Mike Shaw writes: > Don't know if this will pass list muster, but I just had a great time in a > client company's shredder bin.
Cool ;-) [snip] > <technical muse> > I'm toying with the idea of a "shred-cracker". Basically you would scan > the strips in, then the program would reconstruct them in every > possibility and pass it through an OCR library. When the OCR started > hitting recognizable words, it would 'lock' those strips in place. Well, I had thought of the idea to scan the things in as they are fed into the shredder. You'd have to tamper with the shredder, but nevertheless... > Sadly, my coding skills aren't really up to this project and even if they > were I don't have that time. > </technical muse> IIRC, software for that exists already. At least, software that turns scans of torn paper into clean copies (by matching "pieces"). The East-German secret service (MfS, aka "Stasi", try http://www.bstu.de/home.htm ) left over 15000 sacks of torn paper, before it was shut down after the German re-unification. The paper was torn because the shredders were broken (too much paper in to short time). > Anyway, if anyone is doing a pen-test that involves physical security, > don't overlook the shred bin! "Only the paranoid survive" cheers, Rainer -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rainer Duffner Munich [EMAIL PROTECTED] Germany http://www.i-duffner.de Freising ======================================== When shall we three meet again In thunder, lightning, or in rain? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
