I started riding the bus from where I live into town a little over a year ago. When I first started there were 3 departures each morning and maybe 60 people total used the bus. Now that gas is $4 a gallon there are 4 departures each morning and about 200 people are riding. Of course when you ride with the same people daily you get to know them a little and conversation flows a little easier. This can be a paradise for a social engineer. Just today 2 events occurred on the ride home that caught my attention.
The first involved a man who was looking for a ride to the town where I live. He does not live there and was going to meet someone. He started asking questions of some of the riders about where the bus stopped and when it usually arrives, etc.. Then he made a phone call presumably to the person he is going to meet. The talked about the specifics of meeting and at some point the person wanted to give him a different phone number to call when he got closer to town. He said that he didn't have anything to write it down with but he would try to remember it. After he hung up the phone a nice lady sitting in front of him handed him a slip of paper with the number on it.
My first thought was "boy, she sure is nosey" but then again she probably was just being helpful and couldn't help but overhear the conversation. You could even say I was being nosey since I'm telling you the details. :) Then I thought of how easy it would have been for a similar scenario to have taken place regarding company information. As I write this I remember a couple of conversations that a network engineer that works for a big telephone company in the area had. He was talking to another engineer trying to help him solve a problem and router names and IP's were given over the phone. Other details regarding routes and ACL's were also freely given on a crowded bus.
The next issue that occurred today involves the guy sitting next to me. The first issue is that he woke me up to ask if he could sit next to me. Now that I look around I see that there are no other empty seats so I'll let it slide this time. :) Next he pulled out his laptop and started writing code, reading and writing emails and opened a database. All right there for me to see. All of it is company related (yes, I looked and I wish I had the nerve of Johnny Long to take a picture). I've got a perfect view of his screen and can tell that he is working on the database that he opened. His emails are being sent to work detailing what he is changing in the database. The one good piece of news is that he at least has his wireless radio turned off. I first pulled out NetStumbler to see if I could see him.
This just all goes to show you that you never know who is listening or looking over your shoulder. You really need to be careful when in a crowd.