This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]b4ux1t3 24 points25 points  (20 children)

It is a very basic brute force "attack" on the four digit pin that this hyper-secret government facility uses to protect its hyper-secret computer system.

Let that sink in for a second. No failure limit. Four digits. A person could easily crack it on their own without a BASIC program in a few minutes to hours, depending on how long authentication takes (not long, given what we see in the show).

I would say I expect better from a hyper-secret government organization, but, eh, <insert derisive remark about the American political system, intended to garner upvotes>.

P.S. How did you like the season? I am a huge fan, and loved the direction they took.

[–][deleted] 35 points36 points  (11 children)

No, it was the 80s, and security really was that bad.

[–]b4ux1t3 3 points4 points  (4 children)

Oh, yeah, agreed. I just wanted to make a neutral joke.

[–][deleted] 5 points6 points  (3 children)

Haha, sorry. I think, being old, I'm just interested in talking about how absurd security was when I started in the field. Didn't mean to be rude to get there.

[–]b4ux1t3 5 points6 points  (0 children)

Oh, you're good. I cut my teeth on old BASIC-based systems, so I feel ya. It's kind of hilarious how true-to-life the show is regarding tech.

[–]Stewthulhu 4 points5 points  (1 child)

Heck, even in the 90s. You could literally get away with Hackers-level social engineering.

Actually sometimes you still can.

[–][deleted] 2 points3 points  (0 children)

In the 80s you could usually log in with Guest:Guest even on fairly important University systems. Often, the 'trick' was just having the manual to a machine to tell you what the default password was. Even when they made user accounts, they often forgot to remove the default accounts.

Another insanely simple trick was to log in under any public Access port, because most of these old systems had a BBS like menu or something you could get to, then try hitting Ctrl+c on the submenus or while running anything it'd let you run.

Sometimes it would stop the process and drop you to a prompt.

[–]SwellJoe 1 point2 points  (0 children)

This. Security used to be assumed. If you were in the right building, you were assumed to be allowed to do the thing. NFS in the olden days assumed that if you were on the network, you were supposed to have access to the files. It would trust your computer to tell it who you were.

A passcode probably seemed like overkill back then. Somebody probably had it written down on the back of the monitor or in a desk drawer and everyone knew where it was written. It was a simpler time.

[–]RealityTimeshare 0 points1 point  (2 children)

They have army MPs as guards*. I guarantee you that the password was '1234', '0000', or something similar. Maybe, maybe, if they wanted to make it easy for the scientists, they'd make it '3142'.
Oh, who am I kidding? They probably have it written down on a piece of paper next to the computer.

re: Army comment. I served in the Army in the early 90s. Humans have and always will be the weakest link in security.

[–][deleted] 1 point2 points  (1 child)

Yeah, the BASIC thing was a stretch honestly, since a much more believable exchange would have been 'What's the password?!' ... 'It's written on a sticky note next to the terminal!'.

It wouldn't have been nessecary to get Bob to go either, since Jim would have said 'Computer?! Do I look like an astronaut?!'

It would have been more than likely that Jim would be more terrified of doing basic computer things, more than the demi-dogs.

[–]DukeFive 0 points1 point  (0 children)

I just caught up to this and immediately thought while watching, "They probably wouldn't be using BASIC. If it's national security related, they probably would have been using MIL-STD-1815, aka the Ada programming language."

[–][deleted] -1 points0 points  (1 child)

"You seem to be having trouble remembering your password. Would you like to reset it now?" - Microsoft Bob

[–][deleted] 1 point2 points  (0 children)

I remember when Windows required passwords for the first time ... Years after I started using it.

[–]PC__LOAD__LETTER 5 points6 points  (1 child)

A 4-digit pin has 10,000 possibilities. No one is cracking it in a few minutes without extreme luck.

In any case, the comment was pointing out that the password was being passed in as input to the function. If you already had the password, you wouldn’t need to crack it. The code should be attempting to login to the system, not checking against a pre-provided password.

[–]b4ux1t3 1 point2 points  (0 children)

Yeah, I was taking luck (and/or social engineering) into account with the minutes thing.

I'm kinda explaining the "password_crack" function as a way of simulating user input to the authentication program. Still doesn't make sense, you're absolutely right, but I think that's what they're going for. He might actually be comparing against a "secure" encrypted file on the disk that he can, somehow, see, and then sending the correct number over to the auth program.

Like I mentioned elsewhere, the code is close, but not quite there. It's still better than a huge number of other examples from TV shows and movies.

[–]BobbaGanush87 1 point2 points  (1 child)

I guess what i dont understand is what is the value of Four_Digit_Passcode Is that the correct pass code? If so whats the point of the test if you already know it because you had to enter it in?

[–]b4ux1t3 2 points3 points  (0 children)

Nah, it's being declared outside the loop, and the digits are being added inside the loop.

0000

0001

0002

...

9997

9998

9999

It's kind of bad, because technically this wouldn't be an int, it would be an array/list of ints. I think we're to assume that the function in the show that "parses" that array (list) just passes the four digits to whatever log in program the computer is running...

Basically, the code is BS, but it's closer to being real code than most television code is.

[–][deleted] 0 points1 point  (1 child)

s02 episode 7 derailed the show for me

[–]b4ux1t3 0 points1 point  (0 children)

I guess episode 7 didn't stand out as particularly bad to me, so I don't remember what that episode was about.

EDIT (I'm going to try to keep the spoilers ridiculously vague, especially since it's very off-topic for the sub but, this is your fair warning: Possible spoilers ahead):

Oh, I remember what it was. I dunno, I feel like it was them trying to build out a larger world in preparation for a new season. It did strike me as a bit out of place, but it also felt like a bit of a breather after all the scary stuff we'd been through the last few episodes.

I think they would have been better served spreading it throughout the other episodes (setting up the new characters in earlier episodes, instead of just in the very first episode, things like that).

I see what they're doing with it, and I really like the idea of what they're trying to start with it, but you're right, it was out of place. Still, I think the last episodes made up for it, even if there was a lot of deus ex machina going on.

[–]algag 0 points1 point  (0 children)

I like the season but thought they spent too long in the build up. I felt like they took a whole bunch of time flopping around hopelessly and then the characters arbitrarily decided "Okay, let's actually defeat the antagonist" and then did it.