- Childs is said to have access to email, 311 service, and law-enforcement applications. He only had the power to block network access to these apps, not to log into them.
- Childs had a list of 150 VPN groupnames and passwords. These were part of his job, not something he'd stolen. Ironically, these passwords were entered into court documents, making them publicly-accessible information.
- When Childs was arrested, he had documentation of the city network, including configurations, maps, and diagrams of the FiberWAN and possibly other networks in his possession. Again, knowing this info is part of his job.
- He had configured some number of routers to disable password recovery, but did not write the device configurations to flash memory on some number of routers. This would cause them to fail if power-cycled. City officials claim this was a "booby trap" designed to disable their data center at One Market Street during a forthcoming planned power outage. I think they're giving him too much credit for plan-within-plan cleverness here. Disabling password recovery is a standard security procedure for routers. More likely Childs just forgot to save to flash.
Terry Childs is the San Francisco government systems administrator who, threatened with losing his job, took over the network. Childs finally gave in from his jail cell and handed mayor Gavin Newsom the passwords he'd changed, along with a liturgy of hate for his pointy-haired bosses. San Francisco bureaucrats make Childs out to be another Kevin Mitnick, capable of breaking into confidential data. Truth is, he's a grunt router admin who got sick of being on call 365 days a year. Here's a rundown of the exaggerated claims San Francisco officials are heaping onto Childs: