Tuesday, March 16, 2010

Insecurity Leaders?

Okay, I've just got my copy of the infosecleaders.com Career Survey. Now, you'd think that somebody emailing something like this out to a bunch of people who think they are, and may even be, information security 'leaders', would obey some basic principles of email security? Especially as it has been over a year since they set the survey up (as an aside, I don't remember completing it but don't really doubt that I did ...)

Anyway, one of these is that any links in the email should point to a URI in the domain of the sender - so (made up) www.infosecleaders.com/1stsurveyresults.pdf - for example. Instead we have, under the "Download the results here." link: http://clicks.aweber.com/y/ct/? and some php variables".

Fail. Seriously. If we can't get this sort of thing right then why would anybody bother listening?

At least they didn't link you to a page requiring you to log in ...

No comments:

 
HTTP Error 403: You are not authorised to access the file "\real_name_and_address.html" on this server.

(c) 'Surreptitious Evil' 2006 - 2017.