- Telepresence Machines and Social Engineering
- Social-Engineer News
- Upcoming Classes
- What's coming...
- Social Engineering Penetration Tests
Are you excited about Defcon 21? Are you even more excited about
the Social-Engineer Capture the Flag? Even more excited about the
brand new Social-Engineer Village at Defcon 21??? Join us and
welcome an amazing podcast guest and live show at the SECTF, Apollo
This is going to be an AMAZING
show and an AMAZING EVENT. The doors will be locked when the seats
are full! Want more info the
Defcon Schedule and Blog post is here .________________________________
The team at Social-Engineer is really excited to announce our
brand new service - The Social-Engineer Mastermind Group. For
more info click below:
As a member of the newsletter
you have the option to OPT-IN for special offers. You can
Check out the schedule of upcoming
training on Social-Engineer.com
Vegas, Black Hat July 2013
Vegas, Sans Network Security, Sept 16-20, 2013
We are limiting the number of
attendees in each class to 22 and under, so first come first
- 5 days of ground breaking training (4 Days for Black Hat)
- The Social Engineering Penetration Testing Course guide
- Special tools to enhance your SE practice
- A Chance to take the first ever Social Engineering Pentesting
- Lots more
If you want to ensure your spot on the list register
now - Classes are filling up fast and early!
Do you like FREE Stuff?
How about the first chapter of Chris
Hadnagy's Best Selling Book: Social Engineering: The Art of
If you do, you can register to get the
first chapter completely free just go over to http://www.social-engineer.com
to download now!
If you no longer want awesome social
engineering information you can Unsubscribe
from this Newsletter
Check out the awesome music of Dual Core - IT geek, Rapper
and all around awesome guy...
To contribute your ideas
or writing send an email to [email protected]
What's coming up..
want to listen to our past podcasts hit up our Podcasts Page and
download the latest episodes.
Want to say thank you to our
sponsors this month
Spy Associates for continually giving us some awesome products
to test out.
- The EFF for supporting freedom of Speech
A special thanks to our
John 'J' Trinckes,
Check out Robin Dreeke's amazing book called "Its
Not All About Me" packed with the top 10 techniques to building
rapport fast. It is an awesome book!
Sylvester Stallone Predict The Future?
SYLVESTER STALLONE CAN PREDICT THE
FUTURE!?!? Nope. But bear with us. For those of us who have
seen Demolition Man, that awful 1993 sci-fi vehicle about a
futuristic SoCal, you may remember a scene where the villain
holds a meeting in which all attendees are represented by
Now while the original concept is old news in the face of video
conferencing, there are even more interesting advances which mobilize the telepresence machines. This
leads to the very real possibility that future environments will
include people who are working remotely but able to interact in
their surroundings and with co-workers in real time. What
implications might this have for the social engineer? The bottom
line is that we won’t truly know until we get there. But what we
hope to do in today’s article is help you consider the SE
applications in what is already a very interesting tech story.
Think Like A Target
Let’s think first from the perspective of the target. Depending
on the capabilities of the telepresence robot, that individual may
be very limited in their ability to perceive the qualities that make
you, the social engineer, effective at what you do. What if your
pretext depends on being anxious and sweaty, or having just spilled
a cup of coffee on yourself? And if you had planned to use props,
you may need to make some major adjustments in your approach to
accommodate their limited ability to see and interact with you. One
final thing to consider is that although the target is in a work
environment, this person is likely telecommuting from home. What
other possible distractions exist in that environment that you have
no knowledge of and cannot control? What this also means is that you
will likely be unable to use any of it to your advantage. If you
were at someone’s desk, perhaps you could have used a picture of a
vacation as an ice-breaker and validation; this avenue may be closed
to you in this situation.
And You, The Social Engineer
The target will have a harder time reading you and/or responding
to your pretext. That’s a problem. But it’s an even bigger problem
from the vantage point of the SE. How does the situation affect your
ability to read the target? Short answer: in just about every way
imaginable. Since the majority of telepresence systems typically
display just the face of the individual, this has the potential for
greatly reducing your ability to read non-verbals and perhaps even
microexpressions, depending on the resolution of the monitor and
transmission delay. Is the target twisting their hands in anxiety,
or steepling to assert dominance? Did you just miss a subtle
indicator of facial empathy due to a glitch in video transmission?
In addition, both the quality of the person’s microphone and the
telepresence speakers may interfere with your ability to determine
You will be forced to make judgments about a person’s openness,
comfort levels, and general willingness to assist based on a flat
monitor screen of their face and canned levels of built-in
The final piece of the equation is what research tells us about
influence. In 1961, psychologist Stanley Milgram conducted his
infamous studies on obedience to authority figures (Milgram, S.,
(1963) Behavioral study of obedience. Journal of Abnormal and Social
Psychology, 67 (4), 371-8.) In short, he found that the majority of
individuals would comply with instructions to administer what they
believed to be electrical shocks to another participant. What is
most relevant to this discussion, however is this;
Milgram ran several variations of his original study, and one of
the conditions he found that greatly affected compliance was the
proximity of the authority figure (Milgram, S., (1974) Obedience to
Authority; An Experimental View. New York: HarperCollins.). People
were much less likely to obey as the authority figure’s immediacy
decreased. You see where we’re going with this, right? The very fact
that you will not be able to physically occupy another individual’s
space may affect your ability to influence them.
The Triple Threat
What we have here is a triple threat. A new technology that
impacts the target, the SE, and the environment. Despite this, there
is little doubt regarding a few points. One, people will rely on
technology to protect them. Someone reading this may feel safe from
an SE attack behind the comforting barrier of a telepresence robot.
Two, attackers will find a way around it through technical and other
means. Simply put, hackers have been around as long as there have
been barriers to overcome and stuff to break and/or appropriate.
In the best of all possible worlds, telepresence robots are an
advancement that opens access to people of all abilities. But with
any new “shiny, pretty”, this creates conditions that challenge us
at SEORG to think in different ways about pros/cons, and how they
may be exploited. Just as we can expect technology to advance, we
will be pushed to find new and innovative ways to keep you safe.
Until next time.
Written by: Michele "sn8kebyte" Fincher
We want to thank the sponsors for the
Defcon 21 SECTF
of the newsletter group, you will be the first to receive special
offers to services and products by Social-Engineer.Com.
Also check out our friends at: