Confidential data & Windows apps
Francesco Metalli
NT 4, running Office 95/97.
No connection with the Internet, no floppy drive on user stations, no
connection to any external network. Not possible to install any application,
no administrative rights, no CDROM.
Only export possible via monitored station, with floppy drive, controlled.
Four eyes principle in place, file monitoring access in place,
compartimentalised access in place.
You want to export confidential info, undetected.
What do you do?
Looking forward to your answers
Francesco Metalli
--
Jim Watt
Dave Mundt
On Tue, 12 Jun 2001 18:42:58 +0200, "Francesco Metalli"
<fmet...@hotmail.com> wrote:
Well the first thing you DON'T do is post to a very public
forum with your intentions!
Regards
Dave Mundt
Francesco Metalli
There is a purely scholastic exercise, theoretical at 100%.
Still looking forward to your answers
Regards
Francesco Metalli
--
"Dave Mundt" <xmu...@esper.com> wrote in message
news:3b265218...@basic.bs.webusenet.com...
Eric Lee Green
Hash: SHA1
On Tue, 12 Jun 2001 18:42:58 +0200, Francesco Metalli <fmet...@hotmail.com>
wrote:
My posting about the sloppiness of Microsoft save formats should have
been A Clue.
I will let you work it out for yourself, I feel no need to hand-feed
you when I have already given you a good approach.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7Js5b3DrrK1kMA04RArulAJ9auOKp48Hgef4z3JT24ROp5LTKtwCfbypu
2y+Wl62BcqVu/mu/Ixvrutg=
=F8OV
-----END PGP SIGNATURE-----
Francesco Metalli
references also on the Technet online, and other sources. The implications
are clear.
I also received 'armed attack', 'social engeneering' and 'digital camera' as
other possibilities.
I am seeking additional ideas, concepts, possibilities.
Although purely theoretical, I hope you all find this subject interesting.
Computer security & protection of confidential information is for me a very
fascinating discussion point.
So... anybody with new ideas?
Thank you for your polite answers, and for the continuation of this
interesting conversation
Kind regards
Francesco Metalli
--
"Eric Lee Green" <er...@badtux.org> wrote in message
news:slrn9idji...@ehome.inhouse...
Sami Hult
> NT 4, running Office 95/97.
> Four eyes principle in place, file monitoring access in place,
> compartimentalised access in place.
I would record the electromagnetic radiation on specific wave lengths.
An CRT (cathod ray tube) monitor can be read even from a distance. If
you have a receiver and a demodulator, you should be able to save the
data on some media. So then you only read the data on monitor and don't
even try to save it on a floppy.
Sami Hult
> I would record the electromagnetic radiation on specific wave lengths.
Try to seek for "TEMPEST" on search engines.
Francesco Metalli
consider immediately.
Good shot, thanks.
Any other idea?
Kind regards
Francesco Metalli
--
"Sami Hult" <"hultman-$$$-"@freenet.hut.fi> wrote in message
news:3B273642...@freenet.hut.fi...
e t e r s h e r w o o d @home.com Pete Sherwood
news:9g5gqq$60de7$1...@reader03.wxs.nl...
> Suppose you want to export confidential information from a system, based
Win
> NT 4, running Office 95/97.
Assume the information (ill-defined!!!)
that will be "exported" (ill-defined!!!)
will be in one or more of the Office 95/97 apps?
[editorial note: its all we really have to go on so far : ]
> No connection with the Internet, no floppy drive on user stations, no
> connection to any external network. Not possible to install any
application,
> no administrative rights, no CDROM.
Hmm, where did the additional system(s) come from?
And why?
The first statement (and ongoing clarification wihtin the newsgroup)
indicated that there was
1) a hypothetical desire
2) to "extract"
3) "confidential information"
from
4) "a system"
> Only export possible via monitored station, with floppy drive, controlled.
> Four eyes principle in place, file monitoring access in place,
Define "four eyes principle in place"
(or watch the Thomas Crown Affair and you may get it!)
Define "file ..."
(and tell us how often these files are monitored)
(also tell us how long one has to acquire said unknown-quantity of
information)
(etc., etc., etc...)
> compartimentalised access in place.
Define (Clearly and specifically!)
>
> You want to export confidential info, undetected.
And hypothetically speaking,
you don't care if you get sent to prison?
And hypothtically speaking, you don't mind if someone finds out who you are,
architects and engineers something similar to all these ideas presented TO
YOU.
And then pulls it off.
And makes it look like its you who dunnit?
Hypothtically, of course!
> What do you do?
Hypothetically?
Place someone with a photographic memory since the
(still-ill-defined-by-you) information
are simple Office documents
(defined by me cuz this whole thing exercise is so non-real-world at this
point and needed some reality built into it!!!).
Have them in a position
that allows for viewing of all the information necessary
to complete this hypothetical exercise.
> Looking forward to your answers
> Francesco Metalli
Really FM,
get a life!
or a job!
or what-ever it takes
to get some real-world experience
and not waste 6 NG's bandwidth with not-very-specific and ill-defined
exercises.
Isn't that what you go to school for?
Pete
PS: Sorry to all you annoyed people in all of the NG's this is X-posted to.
Perhaps FM will get the hint!!!
Francesco Metalli
result.
Any other ideas, if possible making use of a weakness of the computer system
as described?
Kind regards
Francesco Metalli
PS. Pete, I am sorry, not interested in a flame. I will not respond to your
unrequested comments and suggestions given outside of the scope of the
original question...
--
"Pete Sherwood" <p e t e r s h e r w o o d @ h o m e . c o m> wrote in
message news:soWV6.114451$Be4.35...@news3.rdc1.on.home.com...
Matt Poepping
If it has a sound card, you could write a program in Qbasic (comes with nt)
and then bring in a minidisk player and have the data played out the line
out on the sound card to the minidisk player (1 = high beep 0 = low beep).
Then when you get home you play the music back and have the data.
(if somone is watching these stations, you could have a spliced head phone
jack, so it just looks like your trying to listen to a cd)
Agenda Computing has a little device called the Agenda, its a pda that runs
linux, you can open up hyperterminal, and connect to the box, and past the
info to it (this will only require a serial port)
getting even more out there with qbasic, you could design a circuit that
records blinking light , and then have a qbasic program read a file, and
flash the screen so the device could read the data to its storage unit. (I
had a watch that did this, I think casio made it.)
Casio also make a watch that can take pictures, Not sure what your data is,
but it could take pictures of it (stores 100 pictures).
Matt
Jimi Thompson
with it.
Dave Mundt <xmu...@esper.com> wrote in message
news:3b265218...@basic.bs.webusenet.com...
Eric Lee Green
Hash: SHA1
On Tue, 19 Jun 2001 21:22:07 -0500, Jimi Thompson <JI...@prodigy.net> wrote:
>Buy a palm pilot and an omni sky modem. Synch the palm and just walk out
>with it.
In secure environments a palm pilot would not be allowed past the
security guard. Even a cell phone wouldn't be allowed past the
security guard. Basically, anything electronic gets stopped at the
door. Probably even a clock radio, so don't even think about hiding
something inside a boom box or other electronic gadget and bringing
it in that way.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7MKyu3DrrK1kMA04RAm9aAJ44fio7CIPrnm90csO5gb92LZ39lQCgi3OY
1h8dURDmpfEx/4PvzuOUyOU=
=slUm
-----END PGP SIGNATURE-----
Jim Agnew
Eric Lee Green
Hash: SHA1
On Wed, 20 Jun 2001 12:59:53 -0400, Jim Agnew <Ag...@hsc.vcu.edu> wrote:
>hhmm.. howabout a small parallel port drive, in your shoe??
>Eric Lee Green wrote:
>> security guard. Basically, anything electronic gets stopped at the
>> door. Probably even a clock radio, so don't even think about hiding
You must wear big shoes :-).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7Mf9o3DrrK1kMA04RAsFzAJ9vrNjWin7/AL26xOe/eKNZycOArQCfW5ba
WnlyjUZSJW7vIKY/5tuWb9c=
=DOlI
-----END PGP SIGNATURE-----
Jimi Thompson
palm pilot would be small enough to be easily concealed and could be the
information out (IR) over short distances.
What about Furbys and their ilk? Perhaps its electronics disguised as a toy
or some other sort of object.
You also assume that the other person isn't an accomplice. Bob and Alice are
both required in order to access certain files. Bob wants to sell the files
to the Russians. Bob gets Alice to cooperate with him. Bob and Alice quit
and retire to the Bahamas.
Many printers have network access and IR ports these days. I might not be
able to hack the system I'm working on, but maybe I could use my smuggled
Palm to hack a printer and sniff traffic that way.
Is there a time limit? If I am really determined I can bring equipment in a
few bits at a time and assemble it in my spare time.
Jimi
Jim Agnew <Ag...@hsc.vcu.edu> wrote in message
news:3B30D689...@hsc.vcu.edu...
Eric Lee Green
Hash: SHA1
On Thu, 21 Jun 2001 21:46:07 -0500, Jimi Thompson <JI...@prodigy.net> wrote:
>What about a PCMCIA hard drive? or a flash card? or a laptop hard drive? A
>palm pilot would be small enough to be easily concealed and could be the
>information out (IR) over short distances.
>
>What about Furbys and their ilk? Perhaps its electronics disguised as a toy
>or some other sort of object.
There were news reports that the CIA even confiscated Furbys at the
door of their HQ. You might be able to slip a Furby or large stuffed
toy past the donut-munching rent-a-cop at a typical private business,
but for a truly secure environment that's not going to work. Same deal goes
for PDA's and mobile phones.
>You also assume that the other person isn't an accomplice. Bob and Alice are
>both required in order to access certain files. Bob wants to sell the files
>to the Russians. Bob gets Alice to cooperate with him. Bob and Alice quit
>and retire to the Bahamas.
Heheh. The old "who's watching the watchers" gig :-). Yeah, corrupting the
rent-a-cop at the door is probably not too difficult for "secure"
private businesses. Hell, for half of them you buy them a 6 pack of beer
and they're your buddy for life. (The other half are in AA and will get
quite upset with you for doing so :-).
>Many printers have network access and IR ports these days. I might not be
>able to hack the system I'm working on, but maybe I could use my smuggled
>Palm to hack a printer and sniff traffic that way.
>
>Is there a time limit? If I am really determined I can bring equipment in a
>few bits at a time and assemble it in my spare time.
That is a possibility, I guess. Especially with flexible printed circuits and
other such things now easily available. I can imagine a t-shirt that is
actually a fully functioning computer! I'm sure that truly secure
environments have some way of detecting that you're smuggling in small
electronic devices, but we civilians will probably never know what
those are (I suspect the closest I will ever get to a secure environment
is the visitor's center & museum a few miles away, which has some neat
displays I hear).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7M1FA3DrrK1kMA04RAnt+AKCIGTp9Q2uQ8cdbWbZn6nDPxfXZswCgl68G
XqbKHBn+Khm/bdcCgrMm5Kg=
=gsOM
-----END PGP SIGNATURE-----
Janne Tuukkanen
> I also received 'armed attack', 'social engeneering' and 'digital camera' as
> other possibilities.
Why the camera should be digital? Pure plastic micro camera with
high density film could be hided almost anywhere. Its ability to
store information would be far superious compared to any(?) digital
device, and it would not generate any electromagnetic radiation
which could be caught.
JanneT
--
Janne Tuukkanen Fools ignore complexity
ja...@projannet.port5.com Pragmatists suffer it
Simple Script Security: Some can avoid it
http://projannet.port5.com/ Geniuses remove it - A.J.Perlis
Jim Watt
<ja...@projannet.port5.com> wrote:
>Francesco Metalli wrote:
>> I also received 'armed attack', 'social engeneering' and 'digital camera' as
>> other possibilities.
>
> Why the camera should be digital? Pure plastic micro camera with
>high density film could be hided almost anywhere. Its ability to
>store information would be far superious compared to any(?) digital
>device, and it would not generate any electromagnetic radiation
>which could be caught.
>
> JanneT
True, just that its easier to get it back in a computer from a
digital camera, and the lenses on small cheap cameras are
not suitable for short distance work and the digital ones work
with lower light levels - no good using a flash on a screen.
liquidkey
er...@badtux.org (Eric Lee Green) wrote in message news:<slrn9idji...@ehome.inhouse>...
Lenny T
these particular files used by you quite regularly? I'm trying to get
around the suspicion of you opening files that you wouldn't normally
use. Why don't you print them off? BTW, in Office if you right click
on a document it doesn't show up as being open.
As for the camera idea, it depends what lengths you want to go and how
much your prepared to spend? The camera idea also depends whether your
under constant physical scrutiny. I take it you work in some form of
defence related industry then??
"Francesco Metalli" <fmet...@hotmail.com> wrote in message news:<9g5gqq$60de7$1...@reader03.wxs.nl>...
JKS
monitor serves as, in another closeby discrete location. Port output of
receiver to laptop (perhaps using A/D converter)
Bring the file up on the screen; if it's text, use the type command;
otherwise the MS Office app that created it.
Take screenshots of laptop screen.
"Jim Watt" <jim...@nospam.gi> wrote in message
news:67u9it8sfqil1hsft...@4ax.com...