About Me

I ramble about a number of things - but travel experiences, movies and music feature prominently. See my label cloud for a better idea. All comnments and opinions on this blog are my own, and do not in any way reflect the opinions/position of my employer (past/current/future).

11 January 2007

Authentication Failure

Hot of the wire ... A Standard Bank branch was robbed by men who posed as security guards. The guards followed the same protocols as the security company, and made off with R1.4 million. It all boiled down to the fact that there was no real authentication mechanism at the bank to verify the identity of the security guards, other than a name. When names are hardly unique, they make really bad authentication elements anyway, so the flaw was bound to be exploited.

No comments: