Another security “joke”

Posted: August 8, 2008 in Posts

Missing SFO Laptop With Sensitive Data Found

The company that runs a fast-pass security prescreening program at San Francisco International Airport said Tuesday that it found a laptop containing the personal information of 33,000 people more than a week after it apparently went missing.

A bit of a joke, isn’t it? Keeping all this “sensitive” data on a laptop. No encryption used; only passwords!

Rumor has it that the laptop was found under a stack of newspapers?!

 

This is where a neat security breach can take place.  You copy the hard drive’s contents, and put the original device back so it can be found… The laptop then isn’t “stolen,” and one can attempt to break the passwords that protect the data.

 

Had a certificate been used, then three incorrect password attempts would lock up the device, but if passwords are used, you can continue to try hacking in, using a brute force attack.

 

All the information stored on the original hard drive should be considered compromised and discarded and the people informed… but of course they’re playing it down: “did not pose a threat”… Sure.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s