• Zeusbottom
    link
    fedilink
    English
    11
    edit-2
    8 months ago

    In 2011 I was aghast when I learned a popular keycard / biometric system used FTP to pull down its cleartext list of acceptable keys from the server.

    The username was something like ADMIN and the password was PASS.

    And no, that wasn’t the FTP command; that was the password.

    So I’m not surprised that there are still problems with these devices.

    edit: more complete thought

    • @NOPper
      link
      58 months ago

      To be fair to manufacturers for once here, this kind of this is usually due to users not properly securing these systems. The industry is still way behind on proper infosec but they’ve come a long way the last 10 years or so.