From the course: Threat Modeling: Spoofing In Depth
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Attacking who you know
From the course: Threat Modeling: Spoofing In Depth
Attacking who you know
- Who you know is used by many organizations for fallback authentication. When I lose my password and need to get back into my account, an administrator might give my boss the replacement password. When I set off the alarm in someone else's home and the alarm company calls the landline, as it turns out, you can phone a friend and get the home owner to authenticate with you. Who you know is common when you visit a company. Someone you know authenticates you at the front desk and you get an old school visitor badge. Who you know is used on Facebook as a way of checking if you know the people in their understanding of your social network. This has an entertaining failure mode with real estate agents who meet a lot of people, even show up in photos with them, when they're often not that close. It also fails when the people you know have conference badges on or little party icebreakers that say, hello my name is. Who you know is used as an alternative to primary authentication. Kids get…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.