[Dataloss] [follow-up] Boeing fires employee whose laptop wasstolen (fwd)
Nash, Kim
Kim_Nash at ziffdavis.com
Fri Dec 15 13:37:33 EST 2006
Mainstream press -- local newspapers and TV stations -- don't know the tech issues. But one would think that a good reporter would just ask, "How do you know?" It seems they don't, though.
-- Kim Nash
-----Original Message-----
From: dataloss-bounces at attrition.org on behalf of Adam Shostack
Sent: Fri 12/15/2006 1:28 PM
To: B.K. DeLong
Cc: dataloss at attrition.org
Subject: Re: [Dataloss] [follow-up] Boeing fires employee whose laptop wasstolen (fwd)
So how can we counter it? What's the counter-meme?
"Why would you know?"
"Are your passwords better than Myspace?"
"What happens if I take out the disk and install it in another
machine?"
(Those all stink--we need something snappy, snarky and memorable that
reporters will spring on people who deploy the smokescreen.)
Adam
On Fri, Dec 15, 2006 at 08:17:44AM -0500, B.K. DeLong wrote:
| If you look through a lot of the dataloss articles, you'll see many
| media spokespersons claiming similarly that password protection is
| enough. Might be an interesting stat to track in the database.
|
| On 12/15/06, Roy M. Silvernail <roy at rant-central.com> wrote:
| > Gotta love this. security curmudgeon forwarded:
| >
| > > Even though the employee data was not encrypted, the laptop was turned
| > > off. That means the person who stole the computer would not be able to
| > > access the employee data without a password to open the computer once it
| > > was turned on.
| >
| > Wrong. As I pointed out on my blog
| > (http://www.rant-central.com/article.php?story=20060914170634681),
| > that's purely a CYA statement with no basis in fact.
| >
| > How long will these outfits be able to get away with this smokescreen?
| > --
| > Roy M. Silvernail is roy at rant-central.com, and you're not
| > "It's just this little chromium switch, here." - TFT
| > CRM114->procmail->/dev/null->bliss
| > http://www.rant-central.com
| > _______________________________________________
| > Dataloss Mailing List (dataloss at attrition.org)
| > http://attrition.org/dataloss
| > Tracking more than 143 million compromised records in 507 incidents over 6 years.
| >
| >
| >
|
|
| --
| B.K. DeLong (K3GRN)
| bkdelong at pobox.com
| +1.617.797.8471
|
| http://www.wkdelong.org Son.
| http://www.ianetsec.com Work.
| http://www.bostonredcross.org Volunteer.
| http://www.carolingia.eastkingdom.org Service.
| http://bkdelong.livejournal.com Play.
|
|
| PGP Fingerprint:
| 38D4 D4D4 5819 8667 DFD5 A62D AF61 15FF 297D 67FE
|
| FOAF:
| http://foaf.brain-stream.org
| _______________________________________________
| Dataloss Mailing List (dataloss at attrition.org)
| http://attrition.org/dataloss
| Tracking more than 143 million compromised records in 507 incidents over 6 years.
|
_______________________________________________
Dataloss Mailing List (dataloss at attrition.org)
http://attrition.org/dataloss
Tracking more than 143 million compromised records in 507 incidents over 6 years.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/dataloss/attachments/20061215/f5a7839b/attachment.html
More information about the Dataloss
mailing list