Gary Varga (2/18/2014)

---

paul.knibbs (2/18/2014)

---

SQLRNNR (2/17/2014)

---

the ability to protect the entire system is dependent on the weakest link

That needs to be underscored. No matter the system, there is a weakest link.

The weakest link is almost invariably the people. Wasn't there a survey done recently where something like a third of the participants said they'd tell someone their password for $100? And that's ignoring the various social engineering scams that can be used to get someone to inadvertently give out information they shouldn't.

What these surveys never seem to test is how many people deliberately hand over an incorrect password to get the $100. I would. Just like I have a lot of fun with cold callers when it suits me; one time I was informed that I was involved in a car crash so I asked if it was serious and whether I was alright, another time I was asked if I was involved in a car crash so I told them it was a fatal accident and that I was dead then there was the time when asking when I would be prepared for a survey for loft insulation and wall cavity inspection so said that there was no need as I used popcorn for loft insulation and that my house didn't have walls (my children were crying - due to laughing so much - at that one). Oh, and I have had fun with people offering "Nigerian" millions too 😀

My point is that these surveys are geared to provide these answers in order to shock.

Edit: Grammatical error!!!