[privacy] 93,754,333 Examples of Data Nonchalance
Dude VanWinkle
dudevanwinkle at gmail.com
Mon Sep 25 16:26:48 CDT 2006
On 9/25/06, security curmudgeon <jericho at attrition.org> wrote:
>
> : > So because the data was out of their control for over a month, but they
> : > happened to get the laptop back.. the data is just magically 'safe' and
> : > wasn't compromised? How do they know?
> :
> : Forensics. They released a statement saying that the data had not been
> : accessed.
> :
> : of course whether or not They were telling the truth is another matter..
>
> I steal your laptop, remove the drive, mirror it on my own system, put
> your drive back in your laptop and let you 'convenietly' find it a month
> later.
>
> What forensics will determine if I accessed your data?
Physical forensics come in handy when IT forensics cant be used.
Laptops... laptops..
damn, i just remembered that most laptops have that handy one-screw
removal of hdd's.
nevermind, I was wrong. there is no way of verifying the integrity of the data
-JP
> : > : system isnt flawed to begin with (I doubt very much that FDR was
> : > : concerned about Information Security), just that they drummed up the
> : > : numbers a little.
> : >
> : > Also remember that PRC does not track non US dataloss incidents.
> :
> : do non-us residents have ssn's ;-)
>
> No, but they have credit information and other PII that matters. Remember
> that each of the incidents on PRC or other archives don't necessarily
> reflect the theft of a SS#.
>
> _______________________________________________
> privacy mailing list
> privacy at whitestar.linuxbox.org
> http://www.whitestar.linuxbox.org/mailman/listinfo/privacy
>
More information about the privacy
mailing list