Could the Childs case put all network admins in danger?
If Childs is convicted of some charges actually brought against him, any network admin could go to jail for doing their job
Follow @pveneziaLater this week, San Francisco's infamous network admin Terry Childs will appear in court after his last hearing date was postponed for two weeks at the request of the San Francisco District Attorney. This hearing is fairly critical to the DA's case, as it will essentially determine the viability of the case going forward. If the court sides with Childs at this hearing, the case is over before it even begins.
To clarify exactly what's going on here, I figured I'd take a look at the four charges that the DA has brought against Childs. The first charge is "disrupting or denying computer services." Counts 2 through 4 involve "providing a means of accessing a computer, computer system, or computer network in violation of section 502." There's one such count each for each of the three modems in his workspace or otherwise under his control. Two of these modems were actual analog modems, and the third was a DSL modem connected to the Internet.
[ Get the full scoop on the Terry Childs case. | Read InfoWorld's jailhouse interview with Childs | Special report: Terry Childs: Admin gone rogue. ]
What's interesting here isn't the charges themselves, but the charges that are missing. Namely, the charge of sabotage, computer tampering, or the like. Apparently the very allegation that's kept him in jail for seven months wasn't strong enough to be presented to the court as a charge.
So let's look at the charges that have been presented. The first, "disrupting or denying computer services," describes a DoS situation whereby an individual has knowingly and purposefully caused an outage or disruption of a computer service.
Had the San Francisco FiberWAN gone down due to to Childs' actions, this would certainly apply. However, it did not. In my mind, this charge is wholly inaccurate as it relates to my knowledge of the case.
I suppose the validity of this charge depends on your definition of "services," however. Generally speaking, this section of the penal code was developed to be used in cases where a bad actor intentionally attacked a Web site or other resource with the goal of taking the site or resource down. Childs' refusal to give up the passwords for several days in no way caused a disruption of the normal operation of the FiberWAN; it prevented the network from being modified or extended for that period of time. In fact, it could be argued that his refusal actually prevented the disruption of normal network operation.
