Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Hopefully, not your building’s access control system…

Researchers Discover Hardcoded Passwords In Physical Access Controls

February 03, 2019 by Marc Handelman in Physical Security

via Greg Otto, Editor-in-Chief at CyberScoop, comes news of what many security researchers, analysts, engineers, developers and architects have feared (and in some cases obviously have known) for a considerable time: Hardcoded User IDs and Passwords in code running a range of building access controls exists to the detriment of all. Here's the Tenable post and a Medium post providing explanatory content on this troubling find... (Tenable security researchers are the discoverers of the incredible security incompetence of the manufacturer under scrutiny [I'll wager many other manufacturers are guilty of this practice, as well]).

February 03, 2019 /Marc Handelman
Physical Security
  • Newer
  • Older