San Francisco Mayor Gavin Newsom met with jailed IT administrator Terry Childs Monday, convincing him to hand over the administrative passwords to the city's multimillion dollar wide area network.
Childs made headlines last week when he was arrested and charged with four counts of computer tampering, after he refused to give over passwords to the Cisco Systems switches and routers used on the city's FiberWAN network, which carries about 60 per cent of the municipal government's network traffic. Childs, who managed the network before his arrest, has been locked up in the county jail since July 13.
On Monday afternoon, he handed the passwords over to Mayor Newsom, who was "the only person he felt he could trust," according to a declaration filed in court by his attorney, Erin Crane. Newsom is ultimately responsible for the Department of Telecommunications and Information Services (DTIS) where Childs worked for the past five years
Mayor Newsom secured the passwords without first telling DTIS about his meeting with Childs, according to DTIS chief administrative officer Ron Vinson, who added, "We're very happy the mayor embarked on his clandestine mission."
The department now has full administrative control of the network, he said in an interview Tuesday night.
It's likely that Childs had a lot to tell the mayor when the two met.
Childs' attorney has asked the judge to reduce Childs US$5 million bail bond, describing her client as a man who felt himself surrounded by incompetents and supervised by a manager who he felt was undermining his work.
"None of the persons who requested the password information from Mr. Childs ... were qualified to have it," she said in a court filing.
Childs intends to disprove the charges against him but also "expose the utter mismanagement, negligence and corruption at DTIS, which if left unchecked, will in fact place the City of San Francisco in danger," his motion reads.
Vinson dismissed the allegations. "In Terry Childs' mind, obviously he thinks the network is his, but it's not. It's the taxpayers'," he said. "The reason he's been sitting in jail is because he denied the department and others access to the system."
The court filings help explain just how this happened.
According to an affidavit from James Ramsey, an inspector with the San Francisco Police Department, he and other investigators discovered dial-up and DSL (digital subscriber line) modems that would allow an unauthorized connection to the FiberWAN. He also found that Childs had configured several of the Cisco devices with a command that would erase critical configuration data in the event that anyone tried to restore administrative access to the devices, something Ramsey saw as dangerous because no backup configuration files could be found.
This command, called a No Service Password Recovery is often used by engineers to add an extra level of security to networks, said Mike Chase, regional director of engineering with FusionStorm, an IT services provider that supports Cisco products.