A library near me implemented self-checkout stations that use touch screens that make it easy to lose your password.
Those of you who’ve been around might remember I have written before about libraries and how I’ve found questionable security.
So how do you lose your password?
Continue reading →
Like this:
Like Loading...
Filed under Security, Security Scout, Technology
Tagged as barcode, card, checkout, library, password, screen, Security Scout, self, touch
I was in a hurry, trying to print out a bridal registry list from a kiosk in a well-known store. I punched in the bride’s name and the list popped up. I pressed the PRINT button on the screen. The first page appeared as expected, but then things became a little more interesting.
Continue reading →
Like this:
Like Loading...
Filed under Humor/Irony, Technology
Tagged as bride, credit card, kiosk, print, reader, receipt, security posture, Security Scout, swipe card, unlock
I was visiting a friend at large, public company doing some benchmarking when we had to schedule several meetings with IT to gather data. My friend “Meako” starting entering attendees into his online calendar to see whether we could get some important meetings scheduled during the next week.
Continue reading →
Like this:
Like Loading...
Filed under Audit, How to..., Security, Security Scout
Tagged as calendar, confidential, database, free busy, google, GOOJ, insecure, intranet, lawsuit, private, schneier, search, secrets, Security Scout, server, sharepoint, tivoli, tradeoff
I was at a client’s site looking for more contract work when the manager of the department started telling me about their great IT security website on their Intranet. She clicks on their random generator password page and shows me how you can generate a block of “approved” passwords, sanctioned by their security department. At the top of the page, a banner read: Select a Strong Password!
Continue reading →
Like this:
Like Loading...
Filed under Humor/Irony, Security, Security Scout
Tagged as generator, letter, number, password, policy, random, Security Scout, special character, strong, weak
Remember the Security Scout adventure where I roamed the basement of a major bank and found questionable security issues? If you missed it or need a refresher, read Major Bank Invites Hackers In?
Guess what happened at the bank?
Continue reading →
Like this:
Like Loading...
A couple of weeks into a new job, I was told that I was now in charge of the Internet firewall. I suddenly realized I had two major problems:
- I did not know squat about firewalls.
- I did not know the firewall password.
Continue reading →
Like this:
Like Loading...
My last post, Password, Password on the Wall, triggered a memory of another password issue I stumbled upon some time ago.
I had flown across the country to help a fellow system administrator upgrade some of his applications. At one point, we left the data center and ventured out to the factory floor to fix a botched client software installation.
Continue reading →
Like this:
Like Loading...