Slashdot Mirror

← Back to Stories (view on slashdot.org)

"Clear" Laptop Found, In the Same Locked Office

Posted by kdawson on from the never-mind dept.

jafo alerts us to an SFGate story reporting that the lost "Clear" Program laptop has turned up in the same office from which it was reported missing, but not in its previous location. "A preliminary investigation shows that the information was not compromised... The computer held names, addresses and birthdates for people applying to the program, as well as driver's license, passport and green card information. But, she said, the computer contained no Social Security numbers, credit card numbers, fingerprints, facial images or other biometric information... The information was encrypted on the server, but not on the laptop, although it should have been... However, it was protected by two levels of passwords." Reader jafo adds, "Pardon me if I have little confidence that an organization that loses a sensitive laptop for 9 days is able to tell if it was compromised."

5 of 264 comments (clear)

  1. Re:Sorry by $RANDOMLUSER · · Score: 5, Informative

    Trust me, if the bomb diffuses, things just got WAY worse.

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
  2. Re:Two Passwords? by jamesh · · Score: 4, Informative

    What could the second be? A BIOS password? Open it and pull the battery. Big deal.

    It could be a big deal. We do warranty and service work for HP hardware and in the past laptops have come in with BIOS passwords and we were not able to remove them. The password is actually part of the ATA protocol and so the disk is unusable without it, even in another machine. I think the only operation you can do is an ERASE. If you remove the battery then the BIOS forgets not only the BIOS password, but the disk password too.

    I'm sure there are backdoors for some drives, but the customer in question in this case certainly wasn't willing to pay for us to investigate it so the data was as good as lost.

    TPM, if implemented correctly, provides fairly good protection too. As does Microsofts BitLocker.

    Physical access reduces security by a whole heap, but if things are done right then it doesn't reduce it to zero.

    Of course as others have mentioned, an organisation that loses laptops like that probably isn't 'doing things right'...

  3. Re:Two Levels of Passwords? by Siener · · Score: 4, Informative

    You don't even have to remove the HD. If the data is not encrypted you can boot from a USB key or CD and just copy the files.

    --
    siener's youtube channel
  4. Re:Sorry by hansraj · · Score: 4, Informative

    Your (mysterious) reply prompted me to go to the far corners of the internet to learn that the proper word is "defuse". Words spoken like a true zen master - you don't get a clue unless you are already enlightened.

    Thank you.

  5. Re:Two Passwords? by sumdumass · · Score: 2, Informative

    A hard drive password wouldn't technically be encryption. It's just a level of access restrictions. It works with the firmware of the micro-controller board to regulate access to the device.

    If I remember right, swapping the control boards on identical drives and placing it in a different computer could get around that. There are some issues with that though, the the encryption places some code in the boot sector which if read by the drive's controller (on the drive, not the main board) will block access to the disk without the controler answering the code in however it does that.

    This is built into almost all drives and is part of the ATA spec. If it isn't present on your main board, it is likely that it just wasn't implemented in the bios your manufacturer used.