Loose Lips Sink Sites
eWeek labs just-completed Openhack III test was a great exercise in low-level security hacking, but dont forget that good security is also about issues technology cant resolve. As a case in point, here is my favorite Openhack e-mail in slightly edited form:
"Give me the protocol to upload a page to the http://xtype.openhack.com/ server, and I will split the 50K with you. ... This is (bottom line) how most hacks really happen anyway.
"[I]f you want to split the cash, here is what you do. Drive to a city about 4 hours from your location, use cash for gas and dont get a [traffic] ticket. Go to a Kinkos, set up an e-mail account with Yahoo under an assumed name and send one e-mail to one person. Me. Thats it.
"OK ... now, with your (what I am sure are capable abilities to begin with), wipe this e-mail from your system and server and hand-write my e-mail address on a piece of paper and get in your car and go man! GO!
"P.S. ... by its very design, this contest is about hacking, which often includes covert attempts at avoiding time-consuming technical issues through bribing individuals for information. So dont feel bad if you actually succumb to that feeling in your gut. Just do it."