 |
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
http://citp.princeton.edu/pub/coldboot.pdf
No, it's not new. But yes, it /is/ kinda scary. :-D
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 7/26/2011 5:27, Invisible wrote:
> http://citp.princeton.edu/pub/coldboot.pdf
>
> No, it's not new. But yes, it /is/ kinda scary. :-D
In other news, if a hacker steals the password you have written on a sticky
note affixed to the laptop, you're screwed. :-) Also, beware thieves
carrying large flasks of liquid nitrogen through the airport.
Why are you carrying sensitive information around on a laptop anyway? Given
that 99.44% of the time that information isn't encrypted to start with, and
99.44% of the time the thief steals the laptop for the hardware and not the
data, I think that most people have nothing to worry about.
--
Darren New, San Diego CA, USA (PST)
"Coding without comments is like
driving without turn signals."
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Darren New <dne### [at] san rrcom> wrote:
> Why are you carrying sensitive information around on a laptop anyway?
I can imagine a scenario where a employee of a company uses his laptop
to connect to some not-so-important computer of the company (over a secure
connection, of course), and this might open a way for a pro hacker to
access the company's more important servers if he gets access to the
laptop and with that the login/password to that computer (which might
itself not contain anything crucial, but which might make it much easier
to then hack into the more important systems inside the company).
Far-fetched? Yes. Impossible? No. I'm almost 100% certain incidents not
unlike this have happened many times in the history of computers.
--
- Warp
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>> No, it's not new. But yes, it /is/ kinda scary. :-D
>
> In other news, if a hacker steals the password you have written on a
> sticky note affixed to the laptop, you're screwed. :-)
Well, yes, some people are stupid. The worrying part is that even the
smart people who are using whole-disk encryption with two-factor
authentication and all the rest are still vulnerable if physical access
is compromised.
> Also, beware
> thieves carrying large flasks of liquid nitrogen through the airport.
Apparently it works fine with no cooling at all. And you don't actually
need liquid nitrogen; canned air will do.
> Why are you carrying sensitive information around on a laptop anyway?
Well, yeah, there is that. The usual scenario is a company laptop
carried to that important business meeting. If you're on the road all
the time, it's unlikely you have a seperate device for keeping your
"sensitive" data on.
> Given that 99.44% of the time that information isn't encrypted to start
> with, and 99.44% of the time the thief steals the laptop for the
> hardware and not the data, I think that most people have nothing to
> worry about.
Probably.
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 7/26/2011 9:29, Warp wrote:
> Far-fetched? Yes. Impossible? No.
That's a good point. :-)
--
Darren New, San Diego CA, USA (PST)
"Coding without comments is like
driving without turn signals."
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
> Darren New<dne### [at] sanrrcom> wrote:
>> Why are you carrying sensitive information around on a laptop anyway?
>
> I can imagine a scenario where a employee of a company uses his laptop
> to connect to some not-so-important computer of the company (over a secure
> connection, of course), and this might open a way for a pro hacker to
> access the company's more important servers if he gets access to the
> laptop and with that the login/password to that computer (which might
> itself not contain anything crucial, but which might make it much easier
> to then hack into the more important systems inside the company).
>
> Far-fetched? Yes. Impossible? No. I'm almost 100% certain incidents not
> unlike this have happened many times in the history of computers.
>
And it is exactly why we were recently told that anyone who accesses
internal or customer systems in "privileged mode" had to use
company-owned and controlled assets to do so, because the company thinks
that it is better than us as preventing keyloggers from installing
themselves on our home PCs.
You know this policy came about because something happened somewhere...
--
/*Francois Labreque*/#local a=x+y;#local b=x+a;#local c=a+b;#macro P(F//
/* flabreque */L)polygon{5,F,F+z,L+z,L,F pigment{rgb 9}}#end union
/* @ */{P(0,a)P(a,b)P(b,c)P(2*a,2*b)P(2*b,b+c)P(b+c,<2,3>)
/* gmail.com */}camera{orthographic location<6,1.25,-6>look_at a }
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Le 2011-07-26 13:14, Orchid XP v8 a écrit :
>
> Well, yeah, there is that. The usual scenario is a company laptop
> carried to that important business meeting. If you're on the road all
> the time, it's unlikely you have a seperate device for keeping your
> "sensitive" data on.
>
Or "I'll get ahead on this project over the week-end... here let me copy
a dump of the database to this DVD so that I have data to work with at
home."
Followed a few days later by:
BREAKING NEWS: So-And-SO Corp. has lost a disk containing records for
64563561323 of its customers. The data is thought to include banking
info, full names, date of birth, addresses, etc....
--
/*Francois Labreque*/#local a=x+y;#local b=x+a;#local c=a+b;#macro P(F//
/* flabreque */L)polygon{5,F,F+z,L+z,L,F pigment{rgb 9}}#end union
/* @ */{P(0,a)P(a,b)P(b,c)P(2*a,2*b)P(2*b,b+c)P(b+c,<2,3>)
/* gmail.com */}camera{orthographic location<6,1.25,-6>look_at a }
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 7/28/2011 12:33, Francois Labreque wrote:
> Or "I'll get ahead on this project over the week-end... here let me copy a
> dump of the database to this DVD so that I have data to work with at home."
That or shipping it thru the mail without encrypting it and then having the
post office lose it.
--
Darren New, San Diego CA, USA (PST)
How come I never get only one kudo?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Le 2011/07/28 15:33, Francois Labreque a écrit :
> Le 2011-07-26 13:14, Orchid XP v8 a écrit :
>>
>> Well, yeah, there is that. The usual scenario is a company laptop
>> carried to that important business meeting. If you're on the road all
>> the time, it's unlikely you have a seperate device for keeping your
>> "sensitive" data on.
>>
>
> Or "I'll get ahead on this project over the week-end... here let me copy
> a dump of the database to this DVD so that I have data to work with at
> home."
>
> Followed a few days later by:
>
> BREAKING NEWS: So-And-SO Corp. has lost a disk containing records for
> 64563561323 of its customers. The data is thought to include banking
> info, full names, date of birth, addresses, etc....
>
In what Universe did this appens? That's more customers that the global
population... ;)
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 29/07/2011 11:19 PM, Alain wrote:
>> BREAKING NEWS: So-And-SO Corp. has lost a disk containing records for
>> 64563561323 of its customers. The data is thought to include banking
>> info, full names, date of birth, addresses, etc....
>>
>
> In what Universe did this appens? That's more customers that the global
> population... ;)
A universe that uses base 7 = 1890483080 in decimal ;-)
--
Regards
Stephen
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
|
|
