Re: More on caching and logging

In article <0001HW.C25A8E290044A22AF0284648@xxxxxxxxxxxxxxxxxxxxxx>,
J.J. O'Shea <try.not.to@xxxxxxxxxxx> wrote:

On Sun, 29 Apr 2007 14:09:57 -0400, geefive wrote
(in article <290420071109575641%geefive@xxxxxxxxxxx>):

In article <1hxc2d1.1xk4ugl1irnga3N%mikePOST@xxxxxxxxxxxxxxxxxxxxx>,
Mike Rosenberg <mikePOST@xxxxxxxxxxxxxxxxxxxxx> wrote:

geefive <geefive@xxxxxxxxxxx> wrote:

Um, if someone is using your computer and, therefore, in a position to
run this software, you have a much bigger problem...

You can't be too careful these days. No matter who you are. Do you
think that the definition of law enforcement means just governmental
agencies, or do you think it also includes corporate security
personnel? Faith-based organizations? The media? Airport security
morons? Your neighborhood association? Your landlord? A hotel/motel
you stay at? Your child's school?

Um, you completely missed my point. Of course anyone can use that
software. To do so, however, they have to be sitting right there at
your computer. If someone is in that position against your will, you
have a much bigger problem than just computer security.

I got the point. There are many reasons for someone to use my computer
without my permission.

If it's _my_ personal computer, there are none... unless it comes with a
warrant. In which case my lawyer will do my talking for me.

There's theft. And there's stealth. And law enforcement has many
tactics and options we rarely hear about. If you invite them into your
home, you invite them into your computer, and I believe it's a felony
to refuse to boot up, unless you want to talk to your lawyer when you
are in jail and your computer is in the property/evidence room. Geeze,
there have to be hundreds of scenarios where your computer is in
jeopardy of being used without your permission. Like if you go away
for the evening or weekend and your kids have a party. How many
mothers in law will want one of these devices? Heh heh. Think about
that one.

Say if I take it through airport security and
they decide to take it to another room for a quick look.

They don't go into a different room with _my_ machine without _me_, not
without a warrant, anyway.

Turning the machine on in my presence is, of course, different.

If they have a warrant, you have problems other than them looking at your
stuff...

They don't need warrants anymore. If you enter an airport and buy a
ticket, you have established a contract permitting a search with or
without your consent. Refusing to boot up is a felony.

Is it a
stretch to think that they might make a copy of my drive to look at it
later?

It'd take rather a while to do that. It takes literal hours to copy large
amounts of data. Besides, there's ways around that. My main Mac desktop at
home does not have anything other than the OS, the installed apps, and
anything which might be in the Library, such as fonts. The contents of my
home directory is on another drive entirely. (Several other drives, actually,
certain of which are accessed over the network.) Stuff I gotta take with me
is encrypted, and on a 120 GB USB travel drive... which ain't kept in the
same bag as the laptop. The laptop's got the OS, and apps, and maybe an ebook
or something like that to read while; my data is elsewhere. And, no, it's not
because I fear the Feds, it's 'cause I fear laptop thieves. If the Feds want,
they can search that laptop to their heart's content, there ain't nothing on
it and there never was anything on it that they could show the least interest
in. Ditto my desktops. Search away, little Feddies... while I get a lawsuit
aimed at your sorry asses.

That sounds fine on the surface of it, but my understanding is
different. I won't go into it, but you'd better not rely on some
sequence of events that includes your lawyer later rather than sooner,
and refusing to boot won't help because it's against the law, same as
it's against the law now to refuse to open the trunk of your car.

Later on, maybe, when an employee or even the janitor makes a
copy for himself and then contacts my competitor to sell my new product
ideas/plans or my customer lists?

Kiddo, if I have physical access to the machine and a few hours to work with,
I don't _need_ your keychain. I could, for instance, carry in another Mac,
and boot your Mac up in FireWire Target Disk Mode... and copy every damn
thing off it. (Yes, even if you turn on FileVault. FileVault just makes
things harder, not impossible.) The advent of this tool makes no difference.
For one thing, FileVault will make it near impossible for that tool to work
unless, as other have said, the intruder is already logged in as you.

Exactly. I was going to run down some process involving hard drives
and utilities, blah, blah, blah, but I'm writing a lot today and have
concentrated on fending off Mr. Rosenberg's claims that I'm an
irrational nutcase as well as repeatedly asking the question about what
Apple did to implement this new product or will they allow it to be
sold without challenge if they did nothing. Oh, and how will they deal
with people who might feel like this product compromises their personal
data.

Now, if you put your stuff elsewhere, when I boot into Target Disk Mode it's
kinda hard to get your stuff 'cause _it ain't there_. And if your stuff is
encrypted, then even if I find where you put it, I'm gonna have a problem
reading it 'cause it's... encrypted. And not with something that uses
KeyChain.

Yes, I understand that now. It wasn't a concern to me before, so I
haven't put a lot of thought into what I'm going to do now.

Or keeps me off a flight because I
read Drudge Report and sometimes link through that site to a website
they think is liberal or is a foreign source (which would make anyone a
suspect these days)? Or if my kid takes my home computer to school and
it's his day to have his locker searched?

FileVault, a good password, and a good lawyer are your friends.

If only it were that simple. But I see what you mean.

"Will," as in "against your will," counts for nothing these days. Our
will, collective or individual, does not exist anymore. It's assumed
that you are doing something wrong if you say you don't want to be
searched because you're a person who would like to enjoy the
traditional benefits of the Bill Of Rights,

One place I worked at once started a policy of searching employee vehicles as
they left the premies. I started a policy of parking my car outside the gate.
I was joined in that policy by several dozen people, including my manager.

Have you been to an FAA regional office lately? Geezo peezo! Search
the car on the way in, needing to make an appointment before showing
up. Scanning your driver's license, fill out a questionnaire, the FAA
employee you need to see is called down and must accompany you
throughout your visit (even to the rest room), and he has to escort you
down to turn in your temporary badge and a security officer escorts you
out (not to, but out) the door. And Mr. Rosenberg thinks _I'm_
paranoid.

without regard to being a
person who has something to hide or not. And what if you _have_
something to hide? Like my medical records and personal ID data?

Encrypt it and put it on another drive. Problem done.

Well, to tell you the truth, these matters were not of much concern to
me prior to this morning when I saw the story I posted at the top of
this thread. The fact that they have this device in responsible hands
is not going to bother me much, either, except that once it's out
everyone who really wants one will have it.

So, I guess it might be interesting to know if Apple Computer made it
possible for this intrusive device to be invented. If that's the case,
then they have been telling lies for a long time about security. I'd
rather think that Apple is as shocked as I am about this and that
they'll issue some updates to negate this new development.

You didn't comment on Apple's participation in this. It might be more
important to know if Apple approves/cooperates than to know of the
existence of the intrusion device. I can't imagine the development of
it violates an Apple patent or copyright. And what happens to Apple's
reputation for security when everyone with a "connection" or a
dreamt-up security "need" has a device? Is Apple Computer going to
deny involvement in this under some sort of "gag order?" Listen to
their response (if any), like, "We're not allowed to say if we had
anything to do with this." And why were there no rumors about this
device before it was put on the market? So many questions, so few
answers.

I meant to say "I can't imagine the development of it doesn't violate
an Apple patent or copyright."
.

Relevant Pages

  • Re: More on caching and logging
    ... or do you think it also includes corporate security ... (Several other drives, actually, ... possible for this intrusive device to be invented. ... important to know if Apple approves/cooperates than to know of the ...
    (comp.sys.mac.system)
  • Re: Idea OSX for OS9 user ..
    ... I didn't know the Apple key worked for this. ... I only recommend FW as it's a better protocol to use for a boot drive - ... with USB! ... USB works so badly for drives that you probably won't see much ...
    (uk.comp.sys.mac)
  • Re: Need help with securing a local workstation
    ... > components/Windows Explorer to hide and disable drives, ... Depending on your security ... > password protect the cmos settings and again be sure the case is locked. ... > Also be sure to disable cdrom autostart and configure cmos to boot only ...
    (microsoft.public.win2000.group_policy)
  • Re: More on caching and logging
    ... drives. ... When people who use Macs because of better security find ... Apple already supply sufficient facilities to block many of the ... really secure modes makes the computer harder to use. ...
    (comp.sys.mac.system)
  • Re: Shall an Unidisk 3.5 connected to IIGS smart port, boot troubleless?
    ... However If i use the unidisk together with an Apple 3.5 drive and boot ... I've 3 IIgs but also some apple 3.5 drives for them. ...
    (comp.sys.apple2)