A library near me implemented self-checkout stations that use touch screens that make it easy to lose your password.
Those of you who’ve been around might remember I have written before about libraries and how I’ve found questionable security.
So how do you lose your password?
Continue reading →
Like this:
Like Loading...
Filed under Security, Security Scout, Technology
Tagged as barcode, card, checkout, library, password, screen, Security Scout, self, touch
I was in a hurry, trying to print out a bridal registry list from a kiosk in a well-known store. I punched in the bride’s name and the list popped up. I pressed the PRINT button on the screen. The first page appeared as expected, but then things became a little more interesting.
Continue reading →
Like this:
Like Loading...
Filed under Humor/Irony, Technology
Tagged as bride, credit card, kiosk, print, reader, receipt, security posture, Security Scout, swipe card, unlock
I was visiting a friend at large, public company doing some benchmarking when we had to schedule several meetings with IT to gather data. My friend “Meako” starting entering attendees into his online calendar to see whether we could get some important meetings scheduled during the next week.
Continue reading →
Like this:
Like Loading...
Filed under Audit, How to..., Security, Security Scout
Tagged as calendar, confidential, database, free busy, google, GOOJ, insecure, intranet, lawsuit, private, schneier, search, secrets, Security Scout, server, sharepoint, tivoli, tradeoff
I was at a client’s site looking for more contract work when the manager of the department started telling me about their great IT security website on their Intranet. She clicks on their random generator password page and shows me how you can generate a block of “approved” passwords, sanctioned by their security department. At the top of the page, a banner read: Select a Strong Password!
Continue reading →
Like this:
Like Loading...
Filed under Humor/Irony, Security, Security Scout
Tagged as generator, letter, number, password, policy, random, Security Scout, special character, strong, weak
Remember the Security Scout adventure where I roamed the basement of a major bank and found questionable security issues? If you missed it or need a refresher, read Major Bank Invites Hackers In?
Guess what happened at the bank?
Continue reading →
Like this:
Like Loading...
A couple of weeks into a new job, I was told that I was now in charge of the Internet firewall. I suddenly realized I had two major problems:
- I did not know squat about firewalls.
- I did not know the firewall password.
Continue reading →
Like this:
Like Loading...
My last post, Password, Password on the Wall, triggered a memory of another password issue I stumbled upon some time ago.
I had flown across the country to help a fellow system administrator upgrade some of his applications. At one point, we left the data center and ventured out to the factory floor to fix a botched client software installation.
Continue reading →
Like this:
Like Loading...
After a friend bought me lunch today, he showed me around his work place. During our walk, we stopped at the IT workbench area to see if the laptop he ordered for a new employee would be ready by Monday (I tagged along).
Continue reading →
Like this:
Like Loading...
A friend of mine noticed a truck blocking the exit of the parking ramp where he works, which is a big, international company. Since he was just arriving for the morning, it didn’t seem to matter, but a red light started to blink slowly in the back of his brain.
Continue reading →
Like this:
Like Loading...
Recently, I walked up to a receptionist at a Fortune 500 company, and told her I forgot my badge. She smiled and let me in without any verification or escort (she didn’t know I was legit or just a nasty visitor).
Continue reading →
Like this:
Like Loading...
Filed under Audit, Security, Security Scout
Tagged as building perimeter, contractors, employee badge, policy failure, receptionist, security failure, Security Scout, sign in, visitor badge
I went to Menards, the home improvement store, and received great customer service, compliments of the security cameras. I also bought too much stuff. Not only did I buy too much, I didn’t make it home with everything I paid for.
Continue reading →
Like this:
Like Loading...