The most vexing weakness in computer security is not in the hardware or the software, it is in the people who use the machines, according to top hackers and cyber safety specialists quoted by an AFP report.
'It really is more of a human problem than a technical problem,' Dan Kaminisky of Dox Para Research was quoted by AFP at the world's premier hacker conference, DefCon, held in Las Vegas recently. 'We could do a better job making it clear how people can make themselves safe. We can't stop them from shooting themselves in the foot.'
The AFP report said computer network managers at the conference confided that workers routinely left passwords on notes taped to machines or under keyboards and shared supposedly secret access codes with co-workers.
The report also said a popular T-shirt among DefCon attendees was one bearing a quote attributed to legendary hacker Kevin Mitnick, whose notorious attacks were based more on manipulating people than software.
'Social engineering specialist, because there is no patch for human stupidity,' the quote said.
The Internet is awash with bogus 'phishing' email pitches written by con artists and Web sites designed to trick people into entering personal information or clicking on treacherous links, according to US federal agents.
Online con artists dupe people into downloading hidden computer codes that enable the attackers to take remote control of infected computers, cyber cops at the conference said.