RE: Streamed Data

["Richards, Jim" <jim.richards () dot state wi us>]

When I read it, I got the impression that it was just a bunch of
CYA/technical sounding verbiage.

I would assume that it was 'streamed together' just like any other file is.
Just a bunch of consecutive bytes streamed into a file on the hard drive.

Jim

-----Original Message-----
From: killy [mailto:killfactory () gmail com]
Sent: Tuesday, June 27, 2006 8:47 PM
To: Michael Painter
Cc: Tim; Pen-Tests
Subject: Re: Streamed Data


Right. It sounded as if this guy was just covering his company's butt.

The bigwigs where I work stumbled across the article.lol. and wanted
me to research and find them this data streaming technique that will
secure our data from anyone. lol.

Thanks everyone.

On 6/27/06, Michael Painter <tvhawaii () shaka com> wrote:
> ----- Original Message -----
> From: "Tim" Subject: Re: Streamed Data
>
>
> > I must say that I am a little confused on what he means by 'streamed
> > together'. It is stated that encryption was not used nor was it
> > password protected (trivial anyway) so it sounds to me like security
> > through obsecurity or an attempt to throw some random words out to
> > confuse people in thinking that 'streaming' is a security measure. I
> > know that there are many instances where there is a lot of data moving
> > in a direction and is being streamed to that system (example:
> > streaming feeds from a multimedia source or streaming transactions
> > to/from a database). Even in those instances I don't see how that
> > would protect the information. If it is not encrypted then I don't see
> > how the information can remain confidential.
>
> The MSNBC article references two disclosures, Equifax and ING.  The
statement about not being 'password protected or encrypted'
> refers to the latter and 'streamed together' refers to the former.
Perhaps 'streamed together' means Steganos?
> --Michael
>
>
>
>
>
>
> > On 6/26/06, Eric Pinkerton <EPinkerton () soulaustralia com au> wrote:
> > >  "It would be very difficult to link this information and determine
they
> > > were actual Social Security numbers in the first place," he said.
> > >
> > > Yeah unless the perpatrator uses said laptop to read the news!
> > >
> > > "The laptop was not password-protected and the data was not encrypted,
> > > officials have said."
> > >
> > > So my guess is that this is positive spin to save the company
> > > embarassment.
> > >
> > > For "almost impossible" read "possible"
> > >
> > > -----Original Message-----
> > > From: Dan Bogda [mailto:dan.bogda () kintera com]
> > > Sent: Saturday, 24 June 2006 9:09 AM
> > > To: killy; Pen-Tests
> > > Subject: RE: Streamed Data
> > >
> > > "Employee names and partial and full Social Security numbers were on
the
> > > computer's hard drive, though Rubinger said it would be almost
> > > impossible for the thief to decipher the information because it was
> > > streamed together."
> > >
> > > It could be a network sniffer capture or data stream capture they are
> > > referring to. Replication traffic and incremental logs throw the data
> > > together in sequential order so multiple elements are streamed
together,
> > > it's pretty damn hard to decipher. That's my guess.
> > >
> > > -----Original Message-----
> > > From: killy [mailto:killfactory () gmail com]
> > > Sent: Friday, June 23, 2006 6:59 AM
> > > To: Pen-Tests
> > > Subject: Streamed Data
> > >
> > > Hi everyone,
> > >
> > >
> > > http://www.msnbc.msn.com/id/13437723/from/ET/
> > >
> > > refers to a laptop being stolen and that the data was unreadable
because
> > > it was streamed together.
> > >
> > > What are the refering to when they say streamed together?
> > > Any links would be helpful.
> > >
> > > Then, how do we test such a feature? any tools?
> > >
> > >
> > > Thanks - killy
------------------------------------------------------------------------
> > > ------
> > > This List Sponsored by: Cenzic
----------------------------------------------------------------------------
--
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's
> Choice Award from eWeek. As attacks through web applications continue to
rise,
> you need to proactively protect your applications from hackers. Cenzic has
the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with
a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request () cenzic com for details.
----------------------------------------------------------------------------
--
>

----------------------------------------------------------------------------
--
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to
rise, 
you need to proactively protect your applications from hackers. Cenzic has
the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
----------------------------------------------------------------------------
--

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------