Re: Fiber cut in SF area

[Christopher Morrow <morrowc.lists () gmail com>]

On Sat, Apr 11, 2009 at 11:10 AM, Florian Weimer <fw () deneb enyo de> wrote:
> * Joe Greco:
>
> > The ATM machine is somewhat protected for the extremely obvious reason
> > that it has cash in it, but an ATM is hardly impervious.
> >
> > http://www.youtube.com/watch?v=4P8WM8ZZDHk
>
> Heh.  Once you install ATMs into solid walls, the attacks get a tad
> more interesting.  In some places of the world, gas detectors are
> almost mandatory because criminals pump gas into the machine, ignite
> it, and hope that the explosion blows a hole into the machine without
> damaging the money (which seems to work fairly well if you use the
> right gas at the right concentration).

also, there is the fact that some very large percentage of ATM
machines were installed with the same admin passwd setup. I recall
~1.5 yrs ago some news about this, and that essentially banks send out
the ATM machines with a stock passwd (sometimes the default which is
documented in easily google-able documents) per bank (BoFA uses
passwd123, Citi uses passwd456 ....)

I'm not sure that the manholes == atm discussion is valid, but in the
end the same thing is prone to happen to the manholes, there isn't
going to be a unique key per manhole, at best it'll be 1/region or
1/manhole-owner. In the end that key is compromised as soon as the
decision is made :(  Also keep in mind that keyed locks don't really
provide much protection, since anyone can order lockpicks over the
interwebs these days, even to states where ownership is apparently
illegal :(

-Chris