Terry Childs still faces one charge -- one he shouldn't face

"He will go to trial for the remaining charge within 60 days, and it's possible that this story may finally come to a close."

It may go away for us, but let's face it: Childs will be black-listed and probably for life. I wonder what kind of civil suit will be filed once the final charge is thrown out in court.

What a massive display of management incompetence and prosecutorial abuse. If Childs did not commit a crime, he has been wrongly imprisoned by the city of San Francisco for over a year and there will certainly be some sort of compensation paid by the city to offset the violation of his rights. If the city is wise they will drop the remaining charge and try to buy him off. Hopefully, the district attorney will get some significant face time with the ethics committee of the California Bar Association.

I don't know the details here, but following the analogy offered about the truck driver, someone is due for a long stretch in jail. If I am the owner of the truck and request the keys, you MUST give them to me. You are not complicit with what I do with them unless you have clear knowledge I would perform an illegal act (and then there are other avenues to be pursued). It appears he was an employee and not the owner of the network, and must surrender control to the duly authorized organization's representative. Gosh, there are so many important issues in front of us, let this petulant fellow deal with this mess on his own.

Mr Venezia, I really appreciate the fact that you've dug into this case, and gotten below the tabloid headlines. I don't buy your truck analogy, though. You could simplify the analogy to some degree, and postulate what would happen if Mr. Childs was asked for the physical keys to the server closet by his manager, knowing that his manager was likely to go in there and accidentally kick the plugs out. The bottom line is that, even assuming the best intentions on Mr. Childs part, he has no authority to refuse that request -- it's not "his" network. That said, I'm really glad to have your perspective on this story, and I do sympathize with Mr. Childs. Thanks for your coverage.

It is NOT the equivalent of giving someone the keys to the IT closet. Handing passwords over is the equivalent of permission to use. In the truck example, the manager had explicitly said that he/she intended to 'use' the truck. It will be interesting to see if the same standard is applied to the sheriff. Of course, the court must take into account that the sheriff has guns and a small army whereas the network administrator was simply a geek. Where was Homeland Security when the sheriff was on the rampage? Seems like it might be construed as 'home-grown terrorism'. Anyways, I also disagree that Childs will be black-listed. I have known many asshole quirky wizards whose technical expertise kept them employed even in down times.

As someone with 18 years experience in IT administration, I thought the truck driving analogy was fairly accurate, if you compare the safety of the public on the road to the needs to the users on the network. However, it should be noted that the quandary situation does not exist until the manager creates it by asking for the keys. When you analyze things down to brass tacks, the only crime that Mr. Childs is really guilty of is insubordination, and the manager(s) in question were too incompetent to handle the situation as such.

The truck analogy is totally flawed. For it equates operation of a motor vehicle with that of network admnistration.

A more apt analogy would be should the captain of an airliner turn the operation of an airliner in mid-flight over to the head of the company just because he owns the plane?

Or should a surgeon allow the non-MD administrative head of the hospital perform brain surgery because of his rank?

If you agree to the latter, let us see you book yourself into SF General for brain surgery -- you need it... :)

As someone who has had to work with the City of San Francisco and read this whole story I feel for Childs. The entire bureaucracy is filled with incompetents that are trying to build personal empires with no thought to the outcome. No one there seems smart just political and ambitious. I can see why he would become defensive of his network.

It still seems to me that one thing read early on was that Childs wasn't just support tech he was the MAIN tech and partly the designer on that net work and was the only guy on call for that system so that's a lot for one guy in the city the size of SF and trust me I done some of the same on smaller scale but still anyone can see this guy was doing his job but for the pass word fiasco, Now early this year I had something of the same problem i was ask to set up server to small business but it was like we need it now and so i did what they asked adn gave them my list of need parts like a VPN Router adn Appiance fire wall adn a top of the line secuirty suite I got Blink in stall on the main 4 billing systems and the server and all was working well but the server was not fully on line till i got the hardware I wanted adn was said i was going to get .
They plan out to add 8 laptops to the mix for field work and they wanted them set up in a few hours i told them no that isn't how you send any laptop that will have personal client info on them or access and they agreed to let me set securing them. the next day I got note about the server not giving them access to the internet and told them I need more info but came in and look at the system after hours the system was fine an I could not see any problems but for still the need to get the hardware. The next day the Admin and CEO called asking for the passwords to add to the list as he was updating it. I saw no problem in this as he is the guy who owns the company and i did not think he would use them as he was not very computer savvy and I did think anything wrong with it ..Later that day I remote in as I did everyday to find Blink was gone from the Server.I was in shock the main protection was gone and one of the main billing systems was still showing attacks that night and we had showed him this. i called him and said the is problem and that Blink was gone and he said yes i de-installed it I was speechless I didn't scream till i got off the phone i said that is wrong you just don't open you self up why did he do this and he said because one program couldn't get online for doing billing ...WT!!! I said sir all you need to do was tell Blink to let go online .. he said I didn't know how .. I didn't even go in i just wrote it off as this was a medical billing and if anything was hacked I wasn't going to to go down for it we cancel the contract and that hurt at is a good 20K to 30K but I don't go to jail for some else being stupid. this why Childs didn't want to give the passwords that have no clue as to how the system runs and what is need to run it Childs did right in my eye and I hope sues till SF bleeds lets 14 month and he could bill how much an hour? oh that's going to hurt SF HARD! this last charge isn't going to hold as the system never went down and all the hard ware and account her had were normal and I can understand how he want to make sure people that didn't even know why modem would be hook to that system or why he had a pager to tell him a system need to be looked at I mean if these people were some who never have driven a car would you give them keys to drive off a city like SF?
these people want the passwords to a system that runs everything in SF and they had no clue as to what was need to make it run and it shows by not knowing why Childs had the right equipment set up to run thing from anywhere as he show be able to. I just tempted to just show up at the court to testify to this fact and I think ANY of those of us that are Tech's and in charge of Any large system needs to be there as well as what ever is the out come we will be effected as well and we need to make sure Childs Wins and get his day to sue their butts.

Well, the argument about the truck driver being licensed brings up something I've been arguing for sometime now: IT techs should be licensed professionals just like engineers, CPA's, doctors, and etc. It's amazing that an auto mechanic has to be licensed to work on a $1,500 used car but literally anyone can find their way into working with millions of dollars worth of computer equipment that can affect millions of people. The investment bank I used to work at had totally uncertified people working on systems responsible for billions of dollars in daily transactions. Common sense calls for a common standard for IT and that means licensing. It would increase the value of our work and it would also serve to prevent unlicensed asshats called 'management' from pursuing ego-driven agendas like what Terry Childs tried to defend from. Childs, IMHO, is a hero and I hope the city of San Francisco pays dearly for what they have put him through.

I had the same type of situation when leaving a law firm. I would not receive my last paycheck unless I gave the Office Administrator/business partner the passwords. I had the senior partner step in and asked him what should be done. He suggested that they be in a sealed envelope and given to a qualified person. The QUALIFIED person used them to gain access to the Admin server and proceeded to let people know what the partners were being paid along with year-end bonuses. I had warned them about that.

It's obvious why Paul V panders to disgruntled admins; it's his readership in this second tier "news" source. It's yellow journalism, certainly, sensationalizing something so blatantly criminal as martydom by a sysadmin. Sure the modem issue is like proving rape; you have to prove malice/lack of consent. He said; she said. But as soon as he refused to turn over the keys to, metaphorically speaking, the town's fire trucks, he became guilty of a crime. He knew the effect of what he was doing, and he did it anyway. Of course, you service includes the ability to respond to network problems. All networks, generally run 99% of the time. Our job is to be there the 1% they don't, and if a fire had started in the network, it could have been even more disruptive. But all work stopped to respond to what this knucklehead did knowingly, and he is culpable for it. His lack of cooperation also means he has caused a serious outage while they change every password at the very least to every service, application, device, user, and computer. They really need to do more to stop some one with insider knowledge and proven premeditated maliciousness. It is the precisely the password issue that sealed his fate. But in a civil trial, the full context of what he did, what was found in his house, testimony can be heard in full. The larger scale of his malice will be proven there. Remember, OJ got off on the criminal charges, but he was proven culpable in the civil trial. No, the only person making the ridiculous argument that he was actually maybe stopping a DoS by not giving the passwords to his boss is Paul V. It is nonsense. You do not own the network, the organization and it's agents do, as in your superiors...not just the mayor. If Obama had to respond to every disgruntled postal worker's daily complaints because they didn't like their boss, what would happen to government? Yeah, whenever I go on vacation, I give the boss a sealed envelope with my critical passwords that are not commonly known by the team. That's just professionalism. If I told the boss I am not giving you the passwords when the switches are password change resistent, or a folder is encrypted with the password, I am guilty of a criminal offense. This is precisely what TC did, and it seems obvious it is the issue that the judge is going to convict on.

Paul, Thank you for covering this story, there are a lot of people who are ignorant of issue's IT's face. A "manager" usually does not understand the technical complexities of a network and an IT's good judgement frequently comes into play on what is right or wrong. I haven't seen anyone mention it but what about the legal ramifications had he given up the passwords and the data on the network was made public or attained by shady character. Privacy data, social security information, criminal trial information financial accounts for the city. Did the manager requesting the data have any idea what they would be accountable for just by have the keys to the kingdom? More then likely they got their jobs through the good ol boy network, or attrition and didn't know what they were getting into. But thanks to Terry's actions the only tradgedy was that his life has been severly harmed, and the state, i.e tax payers will likely be paying him some deserved recompence.

I agree that the Bail is probably too high. On the other hand, I would not as senior Network admin, ever hire him or approve work with any firm or company which did. If my non-technical manager asked for passwords or keys and I didn't provide them, I would expect to be fired and prosecuted and blacklisted. No admin should have the power or ability to hold a company or city hostage.