RSS Archive Contact Us Advertise

IT Management Begins With Security
SecurityProNews > News > Security News > Security Pros, Beware Of No-Tech Hacks
Search:
[ news_security_news ]

Security Pros, Beware Of No-Tech Hacks



David Utter
Staff Writer
2007-08-06

SecurityProNews: News RSS Feed Security News RSS Feed


Focus too much on Metasploit and application exploits, and you may be too engrossed to pay attention to the guy wearing a jumpsuit and carrying a toolbox.

It's possible to become effectively invisible in modern society. Not in an electronic sense, but in a way that people actively ignore others.

Internet News had an account of Johnny Long's talk at Black Hat about no-tech hacking one's way into places. It's the Jedi mind trick made real, only with a duplicate of a legitimate ID card instead of The Force making it work.

His experience with a copy of an AT&T name badge allowed him to get into all kinds of places. To the non-tech people in the workforce, the least desirable thing that could happen to them would be to have to talk to the techies.

They make the assumption that a phone guy wouldn't be there unless he had to be, so they let him go on his merry way. Plenty of people make judgment calls about others, and that seems to be Long's point. It's easy to take advantage of that.

I've seen that in real life too. A clipboard gives the illusion of being busy, since virtually no one totes a clipboard around all of the time. People look at the clipboard rather than the person.

Put on a worksuit and grab a toolbox, and the world practically sits up and begs for one to come on inside. In a typical white-collar office, no one wants to do dirty work that involves tools. It's obvious someone called the repair guy, right?

Many years ago in my younger geek days, I watched a guy dressed this way, complete with toolbox, casually stroll to the front of a long line awaiting the opening of a certain Midwestern gaming convention. He pounded on the door until he got the attention of a security guard, and angrily pointed at the toolbox and into the convention hall.

He made it inside. Later on, he turned out to be a friend of a friend, and I asked him what he was there to fix. He laughed at that; he just wanted to claim one of the few available lockers inside the convention hall before the hordes came pelting through the front doors.

This was around the time the Soviets were in Afghanistan and Bin Laden received funding from the CIA. Twenty years later, people still make the same basic mistakes that Long demonstrated and discussed with the Black Hat crowd.


About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.

More news_security_news Articles

SecurityProNews: News RSS Feed Security News RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2009 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds