- Feature Articles
- CodeSOD
- Error'd
- Forums
-
Other Articles
- Random Article
- Other Series
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
What a botched way to handle that.
As an aside consideration though, it's possible that the system was not as insecure as it sounds. Mag cards have up to 3 tracks where data can be stored. Not all readers have heads for all 3 tracks. So, it's possible that our hero read the card with a 1 or 2 track reader, and only got part of the data. The supposition being that any missed track would contain actual key data.
Of course, if he actually cloned his key with the reader/writer and verified that it still worked, then that bins the whole idea.
And were that to be the case, a simple explanation of how the system worked and was secure would have been perfectly sufficient. Security through obscurity does not work.
Admin
I had the same thing happen to me when I was TA'ing.
My answer was "No, I will continue to do my job here. If anyone has a problem with it, they can try to take me out of the building."
So they got another TA to escort me out of the building.
I asked him if he wanted to fight me, to which he said, if I have to. I was pretty impressed because the guy was about half my size.
So he puts a hand on me and finds himself fireman-carried out of the building, put down with what gentleness I could muster in my very angry state (not much), after which I got back inside.
"Dave" I said to the lab manager "you know me, and you know I'll keep doing this, and you know that if the cops show up I'll do the same to them until I get shot."
The guy stared at me for a little, then said that he believed me.
What followed for about three weeks was an awkward situation in which I would get in with a cloned key, do my job like usual, the position was unfilled and everyone generally pretended I wasn't there, what work I had to do was put on a wall via post-it, and I'd remove the post-it when it was done.
After that I was reinstated.
They never did fix the keycard issue.
Admin
It's a work-in-progress on how to fix it, this happened in 2007:
I had the same thing happen to me when I was TA'ing.
My answer was "No, I will continue to do my job here. If anyone has a problem with it, they can try to take me out of the building."
So they got another TA to escort me out of the building.
I asked him if he wanted to fight me, to which he said, if I have to. I was pretty impressed because the guy was about half my size.
So he puts a hand on me and finds himself fireman-carried out of the building, put down with what gentleness I could muster in my very angry state (not much), after which I got back inside.
"Dave" I said to the lab manager "you know me, and you know I'll keep doing this, and you know that if the cops show up I'll do the same to them until I get shot."
The guy stared at me for a little, then said that he believed me.
What followed for about three weeks was an awkward situation in which I would get in with a cloned key, do my job like usual, the position was unfilled and everyone generally pretended I wasn't there, what work I had to do was put on a wall via post-it, and I'd remove the post-it when it was done.
After that I was reinstated.
They never did fix the keycard issue (which was similar to the one here) though, although I documented it for the next guy to deal with when I graduated.
Admin
Obviously, the evil person in this story is Bill. He set up the crappy security to begin with and needed to protect his own skin.
"Bill, we have a problem with easily cloned cards!" - Egon
"Thank you! I'll discuss this with upper management immediately!" - Bill
After a night of realizing the blame would fall on him ...
"Sorry kid, they fired you. I tried, there was nothing I could do. Here is an empty box, let me help you pack.".
Then all Bill had to do was report to upper management that he immediately fired someone he found out was working on hacking the system, but he found out before any damage could be done. That they should "beef up" security (leaving out how easy it actually was or the incompetence that allowed the situation to happen). Bill is a Big Hero. Nothing Egon could say at this point would make a bit of difference because the fact is: Egon cloned a card and Bill took action. Those remain the facts no matter what really happened.
Admin
Been here, done this.
Was doing some security research due to the sensitivity of an application we were developing and my boss (a co-owner of the company) and I figured knowing how to attack sites was a good way to make sure we knew the areas we would have to tighten up.
I kept my activities limited to just our network and sites on our staging server. I learned a lot. Things like how to crack a printer's embedded web server to have it email me a copy of every print job. How to sniff network traffic and identify sites visited including any user names and passwords sent.. The unencrypted ones at least; I still hadn't learned what a rainbow table was.
That last one is what did me in.
Our local network was built on top of switches. Not even the smart ones either. Basically every bit of info any given machine sent/received was broadcast to every machine on the network. This is normally stopped by decently configured routers but.. well, that would require having hired a network guy who knew the difference between cat-5 and token ring.
Anyway, I wrote a simple sniffer app and let it run while I went to lunch. I didn't realize the above network problem at the time, I was just hoping to capture what my local machine was sending back and forth. However, during that time the app grabbed every single one of my coworkers email login and password (yes, it was clear text.. to an exchange server no less) a few banking passwords (clear text again) and other passwords to other supposedly "secure" systems. Bear in mind, this was in the very late 90s; so a number of banks didn't even know what they were doing at the time.
When I got back and saw what happened I immediately went to my boss, closed his door and told him. At first he said it was no big deal and just continue on. I tried to make him understand that any password sent in clear text could be picked up and no one would know. He iterated that it wasn't a big deal. So I took what I thought was the next logical step: I told him his banking login and password. His eyes got big, thanked me and said he would see about getting this resolved right f'ing now.
The next morning I came in to find myself out of a job. Not much to say after this. Two of their printers continued to send a copy of every print out to a test outside email account I had for 2 years. I figured someone either figured out how to lock down the network around that time or they simply replaced the printers.
Admin
Regardless of anything else, I would have called the cops on you right then and let them figure it out. Don't try this elsewhere it won't end well.
Admin
It's almost the same at the company I work for, just replace mag stripe with RFID. I didn't tell anyone I could clone anyone's card in about 5 seconds, but I did make myself a spare with what seemed like a master key* - perfect when I need to visit places I don't normally have access, or out of normal hours.
Admin
Sounds like a few heads of administration need a reeducation on the word 'attack'
Admin
The CYA approach would have been to select a powerful target (say, a Dean, President, or head of IT/Security), clone their keycard on a magnetic card from a hotel, type up a full disclosure of the vulnerability, and stick both in an envelope and slide it under their office door.