The inner sanctum
Later in the e-mail, my source offered some insight into what may be at the core of the issue: Childs was so paranoid about the security of the network that he even refused to write router and switch configs to flash, which would mean that if the device was powered off, all configurations would be lost.
“At one point he was concerned about the security of the FiberWAN routers in remote offices, so he had them set up without saving the config to flash. 'If they go down, I'll get alerted, and connect up to them and reload the config.' Great, except we have power outages all the time in this city, some of those devices aren't on UPSes, and what happens if you're on vacation? And what about the 15 to 60 minutes it might take you to connect up and reload? He eventually conceded and (ahem) decided that disabling password recovery was sufficient security.”
If Childs did this with some or all of the switches and routers comprising the FiberWAN network, then password recovery without significant network disruption becomes a bigger problem. Without firsthand knowledge of the state of those routers and switches, there’s no good way to know, unfortunately.
If the details given to me in this e-mail are accurate, it would appear that this case is not nearly what it seemed originally. Perhaps it comes with the pressure and responsibility of the job, or the belief that the network they’ve built is simply too complex for mere mortals to comprehend, but it’s not uncommon for highly skilled network administrators to become overprotective of their networks, or for networks of significant size to become an extension of the person who built them.
It certainly appears that Terry Childs believed San Francisco’s FiberWAN network was his baby, and that by refusing to allow others to access the inner sanctum was in the best interests of the city, the citizens, and perhaps most importantly, himself.