Friday, January 05, 2007

Excerpt from security analysis of Hogwarts School of Magic 

This report is for the exclusive use of Hogwarts and no other party is entitled to rely on it. Violators of any part of the legal boilerplate will be subject to the Various Curses.

PROBLEMS WHICH REQUIRE IMMEDIATE ACTION


Physical security: offices and dormitories

The current password-based access system is inconvenient (blocking legitimate users who have arrived after begining of term), thoroughly insecure, and is being breached almost routinely, placing confidential data at risk up to and including private thoughts of the Headmaster stored in his Pensieve.

The gargoyles which guard the Headmaster's office, and the portraits which control access to the dormitories, do not maintain a list of authorized personnel. Instead they allow anyone who knows the current password to enter.

Passwords are easy for an intruder to obtain. Possible password compromises include, but are not limited to:

Recommendations:

|

This page is powered by Blogger. Isn't yours?