MySpace "Hacked"
There have been a small number of phishing attacks against MySpace users. The latest round gathered some 56,000+ login names and passwords. Now, every security guy in the world is blogging (and blogging more) about peoples' crappy choices for passwords.
Similar to websites that poll you about various hot topics, there is a fundamental flaw to this password analysis. Go to a news site with a story about Hillary Clinton, and there's a decent chance there's a sidebar poll asking you if she has a chance to win her party's nomination (or the Presidency). This poll will inevitably identify itself as "unscientific", but readers still put some stock in it.
All that poll will tell you is what percentage of people who would read an article about Hillary Clinton actually think she will get nominated or elected. Furthermore I posit that the most likely people to read that article are ones who are in favor of her, and therefore the poll results should be skewed towards an optimistic view.
(Of course, if you don't buy that premise, you'll think my whole post is balogna)
Similarly, the MySpace password analysis is similarly flawed. They are commenting on the poor quality of passwords selected by people who were duped into going to a phishing site. In other words, people who will tend towards being young, inexperienced netizens, or others who aren't ready to be ranked amongst the net-wise.
I would guess these passwords to be of suspect quality.
Similarly, I'll bet that the passwords of those who do NOT fall for the phishing scam are generally far better.
But it's an easy target for a "security professional" to aim at.
More to come...
Similar to websites that poll you about various hot topics, there is a fundamental flaw to this password analysis. Go to a news site with a story about Hillary Clinton, and there's a decent chance there's a sidebar poll asking you if she has a chance to win her party's nomination (or the Presidency). This poll will inevitably identify itself as "unscientific", but readers still put some stock in it.
All that poll will tell you is what percentage of people who would read an article about Hillary Clinton actually think she will get nominated or elected. Furthermore I posit that the most likely people to read that article are ones who are in favor of her, and therefore the poll results should be skewed towards an optimistic view.
(Of course, if you don't buy that premise, you'll think my whole post is balogna)
Similarly, the MySpace password analysis is similarly flawed. They are commenting on the poor quality of passwords selected by people who were duped into going to a phishing site. In other words, people who will tend towards being young, inexperienced netizens, or others who aren't ready to be ranked amongst the net-wise.
I would guess these passwords to be of suspect quality.
Similarly, I'll bet that the passwords of those who do NOT fall for the phishing scam are generally far better.
But it's an easy target for a "security professional" to aim at.
More to come...
Comments