Reply to post: Re: Default password ?

Softbank's 'Pepper' robot is a security joke

handleoclast

Re: Default password ?

They made a very special effort to mess it up this badly!

Yup. And I can tell you why. I don't condone it, but I can explain it.

Engineer demos changing password to PHB. PHB realizes that customers can change the p/w and then forget what the new password is resulting in many calls to support. So some hard-coded credentials are required just to recover from that scenario. And if you're going to have

hard-coded credentials anyway, you might as well prevent them from changing the p/w in the first

place, because otherwise you have to have a hard-coded user which isn't called root but has root access, and that's difficult (if you known nothing about sudoers), or an SSH cert (which, to be

fair, creatively stupid users could delete).

And, as somebody else said, if it's booting from non-writeable memory then why add some flash and extra code to permit changing the p/w when you don't want them to change it anyway?

So I can see why they'd do this sort of thing, stupid though it is. A PHB on a cost-cutting exercise would naturally dictate that this be done.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019