MacRaven - Dave Haxton's Weblog

Fri, 09 Jun 2006

Wow! That handy autorun feature of Windows really came in handy for these guys, eh? "Microsoft security" is becoming as much of an oxymornon as "military intelligence"...

What's the easiest way to hack into the computer systems of a credit union? It turns out that all you need to do is copy a virus/trojan onto USB drives and scatter them around the front door of the credit union. This was how a recent security audit was performed at a credit union where the employees had actually been tipped off to the audit. Security experts collected 20 old USB thumb drives and filled them with images and other data along with a trojan that would collect sensitive information and e-mail it back to them. Early one morning they planted the thumb drives around the entrances to the credit union as well as other public places where the employees were known to congregate. In very little time 15 of the 20 USB drives were plugged into company computer systems and started e-mailing usernames, passwords, etc. back to the auditors.

(link) [Slashdot]

/Technology | 1 writeback | permanent link

On 6/15/2006 17:13:35
Walter Jeffries wrote

Eek. Of course, the USDA's, Veterans Affairs and other database loses don't reassure people. Just because we can look someone up on Google Maps, etc doesn't mean people are going to feel good about putting all the data in a handy easy to reference and hack central location. To give an analogy, one can generate all possible credit card numbers, dates and security codes using an algorithm and then test them to check for validity by doing small charges (this has been done by criminals). But having access to a database giving someone a specific sets, a database, of name, address, cc#, date, security code is much, much more useful for a criminal. People no longer trust businesses or government to securely store their data because of the large number of cases of known losses of large amounts of personal data. The more data per record that are added the scarier it gets and NAIS has a lot making it look very invasive. But of course, they say, "Trust us, it's secure!" Right...

:: Categories ::

agriculture
asatru
copywrongs
humor
musings
politics
technology
index
haxton.org

:: Search ::

:: Blogroll ::

A Mindful Life
The Accidental Smallholder
Austro-Athenian Empire
Cauldron Born
Center for a Stateless Society
Dances with Ewes
Dispatches
egregores
Hardscrabble Creek
Honk & Helen
In Siberia
Laudator Temporis Acti
Lorrie's Livejournal
Masson's Blog
MyAppleMenu
NoNAIS
Notes on Religion
Numenous Thoughts
OrangeGuru
Overlawyered
Prophet or Madman
rogueclassicism
Sugar Mountain Farm
Thud Factor
Universe of Discourse
Wildhunt Blog
within the crainium

:: Archives ::

←May→
Sun	Mon	Tue	Wed	Thu	Fri	Sat
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

:: Site ::

Contact Me

MacRaven
Dave Haxton's Weblog
Musings, Reflections, Rants and Comments from a Hoosier Heathen husband, father, grandfather, farmer and software engineer. There's really only one of me ...

lunar phases

Unless otherwise noted, all original
work on this site is licensed under a

comment...


Notes: If you put a <mailto:> link in the URL field your address will not be mangled: this could be a bad idea as your email address could be easily harvested by bots designed for SPAM. The comments field should now format correctly for line feeds and carriage returns: when you hit the 'Enter' or 'Return' keys in your comment it should break to a new line. The text should wrap cleanly. Please let me know if it doesn't. No HTML tags will pass through - entering links seems to be the main cause of comment SPAM. Also, please be sure that Javascript is enabled in your browser before attempting to post a writeback. Sorry for any inconvenience, but this really helps cut down on the amount of comment SPAM I have to deal with.

Name:
URL:	(optional)
Title:	(optional)
Comments:
Save my Name and URL/Email for next time