Mailinglist Archive: opensuse (1620 mails)

< Previous Next >
Re: [opensuse] Fresh 13.2 install fail - two problems - help please
On 11/09/2014 10:00 AM, jdd wrote:
Le 09/11/2014 14:16, Anton Aylward a écrit :
On 11/09/2014 02:38 AM, jdd wrote:

most thief looks about the computer, not it's content

What do you mean by that?
Are you saying that computers are stolen for the hardware value alone?

yes. Mosth thief do not even know what a computer is :-(

Even spelling corrected I think that is a ridiculous and unsupportable
statement.
It may have held even in the closing years of the last century, but
today, even in obscure parts of the world, I don't think its true.


Perhaps the view that the computer was more valuable than its contents
held in the last century and holds in the minds of many judges in the

enterprises may have valuable data not to be stolen and use encryptiàon,
but most of the peoàple do not even backup they Hard drive. I nearly any
week have such call "my drive do not read, help".

I'm not denying the Joe Sixpacks of the world, who obviously do know
what a computer is, are lax about backups. I'd bet there are people on
this forum who are lax about backups.

But I've also met many corporations & business enterprises that have
poor backup/restore policy, and what's the point of a backup if you
can't do a restore? And encryption, as many who have surveyed this
matter (q.v, go google) is not widespread in business.


around me, many computer where stolen, but through windows let open, or
luggage, or office wrekked

That sounds to me like poor physical security and opportunistic theft.
I've had my phone stolen at a computer conference where I knew many of
the people; someone just walked by, picked it up and walked off with it.
Its why I encrypt & lock my phone. Recall what I said about "portable
media"?

A great deal of personal theft goes on in offices & the workplace, but
that too seems to be opportunist: money, purses, wallets ... I once had
a camera stolen from a drawer. Management attitude varies over such
pilfering, often they don't want to investigate as it might prove that
they hired thieves.

But in all of this the theft of the "device" is about something with
immediate resale value.

no one for data mining (not to say this do not exist)

Its long been observed that e-theft is more profitable and lower risk
than robbing a bank or store for cash or jewels. That doesn't stop the
latter, but its a different class of their and, according to police
presentations I've attended, different motivation. Any targeted theft
involving a physical computer is more likely to be about the contents.
After all, computers are getting to be commodity items and easily stolen
devices have a comparatively low resale vale on the street.

Data, such as PII and CC# is a different matter; it is easily bulked and
removed. So what if each CC# is only worth a couple of $. When you
trading tens of thousands and can sell each multiple times, that makes
more sense. You can't sell a stolen laptop multiple times.

As for corporate encryption, well, there are quite a few regulations
that advise or mandate it, but , but the reality is that either
enterprises get it wrong or it doesn't work as intended. We've seen
recently how retailers such as TARGET, even though "PCI Compliant", and
this isn't the PCI of old, this is up top date, are still vulnerable.

In the sources of DotSigQuotes that Henne tells me not to use here, I
once found this:


"Security can be viewed like a construction scenario - build
part of a road, and even if and even if you don't complete it,
you still have something to drive on; build part of a bridge
and you have nothing! Security is like the last."

That's the point with security. Encryption is well and good ... As part
of an overall security plan an implementation. Then again, physical
security, preventing your phone, laptop from being stolen, vetting your
employees and all the rest, are also parts of the overall security plan
and implementation.




--
A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting frowned upon?

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups