Re: U.S. Border Laptop Search & Detention: NoSuspicionRequi red Under DHS Policies

["Tomas L. Byrnes" <tomb () byrneit net>]

Interesting, but the bigger issue really is: what is the appropriate
response from a corporate security standpoint? You have to assume that
any loss of physical custody of a system to the US govt. represents a
serious security breach, and therefore any system taken for inspection
should be treated as permanently compromised.

IE: If it's taken, don't turn it on again, turn it into the corp
security dept, who must hard wipe it, and audit the hardware (frankly,
wipe and donate to charity).

TSA/CBP staff don't get paid enough that the probability of your
competitors compromising them and targeting you is enough above zero to
be unconcerned, never mind any issues with the government.

Further, the fishing expeditions of guys like Eliot Spitzer that are
nothing more than a prelude to barratry are common enough that the
elimination of any avenue for such expeditions to get behind the
firewall, where the mass of data can be selectively filtered to prove
the point required to advance the political career, is a requirement of
proper governance.

 

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
On Behalf Of Hubbard, Dan
Sent: Friday, August 01, 2008 2:17 PM
To: Paul Ferguson; funsec () linuxbox org
Subject: Re: [funsec] U.S. Border Laptop Search & Detention:
NoSuspicionRequi red Under DHS Policies

As usual you heard it on FunSec first...

Introducing...

"Airpots" AKA "HoneyPort"

These are a combination of hardware and software based honeypots that
you take through the Airport. Assuming the local authorities take the
equipment they will log and trap all use of the machine.







-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
On Behalf Of Paul Ferguson
Sent: Thursday, July 31, 2008 11:49 PM
To: funsec () linuxbox org
Subject: Re: [funsec] U.S. Border Laptop Search & Detention: No
SuspicionRequi red Under DHS Policies

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -- "Paul Ferguson" <fergdawg () netzero net> wrote:

> Via The Washington Post.
>
> More:
> > http://www.washingtonpost.com/wp-dyn/content/article/2008/08/01/AR2008
080
> 103030.html

Oh, yeah -- I forgot:

Don't forget about about Magic Lantern -- that "inspection" of a laptop
could easily be used as an opportunity...

http://en.wikipedia.org/wiki/Magic_Lantern_%28software%29

:-)

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFIkrHBq1pz9mNUZTMRAkW9AKDLtreIS/N8Htd+Lh+0nPOshriV0ACfYgvv
dn7D5lmpaKsuosgm2tDajhU=
=61vA
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet  fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


 Protected by Websense Messaging Security -- www.websense.com 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

No virus found in this incoming message.
Checked by AVG - http://www.avg.com
Version: 8.0.138 / Virus Database: 270.5.10/1586 - Release Date:
8/1/2008 6:59 PM

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.