Honeytokens: The Other Honeypot
martyros writes "I just read a fascinating article
by Lance Spitzner securityfocus.com about a concept he calls
honeytokens. The idea is similar to that of a
honeypot, which he defines as "an information system resource whose value lies in unauthorized or illicit use of that resource". Rather than having a computer that's designed to be broken into, however, you have say, a record in a database or a file has no legitimate use; ergo, if anyone uses it, it must be illegitimate. An example he gives: adding a record to the hospital database for a guy named "John F. Kennedy". It doesn't correspond to a real person, so no one has any business looking at the file. If someone does access it, you know that they're abusing their privileges somehow.
The article has several other clever examples, which I found very thought-provoking."
By placing arsenic in your water bottle that you leave in the refrigerator, you can tell who's been pilfering your lunch.
Best Windows Freeware
...several years in fact, although in a different form.
A while back a bunch of businesses created a website called slashdot to monitor people who were surfing the net instead of doing work.
Famous Last Words: "hmm...wikipedia says it's edible"
Encyclopaedias have done this for ages too. Make up a boring tiny entry for .. Boring Arkansas, and wait for a rival to copy it, then sue them. (Appologies if there is a Boring Arkansas, I am so sorry for you.)
One line blog. I hear that they're called Twitters now.
Yeah, I have this really, really, really good joke, but I can't tell you because I use it as a honeytoken.
I also have a simple proof of Fermat's Last Theorem, but it's being used as a honeytoken also. Sorry.
This space left intentionally blank.
So, when my shortest-path solutions come out oddly for my GIS labs, can I explain in my report that the problem could be that John F. Kennedy Boulevard doesn't actually exist?
Withdrawal before climax is very ineffective and those who try this are usually called "parents."