Security is Only as Strong as Its Weakest Link

And that weakest link always proves to be people. Bruce Schneier points out that the recently arrested Russian “spies” used stenography to secure their messages but they had one flaw:

“Law-enforcement agents observed and forensically copied a set of computer disks” when searching some of the defendants’ residences, according to a statement from FBI agent Maria Ricci. “Based on subsequent investigation as described below, I believe that the password-protected disks contain a steganography program employed by the SVR and the Illegals.” SVR stands for Sluzhba Vneshney Razvedki, Russia’s foreign intelligence agency and the successor to the foreign operations arm of the KGB.

Ricci said the steganographic program was activated by pressing control-alt-E and then typing in a 27-character password, which the FBI found written down on a piece of paper during one of its searches.

Sounds like a strong password. It’s a good thing they wrote it down… oh wait.