard of him down in LA. Then, when he was screwing his assistant's WIFE behind his back, I rethought the issue and looked into his background. People who like him don't even know what he's about. He just panders to the gays up there, and other liberal causes, but I don't think he is an enlightened individual at all. Just a rich punk who learned a few big words and how to fool people. He will never be Governor."

You sound like his disgruntled manager!

Score: 0

By ConradSutton

edited Jul 18, 2008 - 6:52 PM

Did you try ctrl+alt+del?

Score: 0

By ronaldmaustin

posted Jul 19, 2008 - 5:09 AM

Acutally, they can just umnplug the router and plug it back in. Saw it on South Park.

Score: 0

By Peregrine1970

posted Jul 18, 2008 - 8:23 PM

iddqd

Score: 0

By Talamasca

posted Jul 19, 2008 - 11:22 PM

idkfa

Score: 0

By yountmj

posted Jul 19, 2008 - 4:44 PM

Haha... wow, turn the way-back machine on. I haven't used that code in about 10 years. :)

Score: 0

By PC_Tool

posted Jul 19, 2008 - 1:03 PM

*roflmao*

Nice one.

Score: 0

By mshulman

posted Jul 18, 2008 - 5:25 PM

I wonder what kind of network they are on that prevent them from hacking it some other way. Most system's can be hacked if you have physical access to them - especially windows.

Score: 0

By TheNewGuy

posted Jul 18, 2008 - 5:14 PM

I've had "misunderstandings" with my boss. I've gotten very vocal with him, I've called him out on stupid decisions. I've never taken it out on the people who were not directly responsible.

This goes beyond what I could even fathom as some sort of personal-retaliation against an individual. I don't know what he planned to accomplish by doing this.

I wonder if the thousands of dollars it will take to solve the problem will be plucked from the salary he's still getting, even though, from the sounds of things, he's refusing to do his job right now.

Score: 0

By IT-Man

edited Jul 18, 2008 - 7:10 PM

Maybe it is time to hire the CIA waterboarding folks to do some after-hours interrogations. Shouldn't take over 20 minutes or so to get way more info than needed.

Score: 0

By ledjepplin

edited Jul 18, 2008 - 10:05 PM

I'd love to see this joker on the end of a taser for a few minutes. Oh how quickly he would repent.

Score: 0

By Scary Guy

posted Jul 19, 2008 - 3:30 AM

Repent, interesting choice of words. End of a tazer you say? How very christian of you.

Score: 0

By Scary Guy

posted Jul 18, 2008 - 7:20 PM

I hate you so much right now, I haven't the words.

Oh wait, yes I do, and they're all in the eighth amendment of the constitution.

Score: 0

By Second Shadow

posted Jul 18, 2008 - 10:53 PM

Oh, c'mon! EVERYBODY knows that torture isn't a "cruel and unusual punishment" .... or at least Supreme Court Justice Antonin Scalia is pretty sure about that ...

Score: 0

By yountmj

posted Jul 18, 2008 - 9:33 PM

He's only suggesting a slightly harsher version of the a** whoopin's he should have received when he was younger.

I guess he took his ball and went home... real mature. People get sh*t on every day. That's life. What defines you is how you deal with it. Acting out on your grievances against one person is one thing... making the rest of the city suffer in the process to prove some kind of point is entirely different.

Score: 0

By ronaldmaustin

edited Jul 19, 2008 - 5:14 AM

So he should have been whipped when he was young. And that would make him what? YOU... the upstanding, law abiding, judgmental, pompous a** that comments on someones guilt without knowing anything about the person or the facts of the case? Yeah, lets hope you have some kids and beat them. In fact, why not just water board them like some have suggested here. Make sure they never do some heinous crime like .... refusing to give up a password. God I hope you get accused of something like this some day and held in jail in lieu of $5 million.

Score: 0

By ducmaiaz

edited Jul 18, 2008 - 7:03 PM

Recovering a network should not take 8 weeks. This is how tax payers money being wasted. The City of SF should have the contractors bid for recovery projects. Most experienced and certified Cisco or Juniper network engineers should be able to recover any given networks, especially having physical access of the networking hardware. The City of SF should find another network manager, reorganized the IT department. :)

Score: 0

By tarrith

posted Jul 20, 2008 - 2:10 AM

Hire a decent hacker.
Problem solved.

Score: 0

Oct 15 - 8:58 PM ET Gartner: Acer gains big worldwide, Apple gains in US

Oct 15 - 8:55 PM ET FileMaker Bento 2 offers a spreadsheet feel, more app integration

Oct 15 - 8:40 PM ET EBay warning: A cloudy Christmas weather forecast

Oct 15 - 5:10 PM ET Yahoo usability tests bode ill for OpenID takeup

Oct 15 - 5:07 PM ET 802.11n chipset maker promises 600 Mbps throughput

Oct 15 - 5:03 PM ET Firefox 3.1 Beta 1 is the beginning of something...just a beginning

Oct 15 - 4:55 PM ET New legislation could postpone February DTV transition

Oct 15 - 1:50 PM ET Nvidia announces 9400M integrated GPU

Oct 15 - 1:11 PM ET The Windows name: Is there special significance to '7?'

Oct 15 - 1:08 PM ET With increasing traffic, AOL eyes 'social network aggregation'