BreachExchange mailing list archives
Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd)
From: "Sean Steele" <SSteele () infolocktech com>
Date: Sun, 17 Dec 2006 14:12:09 -0500
Great point, George. It's also a great procedure for recovering/mirroring data from a Windoze disk you need to reformat, but which is Acting Badly. Make sure you have a BIOS that allows you to "Boot from USB". If you don't, and you're really serious, you can have a custom upgrade/replacement BIOS created for you. Email me offline if interested. -- Sean Steele, CISSP infoLock Technologies 703.310.6478 direct 202.270.8672 mobile ssteele () infolocktech com -----Original Message----- From: dataloss-bounces () attrition org [mailto:dataloss-bounces () attrition org] On Behalf Of George Toft Sent: Saturday, December 16, 2006 12:24 PM To: dataloss () attrition org Subject: Re: [Dataloss] [follow-up] Boeing fires employee whose laptop wasstolen (fwd) As we all (on this list) know, this is a trivial exercise, provided the laptop does not use hard drive encryption. For those who don't know, here are the tools you need: 1. Knoppix CD. 2. USB hard drive. I'm in the process of recovering data from a hard drive even as I write this. Since I'm not using Windows, the file access markers are not getting updated. The exact same technique would be used to copy a laptop hard drive. For more information, the see "Knoppix Hacks" ISBN 0-596-00787-6. It has a ton of hints for this type of work, including step-by-step instructions and the CD. George Toft, CISSP, MSIS My IT Department www.myITaz.com 623-203-1760 Confidential data protection experts for the financial industry. ziplock wrote:
I'd like to see someone publicly volunteer, in a highly visible
manner, to
demonstrate that s/he can access data on an unknown, standard-issue laptop, without leaving traces. No actual cracking would be
necessary;
once the data is copied a statement could be made that it can now be attacked and explored at leisure. Perhaps if a known expert made this general challenge, technically aware activists could follow up with letters to the editor when these ridiculous claims are made by those
CYA
companies. The activists could directly challenge the company, via
the
press (for what good would it do, if not in the public eye?), to put
up or
shut up by providing a laptop for the demo. If the successful
experiment
itself gets any publicity, it could be used as proof of concept
against
all future similar reports. These companies and these reporters will stick to the script until
they're
publicly challenged and proven wrong. /z
[snip] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 143 million compromised records in 507 incidents over 6 years. _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 143 million compromised records in 512 incidents over 6 years.
Current thread:
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Nash, Kim (Dec 15)
- Message not available
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) blitz (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) ziplock (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Adam Shostack (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Roy M. Silvernail (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Al Mac (Dec 16)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) lyger (Dec 16)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) blitz (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) George Toft (Dec 16)
- Message not available
- <Possible follow-ups>
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Nash, Kim (Dec 15)
- Re: [follow-up] Boeing fires employee whose laptop wasstolen (fwd) Sean Steele (Dec 17)