22,000 people and the 08004u security lapse
Just when you thought it couldn't get worse...oh dear, oh dear, oh dear
Posted in Business, 12th November 1999 15:41 GMT
Free whitepaper – PowerEdge M610-M710 spec sheet
It seems the 22,000 or so people who gained totally toll-free access to the Net earlier this week courtesy of Scottish ISP, 08004u, didn't even have to blag their way past password security. That's because there was no security. It simply didn't exist. Any login ID and password would have got them into 08004u's network and onto the Web, The Register has learned. According to some of those who took advantage of the Scottish ISP's generosity, 08004u just left the doors wide open allowing anyone to walk in completely uncontested. "I could dial their 0800 number, and have the login IAMCOOL and password ANYTHING, and it would work," wrote one Net user who asked to remain anonymous. "I find this to be an insult to the people that are paying their £50 a month [for unmetered access]," he said, revealing he was one of 08004u's subscribers. It'll be interesting to know how 08004u is planning to pay for this charity...after all, there's no such thing as a free lunch. ®

Analyst Keynote: The Register Agile Data Center Summit
Automating the Acquisition Process with Enterprise Level CRM
Checklist: Midmarket ERP Solutions
Enabling the Agile Data Center
10 Steps to a Successful CRM Implementation

Dirty, dirty PCs: The X-rated picture guide
Top 500 supers - rise of the Linux quad-cores
Early adopters bloodied by Ubuntu's Karmic Koala
Sign up, sign up for The Register IT security newsletter