Last month there were two thefts from people connected to Slovene president Janez Drnovšek. Each time there was a computer (with possibly sensitive data) stolen among other minor valuable things. After first theft the police immediately issued a notice that the theft probably isn’t related to the president, rather that it was a coincidence. After the second theft they immediately claimed the same, plus that two incidents aren’t related. Even though they didn’t have a clue who was behind the thefts and what were the reasons at that time. Isn’t that really brilliant crime investigation from our police? Here comes even more fascinating investigation conclusion.
After a while they arrested a couple of drug addicts that stole one of the computers and sold it to another person. But here comes the witchcraft touch: the police says the data wasn’t compromised in any way. How can police be so sure that nobody copied the harddrive or stolen the data in some other way – the computer was missing for weeks? Are they using some alien surveillance technology?
Statements like that certainly don’t add to police credibility, do they?
They’ve learned from an independent reliable source that the computer had not been used in days and when they opened it they couldn’t find anything.
Can I open another question? 🙂
What is (potentially) sensitive data doing on a laptop at all (or unprotected)?
I know, I know – I usually ask the hard questions 🙂
Miha
Hey Miha,
You are totally correct. However, I am not sure those were laptops (perhaps they were) and you know the usual user, who sticks the password on the monitor….But even if the data was protected, how could anybody know, that it wasn’t copied and decrypted?
Hi Miha 🙂
According to publicly available information (http://24ur.com/bin/article.php?article_id=3093886) they stole two (?) laptops.
To answer your question. If someone was after the data on the laptops (and they know what they were doing) there is no (!) valid way to tell if anything was copied from these laptops. In this case you must (should!) assume that all the data on the laptops was compromised.
If data was encrypted my main question would be what was used for encryption. EFS? Something else? If EFS was used then my next question would be how strong is user password? Was it blank or easy to guess? EFS (on Windows 2000 and XP) is just as strong as user password protecting the user profile that holds the private key.
This is actually a global problem. I read almost daily, news about stolen laptops that held sensitive information.
In Japan top secret military secrets leaked by personnel that exchanged disks (?) that they thought was containing pornography material (http://www.asahi.com/english/Herald-asahi/TKY200704020115.html).
And this not only a problem with laptops. Let us not forget about all the USB drives that can hold a lot of sensitive data… (and if we immediately notice stolen laptops – how long will it take users to notice stolen or missing USB keys).
Ah, OK, so those were laptops (I wasn’t sure). Well, yes, it was a sort of rhetorical question and I guess we agree on the fact that it is impossible to know what our police knows.
The consequence of such police statements are quite horrifying though and I see two scenarios or perhaps a combination of both:
a) they don’t have a clue about computers
b) they are bending the truth (read lying) to please the public or even worse, to protect somebody
Either way, how would one trust such a reliable police in any case? Note that if you get accused of something (perhaps crossing the road where there is no pedestrian crossing) and only proof is police(wo)man word against yours, guess whos word prevails…
I am not really concerned about jaywalking and other minor offenses (specially where I only put myself in danger). I am concerned about other (harder to prove or prosecute) crimes. E.g. crimes involving computers.
I am pretty sure that if you know what you are doing you can get away with just about anything (and if not – a good lawyer can sure help out).
We still have problem accepting hacking (or even just attempt of hacking) as a crime (any kind of hacking – e.g. with or without monetary reward(s))). For test — you can just “attempt” to rob a bank and see how well you get off… So where is the difference between these two? That I might have a gun when I attempt to rob a bank? But it is just a plastic one? :-). Trust me 🙂 I can do more “damage” over the network then “in person”… 🙂
The difference is in perception and police task forces around the world still have problems with intangible evidence (not to mention chain of custody, forensics involved in such prosecutions…). These days anyone can be a cyber criminal from safety of their homes or unprotected WiFi access point, while police/prosecutor human resources are still very much limited with cases that they (think they) understand…
Absolutely, I only gave an example where it starts.
Wow, I could have written this blog post b/c, the same Cover Your A55 story was used by officials at the VA here in the states. A computer laptop was stolen with the detailed info of 25+ million people. They had a precise number which was very suspicious to begin with. Then they waited a few days to announce it. Then a few weeks later they discovered the laptop and sure enough, they were positive none of the data was ever looked at. How convenient. I’m sure the theives must have promised them they didn’t look at the data and that’s how they figured it out.
At least bureaucrats use the same BS whatever country they are in.