Olympics Broadcaster Announces His Computer Password on Live TV (vice.com) 57
In what is, at least so far, the biggest cybersecurity blunder of the Tokyo Olympics, an Italian TV announcer did not realize he was on air when he asked the password for his computer. Motherboard reports: "Do you know the password for the computer in this commentator booth?" he asked during the broadcast of the Turkey-China volleyball game, apparently not realizing he was still on air. "It was too hard to call the password Pippo? Pippo, Pluto or Topolino?" he complained, referring to the Italian names for Goofy, Pluto and Mickey Mouse. The snafu was immortalized in a video posted on Twitter by cybersecurity associate professor Stefano Zanero, who works at the Polytechnic University of Milan. A source who works at Eurosport, the channel which was broadcasting the volleyball game, confirmed that the video is authentic.
A colleague of the announcer can be heard in the background saying the password depends on the Olympics organizers, and asking the announcer if it's on a paper or post it close-by. Turns out the password was "Booth.03" after the number of the commentator's booth. "Even the dot to make it more complicated, as if it was NASA's computer," he said on the air. "Next time they will even put a semicolon." "Ma porca miseria," he concluded, using a popular italian swearing that literally means "pork's misery" but is more accurately translated to "for god's sake."
A colleague of the announcer can be heard in the background saying the password depends on the Olympics organizers, and asking the announcer if it's on a paper or post it close-by. Turns out the password was "Booth.03" after the number of the commentator's booth. "Even the dot to make it more complicated, as if it was NASA's computer," he said on the air. "Next time they will even put a semicolon." "Ma porca miseria," he concluded, using a popular italian swearing that literally means "pork's misery" but is more accurately translated to "for god's sake."
Disney Foobar (Score:5, Informative)
If you were wondering, Italian IT textbooks use pippo, topolino and pluto the same way as foo, bar and baz in English.
Re: (Score:2)
Except that foo, bar, and baz are not English, and that is why textbooks use them.
Sad to hear that Italian IT training does not use translated texts! Locally produced textbooks from a small country are going to be lower quality than translated texts, as exemplified by your example.
Foo and bar are English spoken in US Army? (Score:2)
FUBAR is translated "(fouled, yeah right) up beyond all repair/recognition" whereas SNAFU is "situation normal, all (fouled) up."
When I see "foo" and "bar" used as lexical labels in an example code snippet, they are not non-English nonsense words, and let's just say I find it distracting because their original Army slang meaning suggests that the code, to say the least, is not reliable or error free?
Re: (Score:3)
"FUBAR" is not one of the words used in IT.
Re: (Score:2)
Speak for yourself. I hit a Snafu all the time when I have equipment go Fubar, and I have to brief the MFWIC that the stupid thing is NRTS.
Normally when the equipment goes Tango Uniform, it means sending the POS to Depot for repair.
Re: (Score:2)
In the AF, we called them HMFWIC (Head MFWIC). Enjoyed your post...thank you.
Re: (Score:2)
"FUBAR" is not one of the words used in IT.
SNAFU, TARFU, and FUBAR are all classifications of status. Consider yourself lucky if you've not had to consider current status as any one of these, but know I'm not believing you.
Re: Foo and bar are English spoken in US Army? (Score:2)
What about "Total Inability To Support Usual Performance"?
Re: (Score:2)
Re: (Score:2)
Not when things are going well, anyway...
Re: (Score:2)
60 million people is "a small country"? Come on, Italy is on top 25 countries by population.
Re: (Score:2)
Yes, indeed, it is a small country. Why would 25 countries be large? That would leave them all rather... small.
Only 1 in 133 people lives there. They're vanishingly small; a mere footnote. Completely insignificant to anybody but their neighbors.
And with a median age of 47, they're a smaller country every day. And with the world population rising, they're doubly a smaller country every day. By next year Italy will be smaller than Tanzania.
Re: (Score:3)
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
If you're American, yes, Italy is a horrible place. Everything's terrible & you shouldn't go there. There's even AFRICANs!!! & ARABs!!! living & working there too. Stay away!
What's worse, is there are even Eyetalians!
Re: (Score:2)
Re: (Score:2)
They're 23rd out of 235 according to https://www.worldometers.info/... [worldometers.info]
That puts them in the top 10%, and hardly "small".
In A Nutshell (Score:3)
The announcer's attitude (not the fact that he broadcasted his guesses) explains why computers in laypersons' hands will never be secure. Authentication is just a bothersome burden that is to be circumvented as mindlessly as possible.
Re:In A Nutshell (Score:5, Insightful)
Well, in the case of a shared computer that will be operated by a semi-random person, authentication is in fact just a bothersome burden that will need to be circumvented in order for the operator to operate the computer.
Re: (Score:2)
Re: (Score:2)
Especially if you put it on a post it next to the computer because - you know - no one not authorized could get near to the computer anyway.
Why use local accounts anyway?
Re: (Score:2)
Well, you don't want somebody's kid or a random person who finds a door unlocked to mess with it. And if it is connected to the internet, disabling passwords can have unintended consequences, especially when combined with common types of misconfiguration. So it probably does need a password, but that password probably should pretty easy to find.
Re: (Score:2)
Re: (Score:2)
Right, that's the goal, keep random people out. Neckbeards who write a whole fantasy plot about breaking in and broadcasting goat pr0n didn't even leave the basement, they definitely didn't attend a sports event and waddle around looking for unlocked doors.
Re: (Score:1)
Well, in the case of a shared computer that will be operated by a semi-random person, authentication is in fact just a bothersome burden that will need to be circumvented in order for the operator to operate the computer.
Precisely. Heck, unless it was bolted down he could have just walked off with it.
Re: (Score:2)
Precisely. Heck, unless it was bolted down he could have just walked off with it.
He probably wouldn't have gotten far. With so few fans the security don't really have a lot to do...
That computer is an expendable (Score:1)
As some one who often has to set up the computer some where like that broadcast both, that machine was imaged that morning and wiped that night and contained nothing. If he had smashed it we would have just handed him new unit out of a stack of spares. And if for some stupid reason it had a password, it would have been some thing like "booth.3" or "password" and we would have written it on a post-it note or label tape and stuck it right on the screen. In a room with half a million dollars worth of broadca
Re: (Score:2, Interesting)
Re: (Score:2)
They tried that in hospitals in the UK. What actually happened was the first person to arrive for a particular shift would insert their card for access & leave it there for the whole shift. Anyone could wander in & access the medical data on the system, as long as nobody noticed them, e.g. dressed up as IT support staff or when everyone's busy on the ward. Logging in & out took too long & patients' health/lives were at stake, especially in casualty (A&E). Given the costs-benefits, it see
Re: (Score:2)
Logging in & out took too long.
That generally has little to do with the mechanism of authentication. Tapping a badge, inserting a card into a reader, or even typing in a password are irrelevant compared to the time it takes to log in to Windows. Deploy your software in such a way that you don't need to do a whole Windows login, building a profile, etc. when you walk up to a shared workstation. If all you're doing is authenticating to the EMR or other relevant application it should take a small number of seconds to log you in.
Smart ba
Re: (Score:3)
It explains why we need to move away from passwords for authentication. For something like that a token would be ideal, just tap an RFID fob on the machine to unlock it.
Re: (Score:2)
So, steal the token and have access to the system forever? Especially if you have to report computer problems using your computer....
Remember "something you have and something you know"?
Re: (Score:2)
Why would it be forever? You can just deauthorize the token when it goes missing.
Re: (Score:2)
Re: (Score:3)
The announcer's attitude (not the fact that he broadcasted his guesses) explains why computers in laypersons' hands will never be secure. Authentication is just a bothersome burden that is to be circumvented as mindlessly as possible.
He's not wrong. There's a difference between access to a computer with which you would do something important, vs a computer used by random contractors to look at scores while speaking live into a microphone. Not everything needs the same level of protection and I'm actually quite surprised that this PCs don't sit there happily logged in without any security.
But ... (Score:5, Funny)
Make the password something offensive. (Score:2)
They'll remember it. Italian is a very colourful language.
Re:Italian (Score:2)
Re: (Score:1)
They'll remember it. Italian is a very colourful language.
Yea, about that. I did that years ago and ended up having to drive a couple of hours because I couldn't give it out. That was the intended effect. However, it still sucks.
YOU ALL MISS THE POINT (Score:2)
He was careless about this because he did NOT CARE. Was it literally HIS computer, or the computer he needed to do is broadcast? If thats the case, perhaps there's a good reason he didn't care. WHy should he care if he just needed access to a machine to do a broadcast? What if he knew there was nothing valauable on it, and just...didn't care?
Re: (Score:2)
He was careless about this because he did NOT CARE. Was it literally HIS computer, or the computer he needed to do is broadcast? If thats the case, perhaps there's a good reason he didn't care. WHy should he care if he just needed access to a machine to do a broadcast? What if he knew there was nothing valauable on it, and just...didn't care?
If that were the case, then why even bother implementing a password. That's a kiosk.
Re: (Score:2)
If that were the case, then why even bother implementing a password. That's a kiosk.
To prevent remote attackers (including automated ones) from waltzing in.
Re: (Score:2)
Sometimes, you have to go out of your way not to implement a password.
It is also a way to make sure a random guy will not use *that* computer to read his mail or whatever and mess up the settings. It may be as secure as a post-it note saying "don't touch", but at least, it doesn't waste paper.
Booth.03 (Score:2)
Well, at least the hackers will never be able to guess what the passwords are for the computers in the other booths.
Re: (Score:1)
Well, at least the hackers will never be able to guess what the passwords are for the computers in the other booths.
Yes, they might even break in, log in, and *gasp* watch the live scores... /s
They could do that. On the other hand, they might put up an advertisement:
"I want to take a break for a moment and talk to you about your car's extended warranty. Call Gotcha (Goat Cha) warranty at 800-123-4567"
Porca Miseria doesn't translate to pork's misery (Score:1)
Re: (Score:2)
Live Interview (Score:2)
And this is my faithful dog Rover ... Oh crap!
The password was... (Score:2)
graffetta corretta della batteria del cavallo