[sudo-discuss] I hax0red your d00r!

[Lisha Sterling]

I am a happy girl, sitting in the hackerspace feeling all pwnie, which is
like a bronie, only not at all. (But I do like unicorns!)

I was given the password to the downstairs door on Friday. I came inside
imagining that there would be other people up here. Alas. There was no one.
I tried the downstairs password on the upstairs door. FAIL! (Mine, not the
system's or the hackers that put it together.) I could not get in. In fact,
I didn't even know the right URL to *get* in the door.

So I sat my bee-hind down on a couch in the common room, got on the wiki,
looked up "door access", found the server name for the inside door access,
and went there. It took me a few tries to figure out the password, but it
was not a hard one.

The door lock is kinda sticky. You can get the right password on the right
URL and hear the mechanism trying to do its thing, but the lock doesn't
fully unlock. The trick is to push the door closed tighter while the lock
turns.

So, yup, I'm inside. Between bringing cookies and breaking into the space,
I guess I should fill out the web form and start calling myself a real
sudoer now. :p

How secure do we need these doors to be? If we have people in the space
MOST of the time, then there is a lower need for security. With an often
empty space, there's maybe more of a risk of theft, vandalism or other
nastiness.

Security through obscurity is no security at all.

- Lish

-- 
http://www.alwayssababa.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sudoroom.org/pipermail/sudo-discuss/attachments/20130324/64ded758/attachment.html>