[color=red]update [/color] Quite frankly, regardless of the vagaries (both tawdry, sundry, and soap opera like) of this case, the fact that the CCSFO Contractors and CCSFO DTIS admins are STILL SEARCHING for devices (after more than 60 Days) is outrageous and indicative of the talent being brought to bear on this issue. The citizens of one of the most technologically advanced (from the perspective of networking) cities in the United States deserve better. from Info Security
ARS technica describes this as a soap opera..lol..no kidding.
Valleywags take : maybe Childs is happy to be in jail, he can get some sleep there
It seems the disparity between what is being reported in the mainstream press and in the actual IT field is growing wider. The technical gap is becoming huge, so that one doesn’t understand the other
In the last couple of days, Ron Vinson who is head of the SF DTIS department has said for the second time the firberwan network is secure. Well, that would mean it wasn’t secure when Vinson said it the first time on July 22, 2008. We were able to regain complete control of the network Tuesday,” said Ron Vinson, the deputy director of the city’s Department of Technology Information Services (July 22, 2008).
But even that isn’t exactly the problem, according to Paul Venezia at Infoworld, one of the few brave enough to actually question the local papers and SF City Hall.
The prosecution’s repeated claims that Childs should remain in prison due to the fact that the City’s network has still not been secured is a double-edged sword. They state that if Childs is released, he poses a threat to the network due to the fact that there may still be undiscovered remote-access devices present on the network. By that same statement, the network is then an unsecured “crime scene.”
The case is becoming quite bizarre from a technical standpoint, and it’s because of the District Attorney and SF City Hall and their press releases
Venezia is referring to the most recent court filing here:
technically speaking, this document is simply chock-full of technical errors. Whether or not these originated from the DA’s office or the consulting companies that have cost the city $1 million, I don’t know, but there’s definitely a breakdown somewhere. To have this level of misinformation repeatedly presented to the courts is either terribly embarrassing or terribly misleading or both.
One of the key elements is the new claim by the prosecution that Childs has a “terminal server” on the network that they discovered a few weeks ago. They claim that although they’ve detected its presence, they cannot physically locate it. They do believe it is located at the 1011 Turk St. location, however.
This would be the 911 dispatch center in the middle of Jefferson Park in the Western Addition. Ever been there? I have. It’s not that big of a building. Slashdot has more on this
There are also statements in the filing that point out that the network devices were only accessible from certain places within the network. They claim this as another example of malfeasance on the part of Childs, saying “Thus, even possessing the passwords were [sic] not enough to regain control of the network, but one had to know where to go to communicate with the network’s core devices.” Using ACLs to protect against intrusion is standard operating procedure. This is what access-classes on VTYs are for. They then claim that this was a “single point of failure,” yet in the next paragraph, they claim that four or five other locations had the same access.