Vulnerabilities in America's TV emergency alert system - exploited last week by pranksters to put out fake warnings of a zombie apocalypse - remain widespread, it is claimed. And that's after station bosses remember to change the default passwords on their broadcast equipment. Mischievous miscreants managed to hack into a …
No less accurate than most of the intended programming
And certain to liven things up, too! "Zombies sighted in Waukegan, film at eleven" -- Orson Welles wishes he had it so good.
I caught part of a recording of a live debate by the Canadian Parliament concerning a potential Zombie invasion from the south (Zombies don't recognise borders!)
Perhaps if all politicians spent more time on these things, they'd have less time to screw up the planning for other more important issues?
...debate by the Canadian Parliament concerning a potential Zombie invasion from the south....
Is that a problem? Surely they'll just go home when they've stocked up on Maple syrup and cheap prescription drugs like they usually do?
Every government should be prepared for a Zombie apocalypse, because a Zombie apocalypse is a ‘playful’ way of creating drills against potentially real life scenarios.
I.E. Zombies can be exchanged for masses of people out of control, where all law and order go out of the window and chaos takes over. Whether it be due to war, man-made or natural disasters, mass riots, virus epidemic, food & water supply shortages, etc.
Re: Maple syrup and cheap prescription drugs
No, they're going to stick around for the better health care...
Failed to change the default pasword
People still ship software with default passwords? Most modern systems require you to set a system password the first time you switch them on, and they won't work until you do. Would be nice to think that suppliers of critical "national emergency" equipment would be on top of the security issues...
Re: Failed to change the default pasword
I think the pertinent words are "recently shipped". A LOT of kit sold before 2006/7 (and quite a bit after this) was just shipped with a default password (maybe a default username as well) with an advisory to change it ASAP. It's only relatively recently that kit has been shipped with a default user/pass but with a forced change on 1st use (Cisco do this now for most kit)
It wouldn't surprise me if this kit was shipped many years ago and never replaced/upgraded cos it just works.
Re: Failed to change the default pasword
2006/7 ? This problem's been around since the 1970s. I have fond memories of wandering around Janet looking for VMS VAXen where the SYSTEM password was still MANAGER, and/or the FIELD password was SERVICE. Only rarely did one have to resort to the UETP account. Anyone still shipping default accounts post-2000 has only thermselves to blame.
this is all just the start of the conspiracy. the more of these hacks that occur, the less people will pay attention to them
and then, when the Zombie Apocalypse is finally unleashed upon the world by the mad scientist behind the conspiracy and also these hacks, then no one will pay any attention.... until it's too late, of course... muwahahahaahahahAHAHAAAHAAAA!!!!
Richard Feynman would approve
If there were to be an afterlife he would be looking down from a cloud and having a chuckle. There is no better way to improve security than by poking fun at its failings.
".... an alert controller box from Monroe Electronics had been abused ..."
Has it been offered counselling?
Re: ".... an alert controller box from Monroe Electronics had been abused ..."
It's OK, Jim'll fix it...
I am not a web designer, so I may have this wrong. Why are these boxes being indexed by search engines at all? Surely a simple robots.txt should be a standard item on these web interfaces thereby telling Google and the search engines to go away and not add it to their index.
To me, the fact that these are findable by any teenager from anywhere on the planet via a simple Google search seems the daftest part of this whole event.
That will then send the potential hacker back to hard work port scanning to find a victim.
robots.txt is not a good way to 'hide' anything. Someone who isn't a bot can simply query your robots.txt file and read a nice list of all the things you want 'hidden'.
I can't wait for the day the zombies DO attack and people try to blame it on "those hackers"..
Now _there's_ a vivid image. Canadian MPs huddled in the cellar, beset by ravening hordes of ActiveX-infested voters. At least they may be "exchanged for masses of people out of control", which sounds much more amenable to paid political advertisments.
- Geek's Guide to Britain INSIDE GCHQ: Welcome to Cheltenham's cottage industry
- 'Catastrophic failure' of 3D-printed gun in Oz Police test
- Game Theory Is the next-gen console war already One?
- Apple cored: Samsung sells 10 million Galaxy S4 in a month
- BBC suspends CTO after it wastes £100m on doomed IT system