- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Back in school, we used to go practice in our all new music classes with doors to protect the instrument that were supposed to be theft-safe.
The doors were.. but the thing around it was old and we could easily use that credit card (that we called the Student-Id card) trick.
Admin
What is it about G.R.G. that attracts WTFs?
Admin
It's surprising that the minions didn't have him arrested for breaking into the server room. Real minions would have been all over that.
I guess you just can't get good minions these days...
WOTD = minion
Admin
I was half expecting the code to be: 1 2 3 4
Admin
Or to be written on a post-it under a keyboard ..
Now, we know that GrG work for a University.
Admin
People - people - people; we could be talking about WTFU here... what makes you so sure that those computers didn't just store a bunch of WTF assignments, and TB upon TB of porn?
Admin
This may have been superseded by another Real Minion Law: they won't notice the gaping security hole until it's been compromised by an enemy, even if a friend tries to point to out.
Admin
I was expecting the key to be 1 2 3 4
Admin
while G.R.G. and the maintenance man were attempting to bypass the combination lock, they simultanteously got the impression that they were being watched. They kept turning around to see if anyone was there, but all they saw were the shadows.
Unbeknownst to them, a ninja programmer dressed in black pajamas, snuck in by crawling 350 feet along the ceiling tiles. When they turned around to look for the 'presence', the nija lowered himself to the exposed keyhole, altered his body's physiology and squished himself through to the other side just before G.R.G. turned back to the lock.
Unfortunately, the temperature in the server room was so high that the blast of hot air forcing its way through the open keyhole caused the ninja to sublimate, leaving only the black pajamas as a clue that anyone had ever been there.
Upon pushing the door in, the emty pajamas were pushed aside and never noticed.
BTW: if it was really that hot in the server room wouldn't G.R.G. have noticed hot air coming through the hole while he was examining the buttons (presumably close up) for wear?
Admin
Roughly as secure as half the apps I see every day...
Captcha: dreadlocks
Admin
Hey! I have the same combination on my luggage!
Admin
No you don't. You are a big fat son-of-a-captcha-posting liar!
Probably druish too.
Admin
1-2-3-4? Amazing! That's the same combination on my luggage
Admin
The math department in our university had a lab with a bunch of top-of-the line Macs for running Mathematica (this was the shiznit back then), guarded by a similar 4 button cipherlock.
In the first week of class, we were told about the lab, but not given the combination. Rather, we were told that the combination was 4 unique digits...
Aparently, 24 possible combinations was enough to keep the art students out.
Admin
Back when I was working for a large, three lettered fortune 100 company, we had a "secure" datacenter. The elevator took you down to a lobby, the lobby had a keycard to the NOC, and the NOC had a keycard to the datacenter.
The first week I worked there I asked, "How do you get a rack down the elevator?"
The answer was that there was a single door between the datacenter and the loading dock, which was usually propped open since the dock wasn't air conditioned.
To their credit, the management eventually fobbed the door. All this required was a slightly longer walk to the other side of the datacenter through an equally unlocked door and pushing it open. However, since the hallways were quite long, no-one really knew about it except all the people they locked out when they fobbed the door, which also were usually the types that couldn't get down the elevator.
For the "Secure Cage Area", they did indeed extend the wall up above the ceiling. However they cut quite large holes in the wall to run trunks through some day, and the floor was nowhere near secure.
Things might have improved in the three years since I worked there, but then again, maybe not.
I could go for a nice COGNAC with a twist of captcha right now.
Admin
Actually:
One, two, three, four? [, five?] That's amazing. I've got the same combination on my luggage.
Admin
Oh, the stories of secure data centers. At a client site, they'd just finished putting in those fancy-schmancy four-digit code locks. The super-special ones that light up the digits in a random order on the keypad everytime you want to use it. One evening I needed to do something in their data center, so I parked in the lot, and walked in through the back door which was propped open, through the "back lobby," next propped open door, through the call center, next propped open door, down the hall, next propped open door, into the data center.
Look, Ma! No fingerprints!
Not quite as good as the time I had to do work in a bank on the weekend, so they gave me a key and the alarm code...
Admin
Luggage ? You mean you actually go out the IT room ? You must be joking, right ? What you possibly want outside ? Food ? Bah, order in. Social life ? I have a whole bunch of friends at WoW. And the most amazing things happened just a few weeks ago: I finally saw one of those cable-pulling gnomes! Pointy ears and aveything!
Admin
That's not hard to believe at all -- when I got my mortgage, I met the mortgage lady at my local bank after hours.
She unlocked the door and we walked in. No alarm beeped. I asked her about it.
Her response was, "pfft. Anything of any value in this place is locked with stuff much more secure than that glass door I just unlocked."
I didn't bother mentioning that giving a potential thief free reign of the bank to do all the work and spend all the time he liked hooking up explosives or cracking the safe itself wasn't a very good idea. I was there to get my mortgage.
Admin
I've always found people using 1066... easy to remember and apparently not obvious :S
Admin
You assume that the minions found out.
Minions return: door is locked, the maintenance guy isn't going to say anything (why would he?), you sure as heck aren't going to say anything... how are they going to know?
Admin
It was the department's basic competency exam. "Our lab, which you'll need to use if you hope to graduate, is kept locked all the time. We won't open it for you. The password is 4 unique digits. Here's your first assignment. Have fun."
Admin
No, this was the -secure- server room. The combination was actually 4 3 2 1.
CAPTCHA stinky: No, I take a shower once each week, whether I need it or not.
Admin
Years past, I arrived first at my office early one morning. As usual, I unlocked the front door and walked in. It was only after I had gotten inside and placed my lunch in the refrigerator that I realized I had just unlocked my office's front door with my house key.
I tried about 5 keys on my key ring. Any key that fit into the lock, it turns out, would unlock the lock.
The locksmith was called rather quickly after the CEO arrived that morning....
Admin
Amazing! That's the same combination a have on my luggage.
Admin
Admin
Of course to art students 4! is just a loud four.
I'm not sure what you would call that, not security through obscurity, maybe security through artistic apathy? Or security by intellectual calibre?
Admin
Most deadbolts used by businesses and homes are susceptible to bumping.
Admin
Last year on a Tuesday morning the FedEx guy told me that he came in the day before (a holiday) and wandered around looking for someone to sign for a package. He ended up in my office watching my screen saver for a while (I run Linux). The electronic door lock had not been programmed for the holiday, so it was unlocked from 9:00 to 5:00.
Admin
I'm reminded of the lock in the care home where my grandma used to live. They had a poem posted above the keypad that was something like, Nine trees on a hill Three dogs barking Eight boys playing violent video games (or something roughly like that) It kept in the people they wanted to keep in, anyway.
4 character passwords from a set of 10 characters really isn't that secure. Trying 1000 passwords is trivial for a patient person, if the door is out of sight so they have enough time. Even if it locks them out for a few minutes after some number of bad tries, a patient person could get in after a few nights of work.
Admin
The "secure entry" on the apartments where I live had the same feature. Now they've got an electronic keyfob system that goes on the fritz every now and then, so people just keep the back door propped open.
Admin
just for future reference:
these Simplex locks ship with the combination 2+4 then 3. try that first. 90% of the time, nobody bothered to change the combination. if that's not it, you can download a chart with all of the available combinations on it. it only takes about 15 minutes to go through them all.
a side effect of this: don't trust anything important to only a Simplex lock.
CAPTCHA: alarm.
Admin
hmm, someone needs to understand their powers of numbers. 4 positions with 10 possibilities actually make for 10000 different combinations (0000 - 9999).
Remember it is number of digits raised to number of places. so it is 10^4. If there were only 5 digits possible in a sequence of 5 it would be 5^4 = 625 possibilities. This of course assumes you allow repeats of a digit within the sequence.
Admin
I don't get the joke. My luggage combination is 7593, but you don't see me blabbing about it everywhere.
Admin
Admin
I read somewhere once (can't find it now) that someone had found out how to crack a particular car's combination door-lock. It turns out that it would allow the correct code to be entered in the middle of a bunch of wrong numbers (ie, if the code was 1234, typing 987123456 would work. He produced an optimized sequence of about 300 numbers that, if typed in correctly (it would only take a few minutes), would be equivalent to trying every combination. Quite interesting stuff.
Admin
Haven't you ever seen Spaceballs?
Admin
Admin
Admin
Re: Securing The Server Room 2007-04-25 17:07 • by Not Zygo ;-) mike5: wilkeson: I was half expecting the code to be: 1 2 3 4
Amazing! That's the same combination a have on my luggage.
I don't get the joke. My luggage combination is 7593, but you don't see me blabbing about it everywhere.
sigh
1 2 3 4 is a common default which most people who don't bother to change it is because they DON'T realize the importance of changing it.
I'll give you the benefit of the doubt and assume you're having a brain-dead day. :P
Admin
See? That's what I've always said: Letting employees walk around armed with pens is a major security breach.
Admin
For everyone assuming this fellow has no sense of humor, or is Spaceballs-impaired ... ha-ha! :D
He publically states his luggage combo, and then says ".. but you don't see me blabbing about it". Very clever, excellant trollmanship! :D
Admin
Ooooor, he made another joke so subtle you failed to get it. I'll have to go with this solution. Well done. Well done.
Admin
Our landlord rekeyed our door, and gave us the strangest key I've ever seen -- it looked like a bump key -- it was probably cut 5-5-5-5 or whatever the terminology is. Less than a month later, he rekeys our door again, saying one of the other units had been broken into.
That's right, not did he do the lamest rekey I've ever seen, he keyed every lock in the complex the same way.
Admin
For a keypad with 10 digits, and a 4 unique-digit key, there are either 210 or 5040 possible keys, depending on whether ordering is important.
If ordering is important (ie. 1,2,3,4 is a different passkey from 4,3,2,1), then the number of possible keys is: 10 perm 4 = 10!/6! = 5040
If ordering is NOT important (ie. 1,2,3,4 is the same passkey as 4,3,2,1), then the number of possible keys is: 10 choose 4 = 10!/(6!*4!) = 210
Addendum (2007-04-27 18:48): edit: "4 button cipherlock", meaning four digit keypad, not 10. Sorry for the noise.
Admin
Yeah, it just leads to sexual harassment suits.
Oh wait, you said pens...
Admin
In many places, hitting the fire alarm opens every electronic door. That way, the firemen won't be locked out from the fire they are there to extinguish.
Admin
for an example, this image shows the two pins that merely need to be twisted to open the lock.
Admin
Admin