Honeytokens: The Other Honeypot

martyros writes "I just read a fascinating article by Lance Spitzner securityfocus.com about a concept he calls honeytokens. The idea is similar to that of a honeypot, which he defines as "an information system resource whose value lies in unauthorized or illicit use of that resource". Rather than having a computer that's designed to be broken into, however, you have say, a record in a database or a file has no legitimate use; ergo, if anyone uses it, it must be illegitimate. An example he gives: adding a record to the hospital database for a guy named "John F. Kennedy". It doesn't correspond to a real person, so no one has any business looking at the file. If someone does access it, you know that they're abusing their privileges somehow. The article has several other clever examples, which I found very thought-provoking."

conspiracy

[SHEENmaster]

This is just a conspiracy. These thigns are really designed to keep people from finding out the horrible truth:

• LEE HARVEY OSWALD SHOT JOHN F. KENNEDY!

(Oh yeah, and that whole thing about the moon landing being a sham is the creation of Fox. We really did make it to the moon the same year UNIX burst forth into this world.)