I should put this along the other stupid things of the day, much more like a joke then a real story but heh was funny for like 5 seconds.

thanx for sharing anyway.

If you have worked with government agencies - some are excellent, and some are astounding in their lack of competence. The excellent organizations often depend on a very small number of skilled individuals.

It is possible that Childs is that single skilled individual working within the City of San Francisco government.

The obvious possibility is that this Childs has gone weird for entirely personal reasons. On a national scale this sort of stuff happens regularly, and could well explain this particular case.

On the other hand, it is also possible that the “treason” is not Childs, but the folk in City government whose actions with which he did not agree. It is possible that he was asked to do something morally wrong, and he refused.

Ask system administrators for cases where their bosses asked them to do something morally dubious. You will get a rather a lot of stories.

This entire story smells funny. Even if Childs went nuts, if the city employed someone competent, the entire problem should have been corrected in a small number of days, That this appears not to be true suggests that Childs was the only halfway-able guy employed by the city. Why did Childs refuse to help the city regain control? One possibility is that Childs went odd.

This sort of stuff does happen.

Another possibility is that Childs was told to give administrative access to some political hack’s idiot nephew. Ask around - this sort of nonsense occurs far too often.

As to whether Childs is a traitor, a patriot, or a simple nutter - we do not as yet have anyway to judge.

… unless you think obeying “authority” is more important than defending the principles on which this country was founded. If blind obedience to authority is your belief, you have more in common with the Nazis than the Founding Fathers.

Acts of treason are punishable by death. This scum of a traitor should get the death penalty. Cyber terrorist.

Network consolidation for the City of San Francisco is not something that a couple of enthusiasts tinkered with over the weekend, and would have had a number of project teams, even if the core IT Department only had a handful of staff.

Many IT Departments these days are just vendor managers. This story sounds like media sensationalism at its best, fanning the flames of distrust for IT staff who handle sensitive information.

The first question I ask is where are the policies, controls, and checks to prevent exactly this sort of thing happening? Someone should slap the city officials with a copy of ISO 27001. http://en.wikipedia.org/wiki/ISO/IEC_27001

This is the point where someone has an epiphany at City Hall and wonders whether or not they should have paid those consultants for a security review.

Thanks for the feedback. So its not just me that thinks some of this sounds fishy?

Preston, you may be quite right about the competence of the one guy in the Tech department. And the article suggests massive consolidation of the infrastructure, which was likely due to budget constraints. And a tighter budget would likely suggest a small staff.

One of the first rules of security is that if you have physical access to the hardware, you can almost certainly subvert any software security. Unless he encrypted the contents of every hard disk (unlikely - especially if the system is running and functional), there is always a secondary path for resetting security when you have physical access.