Email or username:

Password:

Forgot your password?
Top-level
Scott Wilson

@WPalant So dumb. This is not hacking, nor is it “security research”. It’s called “troubleshooting”.

The company that hardcoded the password into the DB string should be prosecuted for negligence.

1 comment
Michael Richardson

@scottwilson @WPalant Certainly, it violates ETSI 303 645. That has not yet any force of law in the EU, but the UK has a law on the books that makes default passwords illegal.

Go Up