A tool is there to assist, not do the job for you. Always remember that you are at least 50% smarter than computers. Computers know 'yes' and 'no,' but we know 'maybe.' We can evaluate more variables because there are only so many you can put into a tool. |
Banks have been careful not to put too much on the end-user. Look at PIN codes. We had four digits. People in the data-security world said that four digits are not secure because they are easily compromised by random number generators, and users would probably use years and birthdays. Then why did banks do that? Because four digits is the least common denominator that the public won't have to write down. |
I've experienced real incidents of this. An attacker will lay code down for a couple of weeks, let you back up, and as soon as you bring up the second facility, the attacker goes in. So, first Site A goes down, and when you bring up Site B, the same thing happens. |
It's about proving the virus community can't be stopped by anti-virus companies. |
The last time we had such advance warning was with the Michelangelo virus [in 1992], but back then people were running around wondering what to do. This time I've been impressed by the number of our clients taking a proactive approach to the problem. It was almost a proof of concept virus, a 'Let's see what happens if you give people all the time in world to prepare' attack. |
The Social Security number is the Holy Grail. It's the one piece of information about a person that can be used to unlock all other pieces of their personal information. |