SecurID tokens use an authentication system by RSA Security to give the user a valid key for logging onto the target system. A home-grown optical character recognition tool in Perl monitors the key generator.
My colleague Fergus recently noticed that his SecurID token displayed “000000,” and he posted a photo of this on Flickr. These keyfob tokens by SecurID output a different 6-digit number every 60 seconds. If the odds for any numeric sequence appearing are equal, the chance of getting to see “000000” is one in a million. It’s like winning the lottery! This lucky shot made me curious to find out what my keyfob displayed while I wasn’t looking. It is fairly easy to digitize the output with a webcam or a scanner, and optical character recognition (OCR) would give me the digits hidden in the pixel-based output. But because OCR vendors have more or less patented this area to death, there is little in the line of functional free software.
Comments