Need some cool gifts for the holidays? Check out the Hacker shirt design.
Is something you would like to see available for purchase before the end of the year?
If so please go to the Hackers&Agents facebook page and like it. I’m going to have several shirts made up based on the number of likes.
My last post I was trying to see if someone had examples mapped to the book “The Psychology of Persuasion”. Appears I jumped in too quick with my first article because after a few hours of research on the topic I came across the social engineering framework.
This site does not really have a lot of examples but there are several sections like the “Influence Others” that directly map to the book framework. There is still a good deal of expansion that can be done on this subject so I’m glad the community has a solid foundation they are using for a framework.
What is it that allows someone to be manipulated into giving you something?
At the brain tank conference the other weekend I watched a presentation called “Evolutionary Bias in Social Engineering: An Anthropologist’s Perspective”. Unfortunately this wasn’t what I was expecting. Randy, the presenter, spent a large amount of time explaining that ultimately humans all strive for one thing, sex. Interesting enough but after 20 minutes I got the point and didn’t hear anything about social engineering anyone into having sex yet. Near the end he started to get into more interesting content. He put 5 words on the table about persuasion, which is basically why social engineering works. Unfortunately it was just a perspective talk and didn’t really go into social engineering detail. In any event those 5 words were very similar to some I read in a book previously.
In management you tend to read many books. One I read several years ago was called “Influence: The Psychology of Persuasion”. A great read on why people say yes and how to defend yourself against a persuasive person.
Those 5 words in Randy’s presentation almost mapped directly to the fundamental principals in this book.
From the book!
- Social Proof
Unfortunately he didn’t give social engineering examples, which would have been great for each of the 5 topics. I mean that would really be a good presentation.
We all know “Liking” works great. If you just make friends with someone during smoke breaks or say hi to the security guard that person will always let you do or get more than you should.
Reciprocation also works great for phone calls as a phased social engineering tactic. Call up someone acting as a vendor or part of IT and offer to fix their computer. If they have a problem, try and figure it out and fix it. Call back a few days later they will help you and provide information.
In any case I would love to hear if anyone has done any further analysis related to influence and social engineering as explained above.
The first annual Brain Tank conference – Small but effective!
There are good and bad things about small Hacker cons. The good was that you have time to talk and figure things out with other people much more effectively than some of the larger conferences. The bad is that larger conferences tend to have many items for purchase to help you improve your skills. These items were not available at the Brain Tank con. Overall the mix between Hacker/Maker proved interesting and informative for the presentations that I watched. It was also good for those of us looking to get in more experience in the Lockpick Village hosted by Toool. However, if you were looking for additional picks or tension wrenches this was not the place.
Overall the event had about 150 people and was a good time helping gain more experience. This event surely will grow over time and eventually have to relocate to a bigger space than that provided by A220.org.
Hackers & Agents the card game is in full swing. The game is continuing to evolve with several add on packs coming out soon. If you like encryption puzzles there is a new encryption card in the deck with added difficulty. Check out the Facebook page for any new updates. Also there are several tutorials and graphics posted to help with normal game play.
On another note I will be hanging out at the Hacker-Maker conference in Rhode Island this weekend doing more locking picking and handing out a few decks.
I ran into a Schalge Everest lock giving me a challenge so if you are into lock picking I think its important to have a tension wrench that enters from the top. I’m hoping the lockpick village at the Brain tank has some good practice locks.