I am reading "The Art of Deception" by Kevin Mitnick, which is all about social engineering - a very important and totally overlooked component of systems security, exposed so well by former "America's Most Wanted Hacker." It is absolutely amazing what people are willing to divulge if you are just confident and know enough of the "lingo" to sound genuine! People just don't realise what is a common-day piece of information to them is a vital piece of information that is essential to an outsider intending on being not so honest...
And as for posting documents on your Intranet - are you sure you haven't just given away secure information to all who have access to the Internet? I would just like to say hello & thanks to a certain university in Hungary... You guys should be ashamed - you are the IT department after all!!! ;-)
No comments:
Post a Comment