<body><script type="text/javascript"> function setAttributeOnload(object, attribute, val) { if(window.addEventListener) { window.addEventListener('load', function(){ object[attribute] = val; }, false); } else { window.attachEvent('onload', function(){ object[attribute] = val; }); } } </script> <div id="navbar-iframe-container"></div> <script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script> <script type="text/javascript"> gapi.load("gapi.iframes:gapi.iframes.style.bubble", function() { if (gapi.iframes && gapi.iframes.getContext) { gapi.iframes.getContext().openChild({ url: 'https://www.blogger.com/navbar.g?targetBlogID\x3d6566853\x26blogName\x3d1%25+inspiration\x26publishMode\x3dPUBLISH_MODE_BLOGSPOT\x26navbarType\x3dBLUE\x26layoutType\x3dCLASSIC\x26searchRoot\x3dhttps://patke.blogspot.com/search\x26blogLocale\x3den\x26v\x3d2\x26homepageUrl\x3dhttp://patke.blogspot.com/\x26vt\x3d2795022480681574377', where: document.getElementById("navbar-iframe-container"), id: "navbar-iframe" }); } }); </script>

Tuesday, March 08, 2005

I know it has already been around the blogs, but I think it is worth an encore. 71% of "Liverpool Street" Londoners (which is in the heart of the financial district) would give away their password for a candy bar.

The survey also found:

- Four out of 10 knew their colleagues' passwords.

- Two thirds of workers use the same password for work and for personal access such as online banking and web site access.

- Many workers who regularly had to change their passwords kept them on piece of paper in their drawers, or stored on Word documents.

- The majority of workers would take confidential information with them when they change jobs.

This is just brilliant. For the BILLIONS that companies spend "protecting their data"...and it all adds up to jack squat. Security is much more a matter of perception then anything else. It upsets me that more people don't know this. As a developer, it seems that I spend at least a third of my time dealing with security issues. Trying to make the system more secure / getting client security requirements.

As a matter of fact, I am writing an AES Algorithm (Rijndael) right now. But what is the point? I mean, sure, don't send it out in clear text, but do we really need "soviet cold war super computer" type encryption to store a few personal details - not even important details like credit cards etc...

Comments: Post a Comment