[governance] San Francisco officials locked out of network

Jeffrey A. Williams jwkckid1 at ix.netcom.com
Tue Jul 15 04:20:01 EDT 2008 

Yehuda and all,

  Yes read this earlier today.  It's clear that more or this will be
occuring as sysadmin's are all too often required to to more with
less or without the tools they need and should have to effectively
do their jobs properly.  Secondly, as a long ago sysadmin myself,
I can attest that network design and configuration such as San
Francisco's are weak to poor.

  Unfortunately this fellow went way too far in mis-using his position
in attempting fraud it appears, but let's not convict this fellow as there
is likely much more to this story than we know now.

Yehuda Katz wrote:

> Irate sysadmin locks San Francisco officials out of network
>
> By John Leyden
> Published Tuesday 15th July 2008 15:15 GMT
>
> Art ref.: http://www.theregister.co.uk/2008/07/15/sf_bofh_sabotage_charges/
>
> Print:
> http://www.theregister.co.uk/2008/07/15/sf_bofh_sabotage_charges/print.html
>
> --
>
> Hapless municipal bosses in San Francisco have been locked out of their network
> by a disgruntled sysadmin charged with computer sabotage.
>
> Terry Childs, 43 and of Pittsburg, California, was held on remand over the
> weekend pending the outcome of committal proceedings (an arraignment) on
> Tuesday where he faces four counts of computer tampering. Meanwhile his former
> bosses were unable to access San Francisco's new multimillion-dollar FiberWAN
> (Wide Area Network). The network provides access to confidential databases
> including payroll files and law enforcement documents.
>
> Childs allegedly created a password that gave him exclusive access to the
> system. Pass codes he gave to police failed to work. Even under threat of
> arrest Childs failed to cough up the goods, prompting officers to take him into
> custody on Sunday.
>
> The sysadmin, who draws a basic salary of around $126,000, has worked for the
> Department of Technology for around five years. Childs was recently the target
> of disciplinary action over his allegedly poor performance at work. The San
> Francisco Chronicle quotes
> (http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2008/07/14/BAOS11P1M5.DTL&tsp=1)
> anonymous city officials in support of a theory that Childs rigged the system
> as an "insurance policy" against getting fired.
>
> At a press conference on Monday, city officials said they were making progress
> in regaining control of the system, which is up and running but inaccessible.
> Investigators reckon Child started making changes to the system around a month
> ago on 20 June. They claim that undoing the damage he allegedly caused via the
> denial of service attack could cost "millions" of dollars. Even taking into
> account lost productivity this estimates seems high and probably represent an
> attempt to up the ante in the prosecution of Childs in the hope that he'll back
> down when faced by the prospect of more serious charges.
>
> The San Francisco Chronicle reports city officials' fear that Childs may have
> an accomplice capable of further damaging the system even as Childs cools his
> heels in jail. So far police have found nothing to back up a theory that some
> type of electronic device might feature in such a putative attack. Childs' bail
> has been set at $5m, The Mercury News adds
> (http://www.mercurynews.com/breakingnews/ci_9882976).
>
> Nathan Ballard, a spokesman for San Francisco Mayor Gavin Newsom, said he was
> "confident that [the Department of Technology] is doing everything necessary to
> maintain the integrity of the city's computer networks." [Ed: where's Dirty
> Harry when you need him?]
>
> Ron Vinson, chief administrative officer for the Department of Technology, said
> city officials were "working around the clock" to restore access. Ironically,
> Childs received an additional salary payment of $22,534 last year for serving
> as an on-call trouble shooter, The San Francisco Chronicle adds.
>
> ---
> -30-
>
> Love-it ...
> 'The logical song' by Supertramp
> http://www.youtube.com/watch?v=pBAasek8NR4
> ____________________________________________________________
> You received this message as a subscriber on the list:
>      governance at lists.cpsr.org
> To be removed from the list, send any message to:
>      governance-unsubscribe at lists.cpsr.org
>
> For all list information and functions, see:
>      http://lists.cpsr.org/lists/info/governance

Regards,

Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1 at ix.netcom.com
My Phone: 214-244-4827

____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance

More information about the Governance mailing list