An old laptop once used by the German Army was recently sold on eBay, but the sellers forgot to remove its hard drive first. The buyers, fortunately a team of security researchers, found easy access to documents instructing them how to destroy the army’s Ozelot air defense system.
When pawning your old computers, remember to remove or wipe the hard drives first! Germany’s Bundeswehr nearly told a random internet buyer how to take down one of its anti-aircraft vehicles; fortunately, the folks who scooped it up were a pair of German security researchers.
Tim Berghoff, a security researcher at G Data in Bochum, Rhine-Westphalia, bought the old laptop recently for 90 euros on eBay from a computer recycling company in Bingen-am-Rhein “out of curiosity,” according to Der Spiegel, which first reported the story.
The boxy Roda Rocky II + RT686 computer came in its own carrying case and weighed a hefty 5 kilograms. It ran Windows 2000, a short-lived Microsoft OS oriented towards professionals.
According to the outlet, Berghoff’s colleague, Alexandra Stehr, was able to easily breach the laptop’s basically-nonexistent security. When she turned it on, it booted up without asking for login information, and she easily accessed the supposedly-secure software by randomly trying the username “guest” and password “guest.”
Inside, she found documentation on the Bundeswehr’s Ozelot Light Air Defense System (LeFlaSys), a tankette fitted…