funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [privacy] 93,754,333 Examples of Data Nonchalance

From: security curmudgeon <jericho () attrition org>
Date: Mon, 25 Sep 2006 16:50:01 -0400 (EDT)

: > So because the data was out of their control for over a month, but they
: > happened to get the laptop back.. the data is just magically 'safe' and
: > wasn't compromised? How do they know?
: 
: Forensics. They released a statement saying that the data had not been 
: accessed.
: 
: of course whether or not They were telling the truth is another matter..

I steal your laptop, remove the drive, mirror it on my own system, put 
your drive back in your laptop and let you 'convenietly' find it a month 
later.

What forensics will determine if I accessed your data?

: > : system isnt flawed to begin with (I doubt very much that FDR was
: > : concerned about Information Security), just that they drummed up the
: > : numbers a little.
: > 
: > Also remember that PRC does not track non US dataloss incidents.
: 
: do non-us residents have ssn's ;-)

No, but they have credit information and other PII that matters. Remember 
that each of the incidents on PRC or other archives don't necessarily 
reflect the theft of a SS#.

_______________________________________________
privacy mailing list
privacy () whitestar linuxbox org
http://www.whitestar.linuxbox.org/mailman/listinfo/privacy
Previous By Date Next
Previous By Thread Next

Current thread: