Here’s the story: http://publicaddress.net/onpoint/msds-leaky-servers/
Last week, I got tipped-off that the parts of the MSD network were completely exposed to the public. You could go into any WINZ office and use their self-service kiosks to access their corporate network.
These locked-down kiosks are provided so you could look for jobs online, send off CVs etc. They’ve had some basic features disabled, which supposedly meant that you couldn’t just open up File Manager and poke around the machine. However, by just using the Open File dialogue in Microsoft Office, you could map any unsecured computer on the network, and then open up any accessible file.
Here’s the hashtag: #wtfmsd
Here’s me playing around with Scribblelive: