IT Glitches and Security Issues Ring in the New Year

While Dilbert doesn't (at the strike of midnight on New Year's Eve) "celebrate the magical thinking that says one random point in the space-time continuum is somehow special," IT glitches sometimes seem to occur as if they do.

For according to reports like one at Denver's Channel 7 news, hundreds of guests at the Denver Tech Center Marriott got locked out of their rooms for several hours due to the crash of the room key software at midnight New Year's Eve. The story says that angry guests got into fights as well as caused damage to the hotel, which required the hotel to call police to maintain order.

The Channel 7 story says that other Denver-area Marriotts didn't report any room key software problems, although this story at MSNBC did indicate that an unnamed Marriott in Hawaii experienced the same glitch.

The New York Post has a story today about a similar room key software problem locking some 200 guests out of their rooms at the Gramercy Park Hotel at midnight on the 31st of December as well. Many of the guests were locked out of their rooms, which the Post says cost up to $2,000 a night, from midnight until 0700 New Year's morning as the hotel staff had to "... painstakingly reprogram each key individually to open doors." Many of the guests had also paid up to $1,000 to attend New Year's Eve parties at the hotel, the Post stated.

Maybe more to Dilbert's point (that IT glitches do not take a holiday) is that a computer malfunction forced the evacuation of riders from Universal Studios' Revenge of the Mummy and E.T. Adventure rides New Year's day in Orlando, Florida. According to reports, 24 people had to be evacuated from the rides. The problem was fixed within a few hours. In other Universal Studios news, the Jaws movie ride ran for the last time yesterday after 22 years. However, you can always rekindle your memories of the ride by watching it on - what else - YouTube.

The BBC also reported that the Royal Mail web site glitch from November of last year involving the calculation of "postal costs of packages based on size and weight" continues on. Apparently, the web page where the calculation is performed affects "... the functionality of other related services."  The BBC says the Royal Mail hopes "... that the service would be available again very soon," which is what they also said last year.

In IT-security news, a story New Year's Eve at The Australian reported that Australian telecom Telstra admitted to yet another data breach, this time involving online access to a spreadsheet containing some 1500 of its Bigpond Internet customers' email addresses, phone numbers, and support issues.

This was the second major customer service data breach for Telstra within the past few weeks. In mid-December, the company had to disable its online billing, BigPond self-care and My Account online functions after 800 000 or so of its customer details were also inadvertently left accessible online. Australian Privacy Commissioner Timothy Pilgrim is investigating this breach, and may well investigate the one last weekend as well.

Finally, in another IT-security related story, on Friday ComputerWorld reported that researchers had discovered a "... vulnerability in the Wi-Fi Protected Setup (WPS) wireless standard." According to the story, the vulnerability "... involves how the router responds to incorrect PINs. When a PIN is entered, the router using WPS will indicate whether the first or second halves of the PIN are correct or not."

This error information can be used by brute-force attacks to crack the security of many popular Wi-Fi routers in four to ten hours or even less. The U.S. Computer Emergency Readiness Team (CERT) has issued an advisory on the WPS security issue, and states:

"We are currently unaware of a practical solution to this problem."

The CERT advisory suggests that WPS be disabled.

Happy New Year!!