BreachExchange mailing list archives
Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd)
From: Adam Shostack <adam () homeport org>
Date: Fri, 15 Dec 2006 21:46:35 -0500
Maybe a fun demo to do at Defcon this summer? You could set it up as a challenge--someone brings in three standard laptops, each with a secret file. You open one, hand them all back, they have to determine which of the three were opened? On Fri, Dec 15, 2006 at 09:03:46PM -0500, ziplock wrote: | I'd like to see someone publicly volunteer, in a highly visible manner, to | demonstrate that s/he can access data on an unknown, standard-issue | laptop, without leaving traces. No actual cracking would be necessary; | once the data is copied a statement could be made that it can now be | attacked and explored at leisure. Perhaps if a known expert made this | general challenge, technically aware activists could follow up with | letters to the editor when these ridiculous claims are made by those CYA | companies. The activists could directly challenge the company, via the | press (for what good would it do, if not in the public eye?), to put up or | shut up by providing a laptop for the demo. If the successful experiment | itself gets any publicity, it could be used as proof of concept against | all future similar reports. | | These companies and these reporters will stick to the script until they're | publicly challenged and proven wrong. | | /z | | | > Its about as much assurance, as we get from a laptop being recovered, | > encrypted or not. Mirror the disk, hand the laptop back, fears | > subside, while you have all the time in the world to work on the | > data. In a year or so, random names in the data start having identity | > theft problems. The recovery of lost or stolen data should never be | > the end of the case. Period! | > | > | > | >>That is one aspect of the typical corporate response to data theft | >>that irked me when I was writing about this topic for the latest | >>issue of Baseline. No company can ever really know that data wasn't | >>accessed or that thieves weren't after data, etc. -- a point on | >>which I quoted a forensics expert from Kroll. | >> | >>It *is* such a smokescreen. | >> | >>-- Kim Nash | >> | >>Link to the article: | >><http://www.baselinemag.com/article2/0,1540,2069952,00.asp>http://www.baselinemag.com/article2/0,1540,2069952,00.asp | >> | >> | >> | >> | >>-----Original Message----- | >>From: dataloss-bounces () attrition org on behalf of B.K. DeLong | >>Sent: Fri 12/15/2006 8:17 AM | >>To: Roy M. Silvernail | >>Cc: dataloss () attrition org | >>Subject: Re: [Dataloss] [follow-up] Boeing fires employee | >>whose laptop wasstolen (fwd) | >> | >>If you look through a lot of the dataloss articles, you'll see many | >>media spokespersons claiming similarly that password protection is | >>enough. Might be an interesting stat to track in the database. | >> | >>On 12/15/06, Roy M. Silvernail <roy () rant-central com> wrote: | >> > Gotta love this. security curmudgeon forwarded: | >> > | >> > > Even though the employee data was not encrypted, the laptop was | >> turned | >> > > off. That means the person who stole the computer would not be able | >> to | >> > > access the employee data without a password to open the computer | >> once it | >> > > was turned on. | >> > | >> > Wrong. As I pointed out on my blog | >> > | >> (<http://www.rant-central.com/article.php?story=20060914170634681>http://www.rant-central.com/article.php?story=20060914170634681), | >> > that's purely a CYA statement with no basis in fact. | >> > | >> > How long will these outfits be able to get away with this smokescreen? | >> > -- | >> > Roy M. Silvernail is roy () rant-central com, and you're not | >> > "It's just this little chromium switch, here." - TFT | >> > CRM114->procmail->/dev/null->bliss | >> > <http://www.rant-central.com>http://www.rant-central.com | >> > _______________________________________________ | >> > Dataloss Mailing List (dataloss () attrition org) | >> > <http://attrition.org/dataloss>http://attrition.org/dataloss | >> > Tracking more than 143 million compromised records in 507 | >> incidents over 6 years. | >> > | >> > | >> > | >> | >> | >>-- | >>B.K. DeLong (K3GRN) | >>bkdelong () pobox com | >>+1.617.797.8471 | >> | >><http://www.wkdelong.org>http://www.wkdelong.org Son. | >><http://www.ianetsec.com>http://www.ianetsec.com Work. | >><http://www.bostonredcross.org>http://www.bostonredcross.org | >>Volunteer. | >><http://www.carolingia.eastkingdom.org>http://www.carolingia.eastkingdom.org | >>Service. | >><http://bkdelong.livejournal.com>http://bkdelong.livejournal.com | >>Play. | >> | >> | >>PGP Fingerprint: | >>38D4 D4D4 5819 8667 DFD5 A62D AF61 15FF 297D 67FE | >> | >>FOAF: | >><http://foaf.brain-stream.org>http://foaf.brain-stream.org | >>_______________________________________________ | >>Dataloss Mailing List (dataloss () attrition org) | >><http://attrition.org/dataloss>http://attrition.org/dataloss | >>Tracking more than 143 million compromised records in 507 incidents | >>over 6 years. | >> | >> | >> | >> | >> | >>_______________________________________________ | >>Dataloss Mailing List (dataloss () attrition org) | >>http://attrition.org/dataloss | >>Tracking more than 143 million compromised records in 507 incidents | >>over 6 years. | > _______________________________________________ | > Dataloss Mailing List (dataloss () attrition org) | > http://attrition.org/dataloss | > Tracking more than 143 million compromised records in 507 incidents over 6 | > years. | > | > | > | | | _______________________________________________ | Dataloss Mailing List (dataloss () attrition org) | http://attrition.org/dataloss | Tracking more than 143 million compromised records in 507 incidents over 6 years. | _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 143 million compromised records in 507 incidents over 6 years.
Current thread:
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Nash, Kim (Dec 15)
- Message not available
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) blitz (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) ziplock (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Adam Shostack (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Roy M. Silvernail (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Al Mac (Dec 16)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) lyger (Dec 16)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) blitz (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) George Toft (Dec 16)
- Message not available
- <Possible follow-ups>
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Nash, Kim (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Sean Steele (Dec 17)