[real-eyes] Security is a state of mind.

• From: Steven Clark <kcpadfoot@xxxxxxxxx>
• To: real-eyes@xxxxxxxxxxxxx
• Date: Tue, 31 Aug 2010 10:46:39 -0500

The following is from
https://bigsecure.wordpress.com/2010/08/31/security-is-a-state-of-mind/

Steve

Security is a state of mind. I’ve said here before that you don’t have 
to be paranoid
but you do have to be aware. And that means understanding the various 
ways in which
people will try and get you to reveal information.
Using the right technology helps keep you secure but it can only go so 
far — it cannot
save you from yourself. Take as an example social networking, by which I 
mean sites
such as Facebook etc. This is a huge and growing phenomenon with 
something like 500
million users and growing. Pretty soon, if you’re not using a social 
networking site,
you’ll be among the minority of computer users. This is not to pressure 
you join
— I’m not in favour of nor advocating following the crowd for the sake 
of it — but,
if you are, you need to be aware of the potential risks.
According to a recent study of 2,000 random users of a social networking 
site by
security company BitDefender
, 94 percent of those asked to “friend” a test profile, of an unknown 
but attractive
young woman, accepted the request without knowing who the requester was.
The users contacted by the study’s researchers came from around the 
world, were split
equally into male and female, and were aged between 17 and 65. The test 
profile went
on to chat with those who had befriended “her”. It found that over 86 
percent of
the users work in the IT industry, 31 percent of whom work in IT 
security, and that
the most frequent reason for accepting the test profile’s friend request 
was her
“lovely face” (53 percent).
People subsequently gave lots of personal information, certainly enough 
to compromise
their security, including items such as their address, phone number, 
mother’s and
father’s name, as well as confidential information from their workplace, 
such as
future strategies, plans, as well as unreleased technologies or software.
With that level of detail, you could probably talk your way into 
someone’s bank account,
but certainly access a lot of further detail about them.
It’s hard to see how technology could save you from handing out 
information like
this — although someone’s probably working on it — unless it was 
incredibly irritating,
in which case people would switch it off: when convenience and security 
are at loggerheads,
convenience wins every time.
In a world where skills are being removed from people every more 
speedily by automation
and technology, hearing an internal voice that asks: ‘who am I really 
divulging this
information to?’ is no bad thing. Better than technology — as long as it 
works…
Posted on Tuesday, August 31st, 2010 at 13:37

To subscribe or to leave the list, or to set other subscription options, go to 
www.freelists.org/list/real-eyes

Other related posts:

• » [real-eyes] Security is a state of mind. - Steven Clark

1. Home
2. real-eyes
3. Archive
4. 08-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---