Introduction
In this series I would like to address security issues. It is such a wide subject that it cannot be addressed in one short posting. My layman's definition of a security problem or incident is:
A security incident is when somebody or something take or access something without permission or authority.
It is a very short and possibly not accurate enough definition but, it will suffice for now.
The problems caused by security incidents range from trespassing to loosing assets or data. In serious cases it may cause physical or mental harm to human beings.
Locks, code words and secret languages have been developed as counter measures to prevent security incidents.
We are now al used to identities and password to access on-line systems and services. Way back in about 1997 I did a survey of voice mail users in Cape Town. To my surprise about 90% of users used the default PIN which was 11111! A small percentage used simple PINs like 12345, or a birth day etc. Only a few would use a proper random PIN. I believe, to some extent it is still the case today.
Incident One - Hackers accessed a friend's e-mail
Yesterday I received a very nasty immoral e-mail from a friend who would never send such material. It turned out that his account was hacked! I tell the story as warning and learning experience for us all.
The question is how did the hacker get hold of his user ID and Password? In this case it was a type of phishing scam. He went to an online service who professes to provide information on motor cars. Since he is a motor enthusiast, he subscribed to the service. When he tried to get access to the system he was told that he entered his information incorrectly. By mistake he entered his Gmail account details which the hacker captured. The hacker is most likely an employee or associated with the online motor information service. The hacker then accessed his e-mail account and sent the imoral e-mails to everybody on the address book.
It is such an easy mistake that can lead to serious damage. Imagine the consequences if he had confidential information like bank ID's and PINs in his e-mail history!
Conclusion
My advice is to use strong passwords and NEVER use the same password for two or more services. It is very tempting to use the same password for example your Yahoo mail as well as your Gmail. A strong password needs to consist of an absolute minimum of 6 characters and must contain alpha an numeric characters.
We will discuss more issues and solutions in the next issues on this blog.
-=-=-
Disclaimer: Information is offered in good faith; you do not have to use this information., Any decisions you make - and their consequences - are your own. Under NO circumstances will you hold the author liable for any actions that you take. This does not constitue legal advice or a warranty. The material contained in this blog and on our websites is for general informational
purposes only. You should not rely upon it as advice about specific legal problems. It does not constitute the rendering of legal advice and does not create any attorney-client relationship. If you need legal or other professional advice, you should consult with appropriate legal counsel familiar with your particular facts and circumstances.
purposes only. You should not rely upon it as advice about specific legal problems. It does not constitute the rendering of legal advice and does not create any attorney-client relationship. If you need legal or other professional advice, you should consult with appropriate legal counsel familiar with your particular facts and circumstances.
-=-=-
No comments:
Post a Comment