VeriSign claims it persuaded "85% of survey participants" to compromise their computer passwords for a $3 Starbucks cash card, according to this story in Information Week.
Among the questions I wish the reporter had asked:
Did VeriSign verify that these logons and passwords actually worked? Or did most of these people just give out a phony password?
I've put in a call to VeriSign PR and will let you know what they say.
Here's another Q for Verisign:
"Don't you feel a little foolish trotting out hyped up and faked stats just to scare people into buying your products and services?"
Posted by: Rob Hyndman | May 06, 2005 at 03:32 PM
htN4B82Cd|@8y
OK now where do I go to get my latte?
Posted by: Alex Krupp | May 06, 2005 at 04:48 PM
A survey of exactly this kind (asking Brits) was reported some months ago, in The Register, I believe. As I recall, the results were just as earth-shattering, and just as questionable.
Did Verisign feel it was languishing unnoticed in the gloom and decide to go for a little publicity? Was any thought given to the credibility questions they might sow by using various *kinds* of publicity stunts, and the scorn they'd reap if they weren't careful?
Ah, competence....
Posted by: Will | May 06, 2005 at 04:59 PM
I've put in a call to VeriSign PR and will let you know what they say.
Excellent! it's nice to see you doing citizen journalism too - especially given the probability that an organization not wanting negative publicity would stonewall someone with a lower profile.
Posted by: Anna | May 06, 2005 at 07:29 PM
Actually, all they did was take a random key off their keyring and exchanged it for a free coffee. Finding the lock that key fits into is not easy so that feeling of safety and the gullible 'lighthearted and unscientific' atmosphere encouraged them to give out their password.
Besides, VeriSign's lawyers would have drilled and grilled the interviewers so no information they collected will make them liable if they are compromised. Verify the passwords? So they can get sued?
Posted by: Don Park | May 06, 2005 at 07:57 PM
IMHO, the whole story is foney.
It referred to VeriSign as, " Internet security and infrastructure company VeriSign Inc...."
VeriSign, an "Internet security" company??????
VeriSign, aren't they they company that "broke" the internet's infrastructure last year??????
So, what else is new?
Posted by: Bob Rosenberg | May 06, 2005 at 11:15 PM
um... password to/for what? it doesn't say anywhere in the article what kind of password they asked for.
It seems to me it would have made more sense to ask for a specific user name and email address, from which one might be able to acquire the "password."
There aren't too many sites i can think of that *everyone* you might ask has a password *for* except maybe ebay or amazon...
so, something doesn't read quite right here.
Posted by: johntunger | May 10, 2005 at 06:17 PM