More ATM Trouble
As if default master passwords for storefront ATMs weren't bad enough, reader Jesse Waites writes in to remind us that default combinations for some ATM vaults, where the money is stored, are also printed in the manuals.

I knew that, and I wasn't terribly interested in that aspect of last month's cash machine follies, because there's no way to get to the safe without opening the front panel, which has a mechanical lock.

But Waites discovered that you can legally purchase keys for the panels of Triton, Tranax and other ATMs from online parts dealers,  which suggests rather strongly that each unit within a model family is keyed the same.

Here are photographs of a Tranax ATM key I legally obtained through the internet. I did not misrepresent myself in any way (I wasn't questioned for that matter). As you can see from the pictures the key is already notched and ready to go. The machines all come with a default lock, and this is the key to that lock.

If you own or operate one of these machines, make sure you've changed the combination from the factory setting.

On the bright side, ATMs are no worse than Diebold voting machines.

Related posts:

1) ATM Hack Uncovered
2) ATM Crime Spree Imminent?
3) Patch Coming for ATM Issue
4) ATM Hack Round-Up: Report From the Field
5) Triton Reacts to ATM Hacks
6) ATM Cash Capers Spotted Last Year

Meet Wired News columnist Jennifer Granick, Virtually
Cyber law attorney and Wired News Circuit Court columnist Jennifer Granick will be teaching a class at the State of Play Academy Thursday at 5:30 PDT. The academy is free, and takes place in-world in There.com.

Campaigns Caught in the Web

Thursday Oct 5, 2006 5:30-6:30 PM PDT

Teacher: Jennifer Granick, Wired News Columnist and Executive Director, Center for Internet and Society

Elected officials, and those who wish to be elected, can't seem to figure out how to use this darn "internet".

This class will look at recent campaign foibles, from the "hacking" of the Joe Lieberman for Senate website, California Governor Arnold Schwartzenegger's uploading his unguarded conversations with his speech writers to a webserver, the resignation of Democrat Amy Klobuchar's communications director after a blogger sent her an unaired TV attack ad from the opponent's campaign for the Minnesota Senate seat, and the resignation of New Hampshire Congressman Charles Bass' aide after disclosures that he posed as a supporter of the Republican's opponent in blog messages intended to convince people that the race was not competitive.

We will look at the laws that govern access to and publication of information, and how those laws apply in the crucible of the American campaign season.

More on the class here.

Solving the Earthlink Problem

The Internet went down today in the small office I work out of. Or at least, everyone else's Internet connection stopped working.

Oddly, my tubes were just fine. My officemates couldn't figure it out. And despite being the office-appointed unpaid network admin, I couldn't figure it out either.

I tried restarting their computers, releasing IP addresses, switching tubes from the main router to a hub and back. None of their computers could ping any websites, but they could get IP addresses and their computers reported they were connected.

Then I figured out there was one thing different between my computer and theirs. I use OpenDNS since I wrote about them when the company launched in July.

Sure enough when I finally did some router diagnostics, I found that Earthlink's DNS servers were down. Within minutes, I had my officemates are surfing away with OpenDNS, and I'm no longer more special than they are. But at least, I'm luckier than those other suckers stuck with Earthlink's DNS.

And, no, I don't get paid by OpenDNS, but they do give me free DNS...

Photo: cudmore

Bad Code

I've been puzzling over the Republican bill to deny accused terrorists fair trials, and the seemingly-irrational language champions of the legislation have been using to describe its purpose.

The goal, "is to render justice to the terrorists, even though they will not render justice to us." -- Senator Lindsey Graham.

"We don't want (terror suspects) to have everyday rights of American civilians right here. These are war criminals." -- Senate Majority Leader Bill Frist.

It occurs to me now that the whole 94-page bill really amounts to a common, one-character programming error.

if (person = terrorist) {
            punish_severely();
} else {
            exit(-1);
}

Can you spot the error? (Solution).

This is why coders and other left-brained types seldom vote Republican.

I'm confident the Supreme Court will catch this in debugging. Just in case, I'm sending them a copy of Kernighan and Ritchie.

HP Hearing: Passing Bucks in A Morality Play
So what's the verdict the day after the seven or so hour long Congressional grilling of HP? Two of my favorites:

 

Brian McDonough does a analysis of buck-passing that would make John Madden proud over at the Recorder's Legal Pad:

 

The Hewlett-Packard folk testifying before Congress today passed the buck so many times, it should've been the trigger for some unlikely C-SPAN drinking game.

And over at the San Jose Mercury News, Scott Herhold does a close reading of the hearing's morality play:

 

But at the end of the day -- and the end is what counts in politics -- Hurd was served up the softest of softballs by U.S. Rep. Michael C. Burgess of the 26th District of Texas.[...]

Then Hurd invoked the deity: "One of our founders, David Packard, said, 'There'll never be a time when we don't make mistakes. The defining point will be what we do about them.' I promise we are committed to our core to define our company in a way we can be proud of.''

That was what the panel craved -- the penance, the vow to sin no more, even the hope that HP will put a plant in their district. If nothing else, Hurd's testimony demonstrated just how much high-tech executives have learned about the needs of Congress.

 

My first take on Hurd's performance is here, but it's not as good as these.

Photo: casalingarevival

Judge Refuses to Stay Order Shutting Down NSA Program

Federal judge Anna Diggs Taylor, who last month ruled that the NSA's warrantless wiretapping program was illegal and must immediately be shut down, refused to grant the government to continue the program while it asks a higher court to review her decision, according to Bloomberg.

Instead, the government has one week to ask the Sixth Circuit appeals court to issue the stay.

 

Taylor said that to prevent possible harm to the public she wouldn't order the surveillance stopped immediately, instead giving the government a week to get a federal appeals court order allowing continued surveillance. The government filed that request following the hearing. An immediate stop to the program would harm U.S. security, a government lawyer told the judge.

"The terrorism surveillance program was authorized to close a gap in intelligence,'' Justice Department attorney Anthony J. Coppolino told Taylor. "A chilling effect on a small number of communicators speaking with al-Qaeda or suspected al-Qaeda does not outweigh the harm'' to the public if the program stops, he said.

It is highly likely that the Sixth Circuit will reverse this decision, allowing the warrantless eavesdropping to continue until it rules on Digg Taylor's August decision.

Photo: Rich Anderson

Anti-Fraud Bill Gets New Life
Yesterday's HP hearings may have created enough political pressure to revive a stalled House measure that would make it illegal for anyone to obtain or pay some one to obtain phone records of a third person, according to Reuters.

 

The bill, H.R. 4943, was passed by a key House committee in March, but has never been scheduled for a vote.

 

Momentum to vote on the bill has been building since Hewlett-Packard Co. admitted that its investigators obtained telephone records of board members, employees and journalists without their permission as the company tried to find out who was leaking sensitive information.[...]

 

The committee in March unanimously approved the measure, which also mandates tougher Federal Communications Commission rules for phone companies that maintain such records as well as higher fines for phone companies that fail to adhere to the standards.

Photo: thedeplorableword

House Passes Spying Bill
Late last night, the House endorsed, by a vote of 232-191, a measure that legalizes the current NSA warrantless surveillance program, but it is unlikely to be sent to the president's desk before the midterm elections, according to the AP.

 

A corresponding measure in the Senate may get a vote sometime today or tomorrow, before the Senate recesses. But since Senator Arlen Specter's bill in the Senate and Congresswoman Heather Wilson's House bill differ on enough key matters, that there is no time to reconcile the bills and resubmit them for votes by both houses.

 

The votes are likely to be used, however, as leverage in campaign fights in the midterm elections, and depending on the outcome of those elections, could become law when Congress returns in the lame duck session after the election.

 

Photo: hjl

DIY 'Idiot' Bag

Bill Scannell, the irascible PR mind behind the Identity Project, never passes up an opportunity to razz Homeland Security when he thinks they are trampling on the Constitution.

So, it should come as no surprise that Scannell quickly registered kiphawleyisanidiot.com in order set up a site that purports to tell you how to make your own airline security-safe toiletry bag.

Funny that both Hawley and Scannell are big fans of the Red Sox.

Now the question for you, dear readers, is which one of them has a better sense of humor, since they both have questionable tastes in sports teams.

TSA: Hawley an Idiot and Flyers Can Graffiti Away

Fliers who deface their see-through toiletry bags or even wear stupid t-shirts with slogans are not violating any TSA policy, according to TSA spokeswoman Yolanda Clark.

NOTE: This sentence has been changed to better reflect Clark's comments. Original at bottom of page.

"There is no policy that restricts passengers from expressing their opinion as long as they are not threatening," Clark said.

That policy conflicts with what frequent flier Ryan Bird says happened to him Tuesday after he entered Milwaukee airports screening lines with his toiletries packed in a bag that had the words "Kip Hawley is an idiot." Bird says that small protest of what he calls "security theater" led a TSA officer to tell him that he had no free-speech rights in the screening. He was also detained, albeit briefly, by a Milwaukee's sheriff.

Clark said that the TSA never detained Bird and allowed him to take his baggie of toiletries in small bottles onto the plane.

As to whether Hawley is an idiot? Clark mentioned the incident to Hawley, who replied, "As a fan of the 2004 Red Sox, I take it as a compliment."

* Original sentence read: Fliers are welcome to deface their see-through toiletry bags or even wear stupid t-shirts with slogans, according to Transportation Security Administration spokeswoman Yolanda Clark.

The lede has been updated to more accurately convey that Clark said that the TSA recognizes passengers' First Amendment rights, but she did not encourage people to write on their toiletry bags or wear Che Guevara t-shirts.  Actually, no one should encourage anyone to wear Che Guevara t-shirts as far as 27B is concerned. 

Photo: Celebdu