from Hacker News

A cheap barcode scanner helped fix CrowdStrike'd Windows PCs in a flash

by qdot76367 on 7/25/24, 8:27 PM with 29 comments

  • by joshstrange on 7/26/24, 10:18 AM

    I have a friend who worked somewhere with a draconian password policy (changing every 2 weeks, long length, no overlap with old passwords, etc). That company also had barcode scanners attached to most of their computers. He told me that a lot of people would have a barcode taped up under their desk and just point the scanner at the barcode to login (since most scanners just sent what they scan as keyboard input).

  • by mrguyorama on 7/25/24, 10:14 PM

    I just had to reimage my girlfriend's Windows laptop, which managed to utterly corrupt it's Windows install, all by itself, to the point it couldn't even reset itself.

    For some ungodly reason, this personal laptop to be used for watching netflix had bitlocker turned on by default. 48 digit keys are obscene. It was so painful to try any triage or repair step because every single reset would require typing in all 48 digits. It's so stupid.

    Meanwhile, what wasn't turned on automatically? System restore. God forbid you set aside 20gb for a chance at recovery. I had to reinstall from raw Windows installer. Now the speakers don't work, because Asus doesn't aknowledge that they've even sold this model of laptop, only showing drivers for the version of the laptop with an OLED screen, which uses a different wifi chipset and audio chipset, so it keeps trying to stomp over the drivers!

  • by michilehr on 8/7/24, 4:27 PM

    We have QR codes for installing for example cups printers and way more more things.

    I am now using my Flipper Zero for such things including entering passwords at our Dashboards.

  • by Genbox on 7/26/24, 8:35 AM

    Pretty interesting solution. At least it removes many of the errors stemming from reading keys over the phone, etc., but it also proclaims to remove the risk of distributing BitLocker keys - but that's precisely what they did - just in barcode form.

    The obfuscation might prevent the intern from figuring out what is going on, but there are plenty of barcode-scanning apps for phones that show you the data stored in a barcode.

  • by BobbyTables2 on 7/26/24, 4:53 AM

    Neat idea, but why not just save the recovery files to a USB drive ?

    Windows can find that automatically!

  • by Eater_of_food on 7/28/24, 9:15 AM

    Woltz is pleased that his idea translated into a swift recovery, but also a little regretful he didn't think of using QR codes – they could have encoded sufficient data to automate the entire remediation process.

    I don't follow this, what could they have done with QR codes?

  • by NoPicklez on 7/26/24, 5:27 AM

    Whilst there may have been a better solution, I am enjoying all of the quirky ways IT admins were implementing fixes, like these

  • by Cordiali on 7/26/24, 5:52 AM

    I used to work in an archive, and the Symbol LS2208 was a pretty great scanner. The model is also old enough, that you can find them branded Symbol, Motorola, and Zebra.

    I had my own cheat sheet to reprogram it, eg. changing the final character to tab or enter, scan on trigger press or always scan. It struggled a little with black barcodes on navy blue labels, but that's a terrible idea anyway.

  • by account42 on 7/26/24, 3:02 PM

    > When PCs boot, they consider barcode scanners no differently to keyboards.

    This is actually usually a mode of the barcode scanner that can be configured by ... scanning a special barcode.

    > That response could not, however, involve distributing BitLocker keys – doing so was just too risky to contemplate.

    So instead they distributed the BitLocker keys but wrapped in a barcode?

    I mean using a barcode scanner as ad-hoc keyboard input automation is nice but this theatrical approach to computer security is not encouraging.