January 13, 2021 at 12:00 am
Comments posted to this topic are about the item Security in the Aftermath
January 13, 2021 at 9:42 am
I liked this article:
https://www.wired.com/story/capitol-riot-security-congress-trump-mob-clean-up/
Mail clients were left open according to this:
January 13, 2021 at 12:26 pm
My current employer, a state health agency requires all its employees to lock their computer when they leave their office space. The other past two employers that I worked for required the same of their employees. Locking my PC is second nature. I was taking an ethical hacking course at another state agency when the fire alarm sounded. I locked my classroom laptop before leaving. When we returned to the classroom, the instructor said that the fire alarm was not a test. They swept the floors looking for employees that did not lock their PC.
At one of those former employers, a coworker left his PC unlocked and what another coworker did was installed the BSOD screensaver. That was entertaining when Steve came back saw his computer doing a memory dump, rebooting, then crashing again. He was on the phone with the support desk when the guy that installed the screensaver, wandered by and said "Screensaver" and hit the escape key.
January 13, 2021 at 12:28 pm
One challenge I find is trying to get into the mindset of a person who does not observe rules, protocols and behaviours.
It cuts both ways. Someone who doesn't observe rules, protocols and behaviours probably struggles to understand why people get upset by violations. In some situations it is only when someone challenges a rule or established process that we actually think about the rule, its applicability etc.
It would never occur to me to hack a doorbell or imagine the theft possibilities of doing so, but people have done precisely that.
There's the difference between the spirit of the law and the letter of the law. We sign up to the spirit but the application and enforcement are on the letter. Bringing the letter into alignment with the spirit has kept the legal profession and politicians occupied before King Solomon was born. There are always edge cases.
January 13, 2021 at 1:00 pm
Many places now have a group policy that when a PC goes inactive for 5 minutes it will automatically lock.
January 13, 2021 at 2:31 pm
"I used to hate taking out the trash from a computer room I worked in, but I now appreciate that allowing cleaning staff into that space might not have been a good idea in a nuclear power plant."
Steve, your comment here brings to mind one subtle threat to security and privacy that I have been aware of for decades. My wife and I have shared a home office for over 40 years while she ran a business and I did off-hours support as a DBA. As we work with our data and that of others, even with multiple monitors on several systems, there is always some paper laying around that contains unsecured data. The tendency is to just toss the paper into the waste basket and send it out with the trash.
Even things like paper billings often give away two of the three security items since they contain accounts numbers and often email addresses that are used for logins to private accounts, leaving only the password unknown.
Another one that comes to mind is my constant use of sticky notes to jot down things I need to remember for a few minutes. Looking in front of me, I see a sticky note that contains the account numbers for four accounts.
We have always kept a paper shredder in our office and use it faithfully. It is close at hand and prevents our personal information from going into the public.
Rick
Disaster Recovery = Backup ( Backup ( Your Backup ) )
January 13, 2021 at 3:33 pm
I ought to get a shredder. We don't put trash out (a truck collects our dumpster), but I suppose that's still a potential issue.
Group Policy is good, but timing is everything, especially if someone is walking by. I built the habit years ago to lock things, and while I don't do it at home, I still am good about locking my machine in a conference center if I walk 20ft to get coffee, or in the Redgate office, if I fill up at the water cooler. I'm not privileged in many things, but I am in some.
January 13, 2021 at 3:44 pm
Yes, at work we were TOLD many times lock your PC when you leave your office. The group policy is the catch all. Granted, it won't stop all eyes and hands on a keyboard maliciously. However, it does help for the ones that leave at the end of the day and forget to log off or shutdown.
January 13, 2021 at 3:59 pm
I ought to get a shredder. We don't put trash out (a truck collects our dumpster), but I suppose that's still a potential issue.
Group Policy is good, but timing is everything, especially if someone is walking by. I built the habit years ago to lock things, and while I don't do it at home, I still am good about locking my machine in a conference center if I walk 20ft to get coffee, or in the Redgate office, if I fill up at the water cooler. I'm not privileged in many things, but I am in some.
I don't lock my PC at home either; it's just my wife and me. In the office, locking my computer is something that I've done since 1997.
January 13, 2021 at 4:58 pm
A boss I had was famous for walking through the area and if he saw an unlocked machine, he'd hit <ctrl><alt>arrow to rotate the developers screen and then lock it. Eventually, everyone got to the point of locking their PC when they got up.
January 15, 2021 at 7:03 pm
Madame Pelosi's laptop was stolen. Are PCs or devices used by members of Congress have some form of (FTE) full disk encryption enabled? For government issued devices, someone in the IT security department could have remotely locked down the devices as well?When the rioters exited the building, there should have been 1,000 national guard troops waiting outside to arrest them - but that totally didn't happen. There is so much about that day that doesn't make sense. It seems to me like Capitol security were told by someone to give the "protestors" some space and not to escalate the situation - but then the protest turned into a full scale riot that they were not prepared for.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
January 15, 2021 at 7:14 pm
A lot of the rioters appeared to have smart phones - which they were using to video record their escapade. The FBI could subpoena location data from Google, Apple, and internet service providers to place people inside the building and even follow them back home.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
January 15, 2021 at 8:08 pm
This isn't about the attack on the capital, but the danger of every device inside the capital after the attack. Finding the people responsible doesn't necessarily negate the issues of trust with devices.
January 15, 2021 at 8:45 pm
It may be some time before the full impact of any tech comprises from the Capitol insurrection are made clear. Stolen laptops, passwords, hidden cameras or recording devices may have been installed, emails stolen, keyloggers or other malware installed, and on and on and on. Physical security was compromised so severely that I don't see how any device or account can be considered safe. Probably would need to:
I'm sure there are dozens of other things that security and forensics experts can think of as well.
-- webrunner
-------------------
A SQL query walks into a bar and sees two tables. He walks up to them and asks, "Can I join you?"
Ref.: http://tkyte.blogspot.com/2009/02/sql-joke.html
Viewing 14 posts - 1 through 13 (of 13 total)
You must be logged in to reply to this topic. Login to reply