LXer: Jailed SF Sysadmin Holds Parts of City Net Hostage
Syndicated Linux NewsThis forum is for the discussion of Syndicated Linux News stories.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
LXer: Jailed SF Sysadmin Holds Parts of City Net Hostage
Published at LXer:
Officials have arrested a city of San Francisco IT network administrator for locking up a multimillion-dollar city computer system, according to several reports stemming from a press conference with San Francisco District Attorney Kamala Harris. The employee, Terry Childs, 43, is accused of improperly tampering with computer systems and causing a denial of service, effectively locking out other top city administrators from the critical network.
My sympathy is entirely with the engineer, obviously surrounded by political hacks and incompetent asses. OTOH, that situation is a curse of bureaucracies that well adjusted techs just have to deal with, and obviously this one went a bit off the deep end. Nevertheless, I hope that in the end the City of San Francisco winds up apologizing and paying him millions of dollars in punitive damages.
I have absolutely no sympathy at all for this clown. He was asked to allow additional people to have access to the network by someone who had the authority to make such a request. No matter what, the answer should have been yes. I don't care how much effort he put into this or how much he considered it "his baby", the fact is the network is owned by the City of San Francisco and Childs is behaving like a spoiled child. The fact that his particular pattern of behavior isn't uncommon in the IT world is absolutely no freaking excuse for anything.
To be honest, a lot of the defense of Childs is resembles the same excuse-fest that surrounded Hans Reiser. Just because someone is brilliant, doesn't make them right.
The legal problem for SF is that they obviously authorized and encouraged him to take such ownership of the system for 5+ years. I'll bet he has a string of glowing personnel reviews. Reading between the lines, my guess is that a "new boss" came around (with no more interpersonal skills than Childs), and provoked a confrontation for no other reason than to assert his authority. I'll grant you that Childs was "wrong" to react as he did, but right and wrong has little to do with legality, and even less to do with personnel regulations in a government bureaucracy. Evidently, no physical harm to the network has happened, ... the only thing hurt has been people's pride.
Go Childs!
Re. the comparison to Reiser ... There is a lot of difference between killing someone and withholding a password.
The legal problem for SF is that they obviously authorized and encouraged him to take such ownership of the system for 5+ years.
There is no legal angle here. San Francisco paid for the network hardware, the network software and Childs time. Childs himself doesn't own a single thing in this, he is merely the employee who did the tasks that he was hired to do. Someone in authority over him asked him to do something reasonable and he refused. He is now suffering the consequences. Does this suck from Childs' point of view? Sure, but that is the nature of employment in the modern economy. You are never more than a cog in a wheel and you can be replaced at a moments notice. If someone doesn't understand this, they are going to get done over like Childs. To be honest, this is the number one reason why I started my own company. I got tired of jackasses determining my fate.
Quote:
Reading between the lines, my guess is that a "new boss" came around (with no more interpersonal skills than Childs), and provoked a confrontation for no other reason than to assert his authority. I'll grant you that Childs was "wrong" to react as he did, but right and wrong has little to do with legality, and even less to do with personnel regulations in a government bureaucracy. Evidently, no physical harm to the network has happened, ... the only thing hurt has been people's pride.
You know what? As much as it may suck, bosses get to do that. They've been given the authority and the responsibility. In fact, I would have done much the same thing in that bosses shoes. You don't want a single point of failure anywhere in your system, administrators included. The boss was absolutely correct in insisting that more people than just Childs had administrator access. I would also dispute that no physical harm has happend. San Francisco is now having to spend money to get around the obstacles Childs put in place. Since no city I know of has an unlimited budget, that means that something else is going to get cut. That is physical harm in my book.
Quote:
Re. the comparison to Reiser ... There is a lot of difference between killing someone and withholding a password.
Re-read what I wrote. I'm not comparing Childs' crime to Reiser's crime. What I am comparing is the various community reactions. In both cases, Childs and Reiser were being hailed as the wronged parties for no more reason than they were both IT geeks who were brilliant at what they did. In both cases if you actually look at the evidence and think a little bit about it you'll see that neither party deserved such accolades or defense.
I've had to work with clowns like Childs and to be honest their brilliance at what they do only rarely makes up for the problems they cause because of their attitudes. I no longer willingly have people like him on my teams because someone with lesser skills but a better attitude almost always makes for a better result in the end.
Terry Childs’s lawyer, Erin Crane, ... will argue today for a reduction in his $5 million bail, perhaps to something closer to the bail set for common murderers ($1 mil.) In her written motion for the bail reduction, she explained Childs’ actions — and she hinted that if Childs is taken to trial, it will be a rip-roaring event
The first comment at the end of this article expresses my position nicely.
Apparently, he had already tried to get his superiors to implement a security policy for the network that would allow other network admins to be trained to work with the setup in place.
He even wrote said policies and presented them to his bosses, but they never signed of on the proposals he made:
Quote:
Ultimately he has no one to blame but himself, but it's too bad his superiors weren't better about establishing and enforcing policies about authentication, backups, auditing, cross-training, and separation/rotation of duties.
You'll note the papers have referred to the new information security manager. It's only been a month or so since the City even had an information security policy, and even that is a bare, unmodified template from CCISDA that's awaiting discussion and alteration by a committee that hasn't been formed yet. (When I asked Terry if we could get a copy of the City's network security policy some months ago, he told me, 'I've been trying to get them to approve one for years. I've written ones up and submitted them, but they don't want to do it, because they don't want to be held to it.')
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.