PDFPrintE-mail

San Francisco network lockdown: IDs and passwords revealed in court

Business IT - Security

The trial of Terry Childs, the network administrator who locked down the city of San Francisco's network when threatened with dismissal from his job, has taken another turn, with around 150 usernames and passwords for the San Francisco city government's VPN being exposed to public view. The accounts, associated with the mayor's office, the district attorney's office, the police department and other city agencies, were tendered as an exhibit in the court case.

Childs allegedly locked legitimate users out of the network and gave himself access to parts of the network beyond his remit. He reportedly claims that he changed the passwords of administrators who were negligent in allowing malware to enter the system.

It seems he was then threatened with suspension or dismissal for what he saw as doing his job in protecting the system, and responded by locking down the network.

The list of usernames and passwords was produced as evidence by the district attorney's office, and it became part of the public record of the case for a period before being removed from open scrutiny.

According to those who have seen the list, some of the passwords are easy to guess - in some cases to the extent of being the same as the username they go with. If that is true, maybe Childs was doing his job (even if the execution was overzealous) and perhaps his managers should have taken his warnings more seriously.

Were Childs' actions equivalent to those of a whistleblower, or should be be seen merely as a technical functionary who overstepped his authority?

The case raises serious questions about the balance between IT workers' professional duty and their responsibility to their employers or the owners of the systems which they use, manage or maintain.

Childs remains in jail, with bail set at $US5 million, until the next hearing scheduled for September 24. He faces five charges involving tampering with computer networks and criminal damage.

Maybe when the trial proper gets underway we will get a clearer picture of the circumstances in which Childs acted.

Please enable JavaScript in your browser to post your comment!

SPONSORED ANNOUNCEMENTS

Top Five Tips for Securing your Business Reputation from AVG (AU/NZ)

Wednesday, 10 March 2010

There have been recent reports of how a Twitter scam has affected some well known UK politicians, issuing embarrassing Tweets from their personal accounts. Whilst these headlines may seem amusing, Lloyd Borrett, the Marketing Manager at AVG (AU/NZ), says it is worth considering the potential impact of this type of scam on your business reputation.

Featured IT jobs

PLATFORM REPLACEMENT PROGRAM TRANSFORMATION MANAGER ...
Skills Tags:   IT  ITIL  J2EE  Management  Oracle  SDLC
An exciting opportunity exists to become part of this major SAP integration project. We are looking for an experienced SAP SRM Lead to join a dedic...
Skills Tags:   Functional  Prototyping  SAP
An exciting opportunity exists to become part of this major SAP integration project. We are looking for an experienced SAP HCM Lead to join a dedic...
Skills Tags:   Functional  Prototyping  SAP
- Excellent contract opportunities...
Skills Tags:   Development  Excel  SDLC

Editors Picks

Stories you may have missed 

What iTWire offers for free

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases