Re: New Laptop Polices

[Bob Radvanovsky <rsradvan () unixworks net>]

I was always under the impression that BIOS security features could always be circumvented.  See further comments 
below...

-r

----- Original Message -----
From: J. Oquendo [mailto:sil () infiltrated net]
To: Bob Radvanovsky [mailto:rsradvan () unixworks net]
Cc: "Cullen, Michael" [mailto:michael.cullen () umusic com], full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] New Laptop Polices


> Bob Radvanovsky wrote:
> > You mean the fact that you are *erquired* now to *check* your laptop along
> with your baggage?  Take into account that most laptops aren't easy to
> remove the hard disk drives, and that most laptops of corporate and/or
> government executives contain either sensitive or classified information, I
> don't seriously think that the UK government, nor its corporations, have
> taken into consideration all of the consequences involved.  Take for example
> the ongoing issues of laptops mysteriously disappearing (esp. the Veteran's
> Administration...I lost count, how many has it been, 5 times?) that contains
> spreadsheets and/or databases that contains *private* information.
> >   
>
> You're confusing two things here. What one corporation and their 
> policies concerning securing information have to do with his initial 
> question is obsolete. I'm under the impression of his message he didn't 
> mean the safety of his data. But in case he did then he needs a lot of 
> reading to do going back in time to days of the rainbow series books.

You may be right, but I was confused as to what his objectives were here, of which, one of the more important aspects 
should be "data security", so this raises a *whole* can 'o worms.

> > The UK needs to consider the implications about *how* they will cover the
> loss of financial, sensitive or classified information...
> >   
> I don't believe (again) this was his initial question, whether or not 
> the officials in the airline industry give a rats rear of whether or not 
> corporate/private data is secure.

True, a moot point.

> > Just my 2 cents worth, which by today's standards doesn't even get you a
> piece of gum any more...sad, isn't it?
> > -r
> >
> > P.S.  I think that corporations now need to state that corporate
> executives should NOT have corporate data on their hard disk drives; further
> locking down corporate assets.  I think that they should make it easier for
> the removal of hard disk drives to be removed so they aren't stolen.
> >   
> And you hope to accomplish this how? I can agree that data needs to be 
> minimized but there are plenty of options available to completely lock 
> down any laptop from the BIOS on up so I fail to see what you were truly 
> hoping to state.

Actually, wasn't there a mention about a self-destructing DVD just recently?  This would be worthwhile to investigate 
into, or the other idea about imaging the laptop in case it's stolen or damaged during transport.

> ====================================================
> J. Oquendo
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
> GPG Key ID 0x1383A743
> Fingerprint:
> 7B02 28CF 24D3 ACA7 9907  789A 8772 7736 1383 A743
> 26:0608031813:J. Oquendo::fNaE6zH/HDTggYKS:005zLMj
>
> sil . infiltrated @ net
> http://www.infiltrated.net
>
>
> The happiness of society is the end of government.
> John Adams

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/