-
October 1st, 2009, 08:48 PM
#11
Originally Posted by gore
Yea, I've done a lot of "Network Stress Testing" with that tool "Dynamic Object Oriented Multiplexer" tool. And of course the other load testing software I used a lot for school; "Quick User Assessment Completion Kit" or "QUAKE" for short. Just to make sure of course the college network could handle the load.
That is priceless.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
October 1st, 2009, 10:18 PM
#12
Man I wish I had thought of this gold mine...
It's like Y2K!
First off it cannot work.
Second, It cannot work.
First rule of security = PHYSICAL Security.
No matter what is deployed (RFID, GPS, Startrek Security Intervention) Two things must happen.
RFID. The laptop has to be with in the range of a reader. Pretty sure that's not going to happen.
GPS and all that other BS they are implying. Yea, OK the laptop has to be turned on.
So three scenarios.
1. Idiot steals laptop and sells to friend. Friend gets busted.
2. ID thief gets laptop, removes HDD, Clones HDD Throws laptop in river. (wow all that anti hacking technology worked real well for you didn't it?)
3. I get the laptop, Know that a special BIOS is needed to post the attached hardware. Remove the GPS and what ever else they thought of chip, and rewrite the bios so It functions with out the chip.
Post findings on the Internet.
Sell the laptop
If you have physical access to a computer, you own it!
09:F9:11:02:9D:74:E3:5B 8:41:56:C5:63:56:88:C0
-
October 1st, 2009, 10:23 PM
#13
It's a proud day for bastards anywhere when 4 posts in a row are all from the BOFHs. *Sniffle*.
*Chest swelling with pride*. My other PFY has hit it on the head in one of my points that having physical access will probably always equal root access
Unless of course they make a laptop where it has a full hand scanner that also checks a temp too so you can't saw someone's hand off and use that to get passed the reader heh. Then of course you could still set his hand on fire and dip it in warm water to make it still read it, but hey I didn't say it was bulletproof.
-
October 1st, 2009, 10:56 PM
#14
Originally Posted by dinowuff
It's like Y2K!
No matter what is deployed (RFID, GPS, Startrek Security Intervention) Two things must happen.
RFID. The laptop has to be with in the range of a reader. Pretty sure that's not going to happen.
GPS and all that other BS they are implying. Yea, OK the laptop has to be turned on.
So three scenarios.
1. Idiot steals laptop and sells to friend. Friend gets busted.
2. ID thief gets laptop, removes HDD, Clones HDD Throws laptop in river. (wow all that anti hacking technology worked real well for you didn't it?)
3. I get the laptop, Know that a special BIOS is needed to post the attached hardware. Remove the GPS and what ever else they thought of chip, and rewrite the bios so It functions with out the chip.
Post findings on the Internet.
Sell the laptop
If you have physical access to a computer, you own it!
You failed to mention how they could get past the startrek security intervention.
I'm waiting.
Seriously though, I agree. There are probably quite a few people that see the term 'unhackable', and automatically think 'will fixink their leetle red wagon...'.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
October 2nd, 2009, 03:24 PM
#15
Junior Member
Originally Posted by dinowuff
If you have physical access to a computer, you own it!
Hi,
Are there any precautions one can take so that if someone gets physical access, he/she can't own it?
Thank you
Phenom
The First Ape Who Became A Man Thus Committed Treason Against His Own Kind. — Mikhail Turovsky
-
October 2nd, 2009, 09:44 PM
#16
Originally Posted by Phenom
Hi,
Are there any precautions one can take so that if someone gets physical access, he/she can't own it?
Thank you
Phenom
Please enlighten us.
May I suggest you patent that and get a copyright first.
09:F9:11:02:9D:74:E3:5B 8:41:56:C5:63:56:88:C0
-
October 2nd, 2009, 09:59 PM
#17
Junior Member
Originally Posted by dinowuff
Please enlighten us.
May I suggest you patent that and get a copyright first.
Hi,
My apologies for not being able to frame the question correctly. I was simply asking what steps one could take to harden the process of accessing the data if one has physical access (for example, in case of lost/stolen laptops)?
Thank you
Phenom
The First Ape Who Became A Man Thus Committed Treason Against His Own Kind. — Mikhail Turovsky
-
October 5th, 2009, 01:38 AM
#18
Originally Posted by Phenom
Hi,
My apologies for not being able to frame the question correctly. I was simply asking what steps one could take to harden the process of accessing the data if one has physical access (for example, in case of lost/stolen laptops)?
Thank you
Phenom
The actual data can be protected with hard encryption (i.e. AES) As far as preventing someone from being able to make use of the equipment, it is just a matter of replacing parts.
-
October 8th, 2009, 10:14 PM
#19
There are encryption methodologies that will absolutely prevent access unless the user has the correct credentials to "Unlock" the data. So physical access is meaningless.
That being said, that type of methodology is flawed in that only one or few will have such credentials. Now those of you that remember Novell from the early days. If you forgot your admin password, or your administrator got pissed - changed the password and left. You were pretty much ****ed!
Also, let us not forget the L.E.A.F. key for PGP. http://jya.com/pgp-clipper.htm
There will always be back doors, some line of test code not removed from the production release, something that with enough time and money - we'll get it. And to be honest, usually we will find your unencrypted data in the trash can, or facebook or somewhere where you least expect your data to end up.
09:F9:11:02:9D:74:E3:5B 8:41:56:C5:63:56:88:C0
Similar Threads
-
By unvi$ible in forum Cryptography, Steganography, etc.
Replies: 14
Last Post: May 5th, 2005, 05:38 AM
-
By lawrence171 in forum Microsoft Security Discussions
Replies: 13
Last Post: July 7th, 2002, 09:16 PM
-
By Remote_Access_ in forum Security Archives
Replies: 15
Last Post: November 30th, 2001, 01:52 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|