Re: [PLUG] Laptop recovery--useful data to collect?

JP Vossen on 14 Jul 2010 11:58:13 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Laptop recovery--useful data to collect?

From: JP Vossen <jp@jpsdomain.org>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] Laptop recovery--useful data to collect?

Date: Wed, 14 Jul 2010 14:58:02 -0400

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.9) Gecko/20100423 Thunderbird/3.0.4

On 07/14/2010 03:47 AM, JP Vossen wrote:
Date: Tue, 13 Jul 2010 22:01:52 -0400 From: Gordon Dexter<gordon@texasdex.com> Subject: [PLUG] Laptop recovery--useful data to collect? I'm setting up my Eee 901 netbook with a 'phone-home' type shell script that will collect various data in the event that it is stolen.
[...]
You know, I gave this some more thought and I think we've all gottencaught up in "cool problem solving" and have failed to ask a betterquestion, which is, why does this matter?

The laptop should have whole-disk encryption, thus the thief shouldnever be able to boot it up, thus none of these solutions should neverhave a chance to work.
So... Why isn't the laptop's data protected?
This was really brought out when readinghttp://ask.slashdot.org/story/10/07/12/2253218/Retrieving-a-Stolen-Laptop-By-IP-Address-Alonebecause that OP was tracking his stolen laptop via Thunderbird logginginto GMail via IMAP. Wait, WHAT?!? So you turn on this laptop, and itboots, auto-logs-in, and fires up TB all by itself?!? WTH!!!

My policy is that any laptop that could leave the house has whole-diskencryption and even if on but suspended, it asks for a (user) passwordon un-suspend. So how do these "phone home" tricks even matter sincethe OS and data should never be accessible to the bad guy in the firstplace?

(I get that in this particular case the laptop may have no data, andit's certainly a cool thing to play with. My point is that people *ingeneral* need to start taking the default stance of whole-diskencryption for "stored data in motion" and worry less about fancy tricks.)
Later, JP ----------------------------|:::======|------------------------------- JP Vossen, CISSP |:::======| http://bashcookbook.com/ My Account, My Opinions |=========| http://www.jpsdomain.org/ ----------------------------|=========|------------------------------- "Microsoft Tax" = the additional hardware & yearly fees for the add-on software required to protect Windows from its own poorly designed and implemented self, while the overhead incidentally flattens Moore's Law. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] Laptop recovery--useful data to collect?
From: Jason Stelzer <jason.stelzer@gmail.com>

Re: [PLUG] Laptop recovery--useful data to collect?
From: Gordon Dexter <gordon@texasdex.com>

References:

Re: [PLUG] Laptop recovery--useful data to collect?
From: JP Vossen <jp@jpsdomain.org>

Prev by Date: Re: [PLUG] likewise open question

Next by Date: Re: [PLUG] likewise open question

Previous by thread: Re: [PLUG] Laptop recovery--useful data to collect?

Next by thread: Re: [PLUG] Laptop recovery--useful data to collect?

Index(es):

Date

Thread