Owatch

How gullible are people when it comes to not asking questions or reporting suspicious anomalies at their jobs? For example, I recall hearing that a study was conducted where a sign would be placed on a normally secure door to a facility that said "Please leave unlocked", and the door would actually be left unlocked in several cases. Is this a problem you often encounter when conducting scams? I also hear it's fairly easy to walk in and inform somebody your're there to fix ___ computer, and they'll normally leave you to it if you look professional enough. How much is this a case in your job?

Why is this considered to be an avenue of exploitation for malicious individuals? I mean, getting into anything unauthorized is undoubtedly a problem, but oftentimes offices and executive levels especially are heavily under surveillance. If you could get in and slip a flash drive into a PC, or do something else to their hardware, wouldn't you be quickly caught?

Have you ever gotten into some place, only to be apprehended later? (As in, their current security standards held up)

Might seem unrelated, but are you familiar with Paul's Security Weekly Podcast?

Yeah it does! Thanks for answering. I feel like most of my questions are sort of bland, I just am not sure what to ask. I'm not involved in that sort of security much at all, but I do love to listen in on podcasts here and there, and I find it a really interesting field. It sound's like quite a fun job, although I'm sure there are a lot of cringe-worthy aspects to it. (As in, why did you just tell me that information, now I can do XYZ).

Would you consider yourself to be a "Red Team" operative? Do you work alone, or with other people?

I'm sort of all over the place, but do you do any work with stuff like Gas Station card exploits? Apparently people will pay attendants to look the other way while they install hardware to collect card data when it gets swiped, then get's downloaded over bluetooth when the criminal parks nearby. Might you have attempted to gain access to any supposedly secure card swiping systems at places ordinary people might not look? (Shopping centers, gas stations, ect)

Cool! Thanks for the AMA.