• Monkios (cs)

    Back in school, we used to go practice in our all new music classes with doors to protect the instrument that were supposed to be theft-safe.

    The doors were.. but the thing around it was old and we could easily use that credit card (that we called the Student-Id card) trick.

  • Pap (cs)

    What is it about G.R.G. that attracts WTFs?

  • lizardfoot (cs)

    It's surprising that the minions didn't have him arrested for breaking into the server room. Real minions would have been all over that.

    I guess you just can't get good minions these days...

    WOTD = minion

  • wilkeson (unregistered)

    I was half expecting the code to be: 1 2 3 4

  • Monkios (cs) in reply to wilkeson
    wilkeson:
    I was half expecting the code to be: 1 2 3 4

    Or to be written on a post-it under a keyboard ..

    Now, we know that GrG work for a University.

  • snoofle (cs) in reply to wilkeson

    People - people - people; we could be talking about WTFU here... what makes you so sure that those computers didn't just store a bunch of WTF assignments, and TB upon TB of porn?

  • Jojosh_the_Pi (cs) in reply to lizardfoot
    lizardfoot:
    It's surprising that the minions didn't have him arrested for breaking into the server room. Real minions would have been all over that.

    This may have been superseded by another Real Minion Law: they won't notice the gaping security hole until it's been compromised by an enemy, even if a friend tries to point to out.

  • IHaveNoName:-( (unregistered)

    I was expecting the key to be 1 2 3 4

  • do it right (unregistered) in reply to Jojosh_the_Pi

    while G.R.G. and the maintenance man were attempting to bypass the combination lock, they simultanteously got the impression that they were being watched. They kept turning around to see if anyone was there, but all they saw were the shadows.

    Unbeknownst to them, a ninja programmer dressed in black pajamas, snuck in by crawling 350 feet along the ceiling tiles. When they turned around to look for the 'presence', the nija lowered himself to the exposed keyhole, altered his body's physiology and squished himself through to the other side just before G.R.G. turned back to the lock.

    Unfortunately, the temperature in the server room was so high that the blast of hot air forcing its way through the open keyhole caused the ninja to sublimate, leaving only the black pajamas as a clue that anyone had ever been there.

    Upon pushing the door in, the emty pajamas were pushed aside and never noticed.

    BTW: if it was really that hot in the server room wouldn't G.R.G. have noticed hot air coming through the hole while he was examining the buttons (presumably close up) for wear?

  • Michael (unregistered)

    Roughly as secure as half the apps I see every day...

    Captcha: dreadlocks

  • Stanley Szoctziczsky (unregistered) in reply to IHaveNoName:-(
    IHaveNoName:-(:
    I was expecting the key to be 1 2 3 4

    Hey! I have the same combination on my luggage!

  • Zylon (cs)

    No you don't. You are a big fat son-of-a-captcha-posting liar!

    Probably druish too.

  • travisowens (cs)

    1-2-3-4? Amazing! That's the same combination on my luggage

    • oops, after reading all the comments I see somebody beat me to that joke, well at least I'm the first person to quote it properly (minus the 5).
  • AngryRichard (unregistered)

    The math department in our university had a lab with a bunch of top-of-the line Macs for running Mathematica (this was the shiznit back then), guarded by a similar 4 button cipherlock.

    In the first week of class, we were told about the lab, but not given the combination. Rather, we were told that the combination was 4 unique digits...

    Aparently, 24 possible combinations was enough to keep the art students out.

  • Andy Anonymous (unregistered)

    Back when I was working for a large, three lettered fortune 100 company, we had a "secure" datacenter. The elevator took you down to a lobby, the lobby had a keycard to the NOC, and the NOC had a keycard to the datacenter.

    The first week I worked there I asked, "How do you get a rack down the elevator?"

    The answer was that there was a single door between the datacenter and the loading dock, which was usually propped open since the dock wasn't air conditioned.

    To their credit, the management eventually fobbed the door. All this required was a slightly longer walk to the other side of the datacenter through an equally unlocked door and pushing it open. However, since the hallways were quite long, no-one really knew about it except all the people they locked out when they fobbed the door, which also were usually the types that couldn't get down the elevator.

    For the "Secure Cage Area", they did indeed extend the wall up above the ceiling. However they cut quite large holes in the wall to run trunks through some day, and the floor was nowhere near secure.

    Things might have improved in the three years since I worked there, but then again, maybe not.

    I could go for a nice COGNAC with a twist of captcha right now.

  • Oh (unregistered) in reply to travisowens
    1-2-3-4? Amazing! That's the same combination on my luggage
    • oops, after reading all the comments I see somebody beat me to that joke, well at least I'm the first person to quote it properly (minus the 5).

    Actually:

    One, two, three, four? [, five?] That's amazing. I've got the same combination on my luggage.

  • poochner (cs)

    Oh, the stories of secure data centers. At a client site, they'd just finished putting in those fancy-schmancy four-digit code locks. The super-special ones that light up the digits in a random order on the keypad everytime you want to use it. One evening I needed to do something in their data center, so I parked in the lot, and walked in through the back door which was propped open, through the "back lobby," next propped open door, through the call center, next propped open door, down the hall, next propped open door, into the data center.

    Look, Ma! No fingerprints!

    Not quite as good as the time I had to do work in a bank on the weekend, so they gave me a key and the alarm code...

  • Leo (unregistered) in reply to Stanley Szoctziczsky
    Stanley Szoctziczsky:
    IHaveNoName:-(:
    I was expecting the key to be 1 2 3 4

    Hey! I have the same combination on my luggage!

    travisowens:
    1-2-3-4? Amazing! That's the same combination on my luggage

    Luggage ? You mean you actually go out the IT room ? You must be joking, right ? What you possibly want outside ? Food ? Bah, order in. Social life ? I have a whole bunch of friends at WoW. And the most amazing things happened just a few weeks ago: I finally saw one of those cable-pulling gnomes! Pointy ears and aveything!

  • dnm (unregistered) in reply to poochner
    poochner:
    Oh, the stories of secure data centers. At a client site, they'd just finished putting in those fancy-schmancy four-digit code locks. The super-special ones that light up the digits in a random order on the keypad everytime you want to use it. One evening I needed to do something in their data center, so I parked in the lot, and walked in through the back door which was propped open, through the "back lobby," next propped open door, through the call center, next propped open door, down the hall, next propped open door, into the data center.

    Look, Ma! No fingerprints!

    Not quite as good as the time I had to do work in a bank on the weekend, so they gave me a key and the alarm code...

    That's not hard to believe at all -- when I got my mortgage, I met the mortgage lady at my local bank after hours.

    She unlocked the door and we walked in. No alarm beeped. I asked her about it.

    Her response was, "pfft. Anything of any value in this place is locked with stuff much more secure than that glass door I just unlocked."

    I didn't bother mentioning that giving a potential thief free reign of the bank to do all the work and spend all the time he liked hooking up explosives or cracking the safe itself wasn't a very good idea. I was there to get my mortgage.

  • Greg Beech (unregistered)

    I've always found people using 1066... easy to remember and apparently not obvious :S

  • AGould (cs) in reply to lizardfoot
    lizardfoot:
    It's surprising that the minions didn't have him arrested for breaking into the server room. Real minions would have been all over that.

    You assume that the minions found out.

    Minions return: door is locked, the maintenance guy isn't going to say anything (why would he?), you sure as heck aren't going to say anything... how are they going to know?

  • diaphanein (unregistered) in reply to AngryRichard
    AngryRichard:
    The math department in our university had a lab with a bunch of top-of-the line Macs for running Mathematica (this was the shiznit back then), guarded by a similar 4 button cipherlock.

    In the first week of class, we were told about the lab, but not given the combination. Rather, we were told that the combination was 4 unique digits...

    Aparently, 24 possible combinations was enough to keep the art students out.

    It was the department's basic competency exam. "Our lab, which you'll need to use if you hope to graduate, is kept locked all the time. We won't open it for you. The password is 4 unique digits. Here's your first assignment. Have fun."

  • iToad (unregistered) in reply to IHaveNoName:-(
    IHaveNoName:-(:
    I was expecting the key to be 1 2 3 4

    No, this was the -secure- server room. The combination was actually 4 3 2 1.

    CAPTCHA stinky: No, I take a shower once each week, whether I need it or not.

  • Anonymous (unregistered)

    Years past, I arrived first at my office early one morning. As usual, I unlocked the front door and walked in. It was only after I had gotten inside and placed my lunch in the refrigerator that I realized I had just unlocked my office's front door with my house key.

    I tried about 5 keys on my key ring. Any key that fit into the lock, it turns out, would unlock the lock.

    The locksmith was called rather quickly after the CEO arrived that morning....

  • mike5 (unregistered) in reply to wilkeson
    wilkeson:
    I was half expecting the code to be: 1 2 3 4

    Amazing! That's the same combination a have on my luggage.

  • Pawel (unregistered) in reply to IHaveNoName:-(
    IHaveNoName:-(:
    I was expecting the key to be 1 2 3 4
    Pha, it might be 1 2 3 5. The next generation almighty secure password. ;-)
  • joomama (unregistered) in reply to AngryRichard
    AngryRichard:
    The math department in our university had a lab with a bunch of top-of-the line Macs for running Mathematica (this was the shiznit back then), guarded by a similar 4 button cipherlock.

    In the first week of class, we were told about the lab, but not given the combination. Rather, we were told that the combination was 4 unique digits...

    Aparently, 24 possible combinations was enough to keep the art students out.

    Haha, awesome.

    Of course to art students 4! is just a loud four.

    I'm not sure what you would call that, not security through obscurity, maybe security through artistic apathy? Or security by intellectual calibre?

  • joomama (unregistered) in reply to Anonymous
    Anonymous:
    Years past, I arrived first at my office early one morning. As usual, I unlocked the front door and walked in. It was only after I had gotten inside and placed my lunch in the refrigerator that I realized I had just unlocked my office's front door with my house key.

    I tried about 5 keys on my key ring. Any key that fit into the lock, it turns out, would unlock the lock.

    The locksmith was called rather quickly after the CEO arrived that morning....

    Could be that someone bumped the lock (look up lock bumping on google or youtube). IE someone had broken in and now any key would work in the lock.. could have been that way from the get go I guess, but I doubt it.

    Most deadbolts used by businesses and homes are susceptible to bumping.

  • foo (unregistered) in reply to Anonymous
    Anonymous:
    Years past, I arrived first at my office early one morning. As usual, I unlocked the front door and walked in. It was only after I had gotten inside and placed my lunch in the refrigerator that I realized I had just unlocked my office's front door with my house key.

    I tried about 5 keys on my key ring. Any key that fit into the lock, it turns out, would unlock the lock.

    The locksmith was called rather quickly after the CEO arrived that morning....

    Last year on a Tuesday morning the FedEx guy told me that he came in the day before (a holiday) and wandered around looking for someone to sign for a package. He ended up in my office watching my screen saver for a while (I run Linux). The electronic door lock had not been programmed for the holiday, so it was unlocked from 9:00 to 5:00.

  • The Fox (unregistered)

    I'm reminded of the lock in the care home where my grandma used to live. They had a poem posted above the keypad that was something like, Nine trees on a hill Three dogs barking Eight boys playing violent video games (or something roughly like that) It kept in the people they wanted to keep in, anyway.

    4 character passwords from a set of 10 characters really isn't that secure. Trying 1000 passwords is trivial for a patient person, if the door is out of sight so they have enough time. Even if it locks them out for a few minutes after some number of bad tries, a patient person could get in after a few nights of work.

  • Carnildo (cs) in reply to Anonymous
    Anonymous:
    Years past, I arrived first at my office early one morning. As usual, I unlocked the front door and walked in. It was only after I had gotten inside and placed my lunch in the refrigerator that I realized I had just unlocked my office's front door with my house key.

    I tried about 5 keys on my key ring. Any key that fit into the lock, it turns out, would unlock the lock.

    The locksmith was called rather quickly after the CEO arrived that morning....

    The "secure entry" on the apartments where I live had the same feature. Now they've got an electronic keyfob system that goes on the fritz every now and then, so people just keep the back door propped open.

  • esquilax (unregistered)

    just for future reference:

    these Simplex locks ship with the combination 2+4 then 3. try that first. 90% of the time, nobody bothered to change the combination. if that's not it, you can download a chart with all of the available combinations on it. it only takes about 15 minutes to go through them all.

    a side effect of this: don't trust anything important to only a Simplex lock.

    CAPTCHA: alarm.

  • KattMan (cs) in reply to The Fox
    The Fox:
    I'm reminded of the lock in the care home where my grandma used to live. They had a poem posted above the keypad that was something like, Nine trees on a hill Three dogs barking Eight boys playing violent video games (or something roughly like that) It kept in the people they wanted to keep in, anyway.

    4 character passwords from a set of 10 characters really isn't that secure. Trying 1000 passwords is trivial for a patient person, if the door is out of sight so they have enough time. Even if it locks them out for a few minutes after some number of bad tries, a patient person could get in after a few nights of work.

    hmm, someone needs to understand their powers of numbers. 4 positions with 10 possibilities actually make for 10000 different combinations (0000 - 9999).

    Remember it is number of digits raised to number of places. so it is 10^4. If there were only 5 digits possible in a sequence of 5 it would be 5^4 = 625 possibilities. This of course assumes you allow repeats of a digit within the sequence.

  • Not Zygo ;-) (unregistered) in reply to mike5
    mike5:
    wilkeson:
    I was half expecting the code to be: 1 2 3 4

    Amazing! That's the same combination a have on my luggage.

    I don't get the joke. My luggage combination is 7593, but you don't see me blabbing about it everywhere.

  • The Fox (unregistered) in reply to KattMan
    KattMan:
    The Fox:
    I'm reminded of the lock in the care home where my grandma used to live. They had a poem posted above the keypad that was something like, Nine trees on a hill Three dogs barking Eight boys playing violent video games (or something roughly like that) It kept in the people they wanted to keep in, anyway.

    4 character passwords from a set of 10 characters really isn't that secure. Trying 1000 passwords is trivial for a patient person, if the door is out of sight so they have enough time. Even if it locks them out for a few minutes after some number of bad tries, a patient person could get in after a few nights of work.

    hmm, someone needs to understand their powers of numbers. 4 positions with 10 possibilities actually make for 10000 different combinations (0000 - 9999).

    Remember it is number of digits raised to number of places. so it is 10^4. If there were only 5 digits possible in a sequence of 5 it would be 5^4 = 625 possibilities. This of course assumes you allow repeats of a digit within the sequence.

    Oops... $me->slap('what was I thinking!');

  • boolean (cs) in reply to esquilax

    I read somewhere once (can't find it now) that someone had found out how to crack a particular car's combination door-lock. It turns out that it would allow the correct code to be entered in the middle of a bunch of wrong numbers (ie, if the code was 1234, typing 987123456 would work. He produced an optimized sequence of about 300 numbers that, if typed in correctly (it would only take a few minutes), would be equivalent to trying every combination. Quite interesting stuff.

  • Moss (cs) in reply to Not Zygo ;-)
    Not Zygo ;-):
    mike5:
    wilkeson:
    I was half expecting the code to be: 1 2 3 4

    Amazing! That's the same combination a have on my luggage.

    I don't get the joke. My luggage combination is 7593, but you don't see me blabbing about it everywhere.

    Haven't you ever seen Spaceballs?

  • emh (unregistered) in reply to joomama
    Could be that someone bumped the lock (look up lock bumping on google or youtube). IE someone had broken in and now any key would work in the lock.. could have been that way from the get go I guess, but I doubt it.

    Most deadbolts used by businesses and homes are susceptible to bumping.

    uhm what? Bumping a lock doesn't mean that any key can open a lock once it's been bumped.. Maybe you're the one who should look it up on google o_O
  • doom (unregistered) in reply to iToad
    iToad:
    CAPTCHA stinky: No, I take a shower once each week, whether I need it or not.
    If it's only once a week, the latter part of your comment does not apply. :P
  • Anonymous Coward (unregistered) in reply to Not Zygo ;-)

    Re: Securing The Server Room 2007-04-25 17:07 • by Not Zygo ;-) mike5: wilkeson: I was half expecting the code to be: 1 2 3 4

    Amazing! That's the same combination a have on my luggage.

    I don't get the joke. My luggage combination is 7593, but you don't see me blabbing about it everywhere.

    sigh

    1 2 3 4 is a common default which most people who don't bother to change it is because they DON'T realize the importance of changing it.

    I'll give you the benefit of the doubt and assume you're having a brain-dead day. :P

  • Unknown! (unregistered)

    See? That's what I've always said: Letting employees walk around armed with pens is a major security breach.

  • Gabriel (unregistered) in reply to Moss
    I don't get the joke. My luggage combination is 7593, but you don't see me blabbing about it everywhere.

    For everyone assuming this fellow has no sense of humor, or is Spaceballs-impaired ... ha-ha! :D

    He publically states his luggage combo, and then says ".. but you don't see me blabbing about it". Very clever, excellant trollmanship! :D

  • Kid (unregistered) in reply to Anonymous Coward
    Anonymous Coward:
    Re: Securing The Server Room 2007-04-25 17:07 • by Not Zygo ;-) mike5: wilkeson: I was half expecting the code to be: 1 2 3 4

    Amazing! That's the same combination a have on my luggage.

    I don't get the joke. My luggage combination is 7593, but you don't see me blabbing about it everywhere.

    sigh

    1 2 3 4 is a common default which most people who don't bother to change it is because they DON'T realize the importance of changing it.

    I'll give you the benefit of the doubt and assume you're having a brain-dead day. :P

    Ooooor, he made another joke so subtle you failed to get it. I'll have to go with this solution. Well done. Well done.

  • merreborn (cs) in reply to Anonymous
    Anonymous:
    Years past, I arrived first at my office early one morning. As usual, I unlocked the front door and walked in. It was only after I had gotten inside and placed my lunch in the refrigerator that I realized I had just unlocked my office's front door with my house key.

    I tried about 5 keys on my key ring. Any key that fit into the lock, it turns out, would unlock the lock.

    The locksmith was called rather quickly after the CEO arrived that morning....

    Our landlord rekeyed our door, and gave us the strangest key I've ever seen -- it looked like a bump key -- it was probably cut 5-5-5-5 or whatever the terminology is. Less than a month later, he rekeys our door again, saying one of the other units had been broken into.

    That's right, not did he do the lamest rekey I've ever seen, he keyed every lock in the complex the same way.

  • ChadN (cs) in reply to AngryRichard
    AngryRichard:
    Apparently, 24 possible combinations was enough to keep the art students out.

    For a keypad with 10 digits, and a 4 unique-digit key, there are either 210 or 5040 possible keys, depending on whether ordering is important.

    If ordering is important (ie. 1,2,3,4 is a different passkey from 4,3,2,1), then the number of possible keys is: 10 perm 4 = 10!/6! = 5040

    If ordering is NOT important (ie. 1,2,3,4 is the same passkey as 4,3,2,1), then the number of possible keys is: 10 choose 4 = 10!/(6!*4!) = 210

    Addendum (2007-04-27 18:48): edit: "4 button cipherlock", meaning four digit keypad, not 10. Sorry for the noise.

  • rbowes (cs) in reply to Unknown!
    Unknown!:
    See? That's what I've always said: Letting employees walk around armed with pens is a major security breach.

    Yeah, it just leads to sexual harassment suits.

    Oh wait, you said pens...

  • Eric76 (unregistered)

    In many places, hitting the fire alarm opens every electronic door. That way, the firemen won't be locked out from the fire they are there to extinguish.

  • Andrew (unregistered) in reply to do it right
    Comment held for moderation.
  • Saladin (cs) in reply to ChadN
    ChadN:
    AngryRichard:
    Apparently, 24 possible combinations was enough to keep the art students out.

    For a keypad with 10 digits, and a 4 unique-digit key, there are either 210 or 5040 possible keys, depending on whether ordering is important.

    If ordering is important (ie. 1,2,3,4 is a different passkey from 4,3,2,1), then the number of possible keys is: 10 perm 4 = 10!/6! = 5040

    If ordering is NOT important (ie. 1,2,3,4 is the same passkey as 4,3,2,1), then the number of possible keys is: 10 choose 4 = 10!/(6!*4!) = 210

    It was a keypad with four keys, though. And the combination had four unique digits. So, it was some permutation of 1-2-3-4.
  • gwenhwyfaer (cs) in reply to ChadN
    ChadN:
    AngryRichard:
    Apparently, 24 possible combinations was enough to keep the art students out.
    For a keypad with 10 digits...
    ...which is why the post you're replying to specified a keypad with 4 digits. I'm guessing what really kept the art students out is that they didn't read the question either.

Leave a comment on “Securing The Server Room”

Log In or post as a guest

Replying to comment #:

« Return to Article