General Musing

blaze your trail

Posts Tagged ‘crime

Masterclass ‘Security’ – Hackner Security Intelligence #crime

leave a comment »

Last Saturday I was invited to go to a Physical Security Workshop organized by Independent Films to promote the movie Flypaper. The workshop was given by Thomas Hackner of Hackner Security Intelligence, an independent security auditing company.

The workshop started with a large amount of statistics on the current rates of crime in Austria, and a discussion of the methods by which property crimes are commited. Next there was some practical analysis of the security measures which are currently implemented in securing different classes of objects – houses, office, secure facilities, etc – and the various security measures that are implemented to ensure a certain level of security.

And as with any workshop there was a destructive and non-destructive practicum for most of the items discussed: windows, doors, locks, chains and social engineering. Besides from lockpicking and designing tools to circumvent security non-destructively, we also got to break into a door by destroying the lock and manually manipulating the locking mechanism.

It was great fun!

Image source: Daniël W. Crompton

Advertisements

Written by Daniël W. Crompton (webhat)

October 24, 2011 at 10:11 am

Posted in amsterdam, environment, event, law, security

Tagged with ,

Just Finished Reading: Bloody River Blues #books

leave a comment »

Bloody River Blues

Bloody River Blues is a book by Jeffery Deaver which came from a second hand book store with another stack of Deaver books, when I arrived home I realized that I shouldn’t’ve bothered buying it – I already had a copy. When the mood strikes me I will often walk into a second hand book store and buy a stack of books by one known author or a stack of books from many different unknown authors.

John Pellam is an independent location scout who continually finds himself in trouble of some sorts, which is often connected to a woman. This time Pellam is not scouting for locations for an unmade movie, he is wrapping up the scouting for a movie which is being made. After witnessing a shooting he becomes the victim of over zealous police, and FBI. In the Lincoln Rhyme series you read an idealized view of the police, in the location scout series the police are often an incompetent mess or worse.

A good way to pass the time.

Image source: Amazon

Written by Daniël W. Crompton (webhat)

July 15, 2011 at 4:55 pm

Posted in books

Tagged with , , , , , ,

6 Months of Security Links #2011

leave a comment »

I’m a regular curator of daily links, and like to give overviews of my collection of curated links and posts. This is partly as there are some good sources and articles in here and as I am working on a research project which I started based on a number of books I read.

I’m sure you’ll find something interesting in the items below – there are some gems in the list – and I dare to hazard the guess you might learn something you wanted to know. 🙂

Read the rest of this entry »

Written by Daniël W. Crompton (webhat)

July 15, 2011 at 4:10 pm

Posted in tagging

Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Proof of Concept: RAM Disk for your own Protection #police #law #government

with one comment

Museum Boerhaave – 1930 Wiess electromagnet

In continuation of my article: Data Erasing for your own Protection I got into a discussion about other ways to protect you data from law enforcement.

I was told by a former law enforcement member that after the crime scene has been secured that the the computer tech checks the computer is functional and then has the equivalent of a mover ship the computer, like a box, to the computer lab. The issue with this being that a mercury switch and power source could be used to zap the computer with the needed Gauss to erase/destroy the hard disk.

Another method would be to use a RAM Disk, whether this is a physical[1] or virtual RAM Disk. The first has the advantage that in the case of a brownout the data is saved for X hours, although this could be a disadvantage too, another disadvantage is that you may have a memory limit which is imposed by the hardware. The advantage over the physical RAM disk is that a higher amount of memory can be allocated, although you don’t get the protection from brownouts.

Important to also remember is that there is also a data remanence with data in RAM[2], which also should to be mitigated. This may be possible by passing an electric charge over the memory to erase them, although I have yet to find relevant references.

A third method may be by raising the temperature of the hard disk to above the Curie Point[3], which with effect the magnetics of the disk. I will need to investigate this more too.

Embedding part of the computer in epoxy still applies to all the above.

  1. Gigabyte I-RAM DDR PCI Virtual RAM Disk Drive SATA W/ Backup Battery – backup power lasts ~16 hours and it supports 4Gb RAM.
  2. Data remanence: Data in RAM
  3. Curie Point

Image source: Michiel2005

Written by Daniël W. Crompton (webhat)

January 23, 2011 at 8:51 am

Proof of Concept: Data Erasing for your own Protection #police #law #government

with 6 comments

Museum Boerhaave – 1930 Wiess electromagnet

I’ll describe the problem I think that you have: You have data stored on computers which you don’t want the police or the governments to have, something that cryptography can not protect, as XKCD so eloquently puts in the cartoon below. You are not the only one: internet companies; financial institutions; churches; organizations working for freedom; lawyers; criminals and innocent individuals all need to protect themselves.

It’s possible to use something like Darik’s Boot and Nuke (DBAN) which is a self-contained boot disk that securely wipes the hard disks of most computers, however this takes time sometimes a number of hours and requires human interaction. Time that may not be available if the long arm of the law comes down on you like a ton of bricks. And it can even be the case that the power is shut off before the computer is secured, the police do this to keep the data on the computer secured for the investigation. So I thought about what would be needed to magnetically erase the hard disk.

Firstly I read that a hard disk should be degaussed, which is what decreasing or eliminating an unwanted magnetic field is called, with a electromagnet and not with a rare-earth magnet.

Secondly I read that degaussing can cause permanent irreversible damage to hard drives which means they are not reusable. Unlike tapes the mechanism to read the magnetic track is part of the device and is also magnetic. So don’t expect to be able to use the disk after you have tested the electromagnet.[1]

Security

Thirdly the magnetic induction (also referred to as magnetic flux density or saturation flux density) needed to correctly erase some hard disk can be from 6000 – 7000 gauss (0.6 – 0.7 tesla), an NSA approved degausser puts out 22000 gauss (2.2 telsa). From some sources[2] I learned that mostly the core of electromagnets is made from a magnetic material – power ferrite – which has a magnetic flux density of under 4000 gauss, this wouldn’t be enough. A different material would be needed for the core of the electromagnet. I discovered that MPP (molypermalloy powder) material has a magnetic flux density of 7000 gauss, which is what is needed for this PoC. Iron powder and high-flux can yield 10000 and 15000 gauss respectively.

Fourth you need thick copper wire wound round the core, this is called a solenoid. This creates the B-field which is the magnetic field which will erase the hard disk, using a gauss or EMF meter it is possible to measure the magnetic flux density in gauss or telsa produced by your electromagnet and experiment with getting the level to 6000-7000 gauss.

Fifthly you need an Uninterruptible Power Supply (UPS), this will ensure that when the power is switched off that the electromagnet is powered up to erase the hard disk.

Lastly you need to install your electromagnet round your hard disk, hook up the UPS and fill the computer with epoxy so it cannot be taken apart by the police. Let’s just hope you don’t have a brownout. 😉

Sadly this method will not work for solid state disks, although you can possibly attach squibs using a similar setup. That may be something for a future article.

  1. Degaussing : Irreversible damage to some media types
  2. I am creating an electromagnet for my school’s science fair project. Does the shape of the iron core make a difference? […]

Image source: Michiel2005

Written by Daniël W. Crompton (webhat)

January 19, 2011 at 12:43 pm

Air plot suspects

leave a comment »

I’m always a little shocked by the naming of suspects of crimes, such as in BBC News: Air plot suspects: Names released“. I’ve always been a follower of the principal of “Innocent until proven guilty”, although I realize that for the investigation it might be needed to release the names of the suspects.

Living in a country where the DOJ and the media have an agreement to not publish the names of suspects to protect them, unless they are still at large, I am quite used to seeing “Mink K.”, “Willem H.” or even “Lucia de B.” (who was found guilty).

Naturally with a little bit of searching on the Internet I can find out that “Mink K.” is actually “Robert ‘Mink’ Kok” and I don’t even have to search to find out that the guy known as “Willem H.” is “Willem Holleeder”, but these are the huge cases in the news. Smaller cases usually don’t get enough coverage for the name to be accidentally dropped to the public at large, as the information is freely available to the press. It’s the press who protect the innocent.

I’ll end with a quote: “Never miss a good chance to shut up.”

EDIT: it turns out Lucia de B was the subject of a miscarriage of justice.

technorati tags: , ,

Written by Daniël W. Crompton (webhat)

August 12, 2006 at 5:03 pm

Posted in politics, security, terrorism

Tagged with , ,

%d bloggers like this: