Yesterday, I was watching an interview with Mr Ankit Wadia (His website describes him as “The Computer Security guru. The Ethical Hacker. The Author. The Intelligence Consultant. The Entrepreneur.")
He was talking about how the web is unsecure today and how easy it is to crack passwords. Whilst, I was eagerly awaiting in anticipation to see how he hack into a yahoo password, he pulled a bluff on me, when he asked the presenter to enter his password and then he went about using Revelation to read the password from it!
Now, Mr Wadia, do you really think that the Indian IT guys are so very dumb that you have to show how to use revelation?! I agree that most users in India are blissfully oblivious to the potential hazards and lack of privacy on the net, but come on! Can’t you find any oft repeated behaviour that people use that you can show case?!
I am no security guru or even an ethical hacker or author of a book, but I can think of a few things that people often do that can be avoided.
- Using low strength passwords (children names, wife’s name, dog’s name etc)
- Using the save password option in web-cafes
- Using the same password across all accounts
- reply to spam and phishing attacks with sensitive information
- Giving away CVV numbers freely on the net
- Publishing phone numbers and address on social networking sites like orkut/gazzag/yahoo profile etc.
I wish that apart from getting on air to promote stuff that you do, you can also give some real examples of lack of common security practices, so that people really do benefit (so that they feel a little bit more justified in acknowleding you as India’s only security guru - a wee bit self-proclaiming, wouldn’t you say so?!)