BreachExchange mailing list archives

Re: [ekmi] Re: fringe: Open source laptop tracking

From: "Stian Øvrevåge" <sovrevage () gmail com>
Date: Thu, 17 Jul 2008 14:00:51 +0200

On Thu, Jul 17, 2008 at 5:01 AM, Allen <netsecurity () sound-by-design com> wrote:

Arshad,

I don't think you analysis, which I agree with, goes far enough.

1) Steal laptop.
2) Remove battery.
3) Remove HD.
4) Use HD cloning software such as Apricorn - hardware and software
only $40 - and clone to any HD that is laying about
5) Mount clone as USB attached to a desktop
6) Attach old HD as USB attached and wipe old HD with DBAN or
similar tool
7) Use Aloha Bob or equivalent to selectively migrate OS and basic
productivity software such as Office from clone.
8) Remount HD in laptop
9) Sell the sucker.

Best,

Allen


With expertise like this the thief could probably get by doing
something other than jacking laptops.

Without having done any research I believe that dataloss like this, in
most cases, is an unfortunate side-effect of hardware theft. The
thiefs objective is not the data stored on the device but the device
itself. It simply isn't economical for most thieves to do this:

1. Expensive in both time and competence.
2. Not the thiefs problem if data leaks.
3. It is easy to figure what kind of sensitive and valuable data is
stored on servers, not so easy on laptops. Thief either has to do some
hefty recon-work or steal many laptops to get what he is after.
4. Thief has to have a contact-network that allows him to resell
specific data to a very limited costumer-base, compared to generic
hardware which everyone can use.

So yes, I do believe that this will help in many cases. And if you
bother doing this you also bother encrypting your data so that
shouldn't really be an issue.

BRgds,
-- 
Stian Øvrevåge
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml

Current thread:

Re: [ekmi] Re: fringe: Open source laptop tracking, (continued)
- - Re: [ekmi] Re: fringe: Open source laptop tracking Allen (Jul 16)
    - Re: [ekmi] Re: fringe: Open source laptop tracking Brian Krebs (Jul 16)
    - Re: [ekmi] Re: fringe: Open source laptop tracking lyger (Jul 16)
    - Re: [ekmi] Re: fringe: Open source laptop tracking Max Hozven (Jul 16)
    - Re: [ekmi] Re: fringe: Open source laptop tracking Brian Honan (Jul 17)
    - Re: [ekmi] Re: fringe: Open source laptop tracking Rosenquist, Matthew (Jul 17)
    - Re: [ekmi] Re: fringe: Open source laptop tracking Arshad Noor (Jul 17)
    - Re: [ekmi] Re: fringe: Open source laptop tracking Chris Walsh (Jul 17)
    - Re: [ekmi] Re: fringe: Open source laptop tracking Arshad Noor (Jul 16)
    - Re: [ekmi] Re: fringe: Open source laptop tracking Eric K. Dickinson (Jul 17)
    - Re: [ekmi] Re: fringe: Open source laptop tracking Stian Øvrevåge (Jul 17)
  - Re: fringe: Open source laptop tracking TS Glassey (Jul 17)