Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Code Project
1

1215drew

@1215drew
About
Posts
3
Topics
1
Shares
0
Groups
0
Followers
0
Following
0

Posts

Recent Best Controversial
  • Hardcoded Teacher Passwords
    1 1215drew

    So I called their technical support, and after finally getting the "Support Specialist" to understand that I was not calling with an Error Code but rather a problem in the functionality of the program, I was told that they might add changeable passwords to their wishlist for the next version of the software. What I would like to know is how they made it 21 versions already without someone thinking about this. Since the Administration has already paid for the software they are set upon using it, requiring that staff keep a close eye on students. Well I tried.

    The Weird and The Wonderful sysadmin security help tutorial question
  • Hardcoded Teacher Passwords
    1 1215drew

    So has anyone run into this before? Was just installing the school version of Mavis Beacon 21 and found two large security holes in it. The first is it requires I give students full Read/Write access to its network folder, which contains its settings file. Now this settings file controls some key behaviors, such as the ability to use backspace on tests and quizzes, guide hands, and their WPM goal. With Read/Write access students can easily edit this file. However if I only give them Read access, the program throws an exception. The second security nightmare is a hardcoded admin password. A hex dump of the software yields the statement:

    if pw = "gnipyt"
    then DoTeacherLogin();
    else BadTeacherLogin();

    This is a bit of a problem in an environment with high school students who actively try to discover admin passwords for the various services. While I could change this in the hex dump, the school administrator is against the idea. A simple google search yields the password in the search results. It looks like the teachers will just have to keep a close eye on students via the monitoring software for now.

    The Weird and The Wonderful sysadmin security help tutorial question
  • iPads, tablets... Does anyone use them for WORK? (Or anything REAL?)
    1 1215drew

    Its not exactly business related, but as a sound tech, there are many pieces of software that allow you to control mixing consoles from a computer. I then will install Logmein and connect to the computer from an iPad, allowing me to move around the stage/room to dynamically adjust levels. This is especially helpful in venues with fixed speaker arrangements where the sound mix changes depending on where you are standing.

    The Lounge mobile business question
  • Login
  • Don't have an account? Register
  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups