[Dataloss] [follow-up] Boeing fires employee whose laptop wasstolen (fwd)

Sean Steele SSteele at infolocktech.com
Sun Dec 17 14:12:09 EST 2006 

Great point, George. It's also a great procedure for
recovering/mirroring data from a Windoze disk you need to reformat, but
which is Acting Badly. Make sure you have a BIOS that allows you to
"Boot from USB". If you don't, and you're really serious, you can have a
custom upgrade/replacement BIOS created for you. Email me offline if
interested.

--
Sean Steele, CISSP
infoLock Technologies
703.310.6478  direct
202.270.8672  mobile
ssteele at infolocktech.com

-----Original Message-----
From: dataloss-bounces at attrition.org
[mailto:dataloss-bounces at attrition.org] On Behalf Of George Toft
Sent: Saturday, December 16, 2006 12:24 PM
To: dataloss at attrition.org
Subject: Re: [Dataloss] [follow-up] Boeing fires employee whose laptop
wasstolen (fwd)

As we all (on this list) know, this is a trivial exercise, provided the 
laptop does not use hard drive encryption.  For those who don't know, 
here are the tools you need:
1.  Knoppix CD.
2.  USB hard drive.

I'm in the process of recovering data from a hard drive even as I write 
this.  Since I'm not using Windows, the file access markers are not 
getting updated.  The exact same technique would be used to copy a 
laptop hard drive.

For more information, the see "Knoppix Hacks" ISBN 0-596-00787-6.  It 
has a ton of hints for this type of work, including step-by-step 
instructions and the CD.

George Toft, CISSP, MSIS
My IT Department
www.myITaz.com
623-203-1760

Confidential data protection experts for the financial industry.


ziplock wrote:
> I'd like to see someone publicly volunteer, in a highly visible
manner, to
> demonstrate that s/he can access data on an unknown, standard-issue
> laptop, without leaving traces.  No actual cracking would be
necessary;
> once the data is copied a statement could be made that it can now be
> attacked and explored at leisure.  Perhaps if a known expert made this
> general challenge, technically aware activists could follow up with
> letters to the editor when these ridiculous claims are made by those
CYA
> companies.  The activists could directly challenge the company, via
the
> press (for what good would it do, if not in the public eye?), to put
up or
> shut up by providing a laptop for the demo.  If the successful
experiment
> itself gets any publicity, it could be used as proof of concept
against
> all future similar reports.
> 
> These companies and these reporters will stick to the script until
they're
> publicly challenged and proven wrong.
> 
> /z
> 
[snip]

_______________________________________________
Dataloss Mailing List (dataloss at attrition.org)
http://attrition.org/dataloss
Tracking more than 143 million compromised records in 507 incidents over
6 years.

More information about the Dataloss mailing list