[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Home]
4Archive logo
Hello /g/. The tldr of this is that my company...
If images are not shown try to refresh the page. If you like this website, please disable any AdBlock software!

You are currently reading a thread in /g/ - Technology

Thread replies: 12
Thread images: 4
File: Image(7).jpg (61 KB, 540x523) Image search: [iqdb] [SauceNao] [Google]
Image(7).jpg
61 KB, 540x523
Hello /g/. The tldr of this is that my company is retarded and I'm not sure if I should alert the CEO (who's email I have and get chances to talk to face to face often) to it.

The longer version is that I work for a fortune 500 company with no computer sense. I'm not IT or anything (I'm just a salesman) but even I was able to fine stupidly obvious security holes that are less of holes and more of just plain not caring. Info from registers is sent in plain text over an open network to a central location that's ip is given on the screen every time the register turns on. Bios on registers is not locked, and remote access is on by default. The boot order is set to load from a server first but has the entire POS system stored on the hdd just in case. USB and what have you are not disabled. Nothing is disabled. The file system is locked but can easily be accessed by doing something that causes an error and then going to save error report. From there you inexplicably have access to the file systems of every other machine on the network and can save and edit their files. From this I learned that our computers are running windows XP and all of our POS is a mish mash of flash and Visual Basic. The network we're on communicates with the regular internet readily without protection and I even installed internet explorer on one of the registers. Now, I'm and idiot and I think that this is unsafe. The only thing that's stopping me from telling someone is possibly losing my job for messing with the computers. Wat do?
>>
File: jimmy.jpg (37 KB, 660x395) Image search: [iqdb] [SauceNao] [Google]
jimmy.jpg
37 KB, 660x395
>>
File: BsnTz1W.jpg (105 KB, 750x1002) Image search: [iqdb] [SauceNao] [Google]
BsnTz1W.jpg
105 KB, 750x1002
>>52233919
what?
>pic unrelated
>>
>>52234091
Nothing that employees touch is secured. An angry employee could copy the whole POS system onto a flash drive and install it onto a home computer or sell it online. Also the entire network is unencrypted and doesn't prevent registers from modifying files on more important machines.
>>
File: asc.jpg (35 KB, 311x310) Image search: [iqdb] [SauceNao] [Google]
asc.jpg
35 KB, 311x310
I'm a CEO of a Fortune 500 company and I also know doctors, dentists and architects.

Fuck, I hope it's not my company you're talking about!

Saying that, the next employee who approaches me with such concerns will be fired immediately as I know you'll have spread this shit on a seedy website before sending the details to me.

Now fuck off.
>>
>>52233919
If I were you, I would only think about what helps you keep your job. Is there any way they could find out you were messing with the system if you don't tell them? Where you logged in or something? Otherwise just let them burn, anybody this ignorant deserves what's coming to them.
>>
>>52234302
Wft, tell your boss. Explain that fixing this could very well save the whole business from crashing to the ground.
>>
>>52234536
>I would only think about what helps you keep your job. Is there any way they could find out you were messing with the system if you don't tell them
There's no real practical way they could know since I didn't have to log on to do any of this. And I think you're right. If I say something Ill probably just get blamed for the inevitable problems that they'll be having or that they already have. Thanks.
>>
>>52234753
Why fucking post this shit then?
>>
>not having everything ensured so fat cats can cash out and find something else

the game was rigged from the start.
>>
>>52234777
Why ask for advice if you're just going to take it?
>>
>>52234302
Don't be a bitch and sell that shit online nigga and make some mad dough.
Thread replies: 12
Thread images: 4
Thread DB ID: 367510



[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the shown content originated from that site. This means that 4Archive shows their content, archived. If you need information for a Poster - contact them.
If a post contains personal/copyrighted/illegal content, then use the post's [Report] link! If a post is not removed within 24h contact me at wtabusse@gmail.com with the post's information.