FACTOID # 27: If you're itching to live in a trailer park, hitch up your home and head to South Carolina, where a whopping 18% of residences are mobile homes.
 
 Home   Encyclopedia   Statistics   States A-Z   Flags   Maps   FAQ   About 
   
 
WHAT'S NEW
 

SEARCH ALL

FACTS & STATISTICS    Advanced view

Search encyclopedia, statistics and forums:

 

 

(* = Graphable)

 

 


Encyclopedia > Social hacking

In the field of computer security, social engineering is the practice of conning people into revealing sensitive data on a computer system, often on the Internet. With the profusion of poorly-secured computers with known security holes connected to the Internet, the majority of security compromises are now done by exploiting such; however, social engineering attacks remain extremely common and are a way to attack systems protected against other methods — for instance, computers which are not connected to the Internet. It is an article of faith amongst experts in the field that "users are the weak link."


A contemporary example of a social engineering attack is the use of e-mail attachments that contain malicious payloads (that, for instance, use the victim's machine to send massive quantities of spam). After earlier malicious e-mails led software vendors to disable automatic execution of attachments, users now have to explicitly activate attachments for this to occur. Many users, however, will blindly click on any attachments they receive, thus allowing the attack to work.


Perhaps the simplest, but still effective attack is tricking a user into thinking one is an administrator and requesting a password for debugging purposes. Users of Internet systems frequently receive messages that request password or credit card information in order to "set up their account" or "reactivate settings" or some other benign operation in what are called phishing attacks. Users of these systems must be warned early and frequently not to divulge sensitive information, passwords or otherwise, to people claiming to be administrators. In reality, administrators of computer systems rarely, if ever, need to know the user's password to perform administrative tasks. However, even this might not be necessary — in an Infosecurity survey, 90% of office workers gave away their password in exchange for a cheap pen.


It is important to note, however, that phishing is not always so direct. One of the biggest problems in Windows computers is spyware (a subcategory of trojan horse), which is malicious software in which the user runs executable code that promises to do something but does other tasks in the background. This typically happens by offering a downloadable program which does a task, or via the internet by secretly inserting code intended to exploit holes in the user's system security.


Training users about security policies and ensuring that they are followed is the primary defence against social engineering.


One of the most famous social engineers in recent history is Kevin Mitnick.


References


  Results from FactBites:
 
Social construction - Wikipedia, the free encyclopedia (1285 words)
A social construction, social construct or social concept is an institutionalised entity or artifact in a social system 'invented' or 'constructed' by participants in a particular culture or society that exists solely because people agree to behave as if it exists, or agree to follow certain conventional rules.
Social constructionism is a school of thought that attempts, to varying degrees, to analyze seemingly natural and given phenomena in terms of social constructs.
Social constructions must be seen in an institutional context, as arising from the institutionalisation of patterns of interaction and meaning in society leading to a construction of social institutions and institutionalised perspectives and understandings.
Social constructionism - Wikipedia, the free encyclopedia (2090 words)
Socially constructed reality is seen as an ongoing, dynamic process; reality is re-produced by people acting on their interpretations and their knowledge of it.
Within social constructionist thought, a social construction (social construct) is an idea which may appear to be natural and obvious to those who accept it, but in reality is an invention or artifact of a particular culture or society.
Hacking suggests that this third part of the analysis, the "interaction" between a socially constructed category and the individuals that are actually or potentially included in that category, is present in many "social construction" analyses involving types of human beings.
  More results at FactBites »

 
 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments

Want to know more?
Search encyclopedia, statistics and forums:

 


Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms, 1022, m