Disgruntled Ex-Employee Remotely Disables 100 Cars 384
hansamurai writes "Over one hundred cars equipped with a Webtech Plus blackbox were remotely disabled when a former employee of dealership Texas Auto Center got hold of his employer's database of users. Webtech Plus is repossession software that allows the dealership to disable a car's ignition or trigger the horn to honk when a payment is due. Owners had to remove the battery to stop the incessant honking. After the dealership began fielding an unusually high number of calls from upset car owners, they changed the passwords to the Webtech Plus software and then traced the IP address used to access the client to its former employee."
I don't understand (Score:5, Funny)
Can someone explain this article to me using a car analogy?
Re:I don't understand (Score:5, Insightful)
Sure. You don't qualify for a car loan, but they'll sell you a car, with a 5% per month interest rate, all sorts of fees, and a "you pass by the office by such-and-such a date with the cash or we kill your car" deal. Lots of cash income, much of it undeclared by the dealer, since the financing is not reported to credit rating agencies (it's called "in house financing" for a reason :-)
The car analogy? It's like getting a sh*tty deal on a sh*tty car.
Re:I don't understand (Score:4, Interesting)
To be fair, there are plenty of used car dealers who don't overcharge but do sell to not-terribly-reliable clients. They need a way to get their vehicle back when those clients quit paying.
Re:I don't understand (Score:5, Informative)
Here, let me fix that for you:
"To be fair, there are plenty of used car dealers who overcharge when they sell not-terribly-reliable cars to not-terribly-reliable clients. They need a way to get their vehicle back when those clients quit paying so they can flip them to the next sucker."
40% or more a year interest, extra fees, inflated "deposits" that are inevitably forfeited as soon as the sucker is one day late, the car repoed and the customer STILL owes the full amount as damages, "it's not a sale, it's a lease - at the end you can buy it for $100.00" - when at the end it's $100 + fees.
It's the auto equivalent of pay-day loans.
Re:I don't understand (Score:5, Insightful)
Re: (Score:3, Insightful)
Why? Do the "worst of the deadbeats" somehow still deserve credit? Credit isn't a basic human right. For that matter, owning a car isn't a basic human right, either.
If the deadbeats "need" a car, they really "need" to save enough money to buy one. I'm sorry about your destitute friend's situation, but I didn't extend her the credit that she defaulted on in the first place. I didn't give her the bad debt history. If she "hit a rough patch", she was already overextended when she hit it. Her creditors d
Re:I don't understand (Score:5, Insightful)
That's false. For one, about half of all bankruptcies in the US are caused by people with medical insurance who can't pay their medical bills. And another, if you want to get a divorce, just start an account and tell your partner "that's the divorce account so that I won't be overextended in case of divorce." That's only slightly worse than hiding money away without telling them what it's for.
Re:I don't understand (Score:5, Insightful)
For one, about half of all bankruptcies in the US are caused by people with medical insurance who can't pay their medical bills.
I used that fact on another forum, and someone countered that the amount of $$$ that the bankruptcies were for was in the order of $1000 or so. My first thought was - "bastard, shoot my argument down why don't you". Then my second thought was "Jeez, is that how little money separates the majority of people from bankruptcy. Thats really sad".
Re:I don't understand (Score:5, Informative)
They were pulling numbers out of their asses. The Harvard study says it's a lot worse. http://content.healthaffairs.org/cgi/content/full/hlthaff.w5.63/DC1 [healthaffairs.org]
and
Just look at the "out-of-pocket" expenses - and keep in mind that this doesn't include having to continue to pay insurance premiums while losing revenue because you're ill ,,, url:http://content.healthaffairs.org/content/vol0/issue2005/images/data/hlthaff.w5.63/DC1/Himmelstein_Ex5.gif?
Re:I don't understand (Score:5, Insightful)
And yet you folks still seem to honestly believe the "socialized medicine" would leave you WORSE off than you are ?
*shakes head sadly*
Re: (Score:3, Insightful)
And the counterpoints...
1) Right now America's biggest problem isn't doctors testing too much - it's too LITTLE testing. Americans don't do any preventative medicine choosing to go to the doctor only when the damage done is already severe.
Guess what - early detection and preventative care is not only better for saving lives, it generally costs a lot less to provide.
The old adage goes that "early detection of cancer means before there are serious symptoms" - how do you equate that with a system where people
not really $1000 (Score:4, Interesting)
Here's a study: http://download.journals.elsevierhealth.com/pdfs/journals/0002-9343/PIIS0002934309004045.pdf [elsevierhealth.com] ("Medical Bankruptcy in the United States, 2007: Results of a National Study")
"92% of these medical debtors had medical debts over $5000, or 10% of pretax family income. The rest met criteria for medical bankruptcy because they had lost significant income due to illness or mortgaged a home to pay medical bills. Most medical debtors were well educated, owned homes, and had middle-class occupations. Three quarters had health insurance."
So while the medical debt is not necessarily sky-high, losing your job due to illness means that you are screwed on all your debts. Car, house, etc.
Also, further down: "Out-of-pocket medical costs averaged $17,943 for all medically bankrupt families" ... this means that these families successfully paid A LOT of money (~$13K) before declaring bankruptcy and ending up in an average of ~$5K of medical debt. These are not the people that ran up huge consumer debts and declared bankruptcy. These are the people that paid every bill until they just had no money left.
Re:I don't understand (Score:5, Insightful)
If -that- isn't an argument that your medical system is fundamentally FUBARed then I don't know what is.
It's the worlds most expensive by far, has mediocre results (compare infant mortality or any other stat you can think of to any other country that spends above half the amount you spend) AND it regularily brings families into financial ruin, families that are ALREADY facing seriuos health-problems of one of the family-members, even those who HAVE insurance. (nevermind those who don't)
It's COMPLETELY incomprehencible to me that anyone is willing to accept that crap. Seriously.
Re: (Score:3, Interesting)
Anyone stupid enough to loan money to someone who has walked away from their previous debts deserves the chance to lose any money they loan that person. Usurious loans fall under that category, too.
Must be nice to live in a perfect little world where you are the sole person that can hurt your credit. My uncle doesn't talk to my grandmother because when he was in college she got a few credit cards in his name and destroyed his credit. When he got out of college he had student loans to take care of.
Re:I don't understand (Score:4, Insightful)
If the deadbeats "need" a car, they really "need" to save enough money to buy one
I've bought 3 cars in my life for under $200 each, you don't "need" to buy a car on credit.
Anyone stupid enough to loan money to someone who has walked away from their previous debts deserves the chance to lose any money they loan that person.
And if they've loaned that money on the condition they can reclaim the car/home/kidney if the debtor stops paying, they have the right to reclaim it. I'm pretty confident those dealers aren't losing money on these loans. Its a much worse deal for the consumer than it is for the dealer, you can be sure of that
Re:I don't understand (Score:5, Informative)
I suppose you are trolling but I'll answer your question: it is because there is a higher risk they will never see their money back. If you lend money to 100 people and 10% of them will not repay you, you cannot expect to gain anything if the loan rate is under 10% do you ? If you take an other set of 100 people where you expect only 1% of non payment then you can give them a much better rate.
It just happen that people with large disposable income are less likely to default on a loan.
Re: (Score:3, Funny)
Re:I don't understand (Score:5, Insightful)
>Its statistics.
No, it's just arithmetic. Stats is concerned with how likely and how often defaults may occur, not the overall gain or loss as a result.
>Perhaps because you aren't very bright?
Don't be a dick unless you are absolutely sure you are right. Even then, don't be a dick.
Re: (Score:3, Insightful)
Re:I don't understand (Score:4, Insightful)
You do realize that all of it is in the contract you sign up front so you know what you are spending if you bothered to read.
Second, you won't find a contract that says you have time after the due date before they can collect the item. Every contract states clearly that the instant you are late they can start the recovery process. If you don't want them to start the recovery process, follow the rules. If you don't like the rules, don't sign the contract, its not hard.
Just because you're used to living in a world where companies realize that most of the time its easier to float you a few days than it is to start the collection process and piss you off doesn't mean you have any sort of right or expectation that you should be able to bend the rules of the contract.
Its funny, you think its okay for you to bend the rules, but not for them to make unfair ones.
Thats pretty fucked up if you really sit down and think about it.
power imbalance (Score:4, Insightful)
whenever there is a power imbalance: little guy versus organization, things like desperation can move idiots to sign really stupid contracts. therefore, if the contract itself is abusive and usurious, it does not matter that you signed the contract, what matters is that one side of the contract, the one with more power, agreed to put someone in a financially abusive situation
i can make a contract that says "if you are a day late, i get your firstborn", and some idiot will still sign that contract. because people are idiots. but the observation does not end there: evil is worse than stupid
making abusive contracts is a form of preying on the weak and helpless and stupid. the weak and helpless and stupid must be protected by society, not because they deserve it, but because the assholes who prey on them get even more powerful, and pretty soon they're enforcing abusive terms on average intelligence folks of average means
so for a well functioning society, you need to punish the usurious, you need to punish those who make up abusive terms. they are far far worse than complete idiots
Re:I don't understand (Score:4, Insightful)
Re: (Score:2)
Go ahead and try to fight the $39 late fee in court if you're so inclined...
Congress actually had to pass a law [sflcn.com] to stop it.
Re:I don't understand (Score:5, Insightful)
Or you can just set up automatic payments for everything.
This works well up until there is a problem or billing dispute. For example, I know of someone who had automatic payments being made from their account to the electric company. The utility decided that some damage that he didn't think he was responsible for was, in fact, his responsibility so they withdrew $7500 from his bank account. He discovered this when his other cheques and whatnot started bouncing.
I have nothing set up for automatic payments. It doesn't take that long to write someone a cheque and put it in the mail, and I retain control of my own bank account and know that money won't be magically disappearing.
When it comes to a billing dispute, I would prefer to have them coming after me for money rather than be in a position where I am trying to get my money back from them.
I pay my bills but I want to know exactly how much I'm paying and what I got for my money. Then I'll write you a cheque.
In that order.
Re: (Score:3, Informative)
Sounds like a flaw in the banking system in your country...
In the UK we have standing orders and direct debits, standing orders are a fixed amount decided on by you and are great for loan payments and the like where the amount never changes...
For variable amounts like utility companies etc, we have direct debit which offers a guarantee similar to a credit card - you file a dispute and your meant to get the money back immediately while the dispute is sorted out... They also have to notify you a couple of wee
Re: (Score:2)
This is like DRM for cars.
The real question, though, is whether removing the battery was a violation of the DMCA.
No the really real question is now that real hackers know about this system how long before the real lulz....
So... (Score:2, Interesting)
How long until the police/feds/intelligence/etc get to start using this on civilians?
Re: (Score:2)
Well, since the devices are probably not terribly cheap, they are only installed on cars from tote-the-note car lots. Since the places are a horrible scam, it shouldn't be too surprising that other... non-fun consequences... can come of the deal.
If you get a car (new or used) from a normal dealership, they don't have this ability (unless OnStar decides to start enforcing GMAC payments).
Re: (Score:3, Insightful)
That's awfully glib. How do you propose people save up the money to buy a car with cash, if they can't get to work because they don't have transportation? This is America, after all, where public transit is between nonexistent and useless in most cities.
Re: (Score:3, Insightful)
Even better, Onstar, unlike this service, cuts across multiple demographics. Most of the people with credit so shitty that used car vendors are installing remote kill switches are probably the sort that the police already know how to "deal with", so to speak(after all, what is some overworked public defender going to do about it if they 'slip and fall' during a little friendly questioning?). Onstar, though, is a service that gives you access to the sort of people you can't just pull
Re:So... (Score:5, Informative)
They already are. See the latest OnStar commercials. If they're chasing you and you don't stop, they can either slow your car down, kill it, and/or make it start honking and flashing lights. And they can keep you locked in your car.
They've also been caught using it to spy on people by activating the voice channel.
Never buy a vehicle with OnStar.
Re: (Score:2, Insightful)
If the vehicle is otherwise a good deal, I think it is fairly straightforward to either pull the fuse or disconnect the antenna.
Re: (Score:2)
Re: (Score:2)
On older OnStar-equipped cars, the OnStar stuff was in one or two separate boxes, and you could unplug them from the harness.
IIRC, though, on newer cars, it's integrated into the ECU. Unplug that, and your engine doesn't run.
You could probably unplug the antennae, and build a Faraday cage around the connections, though.
Re:So... (Score:5, Insightful)
they already got it - billions of it. Bail-out bux.
Re:So... (Score:4, Funny)
OnStar would interpret such a move as an attack.
Re: (Score:2)
OnStar would interpret such a move as an attack.
And launch nuclear weapons against the human race?
Re: (Score:3, Funny)
oh jeebus.
Come on, man. really? [wikipedia.org]
They shouldn't be able to listen, but more complex (Score:3, Interesting)
> Never buy a vehicle with OnStar.
The system should be more or less hard-wired so that it notifies you when the microphone activates for any reason. But as a consumer, I might be willing to accept the possibility of listening in for the added level of safety. I'd be a helluvalot MORE likely to do so if they needed a warrant to listen, but even so, it's good to have an added level of redundancy in your safety systems. Keeping a cellphone, being able to get to a cell phone, the cell phone working where
Re:They shouldn't be able to listen, but more comp (Score:5, Insightful)
My sister is like that... Willing to remove all risk from her life and put control in the hands of other people for the safety of her kids. That's all well and good, but I don't need someone having the ability to remotely disable my automobile regardless of my distance from the person with their finger on the button. Sure, responsibility for my family is is important, but I don't need the specter of a nanny snooping in and judging me because I want to listen to some Middle Eastern music.
Life is risk. When you shed risk, it's usually at a price.
Re: (Score:3, Interesting)
My sister is like that... Willing to remove all risk from her life and put control in the hands of other people for the safety of her kids.
You'd be amazed how many people are. "For the chillllldruuuun!!!" is one of those arguments that you just can't win because you either get painted as someone who'd understand if they had kids or someone who's sympathetic towards kiddie fiddlers, at which point any chance of a sensible discussion just goes out the window.
It's the modern-day equivalent to witch hunting.
Re: (Score:2)
Re:So... (Score:5, Informative)
Sure. Case in Las Vegas [subliminalnews.com]. Note that the FBI's use was not deemed illegal/inappropriate, but rather that it denied the user/owner of use during that time.
Re: (Score:2)
How long until the police/feds/intelligence/etc get to start using this on civilians?
The technology to do this has been around for over 10 years.
What a maroon. (Score:5, Insightful)
If you're going to play around with your ex-employer's systems like that, you don't do it from your own home. You go interstate, to a 'net cafe, and do it from there! Sheesh. Kids these days.
Maroons make the news (Score:4, Interesting)
Non-maroons who do stuff like this, do it from net cafes using a chain of anonymous proxys, and they do not get caught.
It's just the maroons like this one that you hear about.
Re:Maroons make the news (Score:5, Insightful)
Non-maroons who do stuff like this, do it from net cafes using a chain of anonymous proxys, and they do not get caught.
It's just the maroons like this one that you hear about.
If I was ever going to consider doing this I'd buy a cheap laptop off Craigslist for cash, and then buy a wireless card for cash from another location, and then drive to some community in the middle of nowhere and look for an open wireless AP. After which I would then pass said laptop through a shedder .. a really big shredder.
Re: (Score:3, Insightful)
Re: (Score:2)
And make for fscking sure you weren't carrying a cell phone with a battery in it, driving a car with OnStar, or doing anything else that can put you anywhere near the location of the AP you're connecting to. Oh, and avoiding cameras would probably be good, too.
The Cell phone battery - definitely. I've seen too many crime scene documentaries on TV (Forensic Files etc) to not do that. I'm not buying an OnStar equipped car. The cameras are harder to avoid, but I suppose you could steal the plates of a car that was the same make/model/color of yours and use them in place of your own (at least for a short time). And hopefully there are no cameras tracking your face in any neighborhood.
Now excuse me while I talk to the nice FBI agents at my door.
Re: (Score:2)
those anonymous proxies tend to be mighty slow though
Not if you use seven of them...
Re: (Score:2, Insightful)
As another point, I hope that the dealership is prosecuted for this. If they are providing loans, they have sensitive data, and if they are not changing passwords when an employee is terminated, one can assume tha
Re: (Score:2)
Well, if that's Central Texas you have to drive around the block to find a neighbour who is incapable of enabling encryprion on his/her wi-fi router and do it from them.
Moron (Score:4, Interesting)
Re:Moron (Score:5, Funny)
Oh man, trying to read that hurt. Punctuation is our friend.
Re: (Score:3, Funny)
> Punctuation is our friend. ::
>
>--
>:: aztek
>No sig for you!!
Uh..it's easy to get carried away, however...
Re: (Score:2)
Re: (Score:2)
Well, to be fair he did state up front he was a moron, and as far as incoherent ramblings of a moron go that wasn't too bad.
This sounds like some great software. (Score:5, Funny)
Re:This sounds like some great software. (Score:5, Funny)
I think a new Toyota would be exactly what you're looking for.
Re: (Score:2, Funny)
It's for people with crap credit (Score:5, Informative)
They don't ask for it, the bank makes it a requirement of the loan. This way if a payment isn't on time, they can turn the car off to force the issue. You aren't going to find it on a car from a dealer, financed by a normal bank. It is for high risk situations.
Re:It's for people with crap credit (Score:5, Informative)
Or for people who own cars from GM. Onstar has this same kind of functionality.
Re: (Score:2)
Another disgruntled employee (Score:5, Funny)
When are bosses going to learn to stop taking away their gruntles??
Re:Another disgruntled employee (Score:4, Interesting)
"Disgruntled" is a word with very interesting origins. On the surface, it is one of those words (like "non-chalant") that appears to be a compound suggesting a non existent opposite word (like "chalant")
The OED cites P.D. Wodehouse for "gruntled", but obviously Wodehouse was playing with the language here when he suggests that it means "satisfied". "Gruntle" is actually a word, but it is an obsolete one. It is not the opposite of "gruntle". "Gruntle"/"disgruntle" is a word pair more like "flammable"/"inflammable"; the "in-" prefix in "inflammable" is not the "in-" that means "not" ; it is the "in-" prefix that means "in, into or onto". The "in-" in "inflammable" is a cognate of the prefix "en-", as in "enraged".
"Dis-" in "disgruntled" is from a much rarer and erudite Latin sense of "dis", one that means "utterly". Both the "utterly" sense of "dis" and the "not"/"lack"/"opposite of" senses come from a Proto-Indo-European root mean "to separate".
So we should take "disgruntled" to mean "utterly gruntled", not "un-gruntled". So what is "gruntle" supposed to mean? Technically, "gruntle" is the frequentive form of "grunt". A "frequentive" verb is one that indicates a continual, incessant action. The word "gruntle" originally came into English meaning the incessant sounds made by an inconsolably upset pig. Later by metonymy it came also refer to the pig's snout (the part he gruntles with), and later the word was used to describe the faces of people in an unpleasant mood. There are not so many useful Latin prefixes for amplification, and "supergruntled" does not trip off the tongue, so "disgruntled" became the word for a person whose face expressed a very unpleasant mood.
Hmm (Score:4, Insightful)
Perhaps Toyota should review which Engineers have been fired lately.
And THIS, ladies and gentlemen... (Score:5, Insightful)
...is the perfect example (and with car analogy indeed) of why DRM and remote product (de)activation is doomed to failure.
Re: (Score:3, Informative)
Shrug, several people pay for these features.
LoJack and OnStar, services which cost considerably yearly fees have this feature as a selling point.
In this case its used just like LoJack. The bank requires it be installed on cars of jackasses who no one wants to finance due to their history. It in fact is something that allows the bank to feel confident that the risk of the loan is not unacceptably high for someone who indeed is an unacceptably high risk. Its really no different than the higher interest ra
Re:And THIS, ladies and gentlemen... (Score:4, Interesting)
...is the perfect example (and with car analogy indeed) of why DRM and remote product (de)activation is doomed to failure.
Actually, this is a perfect example of why remote product deactivation is a great idea (it reduces the risk involved in selling a car on credit to people who are lousy credit risks), there are just some glitches that need ironing out. If it had been authenticated with a certificate which could be revoked as soon as the employee left (even better - build the certificate revoking process into the "remove employee from computer system" process) it'd be much less of an issue.
If you want an example of why remote product (de)activation is a lousy idea - and one with a car analogy - there was one on /. a couple of years back about a gated multi-storey car park where the developers of the car-park remotely locked the car park (locking all the cars in) when the owner refused to pay a monthly fee.
Only two replies that mention Toyota? (Score:2)
It Is My Sad Duty To Inform You... (Score:4, Insightful)
Dear Mr. Goosnarp:
I regret to inform you that the dealership no longer requires your services. Please don't assume that we believe you are without value as an employee and a human being, it's just that your particular skillset is not what we really need right now. Although you consistently exhibit a very high level of originality, and your computer skills easily surpass anyone else currently in our employ, we need somebody who pays more attention to the small details (cough) IP addy (cough).
We wish you well in your future endeavors, and would be delighted to supply a positive recommendation to any prospective employers who may contact us...as long as you don't do anything stupid.
Sincerely,
Your Former Boss
Re:and (Score:5, Insightful)
this makes front page of slashdot, why?
Because it makes the idiots who claim this kind of backdoor would never be misused look bad. Why are you protesting so much, anyway?
Re:Back door? (Score:5, Insightful)
It is a back door. It's a back door installed by the dealer into your car with the assurance that it won't be misused.
The "front door" would be for them to send you a letter when you miss a payment, and send someone over to repossess the car if you continue to miss them, but I guess they feel that the tiny number of people who would try to steal the car justifies inflicting this system on all of their customers.
Repo in AZ (Score:3, Interesting)
Or do what Arizona does where all the dealer has to do (other than a few formalities) is ask you to return the car, OR ELSE.
Since the OR ELSE in Arizona is a class 6 felony!
Facing up to 2 1/4 years in prison and being a felon for not turning it in makes having repo woman/man kinda redundant (surprisingly they exist, even though a dealer can have the police get the car back for free).
P.S. I'd HATE that law if I was a repo company employee or owner! Less reason to be used, and people in prison don't drive car
Re: (Score:3, Insightful)
It's not your car, you failed to pay for it. Is the security guard who protects the banks money a scumbag too?
Re:Back door? (Score:5, Funny)
Well, duh! Because it's easier to remember. And it's better than having a post-it for each car -- just one post-it with the one password will do!
Re: (Score:3, Funny)
Re: (Score:3, Funny)
You can even stick it on your monitor!
That's no good. What if it falls off?
Even sticking a post-it under the keyboard won't do. Safest would be writing the password on the beige crt monitor bezel using a jiffy marker.
All joking aside I've seen it done. Not sure what happens if the password changes. Whiteout?
Re:Back door? (Score:4, Funny)
Well, duh! Because it's easier to remember. And it's better than having a post-it for each car -- just one post-it with the one password will do!
One post-it to rule them all!
Re:Back door? (Score:5, Insightful)
No.
The real question is what the blistering hell are remote kill switches doing on cars in the first place?
I'm sure there's an iPhone analogy somewhere here...
Re: (Score:2)
Still entirely tacky...
Re: (Score:3, Insightful)
Will you spend 2 minutes to read the fucking article. It gets removed for free after the last payment.
If you're going to comment on something you didn't read at least pretend to know the answers.
Re:Back door? (Score:5, Funny)
But what happens after the last payment is made?
Re:Back door? (Score:5, Informative)
The real question is, why is there *one* password for all the cars? Shouldn't it be one password for each employee who has access to log into the "car disabling" server which then sends the lockdown signal using a trusted certificate?
They shouldn't have to change the passwords at all, just delete the employee's user account.
No. That's not the real question. It's a stupid ass question because it was answered in article.
Each employee does have an account. His account was even disabled. He used another employee's account.
Man, you got a +5 for "I didn't read the article" - I can understand no one bothering to mod you down, but +5 stupid? Come on...
Re: (Score:2)
They shouldn't have to change the passwords at all, just delete the employee's user account.
If you'd RTFA, they did delete his account, or at least deactivated it. He was using the login info of another employee to get in and cause havoc.
Re: (Score:2)
Re: (Score:2)
Shut off power will result in death for a few people who depend on home-oxygen equipment.
Already happened (not a remote turn off, just a normal deliquent shut off). I believe it was in Australia.
Person lost use of their O2 concentrator (produces O2 from the air).
They aren't supposed to do that, if one has a medical condition their account can be flagged at the power company to prevent that (in theory).
Re: (Score:2)
This makes it to the front page of Slashdot so that you can summarize it with a car analogy.
Or maybe it's a trick and you're supposed to summarize it with a computer analogy. Could go either way.
Re: (Score:2, Offtopic)
Second link to Wired today. I smell something fishy...
Comment removed (Score:5, Insightful)
Update of old sticker (Score:5, Funny)
Re:and (Score:4, Funny)
<sarcasm>
Of course its hacking! how else could someone do that???
Next you're going to say that someone guessing a Facebook password isn't hacking!!!
</sarcasm>
Re: (Score:2)
it wasn't a hack. It was as simple act of intrusion without authorization.
One could argue semantics in that he was authorized, but he was incorrectly authenticated. IE he used an authentication that wasn't his, and then did what that authentication entitled him (was authorized) to do. Authorization worked perfectly. This is a case of an "authentication failure", but in the sense that the authentication process didn't do it's job, but in a way that allowed when it should have denied. (in contrast to the
Re:and (Score:5, Informative)
When I submitted it I made a particular point to remove the references to "hacking".
Re:and a traceable intrusion (Score:3)
This guy must be an idiot to get traced to his IP address.
Don't they have free wifi Cafes in Texas?
Any dealership I've been has a free wifi in their service waiting lounge. He's out of work, plenty of time to grow a beard, buy (ok Steal) some sunglasses, a black cowboy hat, and sit in their own waiting lounge and beat them with their own stick.
Re:What a dolt . . . (Score:5, Funny)
or the Brown Note?
Re:Should have changed password right away (Score:5, Funny)
Since I RTFA I know that he used someone else's password.
Re: (Score:3, Informative)
the correct procedure is to
1 revoke the passwords/tokens for said employee
2 redact the persons desk and figure out how long of a timeout is needed (if any)
3 after the timeout escort the employee from the property
so the three words you need to know are Revoke Redact Remove this would be the only safe thing to do
Re: (Score:2, Insightful)
I don't think that goes far enough. Here is my proposal:
1. remove all clothes and perform anal cavity search - he could be taking company property with him
2. place in a straight jacket and a muzzle before escorting out - he could try attacking or biting other employees
3. install a radio controlled explosive device inside the body, to go off if he ever gets within 100 feet of the office building
It's the only way to be sure.
Re: (Score:2)
...what trojan horse like hardware means.
Really crappy cars? [friendlymantis.com]