back to article Sysadmin cracked military PC’s security by reading the manual

Welcome once more to On-Call, The Register’s attempt to make Fridays tolerable by bringing you fellow readers’ tales of terrifying tech support jobs they somehow survived. This week, meet “Guy”, who told On-Call he grew up in the golden age of the microcomputer, meaning that by the time he joined his local Army National Guard …

Lock Story 3: Nothing But a Hand-towel

Smart friend, house in her name, partner & father of her three kids decides to re-engineer his personality with cocaine. He's kicked out but returns one day while she's showering and one of the kids lets him it. He drags her into the street, naked except for a small hand-towel, and locks her out of her own house. Phone box 999, mentions she's naked - said she'd never seen so many police cars turn up at once.

11
0
Bronze badge

Only under orders.

When I was in the Air Force, we were to enter a room to do periodic maintenance. Only the day lock (a five push-button job) had been changed. It was about 0230, and the lead was trying to decide if he should wake up the day shift supervisor or just put off the PMI. I informed him that I could go through the lock.

"Go ahead."

"Is that an order?"

"Yes." (grinning)

It took less than a minute.

8
0
Silver badge

Five button locks

Recently had one go intermittent and then completely fail. But we noticed a pattern... it would only fail when we were wet and cold. So we grabbed a blowtorch, a hammer, threw on some overalls and went to work "gently" heating the lock and providing percussive encouragement. Security patrol walked right by us, totally ignoring two men in somewhat battered clothing working on a lock with blowtorch and dead blow hammer. 2 min and we were in.

7
0

Locks...

All this talk of locks and security gone bad... This snap was taken on my way to work back a couple years.

https://i.imgur.com/dfQcpu5.jpg

As with most security, it's pointless if you don't think it through. And I do mean seriously think it through.

7
0

Sounds about where car manufacturers are right now with security

If your don't know your history employ someone who does, or you are bound to relearn the mistakes of the past.

4
0
Pint

Minor "cracking"

One of my friends knocked one day and growled that he had locked himself out of his foot locker. I said maybe we could pick it, so we went around to his place and took a look. It was a beautiful piece of woodworking, glossy oak. He told me his granfather made. The lock was a padlock through a hasp. Picking was a definitely possibility, but any quasi-cubical object has six sides. So I turned it aound and discovered the hinges were face mounted. So we broke out his Swiss Army knife removed the hinges and he retrieved his key.

5
0

So.. they had "secured" the pc by adding a line to autoexec.bat... lol

Then to secure the hole the changed a rom to stop you being able to abort it being loaded?

Wow that will take seconds to bypass with a boot floppy or taking the drive out and putting it in another machine.

2
0
Silver badge

I'd been moved into a new office, along with our filing cabinets. At some point the key to one of the cabinets vanished. So, I came in at the weekend with some tools and with reference to the openable cabinet discreetly peeled back a corner of the back panel and slid out the locking bar.

2
0

Microsoft XML crazed fever extend to games.

Microsoft Combat Flight Simulator 3 and Age of Empires 3 had all the game variables in XML files.

Things like "points of contact" of aircraft. 3 points with Z= 0 are the landing gear. Delete all the others and enjoy your nigh-invulnerable plane. Delete these 3 and watch the airplanes cross the airfield floor and explode when they go underground, even before the game begins.

Age of Empires 3 had all the variables spelled out, like TrebuchetAttackForce = 20 or something like that. Replace that 20 with 255 or 65536 and watch all your enemies buildings crumble beneath a single catapult attack. But I think that on AoE 3 only the heroes were identified, so if you changed one of these generic attack units, they would change for BOTH sides, so you could mod your game to your heart's content, knowing that your enemies would get the upgrade too... with hilarious results.

2
0
Silver badge

Re: Microsoft XML crazed fever extend to games.

A friend got his hands on street sweeping simulator...

The variables were done in the same way, and he had great fun with the game - changing them so that the wheels were in different positions, making it spawn more, increasing speed etc, making the wheels put quarry dumper trucks to shame, and then putting them all round all over the place, so it acted more like a huge ball.

ah, here it is: https://www.youtube.com/watch?v=dHKpCD1OOvQ this was still quite early on in his experiments.

2
0
Anonymous Coward

Re: Microsoft XML crazed fever extend to games.

I loved the replacement of wheels by people. It has some deeper meaning of how we feel in relation to our companies sometimes.

0
0
WTF?

Re: Microsoft XML crazed fever extend to games.

Someone made a game out of sweeping streets?

Has anybody made a game out of collecting garbage? Watching grass grow? Paint drying?

Actually I found a VR game for Google Daydream that involved doing a stock take in a department store. My favourite though was VR solitaire, with online multi-player mode. Some one doesn't quite understand the concept of solitaire games, and there are two different apps for that.

3
0

Re: Microsoft XML crazed fever extend to games.

Well, there's a Computer Repair Shop Simulator on Steam... so... anything goes.

From the cryptic broken english request from users asking to fix or upgrade their PCs, to waiting for delivery of parts, it's pretty broad.

And Solitaire games were developed to get the user familiar with the interface... like a mouse. A VR solitaire should serve the same purpose then, familiarity with the helmet/goggles and handles.

1
0
Anonymous Coward

Old IBM Aptiva PCs

If you had one of those, you just booted off an IBM-pressed Windows 95 disk to format your machine and reinstall all the factory drivers. It formats and then decompress several zip files, not an actual installation, more like an image. (It beats having those in several floppies, back then.)

I lost/damaged the drivers of its unique winmodem, and sure enough they were in a password-protected .zip file inside that disk. But no password available, even in the manual there was no option for a partial restore, I'd have to REFORMAT the whole thing to get it going. It didn't ask for a password if you formatted it off the bat, however.

Cue zip cracker for DOS. First attempt, only lowercase, 8 digits. Pentium 100 MHz gauged 2 million attempts per second.... off to lunch.

The password is "magic".

If you got old IBM hardware and install disks on passworded zip files, try that. Why would they put their own Windows installation and drivers inside locked zip files is beyond me.

1
0

Did you miss the multi-player solitaire bit? There's plenty of multi-player card games they could have used, solitaire isn't one of them. The clue is in the name.

0
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018