Paranoia, laptop and border

Posted on September 1, 2008 by wunderbarb

Holiday season is finishing. Business travels will start again. If you are paranoid about your sensitive data then you may worry when crossing some borders such as US or UK. Border officers are allowed to scan your computer, download data and even cease it for further investigation. They may look for any type of infringements such as pornography, copyright infringement and of course terrorist documents.

If you are seriously paranoid (and even if you are serious about security), then you will have encrypted your hard disk. This is good (if well done) against theft but not against inquisitive border officers. They will ask your password. And you will have to give it unless you are ready to risk computer ceasing or even refused to enter the country.

Thus, if you want your sensitive data to be safe for paranoia sake, for confidentiality reason, or for privacy (pick up your choice), some tricks:

Securely delete everything you do not want to be viewed. Do not forget the tons of temporary files and cookies that are stored by software. I usually uses CCleaner.
I would recommend encrypting sensitive data in discrete non obvious locations. The chances that the officer will spot it are lower. Do not use my xxx directories.
One important action is to switch off the computer before crossing the border. The sleep mode leaves a lot of data available for forensic tools.
Even better is to store the sensitive data in encrypted format on removable media such as USB sticks or even better memory cards. Memory cards have a small form factor that you may easily “hide”. Most modern laptops have such card readers. And even if they find it, they will cease it rather than the laptop. If your password is strong,
The optimal solution is to use a VPN. In that case, all sensitive files will be securely stored on your company’s network rather than on your computer.

I must confess that my computer was never scanned at any border. Nevertheless, several people reported this type of scanning. Only once, when entering a US federal building, I was asked to switch on the computer to test it was not fake.

Your feeling?

Back to security

Posted on August 31, 2008 by wunderbarb

<KENOX S1050 / Samsung S1050>” width=”600″ height=”377″ /><br />
Holidays are over. :Sad:<br />
I took this picture during our travel. I find it summarizes nicely security. How would you title it? Add your proposals through comments.</p>
<p>Soon news from August.</p>
</div>
</div>

<footer class= Posted in Uncategorized | Leave a reply

I’ll be back on 1st September

Posted on August 10, 2008 by wunderbarb

MINOLTA DIGITAL CAMERA

Blocking theft of cycles using RFID

Posted on August 8, 2008 by wunderbarb

In UK, an interesting experiment, called WASP, uses RFID against theft of bicycles. Kryptonite designed a lock equipped with RFID and a motion sensor. The concept combines several elements:

The lock
A detector of RFID that covers a zone
A CCTV system that covers the same zone.

If ever the lock is moved, it activates the RFID. This is detected by the RFID readers which trigger a signal in the CCTV central. It is then possible to visualize who is trying to steal the bike.

The more constraining part of the system is the activation of the system. When the user stores his bike, he has to phone to a central system to indicate the identification of the area of protection. This starts the protection phase. When the user wants to take back his cycle, he has to phone back to the central system before unlocking the bike. WASP system is currently being tested at the University of Portsmouth.

Law 6 is once more interesting. As could have been expected, many people are already not anymore activating the phone call. The lock being blinking, they expect it to be deterrent enough. The activation phase seems to me very constraining. You will have two types of false positive: people who inadvertently move the bike, thus the lock, and of course the owner who forgot to call back to trigger deactivation.

In any case, an interesting combination.

To learn more, a presentation and the operator SOS Response

Adobe fake flash player

Posted on August 7, 2008 by wunderbarb

A new worm seems to use social engineering to install malware. The worm asks to load a newer version of Adobe Flash Player and of course provides a link to this upgrade. The upgrade in fact is a fake one with real malware. The social engineering part is nicely done because it uses one of the most freely available software in the world (Adobe Flash Player) and nobody knows when an upgrade is available. Today, it is extremely current to upgrade the installed software.

Adobe proposes the following remedies:

Load upgrade and installers only from adobe.com site
Verify that the installer is signed with a certificate belonging to Adobe.

The two remedies are very good ones that should be generalized to every installation. Although they have some limits:

It is rather common to download installation from many sites that are not the sites of the developing team. It is less convenient to search for the issuer site than take the first site offering it. For instance Adobe Flash Player is available in many places. I tried to search on Google France. Fortunately, the first site proposed was adobe.com. But I found many other ones. Should I trust them?
How many people are able to analyze a digital certificate? Furthermore, some very respectable companies use expired certificates or with an unknown root certificate.

Once more, we end up with the need to educate users. A lot of work to do here.

Security and Prospect Theory

Posted on August 6, 2008 by wunderbarb

Which choice would you take:

500€ sure gain or a 50% chance of winning 1.000€?

About 85% people will take the sure gain.

Which choice would you take:

500€ sure loss or a 50% chance of loosing 1.000€?

About 70% people will take the risky loss.

This is a result of the economic theory called Prospect Theory. In an article, Bruce Schneier applies it to the problem of selling security products. When faced to purchasing a security product, the customer is in the position of choosing between a sure loss of money (the price of your product) and the risky loss he/she may incur in case of an exploit. The theory shows where the purchase mood will go. He proposes two methods to bias this natural trend:

Increase the feeling of fear which give a feeling of higher probability of the risk
Package (hide ?) security with other features that provide a perceived gain.

I would add a third one: Educate your customer. Use real figures and facts. Avoid the fear strategy that is neither ethic neither trustful.

Definitively a must read article. It is available at CIO: How_to_Sell_Security

I have now to read the seminal work of Kahneman and Tversky on Prospect

Security Newsletter #10 is available

Posted on August 5, 2008 by wunderbarb

This quarter, our guest is Ton Kalker from the HP labs. Ton is well done in the content protection community and many topics such as watermark or interoperability of DRM.

Dekun explains how to retrieve redacted information on classified documents. Arnold and Uhlrich introduce the captchas. Olivier and Patrice describe an anonymous P2P: Freenet.

Enjoy the reading and do not hesitate to comment.

The blog of content protection

A site managed by Eric Diehl