Thursday, September 14, 2006
IT and politicians, part 1
The run-up of the swedish elections specifically lacked one major area - information technology. It was a non-existing subject. No politicians was interested in discussing aspects of information technology. This changed overnight with the spy scandal, where representants of the liberal party mis-used a login of a user beloning to the competing social democratic party. The story broke in the begining of september, and this has been in the head lines in all major swedish media for the last couple of weeks. According to media, different types of information where leaked (or stolen) by a number of intruders. The "attack" where performed using a simple username - sigge, a nick-name, with a password of sigge (great security there!). The compomised account could be used to access not only tactics for the upcoming election or political strategies, but also more sensitive information such as reports from the secret police, etc. It is clearly not a very good security to allow weak passwords. But common sense and basic knowledge in security should not lead to the design of internet accessible systems with static passwords that is used for a mix of documents of different level of confidentiality.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment