Ethics and Law in New Media/Social Engineering in Social Networks

  • Blog about a good case of social engineering

I suppose that the positive social engineering would be understood as a transfer of your personal information from one page or application to another, that gives you some advantage. Now almost all services are inter-connected: google account with youtube, skype with facebook, well almost everything is connected with facebook 🙂 I don’t know if the big corporations could be seen as a good example of s.e. case but there is one point that for sure is important – they do get some benefit – they become more and more popular and spread through friends network.

Another example that I have found:

The other day I posted a plea for iCal access to my travel reservations. A little research shows that some major hotel chains, at least, have started down this road already.

I made my reservation at the Doubletree Hotel for the O’Reilly Open Source Conference online, and discovered this link on the reservation confirmation page:

image

Clicking on it, I got a VCalendar file which I was then able to import into Evolution.

Inspired by this success, I looked over at the Marriott website and found that my upcoming reservations displayed this link:

image

This one works fine in Evolution too. Interestingly, either Marriott is using Outlook to generate these calendars or they created their VCalendar format by copying one exported from Outlook:

BEGIN:VCALENDAR
PRODID:-//Microsoft Corporation//Outlook 10.0 MIMEDIR//EN
VERSION:1.0
BEGIN:VEVENT
...

This is a great start. But I still have to manually import the file and manage any changes, and I’m still waiting for similar functionality from my airline.

I do see it as a positive social engineering case as the program sends our information and that way facilitates making our schedule.

  • Formulate some measures which can reduce the effectiveness of social engineering attempts
  1. first of all people should be more attentive to the virtual environment. It might result quite difficult as there is so much information that is not interesting for us and every day it’s more difficult to filtrate it. Sometimes we just because of the lack of time or will make some unreasonable decisions that might have unpleasant consequences.
  2. a lot depends of the users knowledge and skills. Young people tend to be more acquainted with the methods that social engineers  are using and they don’t fall for it. What my mom does – when she gets an suspicious email and does believe it firs of all she resents it me or my sister and asks if it’s worth paying attention. She is ingenuous but at least she is aware of it and prefers to have a second opinion. This may result useful for elder people  that often feel lost in the internet.
  3. it’s good not to save your password on the computer, often change it and use capital letters and numbers.
  4. the protection with antivirus programs, using the latest version of internet browser and better not using the internet explorer 🙂 just for fun:

and that’s how the ie looks at a typical pc:

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: