The autumn leaves are falling like rain. Although my neighbors are all barbarians and you, you are a thousand miles away, there are always two cups at my table.

T’ang Dynasty poem

Ten thousand flowers in spring, the moon in autumn, a cool breeze in summer, snow in winter. If your mind isn't clouded by unnecessary things, this is the best season of your life.

~ Wu-men ~


Wednesday, September 15, 2010

Strategy or Who Needs Fiction. You Decide.

In our review of The 36 Strategies, remember #31, Scheme with Beauties? Well here's an example from real life. It's just so absurd, I'd be tempted to put it in the Who Needs Fiction category as well.

The story has appeared in many news outlets. Below is an excerpt from ComputerWorld. The whole article may be read here.



Fake femme fatale shows social network risks

Researcher Thomas Ryan says fictitious Robin Sage character fooled many holding security, military and intelligence posts

By Jaikumar Vijayan

Computerworld - Hundreds of people in the information security, military and intelligence fields recently found themselves with egg on their faces after sharing personal information with a fictitious Navy cyberthreat analyst named "Robin Sage," whose profile on prominent social networking sites was created by a security researcher to illustrate the risks of social networking.

In a conversation with Computerworld, Thomas Ryan, co-founder of Provide Security, said he used a few photos to portray the fictional Sage on Facebook, LinkedIn and Twitter as an attractive, somewhat flirty cybergeek, with degrees from MIT and a prestigious prep school in New Hampshire. 

Then he established connections with some 300 men and women from the U.S. military, intelligence agencies, information security companies and government contractors.

The goal, said Ryan, was to determine how effective social networking sites can be in conducting covert intelligence-gathering activities. 

Despite some patently obvious red flags -- such as noting that the 25-year-old Sage had worked professionally for 10 years -- the scheme worked. The connections to Sage, who was depicted as a real-life Abby Scuito, a fictional character in CBS's NCIS television series, were established in less than a month.

Many friends freely shared personal information and photos, invited the fictional threat analyst to conferences and asked her to review documents. Some "friends" at major companies, including Google and Lockheed Martin, even expressed interest in hiring her, he noted.

2 comments:

Brandon said...

Ain't that a shame they even used a military training course for her name.
The experiment was impressive in proving gullibility of people especially those people who possibly hold vital information.

Rick said...

... the gullibility of people who by training, experience and just good sense should have known better.