top | item 6236028

(no title)

gall | 12 years ago

Does anyone have experience with corporate policies regarding the movement of data through airports? I'm curious about the prevalence of the wipe everything and repopulate the hard drive via sftp at destination approach.

discuss

testbro|12 years ago

Travis Goodspeed gave a talk at 29c3 about forensic-resistant thumbdrives [1]. The idea is that the host OS can be fingerprinted by the pattern of reads it makes; the drive can return different data or erase itself if it looks like it's being imaged (sequential block reads).

Of course, you'd have to package your DIY thumbstick pretty carefully (and pot the PCB) for this to not look suspicious.

[1] : http://www.youtube.com/watch?v=qZtkANvDxZA

contingencies|12 years ago

Wiping properly is difficult. You would probably find it easier to simply purchase a disk at the destination (if you need bare metal performance), or use encrypted VMs for all work. Better yet, where at all possible, don't expect your people to move around, and allow them to work remotely from their chosen location. Good for the planet, good for (many technical) employees (most of the time), good for the security of corporate data.

viraptor|12 years ago

Encrypted VMs won't work in the UK. You can be told to give access to them and have to comply. It could work with deniable encryption, but that's not an option for current phones / tablets.