Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Disgruntled Engineer Hijacks San Francisco's Computer System

timothy posted more than 6 years ago | from the wait-'til-he-turns-off-the-earthquake-preventor dept.

Security 1082

ceswiedler writes "A disgruntled software engineer has hijacked San Francisco's new multimillion-dollar municipal computer system. When the Department of Technology tried to fire him, he disabled all administrative passwords other than his own. He was taken into custody but has so far refused to provide the password, and the department has yet to regain admin access on their own. They're worried that he or an associate might be able to destroy hundreds of thousands of sensitive documents, including emails, payroll information, and law enforcement documents."

Sorry! There are no comments related to the filter you selected.

Backups? (5, Funny)

anonieuweling (536832) | more than 6 years ago | (#24194381)

With backups no data will be lost. Oh, those are encrypted?

Re:Backups? (5, Insightful)

shbazjinkens (776313) | more than 6 years ago | (#24194409)

Or they could just unplug it? Lost productivity is better than lost data here, I'll bet.

Re:Backups? (5, Insightful)

Brian Gordon (987471) | more than 6 years ago | (#24194635)

I don't understand how it's possible to be locked out of a system that you have direct local access to. You should at least be able to pop in a livecd and edit /etc/password from a livecd. If you need to decrypt stuff might as well start cracking the hash.. they certainly have the computing power to do it o_O

Re:Backups? (3, Insightful)

dk90406 (797452) | more than 6 years ago | (#24194717)

Assuming it is Windows or Linux. It might run on some other (e.g. special hardware or mainframe) or/and have en encrypted HDD.

Re:Backups? (4, Informative)

SatanicPuppy (611928) | more than 6 years ago | (#24194787)

Pretty much all Unix systems are hackable with local access.

I'm guessing either the entire file system is encrypted, or the problem is getting into an application that's running under the OS. Most times the OS isn't the final gakekeeper in high security; the application itself may run everything encrypted, and may very well have no easy way to restore access if a password is lost.

Re:Backups? (4, Insightful)

cboscari (220346) | more than 6 years ago | (#24194755)

Are you sure it's a UNIX variant? I assumed it was big iron, and I am not sure those have cd-rom drive. What's more, if he choose a REALLY good password, brute force decrypt might take a *long* time...

Re:Backups? (1)

wild_quinine (998562) | more than 6 years ago | (#24194699)

With backups no data will be lost.

In the short term, any last resort backups are less preferable than busting this guys balls till he opens up the system for a variety of reasons. I'll put good money on him cracking before this article gets 200 comments.

This is why... (5, Insightful)

Gallenod (84385) | more than 6 years ago | (#24194387)

...you disable his account *before* you tell him he's fired.

Re:This is why... (5, Insightful)

Televiper2000 (1145415) | more than 6 years ago | (#24194433)

I was just about the say the same thing. You also escort them directly out of the building and let them pick up their personal things a week later.

Re:This is why... (4, Insightful)

damburger (981828) | more than 6 years ago | (#24194489)

Is holding his possessions captive in such a way legal? Its certainly arseholey.

Re:This is why... (4, Interesting)

zr (19885) | more than 6 years ago | (#24194613)

fedex it. nothing at workplace is private from employer.

Re:This is why... (1, Interesting)

MBGMorden (803437) | more than 6 years ago | (#24194691)

Private as in privacy, no. But private as in private property? Yes. If they don't allow someone to gather their things before they leave they could be looking at serious legal troubles.

Re:This is why... (1, Funny)

Anonymous Coward | more than 6 years ago | (#24194725)

So your employer has the right to look at your genitals whenever he wants? I'm glad I'm not your employer.

Re:This is why... (-1, Offtopic)

toby (759) | more than 6 years ago | (#24194711)

If we can put a man on the moon, ... is moderate competence in what we do daily really too much to ask? [thedailywtf.com]

I'm not a fan of manned space flight, but I do find the achievements of Apollo inspiring, setting a tangible benchmark, and fair game for non sequitur generation :)

RTFA (4, Informative)

tomhudson (43916) | more than 6 years ago | (#24194495)

He was arrested AFTER he disabled everyone else's account.

What do you recommend they do next time, use a crystal ball or ouija board to predict who's going to pull such a stunt?

Re:RTFA (5, Funny)

alexgieg (948359) | more than 6 years ago | (#24194775)

What do you recommend they do next time, use a crystal ball or ouija board to predict who's going to pull such a stunt?

Minority Report for system administration activities? Sweet! ;-)

Read the Article - He wasn't fired. (5, Informative)

chipmeister (802507) | more than 6 years ago | (#24194505)

There was an unsuccessful attempt to fire him. The article also mentions that he was essentially spying on people to learn things being said about him.

POWER TO THE PEOPLE! (3, Funny)

Swizec (978239) | more than 6 years ago | (#24194517)

Is what I say ...

Re:POWER TO THE PEOPLE! (0, Funny)

Anonymous Coward | more than 6 years ago | (#24194639)

Aah, yes. The battle cry of the unwashed hippie, flailing around in his white-boy dreads and demanding that "TEH MANG" redistribute the wealth of people who've accomplished something to those who majored in "Gender Studies and Womyn Subjugated by the Phallocracy."

Re:This is why... (1)

efence (927813) | more than 6 years ago | (#24194547)

I think the story answers this [slashdot.org] "Ask Slashdot" question quite well. Except the poster of the former story was not getting fired.

Re:This is why... (5, Funny)

martin-boundary (547041) | more than 6 years ago | (#24194697)

Nah, they should just reboot the system. That always works, I've seen it countless times in movies.

Re:This is why... (4, Insightful)

Anonymous Coward | more than 6 years ago | (#24194753)

Except a lot of times someone is fired they know that's it's coming. It's possible this guy had set this all up in the case he got fired, and then we he saw it was going to happen he put it into motion. Article even says they tried to fire him before and he created his super password as a security device to keep his job. Now I'm sure the real irony here is that if this guy probably actually did his job instead of all this mess he probably wouldn't have been fired. I mean, this is a guy that's going to be looking at pretty serious jail time, and probably a severe restriction on his rights when he gets out. I like my job, but not enough to do something that's going to land me in the pokey.

Dennis Nedry? (5, Funny)

dunelin (111356) | more than 6 years ago | (#24194391)

Next thing you know, we'll have some dinosaurs on the Presidio.

Re:Dennis Nedry? (1)

ciaohound (118419) | more than 6 years ago | (#24194417)

Not if it's a UNIX system :)

Re:Dennis Nedry? (1)

Brian Gordon (987471) | more than 6 years ago | (#24194585)

I hate this hacker crap :P

I had a dream... (3, Interesting)

courteaudotbiz (1191083) | more than 6 years ago | (#24194413)

We all dream about doing this to our ex-employer, but he's the one who's had the balls to do it!

Re:I had a dream... (5, Insightful)

gEvil (beta) (945888) | more than 6 years ago | (#24194483)

We all dream about doing this to our ex-employer, but he's the one who's had the balls to do it!

No, not all of us do. Especially those of us who don't do things that get ourselves fired.

Re:I had a dream... (5, Funny)

SatanicPuppy (611928) | more than 6 years ago | (#24194615)

I've been in a position to do this (I was still rooted from home in three systems, and though they changed the passwords, they didn't kick active sessions) and all I did was change the MOTD to "When firing a user with root access, make sure to abort existing sessions."

Professionalism is key if you expect to be trusted with access to big sexy systems.

I want my job! (1, Funny)

Anonymous Coward | more than 6 years ago | (#24194419)

Give me my job back and you get your passwords, otherwise I'll just post how I did it on slashdot

Acting like a child! (0)

Anonymous Coward | more than 6 years ago | (#24194423)

oh, sorry! I will leave now.....

BOFH comes to mind... (1)

s0litaire (1205168) | more than 6 years ago | (#24194431)

oops! wrong website :)

I bow to his guts (0, Flamebait)

Opportunist (166417) | more than 6 years ago | (#24194435)

I mean, is there any SysAdmin who didn't think of doing just that?

Just hack *his* hack (2, Insightful)

ma11achy (150206) | more than 6 years ago | (#24194439)

With the correct knowledge, it should not be too difficult to get back door access to their system again.

This seems to be more of a PR excercise on making an example (as they should) of this guy.

More and more reasons why people like us should have a recognised code of ethics.

Re:Just hack *his* hack (1)

apathy maybe (922212) | more than 6 years ago | (#24194543)

If you have administrative access "hacking" the system is a fuck load easier then if you don't.

Please note, he 'has' (for a given definition of 'has' considering that he's in jail) admin access, he disabled everyone else's admin access and refused to divulge his password.

Now, how do your propose they "hack *his* hack" without the tools he had?

Re:Just hack *his* hack (4, Interesting)

Palinchron (924876) | more than 6 years ago | (#24194653)

By using the fact that they still have physical access? Resetting his password, or re-enabling other admin accounts is trivial if you can boot the target server with a recovery disk or something along those lines.

Re:Just hack *his* hack (5, Insightful)

Anonymous Coward | more than 6 years ago | (#24194557)

If you need a recognized code of ethics to tell you that sabotaging your ex-employer's system isn't right, then no code of ethics can help you. Unfortunately this guy screws it up for all of the honest techs who work hard to earn the trust which they need for doing their jobs.

Re:Just hack *his* hack (2, Insightful)

betterunixthanunix (980855) | more than 6 years ago | (#24194743)

I believe that was the point of the city claiming that he might have granted access to the system to a third party: make him out to be a really bad guy, rather than some moron trying to get back at his boss, so that the city looks less incompetent. Also note that the system is still operational. The city is trying real hard to paint this guy as some sort of IT-terrorist, but if TFA is any indication, the guy really is just an idiot with a grudge.

Countdown... (5, Insightful)

geminidomino (614729) | more than 6 years ago | (#24194441)

Idiotic new law in 5...4...3...

Re:Countdown... (2, Insightful)

Anonymous Coward | more than 6 years ago | (#24194773)

Unlikely given that he's already committed multiple felonies worthy of setting bail at $5 million.

The make new laws when the guy they want to convict didn't break any serious existing ones (or they can't prove he did...), this case seems covered by the existing laws.

Re:Countdown... (2, Funny)

MadKeithV (102058) | more than 6 years ago | (#24194783)

+1 worrying ;-)

Frankly (3, Informative)

Anonymous Coward | more than 6 years ago | (#24194445)

If he met the same kind of problems I did when I worked in public sector and tried to push changes that would prevent this kind of idiocy in the first place only to be ignored because policy and process changes for better security and general good practice improvements meant management actually having to do some work then well, good on him for having the balls to do it.

Certainly in the UK in public sector those who work hard get shit on because those who refuse to do any work or could care less about a good job own the IT departments due to nothing more than hanging around for the job long enough that everyone higher than them dies/retires. As there's no accountability in local government and most other public sector these people can't be sacked or disposed of in other ways so they just hang around until they are 65.

Re:Frankly (4, Insightful)

damburger (981828) | more than 6 years ago | (#24194511)

Why the hate towards the public sector? I have found the exact same shit going on in private companies, many of them quite successful.

Re:Frankly (1)

mdmkolbe (944892) | more than 6 years ago | (#24194603)

The public sector has a reputation for operating fat and lazy (well, fatter and lazier than the private sector). Something about absence of market pressure.

Re:Frankly (5, Insightful)

damburger (981828) | more than 6 years ago | (#24194701)

A reputation, based on people with a serious ideological axe to grind. Blind faith in the market producing magical efficiency gains is contrary to everything I have seen during my professional life, both in the public and private sector. From my perspective, I have never seen one bit of evidence to show there is any truth to it outside the imaginations of Tory politicians.

Furthermore, people like you who are so besotted with 'market forces' did attempt to introduce them to public services in the UK, and it has been an unmitigated disaster. The inability of internal prices to truly reflect the quality of services has resulted in huge waste, massive bureaucracy and a decline of standards. Now, the ideologues are at it again trying to push for a new round of 'targets' in the NHS. They never learn.

Just call John McClane (1)

MooseDontBounce (989375) | more than 6 years ago | (#24194449)

Live Free or DIE HARD baby!!!

Re:Just call John McClane (1)

hellfish006 (1000936) | more than 6 years ago | (#24194605)

whoa whoa, no one is talking about a fire sale here! ;)

Re:Just call John McClane (1)

SatanicPuppy (611928) | more than 6 years ago | (#24194693)

Of all the idiotic, impossible to believe things I saw in that movie, the worst, the absolute worst, the most impossible to believe, was that the big uber hacker had a sexy kung fu hacker chick girlfriend.

Compared to that, fitting all the nations financial data on three hard drives, ramming a (flying) helicopter with a car, and hacking the entire country from a semi-trailer are almost plausible.

Solaris = This being impossible. (0)

Anonymous Coward | more than 6 years ago | (#24194451)

Seriously. Why are these systems not using proper, redundant, and backed-up RBAC?

Re:Solaris = This being impossible. (1)

mrbluze (1034940) | more than 6 years ago | (#24194487)

Seriously. Why are these systems not using proper, redundant, and backed-up RBAC?

If everybody was clever and did the right thing all the time we wouldn't have reason to sack anyone or need to do checks on people before employing them. Mediocrity abounds!

This is not new (3, Interesting)

kiwimate (458274) | more than 6 years ago | (#24194767)

Been around since the time of Juvenal's Satires (which would be the third or fourth century AD, I think, unless someone wants to look it up and correct me).

Quis custodiet ipsos custodes? Translation: who guards the guards?

Think for a moment. If you are a senior IT administrator or a senior programmer, unless you're in a very rigorous environment, your actions are most likely not subject to peer review. No-one has time. Right?

How many times do we see the argument "it's open source, anyone can read the code" immediately presented with "but who does"? Now consider that there are millions of people using Linux who potentially could read the code and who are likely working with it because they have a personal passion; but a handful of people who potentially could review your work, but are unlikely to have any deep yearning to do so because, well, they've got their own work to do.

In this kind of situation, you either have to have a mandated peer review regime (time consuming and expensive) or an independent audit (ditto). Both of these are, for reasons of practicality, likely to hit only subsections of what needs to be reviewed.

It's a trust thing. If you can trust your admins. And if you can't...well, who admins the admins?

Tried to fire him? (3, Insightful)

OzPeter (195038) | more than 6 years ago | (#24194455)

From TFA:

"Childs has worked for the city for about five years. One official with knowledge of the case said he had been disciplined on the job in recent months for poor performance and that his supervisors had tried to fire him."

How the hell do you "Try to fire" someone .. either you do it or you don't.

(And please .. no Yoda BS. If you go back and look at when Yoda was first introduced as a character he didn't do that cutesy backwards sentence construction. That came later. So I put it in the realm of Jar Jar - obnoxious character development)

Re:Tried to fire him? (1)

Samedi1971 (194079) | more than 6 years ago | (#24194629)

Supervisors "try to fire" a bad employee. Human Resources and Legal decide whether the attempt is successful or not. In IT they should also be rolling a D20 saving through versus sabotage.

Re:Tried to fire him? (1)

OzPeter (195038) | more than 6 years ago | (#24194797)

So to rephrase what you said:

"Supervisors propose that a person should be fired, but base that on behaviour that does not clearly fall under the dismissal clause, and you need HR/Legal to verify that there are no legal repercussions for firing said person" ??

If it was boarderline then I would have thought "re-education" was more appropriate than attempted firing. However if there is a line in the sand then I would have hoped it was obvious when it was crossed.

Re:Tried to fire him? (2, Insightful)

x1n933k (966581) | more than 6 years ago | (#24194673)

Hey! Just because you hate Jar Jar doesn't mean you can take it out on Yoda man, that's just not cool. Besides, it's off topic, regardless of how close your phrase was to the dialog.

Does anyone know if he was Unionized? That would mean that the company 'tried' to fire him but didn't have the legal grounds and the Union backed him. Happens all the time.

Re:Tried to fire him? (1, Informative)

Anonymous Coward | more than 6 years ago | (#24194741)

I worked in local government for nearly 8 years. In a state that is "right to work," the local government was an island apart. "Tried to fire him" makes perfect sense to me.

If a manager wanted to take disciplinary action for performance issues, s/he had to keep a 6 month detailed log of everything that went on, including "coaching efforts." If within 6 months the employee showed *any* improvement, no matter how slight, the clock got reset.

If actual discipline ever happened, then the employee could appeal to a "jury of peers" regarding the discipline -- up to and including getting a job back if the employee was fired. In some recent cases, the reasons for termination were so obvious it boggles the mind how the employee got rehired, but there you go.

The idea behind the jury and the process was to keep personal issues out of the workplace. Another "good intention" on the road to hell.

I've seen enough informal geek-hostage-taking in government IT that I'm surprised we see so little of it in the news.

A San Francisco public employee? (-1, Flamebait)

mi (197448) | more than 6 years ago | (#24194459)

Aren't these people supposed to be the happiest of all workers in the world? Enjoying the riches of a Capitalist country together with the income redistribution and loving care for fellow men of a Socialist city and its government?..

Uh-oh, that came out as a trolling flamebait, but seriously, folks...

Re:A San Francisco public employee? (1)

damburger (981828) | more than 6 years ago | (#24194551)

Socialist city? WTF? Why does an issue like this have to become another talking point for your tiresome ideologies?

Calm Down America... (0)

Anonymous Coward | more than 6 years ago | (#24194689)

Hey, calm down. If you havn't noticed, american isn't going to be top dog for much longer without their 'war'... and so its ideology is going to fall along with its economy.

Re:A San Francisco public employee? (1)

betterunixthanunix (980855) | more than 6 years ago | (#24194587)

I guess he was pretty happy, until he was fired.

Re:A San Francisco public employee? (1, Interesting)

Anonymous Coward | more than 6 years ago | (#24194595)

ArAren't these people supposed to be the happiest of all workers in the world? Enjoying the riches of a Capitalist country together with the income redistribution and loving care for fellow men of a Socialist city and its government?.. Uh-oh, that came out as a trolling flamebait, but seriously, folks...

Well, he's on 150K+ and he's pissing around laying booby traps for his employer. That doesn't sound like a very well-adjusted fellow to me. I find it very irritating that amongst computer professionals, being an antisocial jerk is all too often treated as a badge of honour and expected qualification, rather than the enormous character flaw that it is.

Re:A San Francisco public employee? (0)

Anonymous Coward | more than 6 years ago | (#24194707)

I guess the GOP moral righties were right. Gay marriage really does cause a lot of problems for society!

thinking ahead (1)

Vorpix (60341) | more than 6 years ago | (#24194475)

this is not exactly the bullet point you want on your resume when looking to find a new $125,000 it job.

Welcome to Information Terrorism (1, Insightful)

downix (84795) | more than 6 years ago | (#24194485)

Such a thing is incredibly easy to do, and frankly, I am shocked it does not happen more often. Truth is, most jobs, utilities, or companies operate a fine line between working, and being brought down. Imagine, if you will, a guy having his car towed due to a paperwork error, then the towing company charging him for the inconvenience. If he snapped, walked in and went all "Falling Down" on the place, who would be the victim in the situation?

To me it looks as if the city either was wrong about the firing, or dead-on accurate on him needing to be let go, but sloppy in the execution. He would have snapped either way, they should be thankful he did not do more damage.

This is why the boss of any company needs to be technilogically savvy, and not just rely upon his subordinates.

Re:Welcome to Information Terrorism (3, Interesting)

mrbluze (1034940) | more than 6 years ago | (#24194575)

He would have snapped either way, they should be thankful he did not do more damage.

No matter what you do, you can't stop stupidity, madness, hatred and malice. If someone is clever enough or in a position of trust, as inevitably someone has to be, this can happen and you can't always predict it. So the problem is not that a disgruntled employee pulled the plug, but that appropriate checks and balances were not in place. If they were, no individual at all would have been given that sort of power. For a single person to bring down a system is the system's fault.

Re:Welcome to Information Terrorism (3, Insightful)

Grey_14 (570901) | more than 6 years ago | (#24194811)

modern computer systems have a single point of control or power, the superuser. most admins need that access to do their job, but through that account they can do exactly this, disable all other accounts and change the superuser password. It can be circumvented (usually) with physical access, but it sort of comes down to the fact that someone in a position of trust can abuse it and do a lot of damage. I'm not sure how 'checks and balances' would have prevented it except maybe to not hire nutjobs.

Re:Welcome to Information Terrorism (1)

betterunixthanunix (980855) | more than 6 years ago | (#24194805)

Terrorism? The system is still fully operational. He didn't shut down the city, and I wouldn't be so quick to believe that he granted access to a third party. This man is just a moron who wanted to stick it to his boss.

Those are very smart tubes. (1)

BuhDuh (1102769) | more than 6 years ago | (#24194497)

From TFA:

...FiberWAN (Wide Area Network), where records such as officials' e-mails, city payroll files, confidential law enforcement documents and jail inmates' bookings are stored.

Incentives (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#24194509)

What 400 lb gay, serial rapist do you think he will be sharing a cell with? :)

Got to love damage assessments (5, Interesting)

Shivetya (243324) | more than 6 years ago | (#24194515)

Especially when it makes a crime a Felony. That is one of the four felonies charged to him. The other three are all related to tampering with a computer network.

While this guy is obviously an idiot for thinking he could blackmail a government entity I am quite pleased the security on the system is sufficient to make it hard to get into when strong security is put into place. In other words, nothing annoys me more than so called secured systems having some means of password decryption, let alone the ones that allow admins to see them plain text.

what is going to interest me is how many years they will attempt to land on him. Just how offensive to society is this type of crime versus murder or rape. It seems that every new crime invented by the government gets stronger penalties than existing ones; if only to make it appear more valid. After all the penalty wouldn't be so severe if it were not really a crime now would it?

Re:Got to love damage assessments (5, Interesting)

damburger (981828) | more than 6 years ago | (#24194571)

he will probably get a sentence more than a rapist but less than a murderer. The state considers screwing with it the highest crime, far more so than the plebs killing each other, but there is a limit to what they can get away with if they want a quiet life.

This is why... (0)

Anonymous Coward | more than 6 years ago | (#24194529)

we should allow the government to beat people with wet noodles.

Mmmm... (2, Informative)

MRe_nl (306212) | more than 6 years ago | (#24194567)

Noodleboarding...

Job Posting (5, Funny)

Anonymous Coward | more than 6 years ago | (#24194531)

Large municipal department of technology seeking software engineer for a multimillion-dollar computer system. At least 5 years of previous experience required. Must be able to gain administrative access to a system where the password is not known. Hiring immediately!

Burning both bridges (1)

Stavr0 (35032) | more than 6 years ago | (#24194533)

He is sofa king blackballed.

I guess he doesn't want to work in IT any more. Pulling this kind of stunt means sabotaging any hope of working for the city ever again *and* ensuring that nobody in IT ever hires him.

what a selfish asshole (3, Insightful)

circletimessquare (444983) | more than 6 years ago | (#24194537)

ok, you're mad at your employer, perhaps there reasons for firing you are invalid

but taking it out on third parties, such as with locking up law enforcement documents that might decide the guilt of hardcore criminals: you're a selfish asshole for setting up that scenario

maybe you didn't deserve to be fired

but now you deserve to rot in jail for how you responded to your firing

Apparently they dont have other competent engineer (3, Interesting)

dmacleod808 (729707) | more than 6 years ago | (#24194545)

Number one rule in IT. If i have PHYSICAL access to a system i can get in. Some way, some how.

Re:Apparently they dont have other competent engin (5, Funny)

wild_quinine (998562) | more than 6 years ago | (#24194665)

Number one rule in IT. If i have PHYSICAL access to a system i can get in. Some way, some how.

Government Agency rule number one: If I have PHYSICAL access to a criminal, I can get information. Some way, some how.

Re:Apparently they dont have other competent engin (0)

Anonymous Coward | more than 6 years ago | (#24194791)

Yeah, even windows has Administrator password recovery boot cds...
with linux all i need is a fedora or centos rescue cd or knoppix.

Re:Apparently they dont have other competent engin (0)

Anonymous Coward | more than 6 years ago | (#24194793)

Somehow I don't think they'll appreciate it if you walk in with a crowbar and say "I can get into that system, with some physical access".

Re:Apparently they dont have other competent engin (0)

Anonymous Coward | more than 6 years ago | (#24194807)

Unless everything is encrypted.

boot from install media? (1)

Gunstick (312804) | more than 6 years ago | (#24194561)

get the admin account back?
Several options:

* boot from the install media
* restore from backup
* mount disk on other system

So? (0)

Anonymous Coward | more than 6 years ago | (#24194601)

Bring in the developers who can go into the database and reset the passwords. It's probably only a hash of "username password salt" at the very best anyway, so easy to calculate new values.

Even if he was the DBA, there will be bypasses that don't involve him, such as getting the developers to bypass the database checks for user authentication with something different for now.

Anonymous Coward (0)

Anonymous Coward | more than 6 years ago | (#24194607)

It's not so much destruction of sensitive documents you have to fear, it is the spreading of those documents on the web that should make you shudder.

I would unplug some network cables...

I smell a rat (4, Insightful)

stinky wizzleteats (552063) | more than 6 years ago | (#24194619)

FTFA:
"At a news conference announcing Childs' arrest, District Attorney Kamala Harris was tightlipped about what his motive may have been."

I think there's more going on here than we're being told.

What no golden handshake... (4, Insightful)

Numen (244707) | more than 6 years ago | (#24194623)

That director over there, he gets a golden handshake as he goes out the door... You want to keep him sweet because he knows where all your dirty secrets are and could cause all sorts of trouble for your operation.

The sysadmin, youre going to kick out the door becuase hes blue colar... Oh, wait a minute... He really does know where all your dirty secrets are and really can bring your operation to its knees. In fact hes far more dangerous going out the door than the exec... pity you didnt think of that.

Execs are heaved out the door all the time for being incompetent, but its done with kid gloves because theyre deemed to be potentially damaging... And they wear a suit.

Word of advice: if youre sacking somebody who can bring your operation to a grinding halt, make sure you you keep them sweet, regardless of the job they do for your organisation. Its simple business.

Going to REAL Prison (1)

Bigmilt8 (843256) | more than 6 years ago | (#24194633)

Man, I hope he knows that they are going to send him to REAL prison. Not any white collar, low security, picket fence prison. But a wash room intercourse, shank in the rec yard, guards are going to torture you prison. Being it's San Francisco, he'll go to San Quentin. Hope it was worth it.

Unpatch windows (5, Funny)

Anonymous Coward | more than 6 years ago | (#24194641)

Thats why you run unpatched windows, it will take only 4 minutes to get access.

on any Linux system you can: (4, Informative)

FudRucker (866063) | more than 6 years ago | (#24194647)

log in in init 1 (runlevel 1) and change the root password or;

in /etc/shadow change this:
root:$2$3bJ7DS4R$rV45lDlqNsfDRntfO1NCk0:14069:0:::::

look exactly like this:
root::14069:0:::::
this and you can log in to root without any password

maybe other *nixes are close enough to do the same (BSD or solaris)

on ubuntu the root shadow is a little differrent since it is disabled with an asterisk:
root:*:14069:0:::::
just remove the asterisk

Re:on any Linux system you can: (1)

paradxum (67051) | more than 6 years ago | (#24194785)

Yes, but you are assuming they are using a linux/unix system. If that were the case then the M$ marketing department would not have done their job properly... And in my experience, they are very good at their jobs... especially in the public sector.

Good for him! (0)

Anonymous Coward | more than 6 years ago | (#24194649)

That'll teach'em to fire engineers! I hope he holds out or even manages to delete the files. Serves'em right, they treat their employees like garbage. SF is getting no sympathy out of me, it's about time the workforce fought back!

And if he does manage to delete the files, it means more work and $$$ for the rest of the workers to recreate and work around those lost files. I say he should do it.

And more stupidity comes... (1)

apathy maybe (922212) | more than 6 years ago | (#24194669)

"City officials said late Monday that they had made some headway into cracking his pass codes and regaining access to the system."

Yeah, they tried all the single character passwords and are moving onto the two character passwords. Good fucking luck.

Unless they are actually using a program such as John the Ripper, in which case they already have physical access, and why can't they just re-install over the top?

And the article is a bit light on details, he is being charged with *four* counts of "computer tampering", why four, why not one? I suspect they couldn't come up with anything and are just trying to blackmail him to plead guilty. (Yes, cops will try and blackmail you by charging you with more things then you would ever get convicted of, yes I have personal experience of this. I got off, because I wasn't guilty of anything, but I know folks in the same situation who plead guilty to the lesser charge to get three other charges dropped.)

Anyway, as others have said, this is the sort of thing you sometimes dream about. Setting up a time bomb in the system that requires re-setting, or whatever.

But you would have to cover your tracks well, or something like this could happen...

The other "admins" not worth their weight in dirt (1)

wtfispcloadletter (1303253) | more than 6 years ago | (#24194675)

There are 2 easy ways I can think of to recover at least someone's password.

1) Backups

2) Linux boot disk, reset the local admin password then use a couple tools available for free from Microsoft. See these articles for more info:
Windows 2003 domain [petri.co.il]
Windows 2000 domain [petri.co.il]

Well no wonder! (3, Funny)

192939495969798999 (58312) | more than 6 years ago | (#24194679)

From TFA: "Prosecutors say Childs, who works in the Department of Technology at a base salary of just over $126,000"

No wonder he was disgruntled, that's not even a living wage in San Francisco.

Enough with the speculation! (2, Informative)

91degrees (207121) | more than 6 years ago | (#24194719)

"Officials also said they feared that although Childs is in jail, he may have enabled a third party to access the system by telephone or other electronic device and order the destruction of hundreds of thousands of sensitive documents."

Or maybe he hasn't. He might have done a lot of other things as well. A few of them are worth investigating but speculating publicly makes them sound a little hysterical.

Gruntled (4, Insightful)

senor mouse (1227452) | more than 6 years ago | (#24194721)

Poor soul. All pissy over a job that pays 150K/yr? This guy lacks perspective, huge. If incarceration and bankruptcy don't help him figure things out - perhaps a stint delivering pizza or a cardboard sign at the offramp.

Trouble-shooting--- (1)

sam0737 (648914) | more than 6 years ago | (#24194737)

Childs, according to payroll records, earned $126,735 in base pay in 2007 and additional premium pay of $22,534, for a total of $149,269. Vinson said the extra money was apparently compensation for being on-call as a trouble-shooter.

I was thinking if he could create the trouble...then shooting them by himself.

yet to regain admin access .. (1)

rs232 (849320) | more than 6 years ago | (#24194759)

"the department has yet to regain admin access on their own"

This is obviously a joke, isn't it. I mean any competent techie with physical access can got root in about ten minutes. What *are* they teaching them in tech-school nowadays .. ?

Waterboarding (-1, Offtopic)

MyLongNickName (822545) | more than 6 years ago | (#24194763)

About 30 seconds of waterboarding will cure this.

They're coming down heavy on this guy... (3, Insightful)

PinkyDead (862370) | more than 6 years ago | (#24194769)

because

They're worried that he or an associate might be able to destroy hundreds of thousands of sensitive documents, including emails, payroll information, and law enforcement documents.

Yes - that's the reason.

Not because he showed up their complete incompetence and made them look like fools and now they want retribution. Protecting the public's right to privacy - yes, that's the reason.

Which OS? (1, Informative)

Anonymous Coward | more than 6 years ago | (#24194779)

If it's Windows, why don't they just get that USB stick from MS that pulls admin user/pass and other sensitive information straight out of the system and provides it in a handy to read format?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?