Gregory's Server@WPalant So dumb. This is not hacking, nor is it “security research”. It’s called “troubleshooting”.
The company that hardcoded the password into the DB string should be prosecuted for negligence.
|
Top-level
@WPalant So dumb. This is not hacking, nor is it “security research”. It’s called “troubleshooting”. The company that hardcoded the password into the DB string should be prosecuted for negligence. 1 comment
|
@scottwilson @WPalant Certainly, it violates ETSI 303 645. That has not yet any force of law in the EU, but the UK has a law on the books that makes default passwords illegal.