Skip to main content

My Computer Security Failures

I'm a security-concious guy, but I have screwed up before.  Here are my security failures over time that I know about:


1994: I downloaded and executed a program from the Internet.  The program spun through the Windows 3.11-based system, overwriting all files.  This resulted in significant data loss.

Root cause: User trusted untrustworthy software.  User failed to back up system.


2001: Fell victim to an SSH exploit on my Linux-based router machine.  The machine was compromised by a remote attacker and used to send spam.  The machine needed to be wiped and reloaded.

Root cause: Zero-day exploit vulnerability, and/or failure to keep on top of security patches.


2006: I gave administrative rights to my brother's au pair's Windows XP-based PC, under pressure from the au-pair who wanted to install software.  The machine was quickly overwhelmed by malware despite anti-virus practices.  The machine was kept in service after significant cleanup.

Root cause: The platform assumed users would need powerful privileges; administrator inappropriately complied.


2008: My account at a popular Internet Service, Twitter, was compromised and misused.

Root cause: I followed poor password management practices: I re-used an identical username/password pair with multiple service providers for accounts "I didn't care about".


2008: Unprivileged Mac OS X user account was compromised remotely over SSH via brute force, due to simple username and matching simple password.

Root cause: Administrator enabled remote SSH access but failed to restrict ssh access to specific accounts.


2014: Wireless access point unsecured, resulting in open network access over-the-air.

Root cause: Administrator created a second wireless SSID without properly securing it.

Popular posts from this blog

Fixing a SodaStream Jet, part 1: Disassembly Guide

I've had my SodaStream Jet for years, and once in a while something has gone wrong. Disassembly is the first step to repair.  Start with this article to see how to disassemble the SodaStream, and then once you have that down, scroll through my other articles to see how I repaired specfic SodaStream problems. SodaStream Jet Disassembly Guide Tools Required Flat head screwdriver Phillips head screwdriver 1. Remove the Carbonator.  Duh. 2. Remove the black panel lever The front big black tilt lever needs to be removed first. Removing this panel is tricky, but it isn't impossible. Looking up at the bottom of the black panel, there are two tabs, one on the left and one on the right. These tabs fully secure the panel in place. The trick is to use a flat-head screwdriver under the plastic to gently lever the tabs out of the way.  Note in the pictures how I approach these tabs with my screwdriver.  I usually release the left side first, and then I release ...
Read more

Sodastream Carbonator Leakage, Usage, and Weight

SodaStream 60L "Carbonator" CO2 cylinders have a specific weight when empty, plus about 410 or so grams for the CO2 they should have when they're "full".  A little while ago I went to buy a replacement Carbonator from my local hardware store. The dealer pulled a new Carbonator out of the box and sensed it was lighter than usual.  He put the "light" Carbonator in the "empty" pile and sold me a different one.  At that moment I concluded that it would be smart of me to weigh both new and empty SodaStream carbonators.  Here are the results. Weighing a SodaStream Carbonator - for both Science and Consumer Protection.       The dealer told me that sometimes the carbonators leak after they leave the SodaStream filling facility.  That means there could be an opportunity for customers like me to get ripped off! The SodaStream cylinders I buy claim to have a net product weight of 410 grams - and that means that a full Soda Stream Carbonator shou...
Read more

Fixing a SodaStream Jet, Repair #2 - Broken Fill Button

My Soda Stream Jet's fill button broke, which means I can not longer carbonate water by pressing the pushbutton. This caused all sorts of grief in my household. Here is how I managed to repair my Jet to give it another 10 years of life (hopefully). First, a look at the button The fill button on the top of the SodaStream is actually a simple lever. Pressing down on the button moves a pin that does the actual work of pressing open the Carbonator's valve. Unfortunately, the axis point is fairly thin and can see a lot of stress. That's where my Soda Stream button cracked. [ I think the usage tip here is "don't over-press the button like a gorilla, it doesn't do anything but put high stress on the button."] Cracked levering point of the button The Pesky Lever Retaining Pin The Fix It was pretty easy for me to replace the button: Take off the back of the Soda Stream and remove the carbonator. Push out the the button lever's steel retaining pin. This takes qu...
Read more

Fixing my Wahl 9918 Groomsman Beard and Mustache Trimmer

Not everyone would bother repairing a $25 beard trimmer, but why not fix something for under $5 instead of spending another $25? My  Wahl 9918 Groomsman Beard and Mustache Trimmer  has admirably performed its beauty duty for many years, but the time came when the battery just wasn't holding a charge any more.  Most people would just put the trimmer in the trash and buy a new one, but I figured I could repair my otherwise excellent Wahl and save some money. In fact, even high priced trimmer and rotary shaver brands, like Norelco and Remington, can be easily repaired using a process similar to the one I used to fix my Wahl.  Read on to find out how. I opened up the Wahl by popping off the black plastic faceplate with a tiny flathead screwdriver, which revealed two screws.  By removing the two screws I was able to easily open up the unit, revealing the guts of the device. Backplate off, Revealing the screws The internals are rather simple: a motor, a...
Read more

My iPhone is being remotely controlled by a hacker! (and how to fix it)

Who is remotely controlling my iPhone??? This is a personal story that scared the hell out of me. On Monday I was awoken by my iPhone alarm telling me that it was time to get up to go to work.   I picked up the phone and looked at the day's calendar.  Ug.  I put it back down in its dock for a couple more Z's. Seconds later, I heard it clicking. I looked at my phone, and it looked like someone was typing on it!  Click.  Then a swipe.  And then more clicks.  One of my business apps was being operated, but NO ONE was touching my iPhone!  I was sure that a Hacker was remotely operating my iPhone, digging around for my private data! This was shocking.  My phone stores a lot of good stuff - my email, photos, finances, passwords and all sorts of other goodies.  If someone compromised my phone they could know  where  I am.  They could operate the cameras, the microphones - in short, they could know almost  everyth...
Read more

Fix a Lightning Cable with Heat Shrink Tubing

We've all seen a Lightning cable that has started to fall apart.  They get used every day, and after enough tugs and yanks on your iPhone, they start to fray. I've seen a lot of these frayed cables, so I've started to fix them before they break with heat shrink tube.  I get my heat shrink on Amazon, like this handy and inexpensive pack.   I prefer the heat shrink tubes without internal glue - it has higher flexibility and a smaller outside diameter once shrunk. Heat Shrink Tubing on an Old, Frayed Lightning Cable In the photo here, you'll see that I slid on a 1.25 inch length of heat shrink over the lighting connector, and then shrunk it into place.  I chose a diameter that just barely fits over the lightning connector.  In all, it took about 60 seconds to perform this repair. Warning: the white plastic of the lightning cable has a pretty low melting point.  It seems to start to melt at about 125°C (or about 250°F), which is the same temperatur...
Read more

Other Posts

Show more