Snow Leopard Security (unwanted snooping)
in [Mac Systems]
|
Prev: Cheap Print Server
Next: Pascal recommendation?
From: Wes Groleau on 20 Mar 2010 21:43 Jeffrey Goldberg wrote: > Q: What's the easist way to discover someone's password? > A: Ask them for it. Q. What's the second easiest? A. Look at the sticky in their desk drawer. Q. What if there's no sticky? A. Decree that every password must contain at least one digit, one capital letter, and one punctuation mark. Then look at the new sticky in their desk drawer. -- Wes Groleau "There are more people worthy of blame than there is blame to go around."
From: J.J. O'Shea on 21 Mar 2010 01:19 On Sat, 20 Mar 2010 21:43:30 -0400, Wes Groleau wrote (in article <ho3tk4$nrn$1(a)news.eternal-september.org>): > Jeffrey Goldberg wrote: >> Q: What's the easist way to discover someone's password? >> A: Ask them for it. > > Q. What's the second easiest? > A. Look at the sticky in their desk drawer. > > Q. What if there's no sticky? > A. Decree that every password must contain at least one digit, > one capital letter, and one punctuation mark. Then look > at the new sticky in their desk drawer. > > Oh, come on. Let's not get carried away. My current main password (I just changed it about a week ago) has 15 digits, two of which are caps, two symbols, and two numbers. It's based on where and who with one of my mother's brothers spent his 27th birthday. (No, the numbers have nothing to do with the date. Good luck.) Even if I were to put a sticky with 'Uncle <name redacted> 27' in my desk drawer y'all ain't gonna guess it. You're free to try, though. -- email to oshea dot j dot j at gmail dot com.
From: Tom Harrington on 21 Mar 2010 18:58 In article <ho4a9u0202q(a)news2.newsguy.com>, J.J. O'Shea <try.not.to(a)but.see.sig> wrote: > On Sat, 20 Mar 2010 21:43:30 -0400, Wes Groleau wrote > (in article <ho3tk4$nrn$1(a)news.eternal-september.org>): > > > Jeffrey Goldberg wrote: > >> Q: What's the easist way to discover someone's password? > >> A: Ask them for it. > > > > Q. What's the second easiest? > > A. Look at the sticky in their desk drawer. > > > > Q. What if there's no sticky? > > A. Decree that every password must contain at least one digit, > > one capital letter, and one punctuation mark. Then look > > at the new sticky in their desk drawer. > > Oh, come on. Let's not get carried away. My current main password (I just > changed it about a week ago) has 15 digits, two of which are caps, two > symbols, and two numbers. It's based on where and who with one of my > mother's brothers spent his 27th birthday. (No, the numbers have nothing to > do with the date. Good luck.) Even if I were to put a sticky with 'Uncle > <name redacted> 27' in my desk drawer y'all ain't gonna guess it. > > You're free to try, though. Q. What if the person actually has a decent password? A. Decree that passwords must be changed once a month, or once a week if necessary, and keep a record of old passwords to avoid repetition. Wait until a few cycles have passed. Then look at the new sticky in their desk drawer. -- Tom "Tom" Harrington Independent Mac OS X developer since 2002 http://www.atomicbird.com/
From: Steven Fisher on 21 Mar 2010 20:41 In article <tph-5BB337.16582421032010(a)localhost>, Tom Harrington <tph(a)pcisys.no.spam.dammit.net> wrote: > Q. What if the person actually has a decent password? > A. Decree that passwords must be changed once a month, or once a week if > necessary, and keep a record of old passwords to avoid repetition. Wait > until a few cycles have passed. Then look at the new sticky in their > desk drawer. Sigh. This is absolutely true. Well, it's not *quite* on a sticky. But the site that makes me do this has a stupid password. Steve
From: Paul Sture on 28 Mar 2010 13:09
In article <michelle-281296.12560716032010(a)nothing.attdns.com>, Michelle Steiner <michelle(a)michelle.org> wrote: > In article <36adnbHuSbUESALWnZ2dnUVZ_oMAAAAA(a)giganews.com>, > Terry Carmen <terry(a)cnysupport.com> wrote: > > > That's the problem. I don't know what's happening, except that financial > > information entered and stored only on that machine is becoming known to > > people in the company who supposedly have no access to it. > > How many people have access to that information? There has to be at least > one person who knows it before it goes into the computer. How many people > are there? Also, how many people have access to the data on the computer? With experience in running accounting systems, some figures just jump out at you. Back in the days of punch card operators, the data prep and accounting staff I worked with had a pretty shrewd idea of how large a profit the company was going to turn in, simply from seeing the monthly batch totals for purchase and sales invoices. -- Paul Sture |