Welcome to TechNet Blogs Sign in | Join | Help

Canadian IT Professionals

Connecting Canadian IT pros.. It's all about Technology and a whole lot more!

News



  • Sharing of thoughts and information is what blogging is all about. This way we can learn from each other. Post A Comment!

    These postings are provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use.

    Resident Bloggers

    Rick Claus
    IT Pro Advisor
    Connect with Rick


    Rodney Buike
    IT Pro Advisor
    Connect with Rodney


    Damir Bersinic
    IT Pro Advisor
    Connect with Damir



[Podcast] Steve Riley on Social Engineering

A few weeks ago I had the chance to take in SecTor.  Normally when I go to an event like this I hang out in the Community Zone or am presenting or doing some other work.  This time I showed up as an attendee, went to a load of sessions, networked, and hung out with like minded security people.  It was a nice departure from the norm but I did get a chance to record some interviews for podcasts to share with you!

Steve Riley is up first.  Steve is a member of Microsoft's Trustworthy Computing team in Redmond and is a very intelligent, exciting, engaging and entertaining speaker.  He delivered a keynote session on social engineering which you check out but I sat down with him to talk about social engineering and what can be done to limit its effectiveness (Hint: Session 1 at My TechNet covered this)

http://www.canitpro.ca/podcasts/steveriley-social.mp3 - 7:27

 

Posted: Wednesday, December 05, 2007 1:42 PM by rodney.buike
Filed under: ,

Attachment(s): http://www.canitpro.ca/podcasts/steveriley-social.mp3

Comments

Sean Kearney said:

I believe "Social Engineering" is what most of us have to do to get past Tech support at certain companies...

"Who are you?"

Respond with the husaband or boss' name.

"Ok Mr. Smith, what is your address?"

Look at the business card on the desk.

"Do you have your passcode handy?"

Come up with fake excuse, too busy, too many meetings, mail server is down, stressed.

Next thing you know you're John Q Smith, CEO of ABC Corporation getting support for his live Domain.

Happens all the time.   Of course this is a case of sanctioned social Engineering by John Q. Smith BUT knowing how to the pull this off, I can definitely see people calling up with "just enough info" to 'become' that person.

Kinda scary eh?

# December 9, 2007 6:13 PM

Harry Waldron - Microsoft MVP Blog said:

The Powerpoint slide show is one of the most comprehensive presentations I've seen on the topic of

# December 10, 2007 9:22 AM

Harry Waldron - My IT Forums Blog said:

The Powerpoint slide show is one of the most comprehensive presentations I've seen on the topic of

# December 10, 2007 9:26 AM
New Comments to this post are disabled
Page view tracker