funsec mailing list archives
Re: U.S. Border Laptop Search & Detention: NoSuspicionRequi red Under DHS Policies
From: "Tomas L. Byrnes" <tomb () byrneit net>
Date: Fri, 1 Aug 2008 18:07:44 -0700
Interesting, but the bigger issue really is: what is the appropriate response from a corporate security standpoint? You have to assume that any loss of physical custody of a system to the US govt. represents a serious security breach, and therefore any system taken for inspection should be treated as permanently compromised. IE: If it's taken, don't turn it on again, turn it into the corp security dept, who must hard wipe it, and audit the hardware (frankly, wipe and donate to charity). TSA/CBP staff don't get paid enough that the probability of your competitors compromising them and targeting you is enough above zero to be unconcerned, never mind any issues with the government. Further, the fishing expeditions of guys like Eliot Spitzer that are nothing more than a prelude to barratry are common enough that the elimination of any avenue for such expeditions to get behind the firewall, where the mass of data can be selectively filtered to prove the point required to advance the political career, is a requirement of proper governance. -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Hubbard, Dan Sent: Friday, August 01, 2008 2:17 PM To: Paul Ferguson; funsec () linuxbox org Subject: Re: [funsec] U.S. Border Laptop Search & Detention: NoSuspicionRequi red Under DHS Policies As usual you heard it on FunSec first... Introducing... "Airpots" AKA "HoneyPort" These are a combination of hardware and software based honeypots that you take through the Airport. Assuming the local authorities take the equipment they will log and trap all use of the machine. -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Paul Ferguson Sent: Thursday, July 31, 2008 11:49 PM To: funsec () linuxbox org Subject: Re: [funsec] U.S. Border Laptop Search & Detention: No SuspicionRequi red Under DHS Policies -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- "Paul Ferguson" <fergdawg () netzero net> wrote:
Via The Washington Post. More:http://www.washingtonpost.com/wp-dyn/content/article/2008/08/01/AR2008
080
103030.html
Oh, yeah -- I forgot: Don't forget about about Magic Lantern -- that "inspection" of a laptop could easily be used as an opportunity... http://en.wikipedia.org/wiki/Magic_Lantern_%28software%29 :-) - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFIkrHBq1pz9mNUZTMRAkW9AKDLtreIS/N8Htd+Lh+0nPOshriV0ACfYgvv dn7D5lmpaKsuosgm2tDajhU= =61vA -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. Protected by Websense Messaging Security -- www.websense.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.10/1586 - Release Date: 8/1/2008 6:59 PM _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: U.S. Border Laptop Search & Detention: No Suspicion Requi red Under DHS Policies Paul Ferguson (Jul 31)
- Re: U.S. Border Laptop Search & Detention: No SuspicionRequi red Under DHS Policies Hubbard, Dan (Aug 01)
- Re: U.S. Border Laptop Search & Detention: NoSuspicionRequi red Under DHS Policies Tomas L. Byrnes (Aug 01)
- Re: U.S. Border Laptop Search & Detention: No Suspicion Requi red Under DHS Policies Rob, grandpa of Ryan, Trevor, Devon & Hannah (Aug 01)
- Re: U.S. Border Laptop Search & Detention: No SuspicionRequi red Under DHS Policies Hubbard, Dan (Aug 01)