Go to content Go to menu

I publish, I think

Tuesday, August 10, 2010

Je publie, je réfléchis (I publish, I think) is the name of a French Internet site which aims at sensitizing people (mainly young audience) on the risks of publishing things on the Net. It is designed by the CNIL (French authority for IT and liberty)

It provides ten good recommendations before publishing, such as:

  • Ask yourself if you would do the same in “real” life
  • read the terms and conditions of social web sites. This is probably the less realistic one. It is a tough job. Did you do it yourself when for instance joining LinkedIn? I confess that I did not:(
  • Don’t publish contents that may harm the reputation of somebody else
  • Use a pseudo that you communicate only to your close friends…

Interestingly, the site is linked to a serious game that describes a realistic scenario and gives some hints to avoid the problems. If you have youngsters, send them to this site.

Unfortunately, the site is only in French. Does somebody know an equivalent site in English?

Thanks to OH to have pointed me to the site. :)

Posted by Wunderbarb
Add a comment

Ten ways hackers breach security

Monday, January 25, 2010

I have decided to launch a new category: “the ten …” In this category, I will put the classifications and lists that we find around the net about security, such as the top 10 vulnerabilities in software.

Of course, the first one of the category is the Technicolor Ten Security Laws of my team.

I found this Ten ways hackers breach security as a white paper from global knowledge. The paper is clearly not revolutionary. Nevertheless, it is another ten laws…

Here are the ten ways:

  • 1- Stealing Passwords
  • 2- Trojan Horses
  • 3- Exploiting Defaults (a cruel one but awfully true. How many people do change the default password of their admin in the gateway?)
  • 4- Man In The Middle Attacks (more sophisticated, but at the heart of some recent wireless attacks)
  • 5- Wireless Attacks
  • 6- Doing their homework; what was meant here was to collect information about the target. This of course is one of the first stages for social engineering.
  • 7- Monitor Vulnerability Research (!!!)
  • 8- Being patient and Persistent
  • 9- Confidence Games; this is where they present social engineering
  • 10- Already Being on the Inside; the usual insider

Nice introduction paper, but not interesting if you’re already security aware.

Posted by Wunderbarb
Add a comment