Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - Should security firms sandbox their executives?

Submitted by
Giorgio Maone
Giorgio Maone writes "Brian Krebs of the Security Fix Washington Post blog is attending the RSA Conference 2007 in San Francisco and noticed that "the kiosks of Microsoft Windows XP machines set up for attendees to freely access e-mail were running under the all-powerful Administrator account". More amusing, he's been watching executives from the major security firms which happily used those insecure Windows boxes to check their messages or even access their remote desktops. "Had I spent a bit more than 10 seconds at the terminals", he says, "I could have downloaded software that would let me steal user names and passwords from important companies in the information security community". Brrrr..."

Never underestimate the bandwidth of a station wagon full of tapes. -- Dr. Warren Jackson, Director, UTCS

Working...