Posts tagged “vulnerability”

Job is in the details

If you’re sending someone a resume, make sure you turn off track changes in Word.

Seeing that Award winning right brained/left brained marketer was changed to Award winning right brained/left brained marketer and business developer is perhaps more information than this person wanted me to know. There’s all sorts of evil hidden goo left behind in Word documents; to be extra sure, MSFT offers a plugin that creates a clean copy, or just make a PDF. Maybe this person doesn’t even use track changes and didn’t see the same view of the doc that I do. Pretty horrifying for them, as well. Makes me wonder what I’ve done like this myself.

More trouble for the poor guy in his cover letter, that was pasted into email from a text editor where many of the characters didn’t come through correctly on my end.

I?¢‚Ǩ™m a global leader of strategy with strong expertise in how to
tackle new markets and clients. Some highlights included:
?Ǭ? Developed strategy, leadership, innovation for Fortune 500
companies that resulted adding hundreds of millions of dollars in new
sales revenue, plus decreased operational expenses by 27%.

A cautionary tale for all of us!

On Beyond Zebra

This article in Wired considers the vulnerabilities of supposedly theft-proof electronic systems. Turns out there are “back-doors” in some of these technologies.

He called an acquaintance who worked at a Honda dealership. I listened, awestruck, as Montes fed the guy a barely credible story about a cousin who had dropped his keys down a sewer. The dealership employee was at home but evidently could access the Honda database online. I gave Honky’s VIN to Montes, who passed it along to his friend. We soon had the prescribed sequence of pulls, which I scribbled down in my notebook.

I walked outside and approached Honky. The door lock would have been easy – a thief would have used a jiggle key, and a stranded motorist would have had a locksmith cut a fresh one. I just wrapped the grip of my key in tinfoil to jam the transponder. The key still fit, but it no longer started the car.

Then I grabbed the emergency brake handle between the front seats and performed the specific series of pumps, interspersed with rotations of the ignition between the On and Start positions. After my second attempt, Honky’s hybrid engine awoke with its customary whisper.

The story is interesting on many levels, but I was really taken by the interface to this back door. Our user model for automobile controls sees the different systems as entirely separate. Who knew the emergency brake could talk to the ignition?

I have always loved the idea of neat little tricks; unexpected ways of interacting with something, outside of the fixed rules of how you’re supposed to use it. It’s not so much the idea of unauthorized access, but simply the secret Toontown world that lurks beyond the mundane and familiar. I remember during the dial telephone era there was a way to get your own phone to ring back (it may have worked with tone, but I remember it as a dial hack); Dial 57 and the last 5 digits (or something) and then hang up, or hang up twice in succession. And the phone would ring. Great for messing with family members or when visiting someone else’s house.

The outcome was fun, but I’ll emphasize that much of the pleasure came from this possibility of navigating cleverly outside the interaction flow of receiver/dial tone/dialing/ringing/other party answering.

Sure, we’ve got Google hacks nowadays where there oodles of hidden functions, but it’s basically a command-line interface that reads more codes that you know about. So what? Isn’t that what Unix was? The delight (and I’m not talking about usefulness, just the fun and discovery) comes from the rupturing of the interaction model and the seemingly irrelevant actions leading to some new effect.

I don’t need anyone to reveal security vulnerabilities, but I’d be curious to hear about any favorite back doors!


About Steve