September 3, 2008 at 9:44 am
I would like to break this into the physical realm... 40 lap tops at 14"X12"X1" requires 3.888 cubic feet of storage space. Lets assume 5 business travel days a week equals is 19.444 cubic feet about 50 weeks a year (2 for vacation;)) 972 cubic feet.
Seems like a lot of space....
September 3, 2008 at 9:49 am
Those are pretty amazing numbers. I've never lost a laptop, though I did once leave my backpack with my laptop in it at the airport. Fortunately I realized what I'd done while I was in the parking garage, it was exactly where I left it.
Myself, I'd be pretty frantic if I lost my laptop at an airport. I'm thinking mainly of the inconvenience of getting a new one then spending a few hours doing updates and restores (new Mac OS installs update much faster than new Windows OS installs, but it's still a big PITB).
Apple patented an interesting piece of tech a couple of years ago. They digitally coupled the power supply with the laptop so that if the laptop is stolen, it can't be charged with a different charger. Presumably if you supply proper credentials to the OS, you could re-map a new charger to replace a defunct or lost charger. Sounds cool, but who knows when we'll see the tech.
Still, full disk encryption is definitely the best technique if you have to keep local data.
-----
[font="Arial"]Knowledge is of two kinds. We know a subject ourselves or we know where we can find information upon it. --Samuel Johnson[/font]
September 3, 2008 at 10:11 am
blandry (9/3/2008)
Can these numbers actually be correct? Your editorial states 10,000 lost each week at the 36 largest airports. That means on average 278 laptops per week, or roughly 40 laptops per day lost at the 36 major airports. As someone who travels a great deal through our country's major airports, I find those numbers questionable. Just sounds a bit too high - but, who knows, maybe so.
Well as of 2005 there were 87,000 flights per day in the U.S., 30,000 of which are commercial. So that is 210,000 flights per week. Even if were only an average of 20 people per flight and only 1 in 4 had laptops, that is still apprx. 1 million laptop-flights per week. So only 1% of them would have to get lost to account for those numbers.
Seems entirely plausible to me.
[font="Times New Roman"]-- RBarryYoung[/font], [font="Times New Roman"] (302)375-0451[/font] blog: MovingSQL.com, Twitter: @RBarryYoung[font="Arial Black"]
Proactive Performance Solutions, Inc. [/font][font="Verdana"] "Performance is our middle name."[/font]
September 3, 2008 at 10:11 am
Deeper in replies to Schneier's post, it would appear that the numbers are thoroughly discredited. Apparently this "study" was released the same day that Dell announced some new security products for laptops....
"Data doesn't add up on study of missing laptops at U.S. airports"
http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9107799&pageNumber=1
"'We consider this study very nonscientific,' said Sari Koshetz, a TSA spokeswoman, who added the study doesn't accurately reflect the number of laptops lost at TSA checkpoints. The TSA says that, nationally, about 75 laptops are reported lost or missing each month. More than 2 million passengers go through TSA checkpoints each day."
Or howabout this?
"Computerworld asked Miami International officials to provide what records they have on lost, missing and stolen laptops. Their data shows that for all of 2007, 68 laptops were reported stolen and 480 were turned in to the airport's lost and found. For its part, the TSA in Miami reported that in the 12-month period that ended May 31, it had received only 38 missing laptop claims."
-----
[font="Arial"]Knowledge is of two kinds. We know a subject ourselves or we know where we can find information upon it. --Samuel Johnson[/font]
September 3, 2008 at 10:14 am
Mind you, I do not know if these numbers are correct. I am just saying that they are reasonably possible. 😀
[font="Times New Roman"]-- RBarryYoung[/font], [font="Times New Roman"] (302)375-0451[/font] blog: MovingSQL.com, Twitter: @RBarryYoung[font="Arial Black"]
Proactive Performance Solutions, Inc. [/font][font="Verdana"] "Performance is our middle name."[/font]
September 3, 2008 at 10:24 am
My oldest two daughters (a senior and a freshman) go to a high school where every student is issued a laptop. They have a product installed that will locate a lost laptop within several feet, even if the system is wiped.
😎
September 3, 2008 at 10:36 am
Hmm...perhaps they should install those on the students, as well. 😀
September 3, 2008 at 11:34 am
I have read a few similar articles about the number of laptops lost in airports as well as just having them stolen from cafes, cars, etc. The company I work for does software consulting for nonprofit organizations. We travel quite a bit and I convinced my manager (with the help of the IT Manager) that the threat was real enough to encrypt client data. It started with just an encrypted folder on the laptop, but now we have moved to fully encrypting the entire laptop. We also taped our business cards to our laptops in hopes of helping to identify them if they are ever lost.
Of course the big obstacle is still people. I have encrypted everyone's laptop and we have rules that encrypted USB drives must be used to transport any company data between laptops or client computers when out of the office, but I constantly see people plug their personal, unencrypted USB drives into their laptop, copy a file for a client, then not think about it again. I have to nag them to even go remove the file from their USB drive and explain to them that if they forget to do that, we could end up in a news article some day and all be out of jobs because they forgot to delete a payroll report or something off a USB drive they were not supposed to be using in the first place.
I agree that hopefully a thief would see an encrypted drive and just wipe the laptop, but even if they don't and ultimately get to the data, I think at least taking steps to show you protected the data will help out from a business standpoint. I mean really, would you rather read an article in the newspaper saying that your personal info was now in the hands of a computer criminal because they cracked an encrypted laptop your company lost, or the same article that says you left your laptop at the airport, someone turned it on, and well, sorry but someone else now has your info. It was an accident?
September 3, 2008 at 5:00 pm
Sorry for the delay in responding, but great comments.
Mr. Schneier mentions that the numbers might be wrong, and there is some reporting that they are, but when you do the math, I'm not sure they are. It's not a tremendous amount of losses relative to the people going through. I sometimes wonder if airports want to under-report things.
In any case, it's an interesting discussion. I know if I lose my laptop while I'm in Boston this week, I'm probably moving on and ordering a new one when I hit Denver.
Follow me on Twitter: http://www.twitter.com/way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
June 20, 2013 at 9:00 am
You can use Truecrypt full (system) disk encryption on Windows partitions, and the built-in LUKS encryption on Linux partitions, both of which work well.
For USB sticks, data written to external hard drives, etc, I use some combination of TrueCrypt, KeePass, 7-zip AES encryption, or dedicated devices. For dedicated devices, I tend to prefer FIPS 140-2 validated devices - having someone other than the vendor validate that at least some flaws are not present is better than just taking a vendor's word for it.
Validated 140-1 and 140-2 cryptographic modules
4GB, 8GB, 16GB, and 32GB USB flash drives with built-in keypads:
http://www.apricorn.com//products/hardware-encrypted-drives/aegis-secure-key.html
FIPS validation #1876, validated to level 3.
500GB and 1TB USB2.0 external hard drives with built-in keypads:
http://www.datalocker.com/products/data-locker-enterprise-20.html
FIPS validation #1504, validated to level 1.
Viewing 10 posts - 16 through 24 (of 24 total)
You must be logged in to reply to this topic. Login to reply