Re: More on caching and logging

On Sun, 29 Apr 2007 14:09:57 -0400, geefive wrote
(in article <290420071109575641%geefive@xxxxxxxxxxx>):

In article <1hxc2d1.1xk4ugl1irnga3N%mikePOST@xxxxxxxxxxxxxxxxxxxxx>,
Mike Rosenberg <mikePOST@xxxxxxxxxxxxxxxxxxxxx> wrote:

geefive <geefive@xxxxxxxxxxx> wrote:

Um, if someone is using your computer and, therefore, in a position to
run this software, you have a much bigger problem...

You can't be too careful these days. No matter who you are. Do you
think that the definition of law enforcement means just governmental
agencies, or do you think it also includes corporate security
personnel? Faith-based organizations? The media? Airport security
morons? Your neighborhood association? Your landlord? A hotel/motel
you stay at? Your child's school?

Um, you completely missed my point. Of course anyone can use that
software. To do so, however, they have to be sitting right there at
your computer. If someone is in that position against your will, you
have a much bigger problem than just computer security.

I got the point. There are many reasons for someone to use my computer
without my permission.

If it's _my_ personal computer, there are none... unless it comes with a
warrant. In which case my lawyer will do my talking for me.

Say if I take it through airport security and
they decide to take it to another room for a quick look.

They don't go into a different room with _my_ machine without _me_, not
without a warrant, anyway.

Turning the machine on in my presence is, of course, different.

If they have a warrant, you have problems other than them looking at your
stuff...


Is it a
stretch to think that they might make a copy of my drive to look at it
later?

It'd take rather a while to do that. It takes literal hours to copy large
amounts of data. Besides, there's ways around that. My main Mac desktop at
home does not have anything other than the OS, the installed apps, and
anything which might be in the Library, such as fonts. The contents of my
home directory is on another drive entirely. (Several other drives, actually,
certain of which are accessed over the network.) Stuff I gotta take with me
is encrypted, and on a 120 GB USB travel drive... which ain't kept in the
same bag as the laptop. The laptop's got the OS, and apps, and maybe an ebook
or something like that to read while; my data is elsewhere. And, no, it's not
because I fear the Feds, it's 'cause I fear laptop thieves. If the Feds want,
they can search that laptop to their heart's content, there ain't nothing on
it and there never was anything on it that they could show the least interest
in. Ditto my desktops. Search away, little Feddies... while I get a lawsuit
aimed at your sorry asses.

Later on, maybe, when an employee or even the janitor makes a
copy for himself and then contacts my competitor to sell my new product
ideas/plans or my customer lists?

Kiddo, if I have physical access to the machine and a few hours to work with,
I don't _need_ your keychain. I could, for instance, carry in another Mac,
and boot your Mac up in FireWire Target Disk Mode... and copy every damn
thing off it. (Yes, even if you turn on FileVault. FileVault just makes
things harder, not impossible.) The advent of this tool makes no difference.
For one thing, FileVault will make it near impossible for that tool to work
unless, as other have said, the intruder is already logged in as you.

Now, if you put your stuff elsewhere, when I boot into Target Disk Mode it's
kinda hard to get your stuff 'cause _it ain't there_. And if your stuff is
encrypted, then even if I find where you put it, I'm gonna have a problem
reading it 'cause it's... encrypted. And not with something that uses
KeyChain.

Or keeps me off a flight because I
read Drudge Report and sometimes link through that site to a website
they think is liberal or is a foreign source (which would make anyone a
suspect these days)? Or if my kid takes my home computer to school and
it's his day to have his locker searched?

FileVault, a good password, and a good lawyer are your friends.


"Will," as in "against your will," counts for nothing these days. Our
will, collective or individual, does not exist anymore. It's assumed
that you are doing something wrong if you say you don't want to be
searched because you're a person who would like to enjoy the
traditional benefits of the Bill Of Rights,

One place I worked at once started a policy of searching employee vehicles as
they left the premies. I started a policy of parking my car outside the gate.
I was joined in that policy by several dozen people, including my manager.

without regard to being a
person who has something to hide or not. And what if you _have_
something to hide? Like my medical records and personal ID data?

Encrypt it and put it on another drive. Problem done.


So, I guess it might be interesting to know if Apple Computer made it
possible for this intrusive device to be invented. If that's the case,
then they have been telling lies for a long time about security. I'd
rather think that Apple is as shocked as I am about this and that
they'll issue some updates to negate this new development.

You didn't comment on Apple's participation in this. It might be more
important to know if Apple approves/cooperates than to know of the
existence of the intrusion device. I can't imagine the development of
it violates an Apple patent or copyright. And what happens to Apple's
reputation for security when everyone with a "connection" or a
dreamt-up security "need" has a device? Is Apple Computer going to
deny involvement in this under some sort of "gag order?" Listen to
their response (if any), like, "We're not allowed to say if we had
anything to do with this." And why were there no rumors about this
device before it was put on the market? So many questions, so few
answers.



--
email to oshea dot j dot j at gmail dot com.

.

Relevant Pages

  • Re: More on caching and logging
    ... or do you think it also includes corporate security ... Refusing to boot up is a felony. ... I was going to run down some process involving hard drives ... Apple did to implement this new product or will they allow it to be ...
    (comp.sys.mac.system)
  • Re: More on caching and logging
    ... drives. ... When people who use Macs because of better security find ... Apple already supply sufficient facilities to block many of the ... really secure modes makes the computer harder to use. ...
    (comp.sys.mac.system)
  • Re: More on caching and logging
    ... or do you think it also includes corporate security ... have a much bigger problem than just computer security. ... possible for this intrusive device to be invented. ... important to know if Apple approves/cooperates than to know of the ...
    (comp.sys.mac.system)
  • Re: The Myth of the secure Mac
    ... > 1) You fail to apply necessary recommended security patches after ... > I agree that the Wintel world could take a few pointers from Apple as ... > price, not quality or engineering excellence. ...
    (comp.sys.mac.advocacy)
  • US-CERT Technical Cyber Security Alert TA06-275A -- Multiple Vulnerabilities in Appl
    ... Multiple Vulnerabilities in Apple and Adobe Products ... These vulnerabilities affect both Intel-based and PowerPC-based Apple ... Apple has released Security Update 2006-006 and Mac OS X 10.4.8 Update ...
    (Cert)