Skip to main content

My Computer Security Failures

I'm a security-concious guy, but I have screwed up before.  Here are my security failures over time that I know about:


1994: I downloaded and executed a program from the Internet.  The program spun through the Windows 3.11-based system, overwriting all files.  This resulted in significant data loss.

Root cause: User trusted untrustworthy software.  User failed to back up system.


2001: Fell victim to an SSH exploit on my Linux-based router machine.  The machine was compromised by a remote attacker and used to send spam.  The machine needed to be wiped and reloaded.

Root cause: Zero-day exploit vulnerability, and/or failure to keep on top of security patches.


2006: I gave administrative rights to my brother's au pair's Windows XP-based PC, under pressure from the au-pair who wanted to install software.  The machine was quickly overwhelmed by malware despite anti-virus practices.  The machine was kept in service after significant cleanup.

Root cause: The platform assumed users would need powerful privileges; administrator inappropriately complied.


2008: My account at a popular Internet Service, Twitter, was compromised and misused.

Root cause: I followed poor password management practices: I re-used an identical username/password pair with multiple service providers for accounts "I didn't care about".


2008: Unprivileged Mac OS X user account was compromised remotely over SSH via brute force, due to simple username and matching simple password.

Root cause: Administrator enabled remote SSH access but failed to restrict ssh access to specific accounts.


2014: Wireless access point unsecured, resulting in open network access over-the-air.

Root cause: Administrator created a second wireless SSID without properly securing it.

Popular posts from this blog

Fixing a SodaStream Jet, part 1: Disassembly Guide

I've had my SodaStream Jet for years, and once in a while something has gone wrong. Disassembly is the first step to repair.  Start with this article to see how to disassemble the SodaStream, and then once you have that down, scroll through my other articles to see how I repaired specfic SodaStream problems. SodaStream Jet Disassembly Guide Tools Required Flat head screwdriver Phillips head screwdriver 1. Remove the Carbonator.  Duh. 2. Remove the black panel lever The front big black tilt lever needs to be removed first. Removing this panel is tricky, but it isn't impossible. Looking up at the bottom of the black panel, there are two tabs, one on the left and one on the right. These tabs fully secure the panel in place. The trick is to use a flat-head screwdriver under the plastic to gently lever the tabs out of the way.  Note in the pictures how I approach these tabs with my screwdriver.  I usually release the left side first, and then I release ...
Read more

Macintosh: Upgrading an eMac

It's been a long time since I wrote this article, but the fact remains: The good old eMac can still be useful if you take the simple steps to keep it as good as it can be.  All can run Tiger, and most can run Leopard - great operating systems for their day with a bit of useful life.  This article describes the procedure I used to upgrade my old eMac, including: Replacing the internal hard disk with a large capacity drive. Increasing the memory for performance Upgrading the operating system Here I'm upgrading a 700 MHz eMac, but the procedure and tasks for upgrading other eMac models should be almost identical. Upgrading versus Replacing My sister's eMac is of the 700 mhz variety, with 256 MB of memory. The machine seemed to be getting "slower", and the original 40 GB disk was becoming jammed packed with photos and iTunes, and within a few months she'd be out of disk space. There were two options to address the problems: upgrade the eMac, or go o...
Read more

Porsche Key Remote Battery Repair Video How-To

We now live in the age where part of your life is spending time and money maintaining and repairing things like your car keys . My Porsche's remote key was getting weaker and weaker, until one day it stopped operating altogether. Keyless remote without the remoteness. Not so good. I was a bit fearful spending a sizable chunk of my time and money at the dealership to have such a small problem addressed, and so I decided that I would try to replace the battery myself. Items required A clear work surface A small flat blade screw driver. A quality lithium CR-2032 Battery, available here. Procedure The following video shows how I successfully opened up the key without breaking it, and replaced the alarm remote battery. In short, from the vantage point of the key's steel part facing away and the buttons facing up: I take a small screwdriver and press on the little plastic tab on the left side.  At the same time I use my fingers to start to pull the two halves apart.  From th...
Read more

Robust Installation of an HDHomeRun Networked TV Tuner. 64 OTA channels!

I added an HDHomerun (HDHR) over-the-air (OTA) streaming box to my home network, bringing over-the-air broadcast TV to my computers, phones and tablets.  The HDHR is a big upgrade from my previous setup: using a simple "window mount" antenna directly connected to my TV. A TV-attached antenna is good for watching some TV for free, but the HDHR offers so much more flexibility. Figure 0: HDHomeRun on my basement wall   My original OTA TV setup was haphazard at best. It was finicky, ugly, and hard for other people at home to use. I would actually tape my antenna to a window whenever I wanted to watch OTA TV. Plus, it only worked on my TV and not with my other devices. I wanted a cleaner and more modern OTA setup. After looking at possibilities, I developed two goals: (1) bring my OTA TV into the modern Internet-connected era, and (2) set it up in a reliable and pretty way so that other family members wouldn't have to fool around with the antenna or anything else.  With that,...
Read more

Fixing a SodaStream Jet, Repair #2 - Broken Fill Button

My Soda Stream Jet's fill button broke, which means I can not longer carbonate water by pressing the pushbutton. This caused all sorts of grief in my household. Here is how I managed to repair my Jet to give it another 10 years of life (hopefully). First, a look at the button The fill button on the top of the SodaStream is actually a simple lever. Pressing down on the button moves a pin that does the actual work of pressing open the Carbonator's valve. Unfortunately, the axis point is fairly thin and can see a lot of stress. That's where my Soda Stream button cracked. [ I think the usage tip here is "don't over-press the button like a gorilla, it doesn't do anything but put high stress on the button."] Cracked levering point of the button The Pesky Lever Retaining Pin The Fix It was pretty easy for me to replace the button: Take off the back of the Soda Stream and remove the carbonator. Push out the the button lever's steel retaining pin. This takes qu...
Read more

Excellent DD-WRT Router for Me: Netgear WNDR3400 / N600

My WiFi performance was suffering, and so I decided to do something about it and upgrade my router. When I say my WiFi performance was suffering, I really mean it:  I live in a large high-rise apartment building and there are 100+ WiFi access points visible from my home office.  All of the contentious traffic was severely curtailing my WiFi reliability.  I was lucky to get 1 Mbit/second throughput.  Sometimes I was lucky to stay connected even with my WiFi router in the same room. I decided it was time to go for 5 GHz, which is a WiFi band which is used less frequently and which has a tougher time traversing walls.  And of course I wanted DD-WRT support.  The set of features I was looking for included: Trouble-free DD-WRT support 5 GHz 802.11n Support Simultaneous dual band capability Inexpensive.  Maybe even cheap.  For me this means under $50.  Under $35 is even better! It sounds like an easy task to bring all this together: A...
Read more

Other Posts

Show more