x
shiny
"Lock the doors and close the blinds -- we're going for a ride..."
 
"Now Gimme Some Candy!"

I was persuing Slashdot at work today and stumbled across this article from the BBC which describes some interesting survey results:





Passwords revealed by sweet deal

More than 70% of people would reveal their computer password in exchange for a bar of chocolate, a survey has found.


It also showed that 34% of respondents volunteered their password when asked without even needing to be bribed.


A second survey found that 79% of people unwittingly gave away information that could be used to steal their identity when questioned.




The full article can be found at http://news.bbc.co.uk/1/hi/technology/3639679.stm.


I tried to think about how I could identify to this article:


  • I like having a secure network environment a lot

  • Chocolate is very yummy. Especially dark chocolate.

However, if I had to make a choice between giving out a password or having to shell out 70 cents to buy my own chocolate bar, I think its been engrained in my head enough that I would have to choose the latter.



Really. What are these people thinking in this day and age?



Perhaps I'm more paranoid than most. This comes from growing up in a "wired" environment for most of my life. My first "username/password" experience happened to be when my Dad worked for a large, well known engineering company during the 1970s. When I was five years old (1977, if anyone's keeping track), he brought home this behemoth of a device. He had to lug it in from his trunk. It looked like a typewriter, except it had a roll of paper already built in. And there was a loud fan. And on the back -- get this -- there was a place where you could put the handset of the phone, so this device could "talk" over the phone to another computer!



In all reality, this was a "dumb terminal" which had no screen (everything was output on paper), and one of the fastest modems around at the time -- 300 baud. (The broadband connection I'm using now advertizes speeds of 100,000 times what we had 27 years ago.) In order to log onto the network, my dad had a username and password. The username was a whole bunch of letters and numbers, and the password he used was a transliterated Hebrew word for "forever."



He shared this with his family, but cautioned us never to share it with anyone outside the family.



Why? Nobody else we knew had a dumb terminal at home! But my Dad still insisted, as he came from an era where phone "phreaking" was all the rage at his engineering school. Hackers didn't have computers to play with, so they played with the phone system, which also had its share of passcodes. When he finally had computer systems to play around with in the early 70s, he figured out where the password files were found on the network! So he made sure that he, nor his family, would be a risk.



And to this day he's been overly paranoid about even writing down a social security number in plain text on a piece of paper that could be found by a potential identity thief. He would attempt to memorize his bank account numbers and credit card numbers rather than have to pull something out which could be visible to someone else. The PIN for his kids ATM cards? He practically mandated that we keep those secret even if we were severely tortured "Alias" style.



Fast forward to the present: Just about everyone has a computer. Just about everyone has many account names and numbers, each with a distinct password. Technologically speaking, everything's become more secure. But there are more and more people out there who are willing to take advantage of someone's lax attitude about security, and potential cause a lot of harm.



In 1977, the only people who ever had to remember a password were network experts who knew the consequences. Nowadays, since just about everyone is "plugged in" somewhere, most people don't know that giving away a password could be a problem. Even if there's some really amazing chocolate attached to it. With the amount of people who remain vulnerable to email viruses and network attacks on their personal and office computers, it's obvious that people aren't taking this all too seriously.



I happen to work for a large telecommunications company. On a daily basis, I need to log into 10-15 systems -- each with individual usernames and passwords. And the passwords need to be changed every 60 days to something I haven't used before. And they all need to have capital and lowercase letters AND numbers in them. Logging in from home? Ha! I had to install special VPN software to do so. And I had to go through a huge procedure to get a "PKI Infrastructure Key" (read: "password") to even attempt to log in. Nonetheless -- even in my hi-tech company, I'm still getting numerous virus emails that I need to erase because other people in the company have chosen to ignore the basic warning of "do not open attachments unless you know what it is and who sent it to you."



It's funny to watch shows like "Alias" and "24" which appear to have such elaborately secure computer networks. When the drama reaches a point where a CIA agent mentions that his password to get into the CIA mainframe is "Sydney" -- I mean, COME ON! You really think there's only one password to get into the CIA? And they'd let you choose the name of the co-worker you've obviously been crushing on? And they don't make you change it every 30-60 days? Sheesh...



Perhaps I'm in the wrong field. I would make a wonderful security consultant. So would my Dad, who taught me all of this. (Although if we ever started a consulting firm together, we'd rip each other's heads off within the first 45 minutes.) Perhaps I could help strengthen the notion that passwords are supposed to remain secret, and that's the only way to maintain the integrity of security.



Or perhaps I should make a run to Costco. Buy cases of Hershey's Special Dark. And grab as many passwords as the chocolate will let me. :-)

 
Profile
Friends

Another incident makes me proud to be a Democrat
- I couldn't bring myself to watch the RNC. I knew I could...
...
This is pretty obvious.
- What's Your Kinky Turn On? created with QuizFarm.com You scored as...
...
Eyes on the back of my head
- There's no way the 360-degree mirror (shown on the right) could work this way...
...
Calendar

September 2008
123456
78910111213
14151617181920
21222324252627
282930

June 2008
1234567
891011121314
15161718192021
22232425262728
2930

May 2008
123
45678910
11121314151617
18192021222324
25262728293031


Older

Crazy 40

At Least Frankenstein Regretted It
- "Ye have heard that it was said by them of old time, Thou shalt not...
...
19/40 replies (Reply Now)