Here’s an idea. This is a little off topic to what my paper is on but it fits the description, kind of.

Google. An awesome company, come out with great ideas, (a little bit after the competition), but still good ideas. Example: Google Chat, came out after MSN messenger (now known as Windows Live Messenger, but will forever be called MSN) and wasn’t nearly as successful. Another example, Google Buzz, same concept as Twitter and Facebook message status, but not popular.

Why is this so? I’ve pondered and pondered and this is the answer I came up with. The Empire. Google’s empire has to do with single sign on. If you have one Google account you can access any service they provide? But what if you have an email address from another provider or say your own company? You can’t access Google’s services.

This used to be the case with MSN messenger, but not once they created the passport.net feature. Ever since that came out one could use any email address to create a passport.net account and access the MSN messenger service.

In the case of Twitter and Facebook, one can use any email address to access their services. Sure, you have to create an account, but once you do, you can just give everyone your own e-mail account instead of having to give them a new one. Chances are most people already have that e-mail account anyway.

Now, on Google’s side, they do have the best e-mail client I’ve ever used. Gmail makes life very simple and straight forward with the option to customize and complicate things to one’s liking. I would tell everyone to switch over (which I often do). Not to mention an amazing spam filter that keeps the viagra wannabe ads out of my inbox.

So here I pose another question, why don’t people want to switch to a better service?

An answer coming soon…

Social Networking

The paper I will be writing is entitled The Severity of Social Engineering. This paper will begin by breaking down the definition of severity as per the industry standard.   Companies such as SANS have developed security models such as the SANS Top 20 Cyber Security Risks.  SANS looks at various aspects including client-side vulnerabilities, internet-facing web site vulnerabilities, Zero Day vulnerabilities, etc.  This paper will look at what aspects are used to determine the severity of attacks to develop a definition of what the industry looks at to define severity.

The industry does not have an official definition for social engineering; therefore, this paper will look at the loose definitions of social engineering and develop a definition that can be used in the industry.  Social engineering has been around as long as social interactions have existed.  Attackers use human interaction techniques to persuade others into doing things for the attacker and/or providing information to the attacker.

With many human interactions now done online, social engineering attacks have been exceedingly prevalent around the internet.  This paper will then apply the definition of social engineering to the definition of severity and determine whether or not social engineering will be in the top cyber attacks in the immediate future.   This paper will also provide some recommendations on how to combat these attacks.

General