Slashdot Mirror

← Back to Stories (view on slashdot.org)

San Francisco DA Discloses City's Passwords

Posted by Soulskill on from the you-sure-showed-him dept.

snydeq writes "The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's VPN. The passwords were filed this week as Exhibit A in a court document arguing against a reduction in $5 million bail in the case against Terry Childs. Though they placed the passwords in the public record, city prosecutors do seem to think that they are sensitive. InfoWorld's Paul Venezia, who has been following the case closely, provides further analysis of the technical details in the city's case. 'By themselves, [the passwords] would not be enough to allow anyone to access the network via VPN,' Venezia writes, 'but the fact that the city entered them into evidence is quite shocking. At the very least, they'll have to shut down their VPN access for awhile until they've changed them all and modified the configurations of some large number of VPN clients.'"

15 of 333 comments (clear)

  1. Suddenly Childs seems quite normal by 99luftballon · · Score: 4, Funny

    If this is the level of fuckwittage he had to deal with while in his job I'm not surprised he locked others out.

  2. The real question is... by ActionDesignStudios · · Score: 4, Funny

    Does anyone have a torrent of these alleged usernames and passwords?

  3. top 5 list by Anonymous Coward · · Score: 3, Funny

    The top 5:

    password
    admin
    root
    guest
    t3rrych1lds1337haxx0r

  4. There is bright future... by Pig+Hogger · · Score: 2, Funny

    I can see that there is a bright future in the cluestick market...

  5. Makes me glad I live in the one place ... by Nutria · · Score: 2, Funny

    that has more sense than San Francisco: Louisiana!

    --
    "I don't know, therefore Aliens" Wafflebox1
    1. Re:Makes me glad I live in the one place ... by rossz · · Score: 2, Funny

      Ouch! That was a cruel comparison.

      I'm not saying you are incorrect.

      I live about 30 minutes outside of San Francisco. What's frightening about The City is the people who live there assume everyone who criticizes them are ignorant hillbillies.

      --
      -- Will program for bandwidth
  6. Re:Then the users will change them right back by clang_jangle · · Score: 5, Funny

    I used to work in an office which was a complete free-for-all. Once I had some code I needed to test on a Windows machine (mine was Linux), and I saw that (let's call him) "John", who had a Windows box was away from his desk. Just on a hunch, I sat down and typed his username, and entered "password" for the password (literally). Poof, I was in! So I did my little test thing and was about to log off, when "John" appeared, smiling. He said, "Oh thank God you got my login, I've been locked out of the system all day because I can't remember my password! What is it?" It was perhaps the only time in my life I actually knew what it meant to "be at a loss for words"

    --
    Caveat Utilitor
  7. Re:Passwords can be TOO strong. by Ninja+Programmer · · Score: 2, Funny

    I attended a lecture some years ago by a Microsoft employee who was high up in their security structure.

    [...]

    "Wrong! It is possible for a password policy to be TOO secure. Let me give you an example. It is possible to set up a security policy in NT that requires a password of at least 8 characters, which must also be mixed case, have at least one numerical digit, and at least one non-alphanumeric character, and which will require a change of password every week."

    "As soon as you implement that policy, users will write their password on a post-it note, stick it to their monitor, and replace it with a new one every week. So you see, a password policy CAN be too secure for your own good."

    This, by the way, *IS* the policy used internally at Microsoft.

  8. Re:Then the users will change them right back by Chris+Burke · · Score: 4, Funny

    It was perhaps the only time in my life I actually knew what it meant to "be at a loss for words"

    I can believe it. I imagine I would have stared at him blankly for just long enough to realize he wasn't kidding before I had an aneurysm.

    --

    The enemies of Democracy are
  9. Re:This is the tip of the iceberg by Dusty101 · · Score: 2, Funny

    Amusingly, the Finnish word "kamala" means "ghastly, frightful".

  10. Clearly this was a plot by Childs... by mkcmkc · · Score: 2, Funny

    to help the City of San Francisco look stupid.

    --
    "Not an actor, but he plays one on TV."
  11. Re:This is the tip of the iceberg by Mauzl · · Score: 2, Funny

    A father and his two kids were killed by illegal aliens?

    Sounds like a case for Mulder and Scully!

  12. Re:"Free Terry Childs" T-Shirts by Anonymous Coward · · Score: 2, Funny

    I'll just write over my "Reiser is Innocent!" T-shirt.

    Which is a cross-out over "Free Kevin!"

  13. Re:The reason for password disclosure by Anonymous Coward · · Score: 1, Funny

    Actually, "GOD" is no longer regarded as highest level of access. The new highest level of access is "Paris", as in Paris Hilton. Why? Well who else in the universe thinks more highly of themselves than Paris?

  14. Re:Password policies by budgenator · · Score: 2, Funny

    what morons, everybody know the only secure place for your password sticky note is the underside of your keyboard

    --
    Apocalypse Cancelled, Sorry, No Ticket Refunds