Computer Crime Research Center

You are about to join the

Discussion : Data loss a global endemic as Canadian Health Agency admits to Major Hack

Discussion is closed !

Total 1 comments

2007-12-01 08:07:09 -
I have been in IT since 1962 (IBM STRETCH) and have seen it all before.
Gov dept A gets in outside Consultants who devise custom database.
Another gov dept, B, does same with different consultants.
Data exchange doesn't work, so only way to transfer data is
1/ Use hacking tools to extract data from A to give to B (my preferred method, it ALLWAYS WORKS only too well).
2/ Use CDs/DVD/pen drives to transfer the data, which seems to be the method used in the UK.

Now I would have use more "illegal software" gnuPGP with a 4000 digit key, on top of triple DES if it was really secret (all freeware with Published source code). However I am sure that really secure freeware is probably not on the list of approved software so I wouldn't have been able to use it, offically at least.
Even this isn't 100% safe as I have a large collection of keyloggers, some written by myself, that will grab the 3 IVs and 3 Keys of 3DES and the PGP passphrase, and anybody with 250 USD to spare can get a hardware keyboard logger, on line, no questions asked, that even the doziest cleaner can install on a target PC, not to mention "rubber hose cryptobreaking!"
Really anything on networked PCs isn't really safe. Many times I have found that so called secure systems are easy to break into if you can get either physical access or coerced staff ("The 3Bs;"Bribe, Blackmail and/or beat up!")

Total 1 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo