About | ACP | Buy | Industry Watch | Learning Curve | Search | Test Drive
Home » Industry Watch » The Technological

US government workers are stupid

But they're not the only ones.

Get It

Try It

Pen(etration) testing: see if your client's defences can be broken. A worthy endeavour. The US Department of Homeland Security wanted to see how safe they were.

Security is not only about not using wobbly systems like Windows. As seen in the past month with Apple's BFF Mac Defender, security also involves people. They can't be wobbly either.

So DHS decided to do a pen test to see how stupid their people were. Bad Idea™. They dropped USB thumbs and discs around the parking lots of government buildings to see how many would pick them up and stick them in their boxen without thinking. 40% thought; 60% didn't.

'The more the drive or disc looked like it really might contain something official and secret, the more likely people were to plug them in', writes Davey Winder at DaniWeb. 90% of the drives adorned with 'official' logos suckered their finders in.

But that's no surprise to people watching hundreds of thousands of Mac users get suckered by a simple ruse. Nor can it be a surprise to anyone involved in the behavioural sciences or IT security. The trick is known in the industry as 'stick baiting' and it mostly works.

The dropped drives had 'malware' on them that performed a basic 'call home' routine. So no harm was done. But the ramifications of the study results are scary: most people are susceptible to the scam.

Yet in most cases involving personal computer use, there is only one platform where the danger is clear and present: Windows. And it's only in the past few weeks Redmond finally gave up on their ridiculous AUTORUN.INF.

Combine the arrogant stubbornness of Microsoft with the bewildering and breathtaking stupidity of most users and you have the recipe for what ails the Internet today.

Stupidity should be painful. And it often is. But use of Microsoft Windows - especially in government agencies - should be more so: it should result in those responsible being put out to pasture.

There is no device known to mankind that prevents people from being idiots.
 - Ray Bryant CEO Idappcom

See Also
DaniWeb: Proof that US government workers are stupid
Global Security Mag Online: Ray Bryant CEO Idappcom Ltd: Raising the security bar

About | ACP | Buy | Industry Watch | Learning Curve | Search | Test Drive
Copyright © Rixstep. All rights reserved.