Security Basics mailing list archives

Re: Password Pride - A Humorous Vulnerability

From: Paul Sebastian Ziegler <psz () observed de>
Date: Wed, 17 Jan 2007 17:03:06 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

andy cuff wrote:

If
this was an isolated incident I wouldn't mention it.  However, these

instances

are becoming ever more frequent, is it my trustworthy face or are others
experiencing similar errors of judgement?


You are not alone. I guess this is really common (at least I had people
tell me their PW as well).
My guess is that every human being has a craving for attention and
acknowledgment of one's work. For most computer-related jobs that
acknowledgment is rare since only very few people understand what you
are doing. So if someone from the administrative sector meets someone
from the security sector he or she (<- hopefully) sees a chance that
someone might value his or her work.
So they simply overreact.

Hows that for social engineering?

Greetings
Paul
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFrki6aHrXRd80sY8RColvAJ4oet7iyaaDmOw/bg4R5MoWF4thSgCfRvYt
tH4EviWgpi+EkgHdFTPksNo=
=P3Y9
-----END PGP SIGNATURE-----

Current thread:

Password Pride - A Humorous Vulnerability andy cuff (Jan 16)
- Re: Password Pride - A Humorous Vulnerability Paul Sebastian Ziegler (Jan 17)
- RE: Password Pride - A Humorous Vulnerability Miguel Valentin (Jan 17)
  - Re: Password Pride - A Humorous Vulnerability crazy frog crazy frog (Jan 18)
- <Possible follow-ups>
- Re: Password Pride - A Humorous Vulnerability admin (Jan 17)
  - Re: Password Pride - A Humorous Vulnerability Snoopy Brown (Jan 24)
- Re: Re: Password Pride - A Humorous Vulnerability security (Jan 19)
  - RE: Re: Password Pride - A Humorous Vulnerability David Gillett (Jan 22)