BreachExchange mailing list archives
Re: [ekmi] Re: fringe: Open source laptop tracking
From: "Stian Øvrevåge" <sovrevage () gmail com>
Date: Thu, 17 Jul 2008 14:00:51 +0200
On Thu, Jul 17, 2008 at 5:01 AM, Allen <netsecurity () sound-by-design com> wrote:
Arshad, I don't think you analysis, which I agree with, goes far enough. 1) Steal laptop. 2) Remove battery. 3) Remove HD. 4) Use HD cloning software such as Apricorn - hardware and software only $40 - and clone to any HD that is laying about 5) Mount clone as USB attached to a desktop 6) Attach old HD as USB attached and wipe old HD with DBAN or similar tool 7) Use Aloha Bob or equivalent to selectively migrate OS and basic productivity software such as Office from clone. 8) Remount HD in laptop 9) Sell the sucker. Best, Allen
With expertise like this the thief could probably get by doing something other than jacking laptops. Without having done any research I believe that dataloss like this, in most cases, is an unfortunate side-effect of hardware theft. The thiefs objective is not the data stored on the device but the device itself. It simply isn't economical for most thieves to do this: 1. Expensive in both time and competence. 2. Not the thiefs problem if data leaks. 3. It is easy to figure what kind of sensitive and valuable data is stored on servers, not so easy on laptops. Thief either has to do some hefty recon-work or steal many laptops to get what he is after. 4. Thief has to have a contact-network that allows him to resell specific data to a very limited costumer-base, compared to generic hardware which everyone can use. So yes, I do believe that this will help in many cases. And if you bother doing this you also bother encrypting your data so that shouldn't really be an issue. BRgds, -- Stian Øvrevåge _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- Re: [ekmi] Re: fringe: Open source laptop tracking, (continued)
- Re: [ekmi] Re: fringe: Open source laptop tracking Allen (Jul 16)
- Re: [ekmi] Re: fringe: Open source laptop tracking Brian Krebs (Jul 16)
- Re: [ekmi] Re: fringe: Open source laptop tracking lyger (Jul 16)
- Re: [ekmi] Re: fringe: Open source laptop tracking Max Hozven (Jul 16)
- Re: [ekmi] Re: fringe: Open source laptop tracking Brian Honan (Jul 17)
- Re: [ekmi] Re: fringe: Open source laptop tracking Rosenquist, Matthew (Jul 17)
- Re: [ekmi] Re: fringe: Open source laptop tracking Arshad Noor (Jul 17)
- Re: [ekmi] Re: fringe: Open source laptop tracking Chris Walsh (Jul 17)
- Re: [ekmi] Re: fringe: Open source laptop tracking Allen (Jul 16)
- Re: [ekmi] Re: fringe: Open source laptop tracking Arshad Noor (Jul 16)
- Re: [ekmi] Re: fringe: Open source laptop tracking Eric K. Dickinson (Jul 17)
- Re: [ekmi] Re: fringe: Open source laptop tracking Stian Øvrevåge (Jul 17)