Flutterby™! : Security

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

Security

2005-04-21 21:49:51.909631+00 by Dan Lyke 6 comments

BoingBoing pointed to video of U.C. Berkeley Professor Jasper Rine trying to flush a laptop thief out of his class. There's a transcript of the pertinent bits:

I'm not particularly concerned about the computer. But the thief, who thought he was only stealing an exam, is presently - we think - is probably still in possession of three kinds of data, any one of which can send this man, this young boy, actually, to federal prison. Not a good place for a young boy to be.

I've no sympathy for the thief, but as Rine[Wiki] goes on to detail the three classes of information that were left, allegedly unprotected, on this laptop: data from an NIH study, trade secrets from a biotech company, and notes from a pre-IPO company, I start to wonder if Rine[Wiki] himself doesn't need some heavy pressure from the interested parties. We don't get more details on what sorts of these secrets these were, or how the laptop was stolen, but that this allegedly confidential and valuable information wasn't better secured would make me nervous about, for instance, being involved in an NIH study; was there personal information there?

Hopefully the laptop will be recovered, but I'd also like to see a full investigation of what Professor Rine[Wiki] was doing carrying around this allegedly sensitive data in as unsecured a manner as he claims.

[ related topics: Bay Area security ]

comments in ascending chronological order (reverse):

#Comment Re: made: 2005-04-22 00:46:33.504716+00 by: Pete

If it's from NIH and therefore taxpayer funded, doesn't that make it public information?

For that and lots of other reasons, my bullshit detector is registering pretty strongly. For instance, it's 17 kinds of life or death data, but he can't be bothered to adjust his vacation schedule to secure its return? Somebody's spreading it pretty thick.

#Comment Re: made: 2005-04-22 01:27:11.086946+00 by: meuon [edit history]

I read the transcript. My BS detector kept hitting the red zone.

"ThiefWannaBe: Dude, I was just gonna use this for chatting and chick bait at the coffee shop... but the Prof says there is some kewl stuff.. Who can we sell this stuff to. Which side of the lawsuit is he on? Can we find the other lawyers? Dude: Naw man, lets just wipe it and play Everquest all night.. ThiefWannaBe: Yea.. Lawyers Suck. Screw Em All."

I think the Prof is just out a Laptop. - I hope he has to replace it out of HIS pocket - He'll never lose another one to an opportunistic thief.

#Comment Re: made: 2005-04-22 14:49:34.598741+00 by: Dan Lyke

I was willing to buy that the "transponder" talk was a brain-dead suit trying to describe what the IT guys were telling him about which WAP the computer was on, after all he is a biology professor, and I haven't tried to circumvent Microsoft's EULA, so I don't know how cautious they are about activations.

But it became really clear once he started grasping at the "two witnesses and a partial photo and we haven't arrested you yet" that it's a bad attempt at flushing out the thief.

On the NIH data, I can't imagine that that makes all data public, just the published stuff. Otherwise there'd be no way to participate anonymously in an NIH study. Although if Professor Rine is to be believed, there still isn't...

#Comment Re: made: 2005-04-22 16:56:25.908091+00 by: dws

If a wireless card is powered on and enabled, it's possible to track it by MAC address given the right access point hardware, even if the card isn't "connected" to an an access point. Given enough of the right gear, and the right software, you can do crude triangulation. The limiting factor would then be the availability and willingness of campus IT people to help.

#Comment Re: made: 2005-04-22 18:10:24.50427+00 by: topspin [edit history]

The reality of this makes us all realize how DAMN old we are. Biology 1A looks like freshman biology. Because this is the era of high-tech education and the professor's lectures are webcast, he got caught trying to intimidate/scare some wide-eyed, pimply, young kid who swiped his laptop. While Professor Rine's rambling appear to me to be like some Mom telling a kid that swallowed chewing gum will "stay in your tummy for years and years," I'll bet more than a coupla young'uns in the class thought: "Holy crap, I'd hate to be the guy who took that computer....."

#Comment Re: made: 2005-04-23 02:42:13.317136+00 by: ebradway

Haha! The guy's just trying to scare the student into bringing the laptop back to him. Faculty in Freshman classes try to strong arm kids all the time because most of them aren't bright enough to know otherwise.

As far as some of the details, I know at UTC, a small, back-water University compared to Berkeley, the WAP is able to monitor any wireless device and regularly logs the presence and approximate location. This is done mostly to shutdown unauthorized access points and encourage the use of encryption. The entire UT system, also, operates on a single key for Microsoft operating systems. There are codes that Microsoft doesn't track. I'm sure Berkeley does the same thing.