Library Checkout: Touch Screen, Lose Password

A library near me implemented self-checkout stations that use touch screens that make it easy to lose your password.

Those of you who’ve been around might remember I have written before about libraries and how I’ve found questionable security.

So how do you lose your password?

Continue reading →

You May Kiosk the Bride

I was in a hurry, trying to print out a bridal registry list from a kiosk in a well-known store. I punched in the bride’s name and the list popped up. I pressed the PRINT button on the screen. The first page appeared as expected, but then things became a little more interesting.

Continue reading →

Searching for Secrets

I was visiting a friend at large, public company doing some benchmarking when we had to schedule several meetings with IT to gather data. My friend “Meako” starting entering attendees into his online calendar to see whether we could get some important meetings scheduled during the next week.

Continue reading →

Randomly Generate Weak Passwords

I was at a client’s site looking for more contract work when the manager of the department started telling me about their great IT security website on their Intranet. She clicks on their random generator password page and shows me how you can generate a block of “approved” passwords, sanctioned by their security department. At the top of the page, a banner read: Select a Strong Password!

Continue reading →

Bank No Longer Invites Hackers In

Remember the Security Scout adventure where I roamed the basement of a major bank and found questionable security issues? If you missed it or need a refresher, read Major Bank Invites Hackers In?

Guess what happened at the bank?

Continue reading →

Free Firewall Password (Just Ask)

A couple of weeks into a new job, I was told that I was now in charge of the Internet firewall. I suddenly realized I had two major problems:

1. I did not know squat about firewalls.
2. I did not know the firewall password.

Continue reading →

Pwd on the Wall 2

My last post, Password, Password on the Wall, triggered a memory of another password issue I stumbled upon some time ago.

I had flown across the country to help a fellow system administrator upgrade some of his applications. At one point, we left the data center and ventured out to the factory floor to fix a botched client software installation.

Continue reading →

Password, Password on the Wall

After a friend bought me lunch today, he showed me around his work place. During our walk, we stopped at the IT workbench area to see if the laptop he ordered for a new employee would be ready by Monday (I tagged along).

Continue reading →

Truck Blocks Parking Ramp Exit

A friend of mine noticed a truck blocking the exit of the parking ramp where he works, which is a big, international company. Since he was just arriving for the morning, it didn’t seem to matter, but a red light started to blink slowly in the back of his brain.

Continue reading →

No Visitor Verification Required?

Recently, I walked up to a receptionist at a Fortune 500 company, and told her I forgot my badge. She smiled and let me in without any verification or escort (she didn’t know I was legit or just a nasty visitor).

Continue reading →

Do Your Security Cameras Give Good Customer Service?

I went to Menards, the home improvement store, and received great customer service, compliments of the security cameras. I also bought too much stuff. Not only did I buy too much, I didn’t make it home with everything I paid for.

Continue reading →