Sunbeltblog comments
Absolutely pathetic.
Then again, I do think ANYONE using a laptop should use a "whole disk encryption" software (and a reliable one, with a good password!). The chances of a laptop being stolen or lost are just too high, and the personal information stored on a computer is just too much (even where people have no idea it can be retrieved).
Even when people think they have no valuable data for a "bad guy" on a laptop, the opposite is usually true.
I would hope that people don't even have sensitive data on a laptop. VPN or remote into a secured server to get it.
You know what's funny? Most people know absolutely NOTHING about physical computer security. It's absolutely unbelievable the amount of absurdity you can read on this subject.
A lot of people think that a hacker needs to crack the "login" password to read/modify data on a computer.
People start arguments such as "I found a flaw in a program: if you have physical access to the machine..." (see http://www.wilderssecurity.com/s....php?p=617402);
I can't stress this enough: physical security is a whole different matter than remote access security. If a cracker has physical access to a computer, unless the WHOLE DRIVE IS ENCRYPTED, he can do ANYTHING he wants. And even if the whole drive is encrypted, it's very hard to protect the data (a hardware keylogger can be hidden where you least expect it, malicious hardware parts might have been added, etc).
Yup!
Alex, I don't think there is a day that passes that there is not a security breach story to post. Today, it is the Agriculture Department that has been compromised. I wonder if people become desensitized to these stories after a while - it is a common every day happening now.
A portable device with vital information obviously poses a major security threat. But sometimes simply not using a laptop is not an option. Business trips require business documents and files which in turn require the use of laptops.
Companies, and private parties, need to take appropriate measures to make sure confidential documents on laptops are secure. Passwords are the first step, but software that actually locks your files so only you can access them is much more effective. So whether the laptop is locked in an administrative office or is left easily accessible to theives, the FILES still remain secure.
Mila, I hope what you are linking is whole-drive encryption, not simple file encryption. File encryption is ok to protect documents if a laptop is being stolen, it is NOT ok to protect documents if a laptop can be accessed by malicious users "in the office". If a malicious user can access the unencrypted disk, he can easily plant an "invisible" backdoor, or an "invisible" keylogger, and decrypt the documents the next day with the information gathered by it. All he needs to do is detach the hard drive and attach it do another computer.
"All he needs to do is detach the hard drive and attach it do another computer."
I mean to plant the keylogger (in case he doesn't know the login password), of course.
I am fair convinced that they're inside jobs--to ascribe this all to coincidence is just pulling the wool over your eyes.
Reporter Wayne Madsen claimed recently that all of these laptop thefts were happening in order to circumvent the Privacy Act and help the government build databases on people.
Most people would just call that crazy talk, but I tell ya, after covering this issue for months, one has to wonder.
"If you don’t have the data in the first place, it can’t be stolen."
That's an interesting way of rewording "Ignorance is bliss". :P
"I wonder if people become desensitized to these stories after a while - it is a common every day happening now."
Personally I'm still waiting for the general public to actually become sensitized in the first place.
The NSA/CIA/TLA/whoever start getting phone records that are useless in generating convictions against previously-innocent people but are great ways to find patters and locate people they've been monitoring for a while and the world (read: America and its bedbuddies Australia & England) are in an uproar.
An auditor loses a CD on a plane that contains personal data of a few hundred thousand people which is MORE than enough information for each to have their identity stolen ... and the only people I see batting an eyelid are those who already gave a hoot about security.
By the way Cath, love the site. 
Frankly, it's much sadder to have this happen.
Synopsis: Guy sells broken laptop on eBay. Thinks he's pretty smart, until the guy at the receiving end, annoyed at being scammed, realizes the seller sent him a hard drive full of data. NSFW.
Just a question, does anyone know of any good software for whole hard drive encryption? Is there any freeware equivalents? Any review/comparisons of each of them. So far, I have been able to find a few reveiws in isolation, but none really comparing the various products on the market.
Commenting by HaloScan
