Comments

Geoff Lane April 10, 2007 2:22 PM

For a “man in the middle” attack I guess we would have to move on to The Three Stooges?

Hoochie Scoochie April 10, 2007 4:47 PM

Well let’s see, no one at the bar getting carded, the only woman in the joint is a picture on the wall… oh wait, but this is a speakeasy, not a place that has to play by any of society’s rules.

Alan April 10, 2007 4:50 PM

The Marx Brothers are also responsible for creating commercial cryptography in the movie “A Day at the Races”.

derf April 10, 2007 5:09 PM

A sticky note is one thing, but carrying around an iconic representation of the password? Does he work for Homeland Security?

Steve Parker April 10, 2007 5:20 PM

One of the (recurring) themes is that (as the 419 scam shows in particular,) an individual’s greed can be a strong factor in weakening any security mechanism.

Lis Riba April 10, 2007 6:19 PM

Inappropriate granting of admin priveleges? Allowing an unauthorized user to change passwords

(Contributed by my husband, “Xiphias” — who got his handle from that scene…)

Lawrence D'Oliveiro April 11, 2007 2:03 AM

“Horse Feathers”, 1932, according to my “Complete Films of the Marx Brothers” book.

Archangel April 11, 2007 9:09 AM

Trojan made possible by poor inspection of token (button), resulting in theft of massive quantities of data (jackpot). The button approximated the response protocol for access to the machine (small, round object of particular diameter, thickness and mass), and no further check was made (is it metal? &c), nor was a second authentication factor brought into play. This is like hash collision – the attack and the expected token produce like results when the system inspects them, and it accepts the attacker as an authorized user.

Archangel April 11, 2007 9:14 AM

security software that can be preempted to obtain access without authentication, or reverse-engineered from output to discover the expected protocol and tailor input appropriately (SAMBA ‘attack’) – the problem isn’t even so much that the password manager gave out the password, as that he responded to bad input at all. Failing silently may not be user-friendly, but it is more secure than handing out debugging context to invalid users.

Archangel April 11, 2007 9:25 AM

Phishing attack – redirect of data (scotch) from sender (barkeep) to ‘shot glass’ funnel – looks like appropriate recipient, but is really a link to somewhere very different (bottle), not designed to use and discard data, but to retain it for future use at the new recipient’s convenience. Pass-thru, maybe, since it can be said that the proper data did reach the proper recipient (one shot, to Harpo), but the same authentication channel did not expire, and was then used to obtain far more data from the sender for the recipient’s private use.

elixx April 11, 2007 11:59 AM

HAHA! I’m glad someone brought that up, as well as the commenter who referenced the scene in ADATR as “commercial cryptography”. I am guessing that you are referring to where Chico sells Groucho a series of interdependent books regarding the impending race. I actually had to lol.

Marx fans++

Alan April 11, 2007 12:20 PM

HAHA! I’m glad someone brought that up, as well as the commenter who referenced the scene in ADATR as “commercial cryptography”. I am guessing that you are referring to where Chico sells Groucho a series of interdependent books regarding the impending race. I actually had to lol.

“You have to have the master codebook for that.”

flaugaard April 11, 2007 4:39 PM

Three weeks ago, I used a Zombie movie to teach students about security:

The backdoor, securing points of entry, detection, “Trojans”, Defense-in-depth, Access control, Don’t panic, KISS, etc…

Next time I’ll add Swordfish 🙂 It’s so much better to show movies and have fun while learning, than to sit and watch the never-ending slideshows 🙂

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.