What’s this guy going to do for work when this blows over? However brilliant he may be, who would trust him? I wonder if Lex Luther is hiring?
“I used to be a bad guy. Then, after a stint in the klink, I saw the error of my ways and started my own security consulting company. There are a lot of people out there like me, I mean like I used to be, and you need somebody like me to protect yourself against them.”
I’m surprised we’ve even found out about it, bearing in mind the public aren’t really affected( Until the computers go down for ‘unannounced repairs’.). Has nothing like this ever happened before?
reason for edit - diabolical typo’s.
You mean after he gets out of jail?
His lawyer is now saying it’s all a big misunderstanding, and he has been offering to give them the password for several days. Yeah, right. I’m sure what we have here is not failure to communicate.
This was yesterday, I think, or the day before. I expect this will all be worked out in some back room deal and very little further said about it. There is a fair amount of disgruntlement locally about our district attorney’s (Kamala Harris) unwillingness to prosecute even the most egregious and obvious crimes. I expect this will be another one of those.
Roddy
This story in the Trib says that he changed the network router’s passwords, that everything is running fine, and that it would take 6-8 weeks to rebuild the network. So I guess the answer is as everyone speculated: the city doesn’t want to take down the system if it doesn’t have to.
This articles seems to think its all a bit a bit trumped up…
Interesting!
What, not enough male-to-male adapters?
If indeed all that is true, I would still fault both the city and Childs for having no provision for accidents. A single failure point is a recipe for disaster.
Ah, loving the Google ads being displayed here. Glad I can learn to be a hacker and steal anyone’s passwords /rolleyes
Call it terrorism and ship his butt down to Guantanamo Bay…close eyes, look other way…wait ten minutes.
Interesting, this might not have been illegal, either. If he had a clause which said that without payment, the system set-up was legally unfinished and he could mess with it. In fact, that’s what I’d probably argue as a lawyer. Tell my client to say the city made a mistake and was trying to use an unfinished system he was still fixing up. If he hadn’t formally declared it finished and they hadn’t paid for it, there might not be any legal distinction. If he is claiming that he’s been trying to help the city out, especially so…
San Francisco has its network back. In a rather unusual move, the mayor personally visited the guy in jail and got the passwords.
I’m surprised - apparently San Francisco didn’t even have an information security policy until a month or two ago, and nobody seemed to think it was odd that only one person knew how an important system worked. Never mind fraud or “tampering” - what if the guy got hit by a bus?
gotpasswords your user name is so appropriate for your post, I just had to comment.
Yeah, it was pretty stupid…or maybe I should say it was lazy and stupid on the part of whoever is running the network there. I bet they are implementing new SOP’s as we speak though…
-XT
Thanks for all the info in the thread. I was clueless about how systems worked.
I wonder if the conversation went anything like this when they got back to city hall:
Heh, well, the name and what I do are closely linked.
Networkworld has a good article on this. The author had someone familiar with the SF IT department, and Terry Childs, email him information. The whole thing sounds more plausible, after reading this.