[EAS] ALERT: EAS Device passwords
Alex Hartman
goober at goobe.net
Tue Feb 12 11:08:06 CST 2013
Using a shared-key system versus a user/pass system would be much more
secure inherently. It's harder to get your hands on the keys than it
would be to sniff a password or even a brute-force system.
And "PC Based" means nothing. I'm willing to bet that all the current
EAS systems with a network jack on them are running a BSD or Linux
variant, be it x86 or ARM based. I've done several MitM attacks on my
Sage box since installing it just to prove a point. It really doesn't
take much to get into it if one tries.
--
Alex Hartman
More information about the EAS
mailing list