just like the ad...

Were they really broken into? Or did he download bugfixed IOS images for redistribution to his customers with cisco gear?

Cisco warranties are strange creature indeed. In order to get a bug fix on warrantied products, you must have a TAC login. In order to have a TAC login, you must have a smartnet contract. Technically, the warranty is a temporary smartnet contract (I've searched their database using the serial # of new equipment under warranty but not smartnet net, not found it, then called cisco and they pull a smartnet contract number up)

Its really messed up, but what it boils down to is that if you want to get a bug fix and you don't have smartnet, you must go through the reseller you bought from - which is not good because it means without any smartnet you are vulnerable to the next thing that arises. No smartnet, no security, warranty notwithstanding.

Of course, if you do have a TAC login, you can get warrantied equipment added to your userid, but its a manual process and annoying at best. You still need a TAC ID from another smartnet contract though.

switching packets from NIC 1 to NIC 2

That because cisco has leveraged hardware extensively for just that purpose. It's rare for CPU to get involved in forwarding a frame or packet on a cisco router or switch. That's in part why they're so expensive - its all done in ASICS, and even the memory is hard-wired for bitmasking searches.

My first thought was that it was a comic featuring superman melting a bankster with his heat vision....

What bothers me most about this isn't that childs was found guilty, but what he was found guilty of. Yeah he's guilty of not handing over passwords when asked. Yeah he's guilty of manuvering to avoid giving control of the network at every turn, when clearly he was being asked to do so.

I mean, really if his supervisors crashed the network, I would think that once he gives them passwords they become directly responsible for damages. Particularly since cisco routers and switches can be set up log log admin activity, in come cases command by command, to a remote syslog server, so if something did go wrong, the guilty userid can be determined with no question. So yeah, Childs is guilty. But of a DOS? By stretching the definition of what a DOS is, the instructions from the judge and the ruling here places anyone in charge of anything that could be thought of as a computer service of any kind at considerably more risk, and unnecessarily so. This outcome provides no useful legal precedent due to its stretch of definitions.

It would seem that if you define privileged access as a computer service, then denying the passwords would sort constitute a 'denial of service to an authorized user'. However, the language regarding "performs acts which are reasonably necessary to the performance of his or her work assignment" is relevant too.

Giving privileged access to core network equipment to unqualified persons is more than highly dis-recommended and its best practices to avoid this in all situations. In other words, it is reasonable not to give privileged access to people known not to have the qualifications to make changes. I don't know if the fiberWAN was carrying critical services like VoIP for example, but if it was, granting privileged access to anyone who might attempt to make changes could easily, if not likely, cause severe outages. Perhaps in that case, childs' granting of access resulting in outages might not be his fault, but the fault of whoever might try making changes. Maybe. At this point its not clear that network engineers have that protection, and this decision may burden the profession itself with a liability that confers no benefit to either admins or users.

Many Cisco commands take effect immediately, and in many cases access can be lost and widespread outages can easily result from a change that nobody, including cisco, would reasonably expect to cause an outage. Granted, childs painted himself into a bad corner at every opportunity (and in a way, his profession as well), and while he's clearly guilty of withholding information that didn't belong to him, for the question of denial of service to have been decide the way it has conspicuous negative side effects for the entire profession.

Its clear the law was written for those instances when deliberate malicious activity denies access, but this decision so broadens what malicious is such that for professionals managing critical services like networks carrying 911 traffic, a battery of lawyers will be required before anything can be done at all (which is actually not far from the case now - I know network admins who insist on legal waivers from customers for VoIP networks due to 911 liability issues). This obscures what malicious is in a profession already hard for anyone outside the specialty to understand in the first place. Court rulings should clarify such definitions for the precedent set to actually be constructive. This precedent isn't useful at all, and has tremendous potential for abuse.

Yes, childs is partly to blame, but he shares that with the city and the way the court chose to apply this ordinance. Really, nobody won here, but everybody managed to lose.

Did BPL ever solve the problem of getting through step-down transformers without the need for some kind of bypass?

Well, if anyone tries to patent the exploding laptop, Dell or Apple will be able to demonstrate prior art.