April 14, 2015 at 10:22 am
syoc (4/14/2015)
Anyone use a bait computer, leave the table, stare at it from a crack in the bathroom door waiting for it to be taken so you can tackle the idiot that takes it? I have. No one took it. What a let down.
With Android tablets and phones as low as $40, it would be simple to setup a sting operation. You could install a program that automatically activates the camera when it's moved and connects to open wifi to log it's location and photos to a FTP server.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
April 14, 2015 at 10:29 am
Eric M Russell (4/14/2015)
syoc (4/14/2015)
Anyone use a bait computer, leave the table, stare at it from a crack in the bathroom door waiting for it to be taken so you can tackle the idiot that takes it? I have. No one took it. What a let down.With Android tablets and phones as low as $40, it would be simple to setup a sting operation. You could install a program that automatically activates the camera when it's moved and connects to open wifi to log it's location and photos to a FTP server.
There was a humorous case in the news a while back. Someone's phone was stolen, and since it was configured to send a copy to the cloud, the thief provided plenty of selfies....
...
-- FORTRAN manual for Xerox Computers --
April 14, 2015 at 11:11 am
jay-h (4/14/2015)
Eric M Russell (4/14/2015)
syoc (4/14/2015)
Anyone use a bait computer, leave the table, stare at it from a crack in the bathroom door waiting for it to be taken so you can tackle the idiot that takes it? I have. No one took it. What a let down.With Android tablets and phones as low as $40, it would be simple to setup a sting operation. You could install a program that automatically activates the camera when it's moved and connects to open wifi to log it's location and photos to a FTP server.
There was a humorous case in the news a while back. Someone's phone was stolen, and since it was configured to send a copy to the cloud, the thief provided plenty of selfies....
One of the best selfies the police had ever seen:-D
😎
April 14, 2015 at 12:29 pm
Wayne West (4/14/2015)
lshanahan (4/14/2015)
Pick up a book called "No-Tech Hacking". It's certainly an eye-opener on this topic if it doesn't scare the **** out of you first.Grant is right: We can't always wall ourselves off everywhere we go, but simple situational awareness and thoughtful practices can certainly minimize risk.
I'm not familiar with that book, but Kevin Mitnick's books on intrusion are quite good.
Kevin was also one of those guys who got himself paid every week from a company he didn't work at while relaxing in a hotel room on the run simply with social engineering. 😎
But now, for the scary stuff for anyone not taking public access seriously.
Social Engineering and Faking Affiliation
Mitnick’s first approach to even the most complex technical systems is through “social engineering”: Pick up the phone and convince the HR representative on the other end that you are a coworker. Say that you need a particular file, or that you are performing a security audit and need to verify credentials. The goal is to use human weakness to con employees into giving you access to something they shouldn’t, then using that little bit of access to obtain additional information.
It is also easy to appear to be associated with any company that you claim to represent. When people want to quickly verify that you are who you claim to be, they typically search for your name and phone number on Google. Mitnick demonstrated live how he could use an online registry to associate his name and phone number with any company. Sure enough, an online search of his name and phone number led to the first result listing him as an employee of Microsoft MSFT -0.59%.
Finally, many companies provide employees RFID-enabled HID cards to give them access to buildings and offices. The size of a small laptop, Mitnick demonstrated a HID card reader that can covertly read and record the information of access cards within several feet. He once found a nearby Starbucks frequented by company employees and spent a few hours stealing access data when employees walked by. Upon recording their access card information, Mitneck then used a small $100-card printer, which he demonstrated during the talk, to recreate employees’ access cards. This allowed him to enter the company’s building and stroll through freely, looking for any unattended computers.
April 14, 2015 at 3:07 pm
I worry about those security provisions that manage to obstruct without securing stuff.
I've just found out why my Kensington lock doesn't work. The rotating bezel had rotated to the point where the T lock was a little tight. A quick loosening with the BIC pen and.....it fell to bits.
April 15, 2015 at 8:06 am
Thanks Steve.
Now, on top of the impending zombie apocalypse, I have to worry about the friendly random guy at ISNULL(@wherever, 'Starbucks').
Well, you're right, as usual. Laptops are stolen every day - sometimes by the cleaning crew who takes a laptop/workstation that was hooked up on a docking station. Or, an insurance worker's laptop right out of his car...
I haven't encrypted my laptop, but it _is_ password protected, and the password repository program is protected with a different password and none of the production connection credentials are saved/stored/remembered (I have to manually type them each and every time).
But that only keeps out the honest people. I don't believe there can ever be absolute security: the best we mere mortals can do is to exercise reasonable due diligence and not risk more than we can afford to lose.
I used to have a canvas-top Jeep. I learned real fast not to keep anything in there that I wasn't prepared to part with.
Cheers and happy coding,
Mark
Just a cog in the wheel.
April 15, 2015 at 9:20 am
Walking around with your organization's production data, financial spreadsheets, or work email on your laptop is dumb in an age where VPN is an option and wifi is widely available.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
April 15, 2015 at 9:42 am
Eric M Russell (4/15/2015)
Walking around with your organization's production data, financial spreadsheets, or work email on your laptop is dumb in an age where VPN is an option and wifi is widely available.
In a lot of cases some throwaway Chromebook or similar with no local data may be the safest approach.
...
-- FORTRAN manual for Xerox Computers --
April 15, 2015 at 9:44 am
starunit (4/15/2015)
I used to have a canvas-top Jeep. I learned real fast not to keep anything in there that I wasn't prepared to part with.,
That's why I have a Tuffy box (they make quite an array, up to including secure gun cases).
But my radio etc cost less than insurance deductable.
...
-- FORTRAN manual for Xerox Computers --
April 15, 2015 at 9:52 am
jay-h (4/15/2015)
Eric M Russell (4/15/2015)
Walking around with your organization's production data, financial spreadsheets, or work email on your laptop is dumb in an age where VPN is an option and wifi is widely available.In a lot of cases some throwaway Chromebook or similar with no local data may be the safest approach.
Yes, another advantage in using VPN to remote desktop into the office is that you don't have to invest in a high end laptop and you don't have to spend so much time dicking around with the technicals of staging a work environment. Here we have a huge virtual PC farm. For new employees or contractors, we can spin up a new "desktop" from a pre-installed image matching their work role profile. Whem someone leaves, their "PC" can be archived off somewhere. For a number of reasons it also enhances help desk support and security.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
April 15, 2015 at 11:04 am
Eric M Russell (4/15/2015)
Walking around with your organization's production data, financial spreadsheets, or work email on your laptop is dumb in an age where VPN is an option and wifi is widely available.
Having been someone that moves around a lot, I'll saw the wi-fi isn't widely available, nor is cell service always something that works. The performance is often too poor to analysis, much less development work.
However, I may be an edge case and it's possible things work better for others. Certainly we should minimize the activity, but telling everyone that they can't have spreadsheets on their laptops is likely impractical.
April 15, 2015 at 11:47 am
Steve Jones - SSC Editor (4/15/2015)
Eric M Russell (4/15/2015)
Walking around with your organization's production data, financial spreadsheets, or work email on your laptop is dumb in an age where VPN is an option and wifi is widely available.Having been someone that moves around a lot, I'll saw the wi-fi isn't widely available, nor is cell service always something that works. The performance is often too poor to analysis, much less development work.
However, I may be an edge case and it's possible things work better for others. Certainly we should minimize the activity, but telling everyone that they can't have spreadsheets on their laptops is likely impractical.
With Remote Desktop, it doesn't matter whether you're doing data analysis or development, it's just a screen scrape of a remote VM session. About the only thing that Remote Desktop isn't good for is streaming video, because of the latency and screen refresh rate.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
April 15, 2015 at 2:39 pm
Eric M Russell (4/15/2015)
With Remote Desktop, it doesn't matter whether you're doing data analysis or development, it's just a screen scrape of a remote VM session. About the only thing that Remote Desktop isn't good for is streaming video, because of the latency and screen refresh rate.
It does, however, matter if network connectivity is problematic. I have had my RDP sessions freeze and drop, which interrupts work. It's not a seemless experience at times.
There are needs for local copies. I find myself without connectivity, including in places like airports or on planes, where wi-fi connections or even personal hotspots don't work. Dense areas, like convention centers and even hotels, don't always have good enough wi-fi for RDP.
April 15, 2015 at 4:37 pm
Echoing Steve's issues with WiFi and spotty cell coverage. It's a constant frustration for me that everyone wants all their media streaming on their phones: 5 minutes away from my house and there's no cell coverage. If I can't download it, I don't want it.
I just got my work laptop configured for VPN. Works great on the work WiFi, works great on my home WiFi, won't pair with my iPhone over wireless. I'm hoping that I'll get configured for RDP at some point and then I can use my MacBook Air, which I know works with my phone. I've never had a problem with Microsoft's OS-X RDP client, the only issue that I've had is some minor keyboard mapping.
The one thing that I need to check is if my work laptop will pair if I plug in a sync cable with my phone, but I'm also supposed to get an Droid phone before I start extended road tripping, hopefully that will pair properly.
-----
[font="Arial"]Knowledge is of two kinds. We know a subject ourselves or we know where we can find information upon it. --Samuel Johnson[/font]
April 17, 2015 at 12:28 am
Jeff Moden (4/13/2015)
Wow! Seriously? People actually do that? Why the hell would ANYONE in their right mind trust such a person they've just met with their laptop? That's like handing them your wallet and expecting them to stick around. Just plain stupid.
Oh thank goodness!!! If I am paranoid and untrusting at least I am not alone.
Gaz
-- Stop your grinnin' and drop your linen...they're everywhere!!!
Viewing 15 posts - 31 through 45 (of 57 total)
You must be logged in to reply to this topic. Login to reply