- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
Is your network secure enough to fight off chocolate?
The short answer: probably not. Even with all of the security-related news in recent years, Infosecurity Europe's now famous experiment (it just completed the sixth one), shows people are still willing to divulge questions about corporate security in exchange for a chocolate bar.
The problem is, of course, that computer users are remarkably ignorant when it comes to security. Curiously, many IT people refer to users as being naïve on the topic, but that's not correct because naïve is defined as "marked by or showing unaffected simplicity and lack of guile or worldly experience . . . lacking information or instruction." In other words, naïve implies innocence about the workings of the world.
In reality, unless they are troglodytes, users must have heard about identity theft, hackers, security breaches at financial institutions, retailers mislaying consumer data, because these topics are on the radio, in magazines and on television constantly.
Even so, it appears that for the majority of users, this crucial and what should be easily understood information goes in one ear and out the other with apparently no resistance. They are not naïve, they are willfully ignorant.
OK, so here's the question: Exactly how ignorant are they? The experiment found that out of 576 people questioned this year, 21% were quite happy to reveal their passwords in exchange for candy, says Steve Vawter, a reader in Oakland, Calif.
But maybe some of the dire news of late is sinking in, because that number is a heck of a lot lower than when the same experiment was conducted last year. Back then, a whopping 64% of the respondents were willing to give away their passwords. It seems that users have never paid attention to their mother's advice about strangers and candy.
A curious aspect of the results was that, of those willing to trade away their passwords, women were 4.5 times more likely to spill the beans then men. Even more astounding was that 61% of all people surveyed happily revealed their date of birth! And when asked for their names and telephone numbers for a draw to go to Paris, 60% of men and 62% of women coughed up. Obviously at this point the researchers could have taken the data they had collected and had endless fun with the respondent's lives.
Rss FeedRss Feed
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (10)
It was the ease with which they gave it upBy Mark Gibbs on May 7, 2008, 4:52 pmBrian, I'm more surprised that people would give up so much information in one go ... Sure, lots of information on individuals is easily found if you are motivated...
Reply | Read entire comment
Not that amazingBy Brian Knoblauch on May 7, 2008, 4:50 pmI'm not sure why you found it astounding that people would give up a date of birth. It's not exactly secret information. Especially here in Ohio where it's printed...
Reply | Read entire comment
It only takes one userBy Mark Gibbs on May 7, 2008, 4:40 pmIndeed, some or even many will lie but equally some will not and that's the point -- it only takes one naive user to bring your security house of cards tumbling...
Reply | Read entire comment
A questionBy Richard Rosenheim on May 7, 2008, 4:36 pmA question -- when those various people provided the information for a candy bar, how many of those people was actually providing accurate data? In other words,...
Reply | Read entire comment
One naive user can bring down the whole house of cardsBy Mark Gibbs on May 7, 2008, 11:45 amYou're right, there was definitely some fibbing going on but I wasn't claiming that the poll was scientific, merely indicative. So, sure that some percentage lied...
Reply | Read entire comment
View all comments