Re: Ameriprise Loses Data on 230, 000 Customers and Advisers

[Drsolly <drsollyp () drsolly com>]

On Sun, 29 Jan 2006, der Mouse wrote:

> > On the other hand, laptops often go walkies, and if 10% of your
> > desktops have unauthorized downloads of corporate data on them, it's
> > likely the laptop percentage is closer to 20% (after all, many laptop
> > users will do the extracts so they can work on the plane...)
>
> There's a reason my laptop encrypts everything but the kernel and
> bootblocks.  It won't even get as far as mounting / without the key,
> and that key is stored nowhere but my memory.  And my live-backup of
> the disk backs up the ciphertext view.

I dno't even have that much. My laptop is used as a terminal over an ssl
tunnel to my database.

> Letter agencies and big corporations could probably break the crypto,
> if they thought the data worth the resources. 

Not on mine - there's no crypto to break.

> I have lots of
> lower-cost holes open to someone with that kind of resources, though,
> and I don't think very many casual - or even reasonably-good-cracker -
> laptop thieves will get very far.

I'd guess that all any thief wants is to sell the laptop down the pub for 
a few notes. He'd also get my USB floppy drive and my bluetooth dongle, 
and I'd have the annoyance of having to find another laptop with a 1600 by 
1200 screen (most specs dn't tell you the screen resolution, and I seem to 
be the only person it's important to, maybe I'm the only person who uses a 
laptop purely as a multiple terminal?)


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.