After a security breach forced the company into a two-month hiatus and a complete revamping of its online security systems, Freenters, the free printing start-up, reopened its kiosks this Tuesday.
According to first-year Stephen Huh, Freenters head of IT, the hacker breached the system not through its website, but through the printing kiosks placed around campus. Password authentication took place on the printer server, as opposed to on the website, leaving user information accessible to the hacker. The hacker may also have taken advantage of a one- to two-second lag time, caused by the running down of machines, to steal hashed user passwords.
“We’re talking about a machine. Things get lagged up, things get slow over time,” said Freenters co-founder and fourth-year Hye Sung Kim.
Although there was initially an investigation to find the person responsible for the hacking, Freenters has decided not to pursue the hacker, and even thanked him for pointing out the flaws in its security systems before the company underwent expansion to other schools around the country.
“Obviously, we were pretty shocked, and we were pretty angry at the moment. Now we look at the bigger picture of the company issues. Because of the hacker, our team tightened up a lot, and we dealt with security issues…Pretty much changed everything from scratch,” Kim said.
The Freenters IT team has spent the past two months rebuilding its servers from the ground up, moving password authentication to the website server, and making changes to password encryption and hardware, according to Huh.
Although Huh was unable to go into too much detail due to security concerns, he said that more changes are on the way. Freenters’ advertisers were refunded a portion of their money and promised a free advertising period once the company got back on its feet, Kim said. A representative from Hyde Park Produce, one of the advertisers, said that none of the store’s information had been compromised, and it continues to advertise with Freenters.
The hacking incident did prevent Freenters from being featured in a Booth article, but it has not put a stop to its plans for expansion to other schools in Atlanta, Boston, and New York. Recently, Northwestern University, the other campus that Freenters serves, even asked for two more printing stations. Freenters is also on the verge of signing contracts with five additional schools.
“Obviously, [the hacker] could’ve done things better. He could’ve just told us. But the end thing is that we are back with a better and much more comprehensive system, with better security,” said Freenters co-founder and fourth-year Rho Kook Song.