[EAS] ALERT: EAS Device passwords

[Eric Adler]

I'm not sure what you mean by "unauthorized access".  I was under the impression that the only sort of authentication provided by the EAS system was the Julian date and time.  
Also, I keep seeing everyone comment along the lines that this incident was caused by a malicious attack directly on the EAS encoder but I have yet to see anything to back that up.  Most on this list know of the multitude of possibilities of message entry into the system, pointing at the new guy (CAP or "computers") and blaming him when the old system is just-as (if not moreso) vulnerable seems like a big jump to conclusion to me.  

Eric


<snip>On the other hand, I suspect that, with enough work, any brand of box could be exploited, so I suggest taking prudent steps to prevent un-authorized access to EVERY EAS box.</snip>