We all understand how figures never lie, but liers figure. So it all depends on the wording. Personally, I'm an IT admin, and I've gotten dumped before (employer got sued, but instead of admitting financial problems he claimed I lacked project management skills so as not to scare other employees... whatever, I was mad). But even so, I didn't steal any passwords, and yes, I had full admin passwords to everything (even if they changed those, they didn't know all the passwords I DID have. at least I could've purchased stuff from their TechData account or whatever). That's a little off-topic, but the point is that I didn't steal anything and most IT admins I've worked with would not steal anything either. As for snooping... well, I've never done it on purpose, but in the process of helping people they often leave e-mails and stuff in an open window on their screen after they ask me over to help them... so, ok, whatever, I'm guilty of reading it.
So, this article is really not too interesting. You'll find I'm a huge advocate of making the public more aware of social engineering in general, but seriously, if a social engineer wanted that info from someone, he wouldn't bother with a sniffer. He'd just ask for it.
Anyhow, the article may be dissapointing, but the topic is GREAT:). I did want to point out that cisco until recently had the student portal logon in plaintext. A few years back, in College, us students would sniff eachother's cisco logon passwords, and... well... brag about it, because there was nothing there to really steal. But it's still interesting that Cisco of all companies did not encrpyt this bit.
Slashdot Mirror
We all understand how figures never lie, but liers figure. So it all depends on the wording. Personally, I'm an IT admin, and I've gotten dumped before (employer got sued, but instead of admitting financial problems he claimed I lacked project management skills so as not to scare other employees... whatever, I was mad). But even so, I didn't steal any passwords, and yes, I had full admin passwords to everything (even if they changed those, they didn't know all the passwords I DID have. at least I could've purchased stuff from their TechData account or whatever). That's a little off-topic, but the point is that I didn't steal anything and most IT admins I've worked with would not steal anything either. As for snooping... well, I've never done it on purpose, but in the process of helping people they often leave e-mails and stuff in an open window on their screen after they ask me over to help them... so, ok, whatever, I'm guilty of reading it.
So, this article is really not too interesting. You'll find I'm a huge advocate of making the public more aware of social engineering in general, but seriously, if a social engineer wanted that info from someone, he wouldn't bother with a sniffer. He'd just ask for it. Anyhow, the article may be dissapointing, but the topic is GREAT :). I did want to point out that cisco until recently had the student portal logon in plaintext. A few years back, in College, us students would sniff eachother's cisco logon passwords, and... well... brag about it, because there was nothing there to really steal. But it's still interesting that Cisco of all companies did not encrpyt this bit.