Tuesday, June 26, 2007

looking for security wizards

well what do you know, the agnitum folks have come up with a quiz to test your security smarts...



Are you an Internet Security Wizard?
Are You an Internet
Security Wizard?


25 out of 30 on my first try... that's 25 correct guesses at what the agnitum folks thought were the right answers since many of the questions didn't seem to include the right answers as far as i could tell - for example, since when is self-replication not the thing that most precisely characterizes a computer virus? this is a quiz to determine who's a security wizard, right? sure average folks might not be expected to know such details but we're talking about wizards here...

then there's question about what cannot be spyware that was accompanied by nothing but options that could be considered spyware... yes, it's possible to have self-replicating spyware (malware categories are not mutually exclusive), yes it's possible to have spyware that changes your browser's start page (otherwise spyware authors would just throw in that one extra feature to avoid having their creations labeled as spyware), and yes a keylogger is most definitely a kind of spyware (what, you think keeping track of what keys you typed and sending them to a 3rd party doesn't count as spying?)...

the quiz also doesn't tell you which questions you got wrong or what the right answers were so it doesn't really help the non-wizards learn and advance themselves... i actually think the underlying idea behind the quiz is a good one, but not if people can't learn from it...

then again, maybe they're just looking for security wizards to help them write a better quiz...

2 comments:

Didier Stevens said...

Strange, I also got 25/30.

Luke said...

28/30

It's not that hard if you try
not to nitpick as hard as it seems to avoid doing so.

Most of the time it's pretty obvious what answer they want.