Music provided by: Denis Kreynin https://soundcloud.com/denis-kreynin
Follow up: Risky.biz podcast RSA guy says SHA-1 is broken.
Social engineering is a mix of psychology and the hacker mindset of finding and exploiting vulnerabilities.
Like any tool, can be used for bad or good
Research, research, and more research
Mirroring and obligation
Elicitation is putting the above together to get people to do what you want, whether in their interest or not
making deliberately false statements
The most important person is “me”
Lack of conjunction
Tyler Durden’s school of social engineering assignment:
Ask open ended questions and listen to answers without injecting opinion. Ask a follow up question based on what you heard. Respond with a scenario or experience you think is similar questioning it’s relevance. show interest and continue the routine as long as you can. offer a foible of your own (real or fake) and see what they offer in return. keep track of all the information they provide you and feed some back to keep them going.