derosa@motcid.UUCP (John DeRosa) (02/01/91)
Let me tell you a story.... Once upon a time a friend of mine gave me an old netserial that he had lying around. When I tried to hook it up I found that he had added an administrator password to the device and...of course... had forgotten what the password was. I called Shiva and they said, "you have to send it in to get the password wiped out". Figures. Being in an engineering environment, it got me thinking that the password must be stored in a non-volitile device. Lo and behold there was a 16x8 eeprom in the box. Not K bytes, just bytes. My intention was to read a known good netserial eeprom and copy the contents to the "bad" eeprom. Taking out my handy, dandy prom programer, I proceeded to read the contents of the eeprom from the password protected netserial. I started with the "bad" eeprom to see if my technique would work and I figured that if I blew it up, I would be no more worse off than before. Well...more lo and behold...there for everyone to read, IN ASCII (!), was the password (among other things). WOW, what a feeling. Moral: Necessity is the mother of invention and so much for security. -- = John DeRosa, Motorola, Inc, Cellular Infrastructure Group = = e-mail: ...uunet!motcid!derosaj, motcid!derosaj@uunet.uu.net = = Applelink: N1111 = =I do not hold by employer responsible for any information in this message =