So, Terry Childs. You remember him, right? The Cisco network engineer for the city of San Francisco who refused to hand over the network admin passwords when he was asked to?
Yesterday a jury found him guilty of felony network tampering. Three other felony charges were dismissed during the course of the 5-month trial. Childs has not been sentenced yet, but could face a maximum penalty of up to 5 years. He has already been in the San Francisco County Jail for 21 months.
Paul Venizia’s blog contains probably the best coverage of the story from end to end. And Computerworld has an interview with a Cisco Certified Internetwork Expert (CCIE) who sat on the jury (and voted guilty).
It’s a cautionary tale. If you’ve been around systems administration very long, you’ve probably met people, like Childs, who were overprotective of their systems and/or networks. You may have joked about how management lacked the vision and understanding to make various decisions. I think most of us in the systems and network admin trade have felt at least some empathy for Mr. Childs and his situation.
But it’s hard to forget what he did. Essentially, Childs told his boss that he was not going to hand over administrative control of the network until his conditions were met. For all intents and purposes, he held the City of San Francisco’s FiberWAN network as his personal hostage.
Many of us refer to systems and networks we professionally administer as “my network” or “my servers” or “my systems.” We think of them the same way a bus driver might think of “his” bus. But it’s not really “his” bus – it belongs ultimately to the people who paid for it. He simply drives it around for them. Usually that bus driver is welcome to suggest better maintenance procedures, smarter routes, or other improved uses of the bus, but if the owners decide differently, then clearly it’s their bus and their decision. We wouldn’t for a minute think of a bus driver who kept the keys until his conditions were met as anything other than a bad employee, in need of firing.
All analogies are imperfect, but that’s the situation here. Terry Childs forgot that FiberWAN was not “his” network, even after strong reminders from the owners; even while sitting in a jail cell. How can any system/network administrator hope to get away with that?