Discussion in 'The Intelligence Cell' started by HVM_Boy, Jul 20, 2004.
The heart of the site is the forum area, including:
Not suprised, common sense and JSP 440
Anyway if you go into any HQ staff officers have a form of dyslexia, they cannot read the following signs no matter how big the font is.
NO MOBILE PHONES
NO USB RAM DEVICES
hehe go on deny it!!
Like Disco says, its common sense.
The mp3 playing ability of the ipod is something of a secondary function, at the end of the day, its just a bloody great hard drive - and to that end, is moreover a data storage device. Imagine how valuable up to 40 gigs of coporate date would be to a competitor? I think industry and the MOD are right to be worried.
Having said that, banning them wont stop people bringing the things into work. Denying the ability to use it on the system is a better answer, and a security minded organisation would have locked down the USB, Firewire, Floppy and CD Drives in such a way that removal of data wasnt an option. Besides, if somebody copied several gigs of the company database across the network onto their ipod, you would hope that it was audited in some way. They need to get it right at grass roots level, nobody seems bothered about the amount people print out, i'd say thats harder to control than locking down USB ports.
Surely another way is to control the data flow in & out of a system with a product along the lines of disknet.
Having heard some of your complaints about disknet over the years monkey, i'm surprised to hear you sticking up for it. It may have something to do with the stop in the west end for the course and the quality of their gizits?
Hows the leave going mate?
Where I work the USB ports are disabled / blocked on the Class network. Was the same at my last base. Not a difficult thing for the geeks to do and seems to work. No problems. Another scare story from a company and a person wanting to make a name for themselves. What crud.
Boney............The point was along the lines of disknet (lower case!).
Leave going great..........Went for scan today with wife, all OK!
Thats good news mate, fingers crossed for you all. Also, i know your on the payrole of Reflex, dont deny it.
Al Jazeera a bit quick off the mark there, the story had only broken a few hours before in The Register http://www.theregister.co.uk/2004/07/13/mod_bans_ipods/
We do need to worry about what can be taken out on external devices. Not every network in Defence is clamped down by a private company in response to their contractural obligations.
Some of the worse ones are those operated in house.
I'll stick my head above the parapet here and say that disknet does have a part to play. But like all the other sys admin jobs, checking sys, and boundary protection logs, and account currency, you need the time or manpower to do the job properly.
Don't just worry about what your users could take out, think what they could bring in on a floppy as well: http://www.nessus.com
With the ease that you can gain entry into secure places and still keep hold of you mobile, the camera function comes in real handy. Remember those Gucci 007 style spy cameras disguised as a pen? Well now they're disguised as a phone. Secret documents, plans, and other good hard copy are all an easy target for the camera phone. You could transmit the pictures to your Russian masters via picture messaging and erase the contents before anyone had a chance to challenge you.
Metal detectors at every enatrance, body searches?
Oh what fun....
I know one of the problems with mobile phones is their ability to compromise TEMPEST. Apparently screen data can be recovered from the carrier wave, though I don't know how practical it is to do so.
hmm I believe the only threat to TEMPEST from a mobile phone is when said staff officer is talking to the Mrs in the middle of a breifing.
It is the ambient noise of a red area that is compromised.
The actual "leakance" of a mobile that is not off hook is marginal at its very worst.
Aside from tempest there are two other issues in the "COTS" security arena.
Active phones can be tracked as a commercial service available to anyone:
There are firms that can doctor a phone identical to yours, that make it live even when you have switched off. Someone only needs your phone for the time it takes to switch the SIM over.
Now that's just some of the stuff at open source
I saw that demo'd not long back. A Nokia 6110 that is doctored to appear to be switched off, but can be phoned and the call is answered. The mobile then transmits anything said to the person who phoned the number. Quite clever really, and available for a few quid. Quite worrying really. It wouldnt get around an RF scan of the room, because although it appears to be off, it isnt. But a nice bit of kit.
I have seen that demo also recently in Humps in the bar at the School of Signals - could it be the new mobile blocking device - Ahh yes that new thing whats it called
Separate names with a comma.