Security Basics mailing list archives
RE: Password Pride - A Humorous Vulnerability
From: "Murda Mcloud" <murdamcloud () bigpond com>
Date: Wed, 24 Jan 2007 08:35:56 +1000
How do you know it wasn't Lance Spitzner? Honeypot or just plain stupid? Hmmm.... The serious thing is that as the IT crowd, we are forever blaming '(l)users' for the majority of leaks/breakdowns. We are human too and some of us are either responsible for direct breaches(like the OP's talkative anglophile) or through genuine mistakes cause problems. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of RS Sent: Tuesday, January 23, 2007 3:38 AM To: security-basics () securityfocus com Subject: Re: Password Pride - A Humorous Vulnerability So you men to say i shouldn't tell anyone in bar that password for my gmail account is 53cure53rv3r ;) ./RS On 1/20/07, Dixon, Wayne <wcdixo () aurora lib il us> wrote:
So you mean, I shouldn't put this into my latest PHP project? Oh man... I was looking forward to giving my passwords out... I'll have to go and find something else to do... Maybe I'll destroy some USB memory sticks or something.... Wayne -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Marcus Valsecchi Sent: Thursday, January 18, 2007 1:34 PM To: security-basics () securityfocus com Subject: ENC: Password Pride - A Humorous Vulnerability Try this, just for some laughs. This one is a classic, btw. Print a sign with this: "Password creativity (or strength, or whatever suits you) Contest! We are awarding a *put a prize here* for the *put a number here* most creative/strong/whatever *desired account type* passwords! Just write down your login name and password, put it in this box down here, and the prize can be yours!" You got the idea. Especially suited for college/high school environments. Don't try this at home kids. On 1/18/07, Miguel Valentin <valentinousn () verizon net> wrote:I would say you just encountered another moron that doesn't belong in the I/T field!!lol... it happnes and it can happen to you as well :-p next time be carefull when you will talk to someone ;)-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]OnBehalf Of andy cuff Sent: Monday, January 15, 2007 12:26 PM To: security-basics () securityfocus com Subject: Password Pride - A Humorous Vulnerability I thought I'd share a recent observation with the list. I was in a bar in San Francisco where my English accent has a habit ofstimulating conversation with total strangers, in this case it was with a webmaster (sadly not webmistress) of a dubious website hosted in Amsterdam (I don't think I need to expand on the nature of the site;) I mentioned thatIwas passionate about Information Security, whereupon, he proceeded to tell me his root password, as he was so proud about how hard it would be to crack! If this was an isolated incident I wouldn't mention it. However, these instances are becoming ever more frequent, is it my trustworthy face or areothersexperiencing similar errors of judgement? Best Regards -- Andy Cuff Computer Network Defence Ltd www.SecurityWizardry.com-- --------------------------------------- http://www.secgeeks.com get a blog on secgeeks :) register here:- http://secgeeks.com/user/register rss feeds :- http://secgeeks.com/node/feed Submit you security articles,send them to secgeek () secgeeks com http://www.newskicks.com Submit and kick for new stories from all around the world. ---------------------------------------
Current thread:
- ENC: Password Pride - A Humorous Vulnerability Marcus Valsecchi (Jan 19)
- RE: Password Pride - A Humorous Vulnerability Dixon, Wayne (Jan 22)
- Re: Password Pride - A Humorous Vulnerability Melissa (Jan 22)
- RE: Password Pride - A Humorous Vulnerability David Gillett (Jan 23)
- Re: Password Pride - A Humorous Vulnerability RS (Jan 22)
- RE: Password Pride - A Humorous Vulnerability Murda Mcloud (Jan 23)
- Message not available
- Highlighting weak password dangers WALI (Jan 24)
- RE: Highlighting weak password dangers Simon W. Hall (Jan 25)
- RE: Highlighting weak password dangers Scott Ramsdell (Jan 26)
- Re: Highlighting weak password dangers Manuel Arostegui Ramirez (Jan 26)
- Re: Highlighting weak password dangers Alexander Bolante (Jan 30)
- Re: Highlighting weak password dangers anesde (Jan 31)
- Re: Password Pride - A Humorous Vulnerability Melissa (Jan 22)
- RE: Password Pride - A Humorous Vulnerability Dixon, Wayne (Jan 22)
- Message not available
- Re: Port 8081 mystery WALI (Jan 24)
- Port 8081 mystery WALI (Jan 23)
- RE: Port 8081 mystery Gressick, Michael (Jan 24)
- Re: Port 8081 mystery Brian . D . Turk (Jan 24)