Good point. (Although I bet stealing the laptop would be prone to being uncovered, too. ;-)
(Yes, I get that it's before vs after the data theft. :) ) ) On Sun, Dec 23, 2012 at 7:03 AM, Ken Schaefer <[email protected]> wrote: > Do you mean, snag the clear-text version of the user's files? If the user has > 500GB of data on their laptop, that could take a while to exfiltrate. > > Suppose you are Chinese/US/whatever intelligence. You wish to get the > contents of the laptop belonging to a visiting business leader/dignitary/etc. > The laptop is protected with Bitlocker or some other FDE technology. > > If you can trick them into installing this software, then exfiltrate the key, > then you can break into the guy's/gal's hotel room, clone the disk, and > decrypt it at your leisure. The other alternative, of exfiltrating all the > data whilst the laptop is online, might be tedious, not be complete by the > time the person leaves, and probably more prone to be uncovered. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
