July 18, 2011 at 12:50 pm
bopeavy (7/18/2011)
Nadrek (7/18/2011)
Nobody who's an idiot, perhaps. Steal laptop, remove drive, image drive to your own storage medium for offline analysis and selling/publishing proprietary data. Optional: Sell pieces afterwards. Optional: low level format and reinsert drive for a reinstall without software based "lojack". Optional: Use laptop without connecting to a network ever again. Optional: install "Evil Maid" software, return laptop, wait to capture the full disk encryption password, retrieve full disk encryption password directly or remotely, then decrypt the previously made drive image (Optional Optional: remove "Evil Maid" software before laptop gets back to the parent company, so they don't have much, if anything, to notice).
Not software based lojack it is a firmware based. So install all you want...You would never want a software based lojack system just because of what you are talking about.
Still only works if the thief doesn't know what he's doing, and doesn't sell the thing for parts. Bypassing firmware "lojack" systems is as simple as "turn off the network connection while you figure out what's going on". Alternately, with a packet sniffer in place between the laptop and the net, the thief would have whatever access into your system the lojack system has, in very short order.
- Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
Property of The Thread
"Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon
July 18, 2011 at 12:53 pm
Nadrek (7/18/2011)
Jayanth_Kurup (7/17/2011)
Encryption of data is purely the organizations purview, if a company feels the data residing on laptops and tapes need to be encrypted then they should implement it without having to wait for a law.
What if the end users feel their data should be encrypted wherever it is, but the many companies and subcontractors don't want to pay for the cost, the time, or the efficiency hit, don't want to raise prices to compensate... and don't want any of those show up on their quarterly financials?[/quote
In these cases the company cant blame to employee for data theft . So they should learn the lesson.
July 18, 2011 at 12:56 pm
GSquared (7/18/2011)
bopeavy (7/18/2011)
--------------------------------------------------------------------------------
Nadrek (7/18/2011)
--------------------------------------------------------------------------------
Nobody who's an idiot, perhaps. Steal laptop, remove drive, image drive to your own storage medium for offline analysis and selling/publishing proprietary data. Optional: Sell pieces afterwards. Optional: low level format and reinsert drive for a reinstall without software based "lojack". Optional: Use laptop without connecting to a network ever again. Optional: install "Evil Maid" software, return laptop, wait to capture the full disk encryption password, retrieve full disk encryption password directly or remotely, then decrypt the previously made drive image (Optional Optional: remove "Evil Maid" software before laptop gets back to the parent company, so they don't have much, if anything, to notice).
Not software based lojack it is a firmware based. So install all you want...You would never want a software based lojack system just because of what you are talking about.
Still only works if the thief doesn't know what he's doing, and doesn't sell the thing for parts. Bypassing firmware "lojack" systems is as simple as "turn off the network connection while you figure out what's going on". Alternately, with a packet sniffer in place between the laptop and the net, the thief would have whatever access into your system the lojack system has, in very short order.
How many laptops get stolden by a theif that knows what hes doing? I would assume that a theif that knows what hes doing is only going to go after one he knows is going to benefit him.
July 18, 2011 at 1:00 pm
A couple of years ago, I had the files located under my wife's My Documents folder encrypted using Windows Encrypted File System (EFS). Then one day it somehow got corrupted and inaccessible. However, a search on the web turned up a commercial tool that scans the HD for encryption keys, and allowed me to unencrypt and save the files to another drive. As it turns out, EFS can easily be defeated by 3rd party tools unless you keep the certificates located on something like a removable drive.
I now use FreeOTFE, which is a virtual disk solution that offers several different encryption algorithms and doesn't require the storage of keys, the pw just needs to be supplied at startup. I also use it for the thumbdrive on my keychain.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
July 18, 2011 at 1:27 pm
bopeavy (7/18/2011)
How many laptops get stolden by a theif that knows what hes doing? I would assume that a theif that knows what hes doing is only going to go after one he knows is going to benefit him.
Granted, not very many. However, this is only a good defense mechanism if the data you're protecting isn't worth going out of one's way to steal, for stealing credit card/sellable info or corporate espionage (or government for that matter.) Once the potential gain outweighs the risk then someone who is competent may decide to go out of their way.
July 18, 2011 at 1:40 pm
bopeavy (7/18/2011)
GSquared (7/18/2011)
bopeavy (7/18/2011)
--------------------------------------------------------------------------------
Nadrek (7/18/2011)
--------------------------------------------------------------------------------
Nobody who's an idiot, perhaps. Steal laptop, remove drive, image drive to your own storage medium for offline analysis and selling/publishing proprietary data. Optional: Sell pieces afterwards. Optional: low level format and reinsert drive for a reinstall without software based "lojack". Optional: Use laptop without connecting to a network ever again. Optional: install "Evil Maid" software, return laptop, wait to capture the full disk encryption password, retrieve full disk encryption password directly or remotely, then decrypt the previously made drive image (Optional Optional: remove "Evil Maid" software before laptop gets back to the parent company, so they don't have much, if anything, to notice).
Not software based lojack it is a firmware based. So install all you want...You would never want a software based lojack system just because of what you are talking about.
Still only works if the thief doesn't know what he's doing, and doesn't sell the thing for parts. Bypassing firmware "lojack" systems is as simple as "turn off the network connection while you figure out what's going on". Alternately, with a packet sniffer in place between the laptop and the net, the thief would have whatever access into your system the lojack system has, in very short order.
How many laptops get stolden by a theif that knows what hes doing? I would assume that a theif that knows what hes doing is only going to go after one he knows is going to benefit him.
In the situation that your laptop is stolen by someone who has no intention of doing anything that requires an IQ above room temperature, yes, you're right.
Most of those will be stymied by a login password on the computer. No need for encryption, no need to do anything but have a pop-up message when you boot up that says, "We know where you are! Turn yourself in now and we'll go easy on you!" Then you can play the "I know how to keep you suspense..." game with them.
Encryption with a physically isolated key will still be required for actual security, but if you want to play with toys that make managers feel like they're doing something instead of actually doing something effective, then yes, these lojacked laptops will be just fine. "Feel good" measures are sometimes better than nothing at all.
- Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
Property of The Thread
"Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon
July 21, 2011 at 8:58 am
I think encrypting the data on a laptop is putting a sticking plaster on the real problem. So much of our data is held in the cloud now, that the thief can do far more damage by opening the browser on the stolen laptop and going through the favourites, often being able to log in with the credentials stored in there (who doesn't let their browser remember these things so they don't have to.)
Don't have a solution to that issue, but I think encrypting a few XL fies on a lappy is false security.
July 21, 2011 at 9:17 am
Freddie-304292 (7/21/2011)
I think encrypting the data on a laptop is putting a sticking plaster on the real problem. So much of our data is held in the cloud now, that the thief can do far more damage by opening the browser on the stolen laptop and going through the favourites, often being able to log in with the credentials stored in there (who doesn't let their browser remember these things so they don't have to.)Don't have a solution to that issue, but I think encrypting a few XL fies on a lappy is false security.
On my latop, I have my documents folders, which includes Outlook email storage and IE settings, cache, etc. on an encrypted virtual drive volume. The windows system folders, program files, and document folders for other login accounts are on the unencrypted C: drive.
From reading articles about data breaches, it seems that the most typical case is where an IT person, probably a database developer or analyst, makes a copy of a database containing real data to their laptop, probably for use as a development envrironment or working from home. Of course it's enevitable that 1/3 of these laptops will be lost or stolen.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
Viewing 8 posts - 16 through 22 (of 22 total)
You must be logged in to reply to this topic. Login to reply