Wednesday, March 8, 2017

Social Engineer Challenge # 5


The task: To get a picture of Commander Citron’s mailbox.  
Did I accomplish it? I did and I have a picture as evidence right below.
Narrative/Method: I thought about different ways to approach this task. Given the nature of the task I thought it would be ethically right to directly ask the target for it. My first approach was to look for a way to communicate with Commander Citron because she doesn’t come to class, hence I had very limited options. I found her profile on LinkedIn, and by the time I was ready to communicate with her, I realized she was most likely coming to take the exam this week so I decided to talk to her directly. Before I talked to her directly I asked Professor Poole if it would be a violation of the rules if I ask the target directly when executing my Social Engineer task, she said that as long as there were no specifications of how to execute the task I could take any approach I wanted. Since the wording in the challenge doesn’t imply that the target doesn’t have to know, I went ahead and talked to the target directly asking her to please help me out with this difficult task. I gave her my email address and she was very quick to reply with a picture of her mailbox. Once again thank you Commander Citron for collaborating with me!
Application: Since in this challenge I took an ethically right approach I don’t think there is anything to analyze in terms of the danger that my technique could signify in a real life situation. In the case scenario that I would had taken a different approach like for example use one of the tools online (such as spokeo) to find out where the target lives, that would had implicated violations of her privacy and it would very concerning to take such approach in a real life situation.  

Ethical reflection: Anybody that uses any of the online services to find out addresses or other information about people is acting ethically wrong because this is private information. Even though it is not illegal and that is why these online services exist,  to do so in a secretive manner it is ethically wrong and anybody that can get this information could do all sort of wrong things from stalking somebody to robbing their house or even spying on them to get even more sensitive information.




Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)