Friday, July 18, 2008

San Francisco IT Bandit Withholds Secret Password Despite Arrest

I found this on a site called "The Guru of 3D," but you can find it all over the web.

It is funny . . . and a bit disturbing.

And another thing--I forgot who the comedian was, but he said, "The scary thing about being forty is, one day you wake up and your junior high school class is running the country."

Yes, indeed. The presidential candidate is my age. The great athletes (retired) are my age--the rest (still playing) are all kids. The IT guy who shuts down a city is my age. Strange. Scary. Mmmmmmmm.

Thanks,

Preston


__________________________
Administrators still cannot access San Francisco's main IT system, thanks to a now jailed employee who changed all the passwords and won't give them to authorities.

An IT employee who is charged with gumming up the works at the City and County of San Francisco's main data center by changing access passwords for administrators could have been stopped short of crippling access to the system if IT management had had the right security software in place.

Terry Childs, 43, of Pittsburg, Calif., pleaded not guity in court July 17 at his arraignment on four felony counts of computer tampering. Childs remains in custody in lieu of $5 million bail. Childs, who makes $127,000 per year and has worked for the city for five years, has a bail hearing set for July 23.

Childs, a computer network administrator for the Department of Technology, is charged with tampering with the system's FiberWAN [Fibre Channel-connected wide area network], which contains San Francisco's sensitive Human Resources, payroll and other personal data. He created an administrative password that provided him superior access to the network.

Childs, who was arrested July 13, refuses to divulge to authorities the new secret password he concocted—even four days after his arrest.

Childs is accused of "tampering with the City and County of San Francisco's FiberWAN network system in such a way as to deny other authorized administrators access to the network and to set up devices to gain unauthorized access to the system," according to a statement from District Attorney Kamala Harris's office.

The city system—which handles most of the city's digital records, including confidential law enforcement documents, inmates' bookings, payroll records, and departmental e-mail—apparently has no back door access, even for highly authorized administrators. City officials were still trying to figure out how to get back into the FiberWAN Thursday afternoon.

City and County of San Francisco technology department manager Ron Vinson declined to return numerous messages left on his office phone by eWEEK. Mayor Gavin Newsom has had little or nothing to say publicly about the case thus far. Law enforcement officials have been tight-lipped with the media.

Security companies that sell into this market are beginning to come forward with their expertise to discuss the incident. EMC's RSA Security—which also uses a relatively new security approach called dynamic security—Hewlett-Packard, Sun StorageTek, IBM and NetApp are the larger IT companies that sell centralized key management.

Cyber-Ark, an identity management specialist based in Newton, Mass., said that the network lockout could have been avoided if managers had operated a high-security approach to master passwords.

"This is yet another example of the power privileged identities, such as administrative passwords have and the havoc they can cause in the wrong hands," said Cyber-Ark vice-president Adam Bosnian.

"Hackers, or rogue employees such as this case, are savvier on how to create the most damage with the least effort, and the use of admin passwords does just that. Unfortunately, the San Francisco department left themselves wide open by not taking their privileged identity management seriously."

A city spokesperson estimated that this internal breakdown will cost millions of dollars in repairs. Though the network is running, there is still no way for IT administrators to access it at this time.

"It is critical to take a more proactive approach to secure company back doors," Bosnian said. "Companies install complex systems for personal passwords and overlook the more numerous privileged passwords and identities that provide even more system access. These security breakdowns will continue to occur until these keys to the kingdom are securely centralized and managed."

No comments:

Lipshitz 6

Lipshitz 6
Reading T Cooper for Christmas

Punk Blood

Punk Blood
Jay Marvin

Breath, Eyes, Memory

Breath, Eyes, Memory

Anonymous Rex

Anonymous Rex
Reading Eric Garcia for Christmas

Vinegar Hill

Vinegar Hill
Reading A. Manette Ansay for Christmas

Nicotine Dreams

Nicotine Dreams
Reading Katie Cunningham for Christmas

Junot Diaz

Junot Diaz
Pulitzer Prize Winner!!!

Edwige Danticat

Edwige Danticat
New Year's Reading

Greed

Greed
This Brother Is Scary Good

One More Chance

One More Chance
The genius Is At It Again/The Rapper CHIEF aka Sherwin Allen

Sandrine's Letter

Sandrine's Letter
Check out Sandrine's Letter To Tomorrow. You will like it, I insist.

All or Nothing

All or Nothing

Editorial Reviews of All or Nothing

New York Times--". . . a cartographer of autodegradation . . . Like Dostoyevsky, Allen colorfully evokes the gambling milieu — the chained (mis)fortunes of the players, their vanities and grotesqueries, their quasi-philosophical ruminations on chance. Like Burroughs, he is a dispassionate chronicler of the addict’s daily ritual, neither glorifying nor vilifying the matter at hand."

Florida Book Review--". . . Allen examines the flaming abyss compulsive gambling burns in its victims’ guts, self-esteem and bank accounts, the desperate, myopic immediacy it incites, the self-destructive need it feeds on, the families and relationships it destroys. For with gamblers, it really is all or nothing. Usually nothing. Take it from a reviewer who’s been there. Allen is right on the money here."

Foreword Magazine--"Not shame, not assault, not even murder is enough reason to stop. Allen’s second novel, All or Nothing, is funny, relentless, haunting, and highly readable. P’s inner dialogues illuminate the grubby tragedy of addiction, and his actions speak for the train wreck that is gambling."

Library Journal--"Told without preaching or moralizing, the facts of P's life express volumes on the destructive power of gambling. This is strongly recommended and deserves a wide audience; an excellent choice for book discussion groups."—Lisa Rohrbaugh, East Palestine Memorial P.L., OH

LEXIS-NEXIS--"By day, P drives a school bus in Miami. But his vocation? He's a gambler who craves every opportunity to steal a few hours to play the numbers, the lottery, at the Indian casinos. Allen has a narrative voice as compelling as feeding the slots is to P." Betsy Willeford is a Miami-based freelance book reviewer. November 4, 2007

Publisher’s Weekly--"Allen’s dark and insightful novel depicts narrator P’s sobering descent into his gambling addiction . . . The well-written novel takes the reader on a chaotic ride as P chases, finds and loses fast, easy money. Allen (Churchboys and Other Sinners) reveals how addiction annihilates its victims and shows that winning isn’t always so different from losing."

Kirkus Review--"We gamble to gamble. We play to play. We don't play to win." Right there, P, desperado narrator of this crash-'n'-burn novella, sums up the madness. A black man in Miami, P has graduated from youthful nonchalance (a '79 Buick Electra 225) to married-with-a-kid pseudo-stability, driving a school bus in the shadow of the Biltmore. He lives large enough to afford two wide-screen TVs, but the wife wants more. Or so he rationalizes, as he hits the open-all-night Indian casinos, "controlling" his jones with a daily ATM maximum of $1,000. Low enough to rob the family piggy bank for slot-machine fodder, he sinks yet further, praying that his allergic 11-year-old eat forbidden strawberries—which will send him into a coma, from which he'll emerge with the winning formula for Cash 3 (the kid's supposedly psychic when he's sick). All street smarts and inside skinny, the book gives readers a contact high that zooms to full rush when P scores $160,000 on one lucky machine ("God is the God of Ping-ping," he exults, as the coins flood out). The loot's enough to make the small-timer turn pro, as he heads, flush, to Vegas to cash in. But in Sin City, karmic payback awaits. Swanky hookers, underworld "professors" deeply schooled in sure-fire systems to beat the house, manic trips to the CashMyCheck store for funds to fuel the ferocious need—Allen's brilliant at conveying the hothouse atmosphere of hell-bent gaming. Fun time in the Inferno.

World Series of Poker

Loading...

At Books and Books

At Books and Books
Me And Vicki at Our Reading

Bio


Preston L. Allen is the recipient of a State of Florida Individual Artist Fellowship in Literature and the Sonja H. Stone Prize in Fiction for his short story collection Churchboys and Other Sinners (Carolina Wren Press 2003). His works have appeared in numerous publications including The Seattle Review, The Crab Orchard Review, Asili, Drum Voices, and Gulfstream Magazine; and he has been anthologized in Here We Are: An Anthology of South Florida Writers, Brown Sugar: A Collection of Erotic Black Fiction, Miami Noir, and the forthcoming Las Vegas Noir. His fourth novel, All Or Nothing, chronicles the life of a small-time gambler who finally hits it big. Preston Allen teaches English and Creative Writing in Miami, Florida.