[Dataloss] FBI announces VA laptop recovery
blitz
blitz at strikenet.kicks-ass.net
Fri Jun 30 14:41:53 EDT 2006
Then with the mirrored disk, he has all the time in the world to
operate on it, make more copies, etc. etc. and apply the forensic
tools we all use daily.
I see the announcement more as damage control by those irresponsible
enough to allow it to happen in the first place. I'll bet they're
just happy to have it back, (if that's even the case, and this is not
damage control to deflect Congress from blowing their tops and
calling major hearings/broilings/inquisitions.)
Its not that this is uncommon, we've seen all too many reports of
"So-and-so IG's office says data security policies at (insert
favorite department here) resemble Swiss cheese" blah..blah...
Nothing gets changed of course, a clone or two turn in their
resignations, and go across the street, and in a few weeks/months,
another report comes out something else is missing...all too familiar
as we here see. Letsee, VA is on it's third breech, it appears..
Hell, my own personal LAN is better secured than many of these operations....
At 12:32 6/30/2006, Richard Forno wrote:
>Yeah anyone who thinks the laptop is 100% not-been-accessed is
>seriously misguided.....or stupid.
>
>-rf
>
>
>On 6/30/06 12:22 PM, "blitz" <blitz at strikenet.kicks-ass.net> wrote:
>
>We just had this discussion on another list...he could of taken the
>drive out, copied/mirrored it, replaced it and returned the laptop
>for the reward. No files would of been changed, and the heat could
>die down. Next you know, the Russian credit-card mob would pay him
>$10-15,000 for the names, so:
>
>$25,000 for returning it
>$15,000 for selling the data
>----------
>$40,000 not a bad weeks work....
>
>
>At 14:03 6/29/2006, you wrote:
>On Thu, June 29, 2006 11:45, Richard Forno forwarded:
>
> > DEPARTMENT OF VETERANS AFFAIRS OFFICE OF INSPECTOR GENERAL (OIG), THE
> > FEDERAL BUREAU OF INVESTIGATION, AND MONTGOMERY COUNTY POLICE DEPARTMENT
> > ANNOUNCE THE RECOVERY OF THE STOLEN LAPTOP AND EXTERNAL HARD DRIVE
>[...]
> > A preliminary review of the equipment by computer forensic teams has
> > determined that the data base remains intact and has not been accessed
> > since
> > it was stolen.
>
>OK, somebody has to be asking: how would they know the data haven't been
>accessed? Especially on an external drive.
>
>
>
>--
>This message has been scanned for viruses and
>dangerous content by <http://www.mailscanner.info/>MailScanner, and is
>believed to be clean.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/dataloss/attachments/20060630/97a02b6b/attachment.html
More information about the Dataloss
mailing list