RSA 2010
Delegates were warned of the dangers of social networking sites
R E L A T E D   C O N T E N T
Similar articles
IT hound results
News centre
More from V3.co.uk

Free email newsletters




ADVERTISEMENT

RSA 2010: Researcher outlines dangers of social data

Facebook et al providing vital clues for attackers

Shaun Nichols in San Francisco, V3.co.uk 05 Mar 2010
ADVERTISEMENT

Delegates were introduced to the phrase "hacking the psyche" on Thursday at the RSA 2010 conference in San Francisco.

Author and security researcher Nitesh Dhanjani used the term to describe a new phenomenon brought on by the growth in social networking services and the personal information being published online.

Dhanjani suggested that commonly posted information from social networking sites, combined with a small amount of data analysis, can be used to gather highly sensitive information about an individual.

Dhanjani highlighted the password recovery feature for online mail services as a particular area of concern. By studying data from social networking profiles, a potential attacker could gather enough information about a target to answer many of the commonly used password recovery questions.

"Even in mid-sized companies there are people that use their Gmail account to share corporate data," he said. "People are becoming so open about what they share that it is becoming really difficult to have such a password reset feature."

Enterprise networking services are not much better, according to Dhanjani. An analysis of LinkedIn connections, such as a surge in added connections between two firms prior to a merger announcement, could allow potentially sensitive corporate information to be gathered.

"I think social privacy is an oxymoron. It's like thinking you can show up to a cocktail party and then refuse to talk to people," he said. "Once you put something out there you can't take it back."

See also:

RSA 2010
RSA 2010: Researchers dissect ZeuS botnet blueprint
Malware startup costs put at a mere $2,500  04 Mar 2010
Bruce Schneier
RSA 2010: Q&A with Bruce Schneier
Schneier on security, SSL and squid  03 Mar 2010
RSA 2010
RSA 2010: Panel discusses US security regulation
Experts split on role of government in online security  04 Mar 2010
Janet Napolitano
RSA 2010: DHS boss announces cyber security contest
Janet Napolitano asks for public/private co-operation to raise awareness  04 Mar 2010

All Hacking
Tags: Rsa-2010, Social-networking, Threats, Security

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
Implementation/ Release Manager
| Hays Information Technology
Our client is an internationally based organisation and is urgently looking for an Implementation/ Release manager. We are looking for the successful candidate to manage the timely development of workflow processes and software applications to ... more >
Senior Software Developer (Web)
| Computer People
My client a leading business to business services organisation based in Leeds is currently seeking a Senior Web Developer to join their rapidly expanding team. Reporting to the Systems Development Manager you will be involved ... more >
Development Team Leader - leading team of 5, .Net
| Computer People
My client is looking for a Development Team Leader to work in both a hands on development capacity as well as managing a small team of developers (4/5). You will be responsible for: the direct ... more >
Data Analyst
| Hays Information Technology
Data analyst – Excel   My public sector client requires a data analyst with specific in-depth experience of excel, modifying, updating and manipulating spreadsheets. Checking all data integrity. Interviews are to be held ASAP and ... more >
More job opportunities

Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site . Advertise
Consumer Technology websites:
Active Home Product reviews, competitions, news
Computeractive Software reviews, hardware reviews, buyers' guides, workshops, downloads
PC Magazine your personal guide to technology
PCW software product reviews, hardware product reviews, buyers' guides, competitions
What PC? helping you purchase the right computer, digital camera, peripherals, gadgets and more
Blogs:
Test Bed The PCW Labs blog, PCW Inter@ctive A reader blog from PCW. Your views, your comments, your say, Windows Watch Keeping an eye on the latest XP and Vista news
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Software engineer jobs
Inquirer Jobs Firmware developer jobs, Electronics engineer jobs
Other titles in the Incisive Media network:
Business Technology websites: BusinessGreen . Computing . Computing Business . CRN . The Inquirer . V3.co.uk
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093