Terry Childs' guilty conviction struck a nerve with IT staffers this week.
Here was a man who, by all accounts, was good at his job, though lacking in interpersonal skills. Suddenly, on July 9, 2008, he's pushed into a tense situation -- a hostile conference call with the human resources department, his boss and even a police officer, all listening in, and told to hand over the passwords to the City of San Francisco's FiberWAN network, which he helped build. He chokes and hands over bogus passwords. Later, he argues that he did this because nobody in the room was qualified to have administrative access to the network.
[ InfoWorld Contributing Editor Paul Venezia examines the rough justice for Terry Childs. | Venezia has led the way in reporting the bizarre case of Terry Childs. Consult our InfoWorld special report for a complete index of that coverage. ]
IT people are used to being held accountable for bad decisions made by their superiors, and some people who've read about the case feel some sympathy for Mr. Childs. After all, the city's network never went down, and Childs eventually did hand over control of the FiberWAN to San Francisco Mayor Gavin Newsom -- the only person Childs felt was competent to have the passwords.
"How exactly was he breaking the law?" wrote one Slashdot poster, reacting to news of Childs' conviction. "[H]e refused to disclose the passwords when the person requesting them did not follow proper protocols."
While the City of San Francisco apparently did a poor job in spelling out the protocols for handing over administrative control of its network, Childs was still guilty of a crime. A jury found him guilty of breaking California's hacking laws on Tuesday, and when he is sentenced on June 14, he will be facing a possible five-year prison term.
So how did Childs break the law? We put the question to one of the best people able to answer it: Juror # 4, also known as Jason Chilton. In addition to having listened to countless hours of courtroom testimony, he also happens to be a Cisco Certified Internetwork Expert (CCIE) and a senior network engineer with payroll administrator Automatic Data Processing. (ADP) He's spent the past five months of his life on the trial, which began jury selection in late November. According to him, there's much more to the Terry Childs case than most people realize. Following is an edited version of an interview he gave the IDG News Service on Wednesday, the day after the verdict was handed down.
IDG News Service: Why did you find Terry Childs guilty?
Chilton: The law was clearly spelled out for us. Within it there are very specific questions that you have to answer in order to reach a guilty verdict. And within those questions there are certain terms such as computer network, computer service, and those are given legal definitions, which you have to follow.
The questions were, first, did the defendant know he caused a disruption or a denial of computer service. It was rather easy for us to answer, "Yes there was a denial of service." And that service was the ability to administer the routers and switches of the FiberWAN.
That was the first aspect of it, the second aspect was the denial to an authorized user. And for us that's what we really had to spend the most time on, defining who an authorized user was. Because that wasn't one of the definitions given to us.