So, Terry Childs. You remember him, right? The Cisco network engineer for the city of San Francisco who refused to hand over the network admin passwords when he was asked to?
Yesterday a jury found him guilty of felony network tampering. Three other felony charges were dismissed during the course of the 5-month trial. Childs has not been sentenced yet, but could face a maximum penalty of up to 5 years. He has already been in the San Francisco County Jail for 21 months.
Paul Venizia’s blog contains probably the best coverage of the story from end to end. And Computerworld has an interview with a Cisco Certified Internetwork Expert (CCIE) who sat on the jury (and voted guilty).
It’s a cautionary tale. If you’ve been around systems administration very long, you’ve probably met people, like Childs, who were overprotective of their systems and/or networks. You may have joked about how management lacked the vision and understanding to make various decisions. I think most of us in the systems and network admin trade have felt at least some empathy for Mr. Childs and his situation.
But it’s hard to forget what he did. Essentially, Childs told his boss that he was not going to hand over administrative control of the network until his conditions were met. For all intents and purposes, he held the City of San Francisco’s FiberWAN network as his personal hostage.
Many of us refer to systems and networks we professionally administer as “my network” or “my servers” or “my systems.” We think of them the same way a bus driver might think of “his” bus. But it’s not really “his” bus – it belongs ultimately to the people who paid for it. He simply drives it around for them. Usually that bus driver is welcome to suggest better maintenance procedures, smarter routes, or other improved uses of the bus, but if the owners decide differently, then clearly it’s their bus and their decision. We wouldn’t for a minute think of a bus driver who kept the keys until his conditions were met as anything other than a bad employee, in need of firing.
All analogies are imperfect, but that’s the situation here. Terry Childs forgot that FiberWAN was not “his” network, even after strong reminders from the owners; even while sitting in a jail cell. How can any system/network administrator hope to get away with that?
WTF?
I don't care about the Childs case but
this sounds much like you have never been in the situation where you were asked to hand over keys, codes, credentials or in fact any data you thought you were in charge of. Or you just never cared.
You wouldn't think a minute? Statements like these are the reason why I prefer to be my own sysadmin.
Yes I have been there. I handed it over.
I have been in that situation. Obviously it's something a responsible admin should think carefully about; I have not said otherwise. If I thought it was a hinky request, I'd ask for written authorization. And then, if said authorization came from someone higher than me in my own management chain, I would do exactly what it said. It's not my bus. If management want to drive it off a cliff, that's their prerogative, once the normal sysadmin has done the reasonable CYA move. But had I been in Terry Childs' situation, no way I would have made the mayor come to me.
Edit: This just came to mind. One place I worked, at regular intervals, all of the sysadmin and netadmin team members were regularly asked to write out our administrative passwords, or save them to floppy disk or something, seal them in envelopes, and sign and date across the flap. The envelopes were then stored in a safe which management had access to. I had no problem with that; in fact I thought it was a great idea. (We also enforced careful separation between admin accounts and personal ones.) However, if I were implementing it somewhere else, I'd want a safe that took two people to open. And some procedure for documenting when any of the envelopes is opened.
I really don't understand the logic of denying management access, even administrative access, to company assets. If I began feeling the need to do what Terry Childs did, I'd either a) get my head examined, or b) start looking for a better job. Or maybe c) both a and b.
If you can think of a situation where it's absolutely clear that a sysadmin should withhold such information from his management, I'm interested to hear and think about it!
The only reasons to deny clients/bosses what they want
The only reason I can see for ever flat denying clients or bosses what they want:
Besides that, I agree that a recommendation against should stop after once or twice. After that, you should just comply.