The InfoSec Blog

System Integrity: Without Integrity you don’t have Security

Related Posts
Recent Posts
Calendar
March 2006
M T W T F S S
« Feb   Apr »
 12345
6789101112
13141516171819
20212223242526
2728293031  
Archives
Technorati
Subscribe

Enter your email address:

Delivered by FeedBurner

Search

infosecblog Web
emergence SI Site
Categories
Advertisments
March 20th, 2006

It’s a crime to delete files

By antonaylward

Occasionally I pluck up enough courage to read the Risks Digest.
I found this: http://catless.ncl.ac.uk/Risks/24.20.html#subj6

If you don’t read Risks Digest regularly you probably have a cheerful and upbeat disposition and positive outlook on the world and hope for mankind’s future.
If you DO read Risk Digest then you probably don’t need to read apocalyptic SF as you’d it unrealistic. Its not technology that’s going to destroy the world, not Global Thermonuclear war, no Nuclear Winter, no nanite “Green goop” scenario, not biotech poisoning.

It will be lawyers and politicians!

Now suppose that in this case Mr Citrin also kept purely personal stuff on the laptop: his calendar also included things like PTA meeting, kids baseball games, addresses of relatives … and he deleted those.

From my list of quoteable quotes - this seems apropos

The Internet is not the greatest threat to information security; stupidity is the greatest threat to information security.
- Will Spencer

Posted in Security | No Comments
March 14th, 2006

Better than Free Chocolate Bars

By antonaylward

Some while ago people were peruaded to give up their passwords in exchange for a chocolate bar. This goes one better

With chocolate bars you only get the password, which is not a lot of use unless you’re already behind the corporate firewall.
http://www.networkworld.com/news/2006/031306-free-cds-security-weakness.html

To office workers trudging to their cubicles, the promotion looked like a chance at sweet relief from the five-day-a-week grind.
By simply running a free CD on their computers, they would have a chance to win a vacation. But the beguiling morning giveaway in London’s financial district last month was more nefarious than it appeared.
Like flies to garbage, dozens of victims took the CD, unable to control the irresistible attraction of “free.”
Secret agents behind enemy lines, the CDs piggybacked through companies’ physical security systems tucked in the bags and pockets of their couriers. The office workers dutifully took the CDs to their desks and plopped them in their employers’ computers.

There’s a moral here.  But the implication that  people can be so easily subverted is frightening.

Posted in Security | No Comments
|

The InfoSec Blog is powered by WordPress | Using Tiga theme with a bit of Ozh Feed Shark