- Southwest Airlines passengers receive free Nintendo Switch consoles and Mario Maker 2 Wednesday 9:10 PM
- The Deplorable Choir drops diss track aimed at 4 congresswomen from Trump’s racist tweets Wednesday 8:09 PM
- Florida city is pushing homeless people out by playing ‘Baby Shark’ on a loop Wednesday 7:27 PM
- A ‘Gossip Girl’ reboot is coming to HBO Max–and fans are not happy with the casting details Wednesday 6:44 PM
- Beto can’t leverage his slave owner ancestry to gain Black voters’ trust Wednesday 5:51 PM
- Oakland to become the third U.S. city to ban facial recognition Wednesday 5:50 PM
- ‘Release the Snyder Cut’ billboards pop up outside of San Diego Comic-Con Wednesday 5:24 PM
- Iggy Azalea and Peppa Pig have an epic Twitter fight Wednesday 4:39 PM
- Should you be concerned about your privacy on FaceApp? Wednesday 4:15 PM
- Google ‘terminates’ Dragonfly, its censored search engine for China Wednesday 3:33 PM
- AOC rips Facebook during Libra House hearing Wednesday 3:14 PM
- The time traveler conversation meme finds its way to TikTok Wednesday 2:52 PM
- Grimes claims she had an ‘experimental’ eye surgery and practices sword fighting Wednesday 2:42 PM
- 70 Border Patrol employees under investigation for posts in secret Facebook group Wednesday 1:45 PM
- Republican’s Operation Safe Return criticized as cover for mass deporation Wednesday 1:42 PM
A spokesperson at the agency confirmed the password’s legitimacy.
On Saturday, people in Hawaii woke up to a ballistic missile alert that was accidentally transmitted by a Hawaii Emergency Management Agency (HI-EMA) worker who pressed the wrong option in a drop-down menu. The incident raised questions about the security of an agency tasked to warn residents of serious threats.
Now, an Associated Press image that started circulating across the internet on Tuesday is adding insult to injury. The photo shows a HI-EMA employee standing in front of a desk filled with monitors. On the frame of one display is a Post-it note with writing on it. Zoom and enhance and you’ll see a password written in big letters.
A spokesperson at the agency confirmed to Hawaii News Now that the password is legitimate but was for an “internal application” they believe is no longer in use. The image was originally taken in July 2017 so it’s possible the software was still active when it was first uploaded. Regardless, the photo shows a lack of understanding of security best-practices from an agency tasked to inform millions of a potential threat.
People on social media responded in disbelief, opening discussions about the level of training required of emergency management workers. Writing down passwords is one of the worst security errors you can make. It’s forgivable if you do so in a secret notebook, but broadcasting it to everyone in your office (or in this case, the internet) is inexcusable.
The password to the Hawaii alert system on a post it note stuck to the face of the monitor. Broadcast live on TV for the whole world to see. Government total incompetence on display. https://t.co/y8jmplFPS5— name redacted (@nameredacted5) January 16, 2018
Do you want more cybersecurity training? Because that’s how you get more cybersecurity training. https://t.co/cf4PGECisw— Crispin Burke (@CrispinBurke) January 17, 2018
Around the time the image was going viral, the HI-EMA published a representation of the system it uses to send out emergency alerts—the same sort of UI that was used when the false missile alert was accidentally transmitted. The interface was criticized for its archaic appearance and confusing layout, leading to another round of harsh questioning from concerned residents.
This is the screen that set off the ballistic missile alert on Saturday. The operator clicked the PACOM (CDW) State Only link. The drill link is the one that was supposed to be clicked. #Hawaii pic.twitter.com/lDVnqUmyHa— Honolulu Civil Beat (@CivilBeat) January 16, 2018
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.