Purely by accident, Mr Schifreen had stumbled across a live Prestel account that had the number 2222222222 and a password of 1234.
Even better, it was not a customer account. "It was only supposed to be for Prestel staff," he said. A quick scan of the pages available via this account revealed a phone number for a test mainframe used by administrators maintaining the service. "I tried that on and off for a good few months," said Mr Schifreen. "One day, after months of trying, I dialled up this test computer, and it showed a page saying, 'This is the system manager password'." "I logged in with it, and it said, 'Welcome to Prestel. You are now system manager'." Initially, this gave Mr Schifreen and Mr Gold access to only the test system. However, the Prestel system administrators had made another security blunder. "The golden rule they broke was that in this test computer they used live data," Mr Schifreen said. "They used live passwords on that test machine." Those live passwords let the pair get access to the working system. The hack was aided by the fact that the two men were dialling up after 18:00, when phone calls got a lot cheaper. This had proved useful, Mr Schifreen said, because by then the Prestel security team had gone home for the day. |