Tag Archives: authentication

Voice Authentication in 2001: A Space Odyssey

This weekend I revisited the 1968 film 2001: A Space Odyssey. It’s a classic. Even though the effects are now over 40 years old, the film still does an amazing job at conveying weightlessness. It’s worth checking out if you have not see it. Onto the infosec!

In the section of the film TMA-1 the character Dr. Heywood Floyd is subject to voice print authentication in which he is asked to state his last name and first name as well as some other information. It would be easy to circumvent such a device today although the advent of portable electronic voice recorders was most likely not on Kubrick‘s mind at the time. If Kubrick had really studied security he would have had a biometric device (such as an retinal scanner) for dual-authentication.

Below is the original trailer:

NO Social Engineering Attack Foiled by Authentication

Social engineering attacks happen in politics as well as information security. This attack should have been prevented. There should have been a system in place to check credentials before being allowed into the building. This is a common practice at most buildings in Manhattan. One needs to be on a list at the front desk and sign in before being allowed to go to the office level.

According to CNN:

The two men were “each dressed in blue denim pants, a blue work shirt, a light green fluorescent vest, a tool belt and a construction-style hard hat when they entered the Hale Boggs Federal Building,” the release noted.

After they entered the building, the two men told a staffer in Landrieu’s office they were telephone repairmen, according to the release and Rayes’ affidavit. They asked for — and were granted — access to the reception desk’s phone system.

When they asked for further access:

A GSA employee then asked for their credentials, and the two men said they left them in their vehicle, the affidavit said.