Comments for Rossander's Security Reader

Comment on CBS story on copier hard-drives is overblown by John Juntunen

John Juntunen — Fri, 30 Jul 2010 17:13:57 +0000

Wow, did you miss this one. “Poor man’s disk wipe”. In case you didn’t know copiers store images of copies, prints, scans, emails and fax jobs. New copiers have 40 -80gb hard drives and we routinly recover thousands of documents and most are not from the last few days of the copiers life. These can not be easily cleared by overwriting with other copies or prints and you can’t just pull the hard drive and wipe it clean either. The hard drive contains the firmware and code required to run the machine. Since 90% of copiers are leased and the machine must be returned in working order any attempt to clean the hard drive could be costly.

You were right that not ever copy is stored and there is a finite area but they can hold tens of thousands of documents. Simply running copies of your cat or the phone book isn’t going to clear this information. You would also have to print and scan pictures of your cat.

Your recommendation to put the copier under the IT department and make policies that contol the return of the copier is very important, thanks for mentioning it.

What about this statment “Unless you are protecting DoD nuclear secrets, I wouldn’t worry more than that about copiers”. One page of persons medical record left on a copier could cost a company $1.5 million, or in the case of the insurance company in the CBS story the cost of sending out 406,000 breach notifications. This company had 17 machines and only one of them ended up on TV. There are many laws that cover release of employee and customer confidentional information. There are currently 46 states that have breach notification laws on the books and most have very stiff penalties.

The new copiers have capabilities, that are either standard or available as an opiton, that will clear the hard drive but these features were not available on earlier machines (2002-2007) and these are the machines that are being traded in today.

If you need more information call me.

Comment on Who owns your contacts? by Mike Rossander

Mike Rossander — Mon, 26 Jul 2010 22:31:59 +0000

answered off-line…

Comment on Who owns your contacts? by David McCann

David McCann — Mon, 26 Jul 2010 19:45:44 +0000

Mike — I’m a writer for CFO magazine. I’d like to talk to you about this. Could you please contact me? Thanks.

Comment on CreditKarma.com is an interesting new site by Jimm

Jimm — Fri, 22 Jan 2010 13:48:01 +0000

I love your article. Nice post! thank you for sharing for free. You'd better optimize more your blog, so more people will visit and enjoy your nice posts. If you don't mind, please also comment on my blog: overviu.com. Thanks.

Comment on Not going to be home for the holidays? by Skin Smart

Skin Smart — Tue, 15 Dec 2009 00:28:23 +0000

Great Post on this Blog…

I saw this really good post today….

Comment on 10 rules for talking to a reporter by ヴィトンバッグ

ヴィトンバッグ — Sun, 06 Dec 2009 05:34:59 +0000

That is the best article i have seen,Thank you a lot

Comment on CreditKarma.com is an interesting new site by Tony Walton

Tony Walton — Wed, 16 Sep 2009 14:26:19 +0000

Nice review. Objective. Informative.

One possibly important thing for your own personal knowledge is FICO doesn’t calculate the same amount of emphasis on having more credit lines as Credit Karma’s formula for middle to lower scores.

Comment on How not to look like spam by Tania

Tania — Mon, 02 Mar 2009 13:52:03 +0000

Hi,
rossander.org – da best. Keep it going!

Have a nice day
Tania

Comment on Google Latitude and privacy erosion by Mike Rossander

Mike Rossander — Sat, 28 Feb 2009 17:26:27 +0000

You’re right that the government has been able to subpoena cell phone records for a while now (though the roll-out of 911 traceability is still largely only implemented in urban areas – according to my local police dept, they haven’t been able to implement it properly even in our suburban township).

The difference here, I think, is one of degree. It will now far easier than it used to be. My local township no longer has to develop any technical skills because Google has solved it for them. That pushes the ability to be intrusive to many more agencies. It also opens up the traceability to non-governmental agencies. Big Brother is bad enough – now we have to worry about little brother (other businesses and even individuals), too.

Comment on Google Latitude and privacy erosion by Geoff

Geoff — Sat, 28 Feb 2009 15:50:51 +0000

“I am extremely uncomfortable with the thought that anyone could so easily monitor my movements.” I think you’re being a little naive.

The government doesn’t need Google’s Latitude to do this, the cellphone providers do it for them already.

All cellphones have been ‘trackable’ for a few years, ostensibly to allow 911 calls to be located.

Big Brother is watching you, get used to it! Just remember that if it’s the government doing it they’ll lose the file or screw it up anyway.

If you want to complain about something, save yourself for when you start getting targeted ads directing you to businesses according to your location, oh wait, Google and Yahoo already do that.