Hacking 82 Hotel TV Systems in 82 Minutes or Less

Security is hard to get right, there's no question about that.  But sometimes you come across things that are just so simply insecure that it's clear nobody put any thought into security - and there's no excuse for that, especially when it's done by a company that claims to "specialise…

#Tags: hacking, iptv

XtremIO X2 Snapshots - REST API

(If you're not familiar with the XtremIO REST API I'd suggest first reading my posts on using it, in particular part 3 where I covered Snapshots)I wrote previously about some of the changes to Snapshots in X2.A number of corresponding changes were also made to the REST API,…

#Tags:

XtremIO X2 Snapshots

I've written previously about using snapshots on XtremIO, however things have changed a little with XtremIO X2 so it's time for an update.Snapshot TypesPreviously when taking a snapshot you could elect to take either a "read-only" or "read-write" snapshot. The result was basically the same, with the obvious difference…

#Tags:

United Airlines Bug Bounty Program

Around 4 years ago United Airlines launched a "Bug Bounty" program. Bug bounty programs are becoming more and more common as a way of companies rewarding people for reporting security issues that they discover on their website. Those rewards generally take the form of a cash payment, or sometimes just…

#Tags:

United Airlines Mileage Plus/Points.com Information Disclosure

(Update: Less than 24 hours after posting this blog entry United Airlines fixed the problem described, and a password is now required to access the site in question.  It's a pity it took over 18 months and eventually public disclosure to get the issue fixed, but at least it is…

#Tags: united airlines, security, travel

Snapshot Changes in XtremIO X2

I've written previously about how Snapshots (and snapshot refresh) works in XtremIO. With XtremIO X2 we changed the way a few of the snapshot-related concepts work in order to simplify things, as well as to add some additional use cases that were not possible previously.…

#Tags: xtremio, snapshot