Terry Childs: 15 months and counting

Believe it or not, the "rogue" network admin hasn't even gone to trial yet. Here's the latest on this troubling case

At this writing, Terry Childs has been in San Francisco Jail for one year, three months, and four days. His crime: refusing to hand over administrative passwords to San Francisco's city network.

His case has yet to go to trial, having been delayed dozens of times in the intervening months. Three of the four charges brought against him were thrown out of court in August, but his subsequent motion for a reduction in his $5 million bail was denied -- again -- and he still sits in the same jailhouse.

[ InfoWorld contributing editor Paul Venezia has led the way in covering the bizarre case of Terry Childs. Consult our InfoWorld special report for a complete index to that coverage. ]

Just to be clear, that bail figure is far larger than that normally recommended for rape, murder, or other violent crimes. In fact, in San Francisco City and County, it's five times higher than, say, kidnapping for ransom or sexual abuse of a minor. Whatever you think of this case or of Childs' guilt or innocence, it's obvious that he has been held to a ridiculous standard, and that his right to a right to a speedy trial has been violated.

They say the wheels of justice turn slowly, but I cannot help but think that brakes have been applied to these particular wheels. Perhaps it's an attempt to prevent embarrassment for the city, or someone hopes that the case will simply disappear. What's certain is that this case should have gone to trial a long time ago. At the very least, Childs' bail should have been reduced to a reasonable level well before now.

Yet it's clear why that bail hasn't been reduced. Every time a bail reduction motion is brought forward, the prosecution brings out all the technological boogeymen it can and throws them at nontechnical judges. If you take a judge that might even know a thing or two about computing and say, "If you let him out of jail, he will destroy the network," that judge simply isn't going to have enough background knowledge to think otherwise, and the motion is denied.

Naturally, for the average network architect, the 15 months Childs has languished in jail is more than enough time to secure a network against a former insider's threat. In fact, it could be argued that every switchport throughout the entire network could be physically inspected well within that timeframe.

Make no mistake. If the people now running the network cannot state definitively that the network is free of any backdoors Childs may have planted, they should be fired immediately for gross incompetence.

On the other hand, maybe remaining in jail has been of some benefit to Childs. Had be been released on bail and the network suffered an outage, he would probably have been blamed. Judging by the shoddy work done to investigate this case in the first place, I would find it hard to believe that anyone would be able to prove otherwise, even if the outage were really caused by a consultant's itchy finger or someone pulling the wrong cables.

But the fact remains that three out of the four charges were dismissed, leaving Childs with a single charge of "denial of service." The prosecution appealed this dismissal, which held up the trial date for several months, but the appeal was denied on October 13. Childs may finally get a trial -- though definitely not speedy -- at some point in the near future. He will almost certainly plead not guilty to the one remaining charge.

If this is how the law is being applied to the case of a network administrator who did not cause the failure or loss of service of any system, what might we expect if there was a failure, intentional or not? Public stoning? Given how Childs has been treated, it wouldn't surprise me if the City of San Francisco employed such medieval technology. It's that pesky modern stuff that they just don't get.

This story, "Terry Childs: 15 months and counting," was originally published at InfoWorld.com. Follow the latest developments in network security on InfoWorld.com.


Copyright © 2009 IDG Communications, Inc.

How to choose a low-code development platform