Re: [ekmi] Re: fringe: Open source laptop tracking

["Chris Walsh" <chris () cwalsh org>]

Agreed!

To play the ever-popular security analogy game, if burglars can be deterred
with mere signs saying "Premises protected by Acme Faultless Alarm Company",
why not be happy if laptop thieves can be deterred by an actual product,
albeit one which is not (and is not billed as) a panacea.

Maybe the threat model that matters more is the one in which the hardware,
not the data, is being targeted.  In that case, measures to protect the
hardware make sense.  Of course, where the data are central -- as with
controls against loss of PII -- a measure such as this would be
inappropriate.

Chris

P.S. On the 'engraving' point, I can remember the police suggesting that one
engrave ones SSN on items of high value and high portability, such as tools
and bikes.  Times have changed :^)

On Thu, Jul 17, 2008 at 11:57 AM, Rosenquist, Matthew <
matthew.rosenquist () intel com> wrote:

>  We may be missing the bigger point, as security is both technical as well
> as behavioral.
>
> Yes, it is obvious this technology in its current state can easily be
> undermined by a determined attacker.  But will it be a deterrence?  Will it
> affect the casual laptop theft?  Will it give pause to people buying
> questionable laptops at the flea markets or from shady vendors?  Will it
> make laptops less attractive targets to thieves looking for any means of a
> quick buck?  Can it effect the resale economy of such 'hot' merchandise?
> Will it give employees a second thought about swiping extra equipment for
> personal use?  Maybe.  This technology increases the risk of being caught.
> If so, it will have an overall positive benefit.
>
>
>
> We all know an effective security program does not need to provide real
> security.  We have locks on our home doors which are a joke to anyone who
> has the intention of getting into your house.  But it does help.  It thwarts
> opportunistic attacks where the thief is looking for the path of least
> resistance to reach their goals.  If your house is locked and the next house
> is not, then there is a good chance your neighbor will be the one
> victimized.
>
>
>
> I see this technology, which could be evolved into something great
> eventually, as similar to engraving laptops with "Property of XXX company"
> or something obviously not easily resold or used in the open.  It is a
> deterrent and lowers the target-attractiveness factor.  I don't have any
> data handy, but last I read, most laptops are not stolen for their data.
> Rather it is a hardware itself which is valued.
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml