“I’m Brian and so’s my wife”
24th February 2004
I’m subscribed to a whole bunch of mailing lists, mostly as a lurker as I have a hard enough time just keeping up with some of them. One of those lists is Bugtraq, which is pretty much required reading for anyone with sysadmin responsibilities for a server connected to the public internet. Bugtraq is the central hub of the “public disclosure” security community and is actually surprisingly low traffic with only twenty or so messages a day. It’s fascinating to watch the latest exploits for all manner of popular software packages tick by on an hourly basis.
Last week, someone posted to the list asking if anyone knew of a contact address for the security team at Bank of America. Today, they posted a follow-up which included the following gem:
I’d also like to thank the 0-day social engineers for their variety of approaches used to attempt to gain access to this exploit. We received responses ranging from fraudulent “Bank of America” employees to phone calls from people claiming to be from Bank of America’s IT Security. (One caller claimed to be from Bank of America’s IT Security but didn’t know what PGP is and then said he couldn’t give his PGP key due to security restrictions. And when we asked him to provide information so we could verify the contact, he said he would call back but never did. To this caller: Yes, your social engineering failed and your caller-id spoofing was almost perfect. Emphasis on “almost”.)
For some reason, I’m reminded of a classic scene from Monty Python’s Life of Brian.
More recent articles
- Weeknotes: the Datasette Cloud API, a podcast appearance and more - 1st October 2023
- Things I've learned about building CLI tools in Python - 30th September 2023
- Talking Large Language Models with Rooftop Ruby - 29th September 2023
- Weeknotes: Embeddings, more embeddings and Datasette Cloud - 17th September 2023
- Build an image search engine with llm-clip, chat with models with llm chat - 12th September 2023
- LLM now provides tools for working with embeddings - 4th September 2023
- Datasette 1.0a4 and 1.0a5, plus weeknotes - 30th August 2023
- Making Large Language Models work for you - 27th August 2023
- Datasette Cloud, Datasette 1.0a3, llm-mlc and more - 16th August 2023
- How I make annotated presentations - 6th August 2023