New York Times intranet hacked
Results 1 to 7 of 7

Thread: New York Times intranet hacked

  1. #1
    Senior Member BrainStop's Avatar
    Join Date
    Jan 2002
    Posts
    295

    Post New York Times intranet hacked

    A story was released about the New York Times internal network being hacked:

    The Register: NY Times Internal Network Hacked

    There's one interesting bit in there:

    Armed with that information, the hacker could use the intranet account of any employee that hadn't changed their password from the default -- the last four digits of the person's Social Security number. One of those belonged to a worker that had the power to create new accounts, so Lamo set up his own account on the network with higher privileges.
    As I say ... the human factor is one of the biggest security risks around!

    Cheers,

    BrainStop

  2. #2
    I've already read the article but good post.
    The biggest computer vulnerability lies between
    the keyboard and the back of the chair.

    Remote_Access_

  3. #3
    Senior Member
    Join Date
    Dec 2001
    Posts
    321
    true, the most secure system is as secure as it weakest part ie the dude behind the screen

    i know we all know about the guessable psswd but do we really use it ...
    for the longuest time i've used the names of my dogs plus some stupid digits ...
    now at work i have to select a real psswd (since they keep logs on sys access...) with all the features well that does sucks cuz i have to remember 4 of them all different ...
    anybody got the same prob ?

    ps i did found a kewl way to remind me of them i simply use commands with no spaces ... the type of commands you rarelly execute if you get my meaning....
    assembly.... digital dna ?

  4. #4
    Hi mom!
    Join Date
    Aug 2001
    Posts
    1,103
    haha, ingenious nabylbt! So, your password is "deltree/yc:\porn" ?

    No, seriously, that's actually a good idea - you can have a fairly long password, which most brute-force attackers have problems with decoding, for it uses things like -, ; and / ... That is, until someone starts putting commando's in dictionaries...
    I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.

  5. #5
    Senior Member
    Join Date
    Dec 2001
    Posts
    321
    not exactly
    more like formatc:/q/u<y.txt
    ......lol
    assembly.... digital dna ?

  6. #6
    Senior Member BrainStop's Avatar
    Join Date
    Jan 2002
    Posts
    295

    Password problems

    One of the problems with passwords is when you ask people to remember too many ... at my previous job, I had around 20 passwords ... most of which I did not create myself. The result: I had to write some of them down, especially the ones I hardly used.

    Human memory can only remember so much. Asking me to change my password constantly and remembering the last 20 passwords I used is going to decrease security.

    I think there is a limit to what you can ask people to remember. Yes, give them an impossible password of 16 characters .... but let them use it for a long time. The more passwords you give them, the more likely they are to be written down somewhere.

    This does favor the call for combining passwords with some kind of physical control such as biometrics to improve security.

    And, let's not forget, forcing people to change the default password the first time they log in.

    Cheers,

    BrainStop

  7. #7
    Flash M0nkey
    Join Date
    Sep 2001
    Posts
    3,447
    yup as BrainStop said it def is time some kind of physical control was brought in - in fact i remember reading a while ago about a keyboard with built in scanner being on the market but I ain't heard anything about it since

    v_Ln

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •