top | item 47115005

(no title)

gwbas1c | 7 days ago

I'd like to point out that these systems had modems answering the phone and allowing access without any authentication. The sanitized story of the airport was used as a warning to why computers on the open internet need passwords at the Boston Microsoft Security Summit in 2004.

They didn't tell me about the pharmacy! Remember, these were teenagers who were curious (and naive to the implications of their actions.)

In the case of the airport, they didn't know it was an airport or even what kind of system they were in. What happened was that one of them found a reboot command, and ran it, not knowing the consequences. (Remember, when a computer controls a "thing," there is often a complicated startup procedure when it reboots.)

So don't just blame foolish kids; whoever thought it was a good idea to allow modem access to an air traffic control program without a password was the bigger fool. I had stronger security on my dial-up BBS than an airport.

discuss

No comments yet.