Here's the administrator's manual for the thing.[1]
Connecting to a HALO device can be done
in two separate ways. It can be done with
the HALO Device Manager HDM (see HDM
Manual) which is the preferred method for
setting up multiple HALOs at once.
It can also be done by typing the HALO device’s
IP address in Google Chrome. A popup will
appear asking for a username and password.
Type “admin” for the username and
“changeme” for the password. Click
“Sign in”.
If I recall correctly, the obviously incompetent clowns responsible for this device make most of their money in radio systems for public safety and critical industrial uses.
I had a scary (and hopefully illogical) thought today: what’s stopping threat actors from selling SSDs that are „pimped“ with a SIM-card and some additional stuff, and phone home „interesting“ pieces from said SSD?
Here's the administrator's manual for the thing.[1]
Connecting to a HALO device can be done in two separate ways. It can be done with the HALO Device Manager HDM (see HDM Manual) which is the preferred method for setting up multiple HALOs at once. It can also be done by typing the HALO device’s IP address in Google Chrome. A popup will appear asking for a username and password. Type “admin” for the username and “changeme” for the password. Click “Sign in”.
What could possibly go wrong?
[1] https://www.dickerdata.com.au/hubfs/%2B%20New%20Zealand/%2B%...
If I recall correctly, the obviously incompetent clowns responsible for this device make most of their money in radio systems for public safety and critical industrial uses.
I had a scary (and hopefully illogical) thought today: what’s stopping threat actors from selling SSDs that are „pimped“ with a SIM-card and some additional stuff, and phone home „interesting“ pieces from said SSD?
The fact that it would be extremely expensive to do so for what could amount to $0 worth of valuable information for months or years, if ever?
Looks like a reminder is due: https://www.bloomberg.com/features/2021-supermicro/
I don't think that is in any way related to the original comment.
Sure it is. There are plenty of players out there willing to invest in a long game of chance, if the potential payout is intelligence.
They sure bungled that one then!
Don't at least Windows and macOS encrypt the main drive by default these days, such that the SSD never sees anything interesting?
In the movies they usually sneak in and replace your genuine gadget with a modified one. more effective use of resources.
The NSA is said to have intercepted packages bound for surveillance targets, opened them, modified the electronics inside, then taped them back up and sent them on their way: https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa...
https://archive.ph/kEJco