System Admin Steals 20,000 Items From Work

Over the course of 10 years, [Victor Papagno] stole 19,709 pieces of equipment from the Naval Research Laboratory. He began taking stuff home in 1997 and had so much that he had to store some in a neighbors house. The report says that no secret technological information was taken.  Some items listed were CDs, hard drives, floppy disks, adding up to an estimated value of 1.6 million dollars. He could face up to two years in prison for this. We shudder to think of the total cost of all the post its, CDs, and floppy disks we’ve taken home over the years.

[via NetworkWorld]
[photo: Blude]

Remote Access Programs Are Good Security For Laptops

Don’t be [Gabriel Meija], the criminal pictured above. He stole [Jose Caceres]’ laptop, but didn’t realize that [Caceres] had installed a remote access program to track the activity on the laptop. Although the first few days were frustrating, as [Meija] didn’t seem to be using the laptop for anything but porn, [Caceres]’ luck turned when he noticed that an address was being typed in. [Caceres] turned the information over to police, who were able to find [Meija] and charge him with fourth-degree grand larceny. It’s not the first time that tech-savvy consumers have relied on remote access programs to capture the criminals who’ve stolen their computer equipment, and it certainly won’t be the last, as the technology becomes more readily available to consumers.

[via Obscure Store and Reading Room]

44% Of Used Phones Contain Sensitive Data

In a recent study, researchers were able to garnish all kinds of sensitive data from second hand mobile devices.  Of the units tested, 44% contained information such as salary details, bank account information, business plans, personal medical details, personal insults, and address book data.  Next time you get a used device, take a good look around. You never know what you may find.

[via Zero Day]

IPhone Forensics 101: Bypassing The Passcode

[youtube=http://www.youtube.com/watch?v=aaxSF9EOjxw]

Watch in wonder as forensics expert [Jonathan Zdziarski] takes you step by step through the process of bypassing the iPhone 3G’s passcode lock. Gasp in amazement as he creates a custom firmware bundle. [Jonathan], creator of NES.app a Nintendo emulator for the iPhone, is well respected for his work on opening the iPhone. In this presentation, he sheds some light on the forensics toolkit he helped develop for law enforcement agencies that we covered earlier.

Palin Email Hack Post Mortem

A few days ago a lone individual decided to crack [Governor Sarah Palin]’s private Yahoo! email account. He did this by navigating the password reset procedure. [Gov. Palin]’s birthday was publicly available and Wasilla only had two zip codes to guess. The follow up question “Where did you meet your spouse” required some more research. They met in high school so a few more guesses turned up “Wasilla high” as the answer. The original poster then read every single email only to discover that there really wasn’t anything of interest there. Frustrated, he posted the details to 4chan to let any wonk have at it. /b/ members began posting screenshots of the account, but very little came of it.

One screenshot of her inbox even revealed her daughter Bristol’s cell phone number. While there was no groundbreaking political information revealed, it is important to point out that it appears that Gov. Palin was using this private account to correspond to her assistants about potentially sensitive government information. This security breach should serve as a wake-up call to many public officials by showing how dangerous it can be to have a private e-mail account, especially when a free web-based service such as Yahoo! is used.