SoylentNews is people
SoylentNews
A desktop computer and hard drive stolen from the University of Washington Center for Human Rights stored sensitive details of human rights violations in El Salvador and a lawsuit against the Central Intelligence Agency:
Sometime between October 15-18, the office of Dr. Angelina Godoy, Director of the University of Washington Center for Human Rights, was broken into by unknown parties. Her desktop computer was stolen, as well as a hard drive containing about 90% of the information relating to our research in El Salvador. While we have backups of this information, what worries us most is not what we have lost but what someone else may have gained: the files include sensitive details of personal testimonies and pending investigations.
This could, of course, be an act of common crime. But we are concerned because it is also possible this was an act of retaliation for our work. There are a few elements that make this an unusual incident. First, there was no sign of forcible entry; the office was searched but its contents were treated carefully and the door was locked upon exit, characteristics which do not fit the pattern of opportunistic campus theft. Prof. Godoy's office was the only one targeted, although it is located midway down a hallway of offices, all containing computers. The hard drive has no real resale value, so there seems no reason to take it unless the intention was to extract information. Lastly, the timing of this incident—in the wake of the recent publicity around our freedom of information lawsuit against the CIA regarding information on a suspected perpetrator of grave human rights violations in El Salvador—invites doubt as to potential motives.
We have contacted colleagues in El Salvador, many of whom have emphasized parallels between this incident and attacks Salvadoran human rights organizations have experienced in recent years. While we cannot rule out the possibility of this having been an incident of common crime, we are deeply concerned that this breach of information security may increase the vulnerability of Salvadoran human rights defenders with whom we work.
(Score: 4, Interesting) by Hyperturtle on Friday October 23 2015, @04:54PM
Wasn't Germany looking to avoid the use of TPM chips due to the inherent lack of security they have? The users cannot control who has the keys to it.
Windows 10 even copies related keys for bitlocker to their servers by default. When I have reluctantly* used bitlocker due to employer requirements, I have always saved that key to several local physical items. USB connected storage, for example. Then a copy goes to whoever at the employer that demands it.
*Note that this is not me doing this to my own hardware as a consultant at a place I am doing a project for; it is on hardware they issued to me. Reluctance can be due to TPM itself, due to having a 5600rpm laptop hard drive with an i7 processor in the laptop and the system is at 100% disk activity once the queue depth reaches about 2.0, or that the bitlocker approach is simply a "we read a white paper and the security team says this is how to secure everything" and then no further efforts are made to prevent remote access into a decrypted drive, etc.
In any event, there are few low hanging fruits to protect against state sponsored activities such as this. True security has true costs associated with it -- time, convenience, financial, and people. Often, the biggest enemy one can have is one's own behaviors.
Encryption is no magic bullet for security, just as RAID is no backup for data. Both are tools to achieve a goal but are not the tools to achieve the broad goal of data security. However, if they used something else, in addition to or instead of (discussion of which would be out of scope of this reply), it's possible it could slow down or stop the information gained from the disk drive.
The real problem here is not the loss of data. Assume it can be obtained if the powers that be would like to have it. It is that an unknown party will be able to know what they know, their past plans, their current plans, their proposed actions, and everything documented on that drive that helps influence their decisions.
It would have who their contacts are, where they live, phone numbers, email addresses, etc.
If the drive is readable, that data is now all available for use.
You can consider it to be piracy, if you want to look at it that way. Nothing was stolen as they still have their data. But the damages are beyond financial in this case, due to the loss of the information security they previously had. It would have been more favorable for them in some regards to have lost their only copy and not had a backup. At least, then, there would be no chance for their enemies or adversaries to gain insight from it.
A total loss may very well have been highly preferable.
If this was a state sanctioned activity, then next time I'd expect that someone would make (or replaces) the drive with a forensic image, depending on the time available and if it was encrypted. If they are going to steal it and not draw speculation like this to themselves, then the laptop will smoke next time and the data on that drive will have already been made unrecoverable. Maybe just enough would work to boot into windows, bluescreen, then self destruct. It takes effort to pull off because a great number of details must be considered -- serial number, disk model, positioning of everything in the room, and careful check to make sure someone didn't leave dust out to get fingerprints to see if anyone was tampering with things. Someone with what appears to be a very messy office or room might have a very secure room by design. It could be that coffee cup never moves because it's on top of something that no one is supposed to be touching. If you make it easy, expect them to take it easily.
i mean its not like we havent read articles on usb stick laptop friers or self destruct modules or devices that melt away at specific heat levels. introduce something like that, or just a drive rigged to fail...
Warranty repair, quite depending on vendor and country this happens, will find nothing wrong considering they likely already honor government requests. It will take longer than usual to get the answer that it cant be fixed, would you like a new one...in fact mr person of interest, why not a whole new high end laptop with the latest OS? For being such a good customer...