August 13, 2008

When rogue system administrators lock out Managers

Over in San Francisco, we've no doubt all read about the guy who owned the city government's network deciding to ... own the network (1, 2). For the city at least there was a happy ending:

The computer network hostage crisis in San Francisco is over, thanks to the city's mayor.

Terry Childs, a network administrator for the city of San Francisco, has been in custody since July 13 on four felony charges of taking control of the city's computer network and locking administrators out. Access to much of the city's information was blocked, including law enforcement, payroll, and jail-booking records.

Childs had reportedly refused to surrender the codes to his supervisors, but after a little more than a week as a guest of the city, he apparently had a change of heart and invited Mayor Gavin Newsom to meet with him, according to a report on the San Francisco Chronicle Web site Monday night.

A secret meeting was arranged at the city jail on Monday afternoon, where Childs gave Newsom the codes to the network. The meeting reportedly was so secret that the police department and district attorney were not informed of the meeting ahead of time.

Well, he built it, right? So why can't he tell the users what to do? Right?

The serious question here is whether there is in fact a viable case where a systems administrator takes over and decides to lock his managers out:

Erin Crane, Childs' defense attorney, is expected to cite his cooperation during a court hearing on Wednesday in a bid to have his $5 million bail reduced. Crane has argued that Childs was merely protecting the network from incompetent city officials who were trying to force him out of his job.

"Mr. Childs had good reason to be protective of the password," Crane told the newspaper. "His co-workers and supervisors had in the past maliciously damaged the system themselves, hindered his ability to maintain it...and shown complete indifference to maintaining it themselves...He was the only person in that department capable of running that system."

Tough call! It is rather rare, but this is essentially what whistleblowing seeks to exploit: the insider knowledge that a manager is manipulating the system for nefarious purposes. However, for all practical purposes this is an unlikely situation. Firstly, the managers who are doing the nefarious stuff are likely to then bury he who blows the whistle. See above, $5m bail buys a lot of dirt on this guy's coffin.

Secondly, there is a huge difference between incompetence and fraud. Incompetence is routine, but also the full and proper legal and moral right of the manager. The system administrator that determines that the world should be protected from the manager's incompetence, is generally as deluded as the manager, and is technically and legally wrong. The way to do that is to write to higher-ups and lay paper evidence.

Fraud, while another consideration entirely, is equally difficult: let's start with an easy question. Please define fraud! Now prove it! If you can get that far, the fun is only just starting....

Posted by iang at August 13, 2008 10:26 AM | TrackBack

Dual Control and split knowledge.

Dual Control implies two job positions. But that is not "efficient", is it now? So when we economise on jobs, gone is dual control.

Right, standard economics can not reason with these kind of risks.

Posted by: Twan at August 13, 2008 10:42 AM

"Incompetence is routine, but also the full and proper legal and moral right of the manager."


Posted by: anon at August 14, 2008 08:04 AM
Post a comment

Remember personal info?

Hit preview to see your comment as it would be displayed.