ATM passwords found online
/v3-uk/news/1944003/atm-passwords-online
22 Sep 2006, Andrew Charlesworth , V3
The manufacturers' passwords for cash machines used widely across the US are available online in an installation manual.
New York-based security researcher Dave Goldsmith, founder and president of penetration testing outfit Matasano Security, pieced together clues from a CNN broadcast and the website of Tranax Technologies, the ATM's manufacturer.
Then he searched for the ATM's installation and maintenance manual online which he said gave him enough information to hijack a Tranax Mini-bank 1500 series ATM if the manufacturer's default passwords had been left unchanged.
"My guess is that most of these mini-bank terminals are sitting around with default passwords untouched," Goldsmith told eWeek.
According to the Tranax website, around 70,000 1500 series ATMs are installed in the US.
Do you agree?
And?
This just in! Hundreds of software applications are released each year containing default usernames and passwords on accounts!
So? The ATM company didn't do anything wrong. For example, almost every single wireless router for sale ships with a default login/password which most home users aren't smart enough to change.
The article _SHOULD_ say, in big bold letters, IGNORANT END-USERS TRAGICALLY ALLOWED TO USE TECHNOLOGY CAUSING SECURITY ISSUES.
Don't blame the company that actually put a login and password on the account. Blame the people who have no common sense and didn't read the instructions.
Posted by Why Do You Need This?, 22 Sep 2006