[TSCM-L] {4244} Re: US IT execs advised to weigh laptops & discard phones after China travel from TSCM/SO Group on 2009-09-16 (file.mbox)

From: TSCM/SO Group <Mit..._at_tscmusa.com>
Date: Wed, 16 Sep 2009 12:08:24 -0500

>From - Sat Mar 02 00:57:28 2024
Received: by 10.210.96.28 with SMTP id t28mr1320886ebb.28.1253122515189;
 Wed, 16 Sep 2009 10:35:15 -0700 (PDT)
Received: by 10.210.96.28 with SMTP id t28mr1320885ebb.28.1253122515128;
 Wed, 16 Sep 2009 10:35:15 -0700 (PDT)
Return-Path: <fernand..._at_kanguru.pt>
Received: from mailrly02.isp.novis.pt (mailrly02.isp.novis.pt [195.23.133.212])
 by gmr-mx.google.com with ESMTP id 14si1790838ewy.5.2009.09.16.10.35.14;
 Wed, 16 Sep 2009 10:35:15 -0700 (PDT)
Received-SPF: neutral (google.com: 195.23.133.212 is neither permitted nor denied by best guess record for domain of fernand..._at_kanguru.pt) client-ip=195.23.133.212;
Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 195.23.133.212 is neither permitted nor denied by best guess record for domain of fernand..._at_kanguru.pt) smtp.mail=fernand..._at_kanguru.pt
Received: (qmail 22941 invoked from network); 16 Sep 2009 17:35:10 -0000
Received: from unknown (HELO mailfrt05.isp.novis.pt) ([195.23.133.197])
 (envelope-sender <fernand..._at_kanguru.pt>)
 by mailrly02.isp.novis.pt with compressed SMTP; 16 Sep 2009 17:35:10 -0000
Received: (qmail 1189 invoked from network); 16 Sep 2009 17:35:09 -0000
Received: from unknown (HELO toshibal500) ([195.23.85.94])
 (envelope-sender <fernand..._at_kanguru.pt>)
 by mailfrt05.isp.novis.pt with SMTP; 16 Sep 2009 17:35:09 -0000
From: "Fernando Martins" <fernand..._at_kanguru.pt>
To: <tscm-..._at_googlegroups.com>
References: <003b01ca36f0$4e24b580$6501a8c0_at_oem>
In-Reply-To: <003b01ca36f0$4e24b580$6501a8c0_at_oem>
Subject: RE: [TSCM-L] {4246} US IT execs advised to weigh laptops & discard phones after China travel
Date: Wed, 16 Sep 2009 18:34:55 +0100
Message-ID: <!&!AAAAAAAAAAAYAAAAAAAAAFmZQow0OHxKrkvYoktTfirCgAAAEAAAAGBWm9C1SZBKpVGzPqjEIqUBAAAAAA==_at_kanguru.pt>
Mime-Version: 1.0
Content-Type: multipart/alternative;
 boundary="----=_NextPart_000_0009_01CA36FC.6A6CE3A0"
X-Mailer: Microsoft Office Outlook 12.0
thread-index: Aco27+PLUs4zgx07Ti2Q1qF2+HL8sAAA4c8A
Content-Language: pt
Disposition-Notification-To: "Fernando Martins" <fernand..._at_kanguru.pt>

------=_NextPart_000_0009_01CA36FC.6A6CE3A0
Content-Type: text/plain

What about use, at least, the laptop as a honeypot to learn more about the
possible intruders?

It seems also that there is some FUD mixed, unless one can't guaranty the
physical security of his equipment.

FM

From: tscm-..._at_googlegroups.com [mailto:tscm-..._at_googlegroups.com] On
Behalf Of TSCM/SO Group
Sent: quarta-feira, 16 de Setembro de 2009 18:08
To: TSCM-..._at_googlegroups.com
Subject: [TSCM-L] {4246} US IT execs advised to weigh laptops & discard
phones after China travel

I have advised clients to bring throwaway laptops when travelling to
"certain" areas for the past 10 years

Throwaway meaning a craptop with bare applications only, where the laptop
wouldn't even return to the US

Exploitation of consumer devices is a business all to its own

Same protocol goes for smart phones and GSM devices

The same protocol should be followed for any electronic device in
questionable or area known for exploitive tactics

Bregman is a smart man...

Mitch Davis
TSCM/Special Operations Group
20 Music Square West,Suite 208
Nashville,TN 37203 USA
615 251 0441
Fax 615 523 0300
mit..._at_tscmusa.com
www.tscmusa.com

"maintaining a higher degree of excellence"
******************************
Tools for investigators at <http://www.covertworx.com> www.covertworx.com

CONFIDENTIALITY NOTICE: This communication may contain privileged or other
confidential information, protected from disclosure under applicable law. If
you are not the intended recipient, or the employee or agent responsible for
delivering the message to the intended recipient, or if you believe that you
have received this communication in error, please do not print, copy,
retransmit, disseminate, or otherwise use the information contained herein.
Also, please indicate to TSCM Group via phone or fax that you have received
this e-mail in
error, and delete the copy you have received. Thank you.

------=_NextPart_000_0009_01CA36FC.6A6CE3A0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">

<head>
<meta http-equiv=3DContent-Type content=3D"text/html; charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)">
<style>

</style>

</head>

<body lang=3DPT link=3Dblue vlink=3Dpurple>

<div class=3DSection1>

What about use, at least, the laptop as a honeypot to learn =
more
about the possible intruders?<o:p></o:p>

It seems also that there is some FUD mixed, unless one can&#=
8217;t
guaranty the physical security of his equipment.<o:p></o:p>

FM <o:p></o:p>

<o:p> </o:p>

<div>

<div style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm =
0cm 0cm'>

From: tscm-..._at_googlegroups.com
[mailto:tscm-..._at_googlegroups.com] On Behalf Of TSCM/SO Group 
Sent: quarta-feira, 16 de Setembro de 2009 18:08 
To: TSCM-..._at_googlegroups.com 
Subject: [TSCM-L] {4246} US IT execs advised to weigh laptops &
discard phones after China travel<o:p></o:p>

</div>

</div>

<o:p> </o:p>

I
have advised clients to bring throwaway laptops when travelling to
“certain” areas for the past 10 years<o:p></o:p>

Throwaway
meaning a craptop with bare applications only, where the laptop wouldn&#821=
7;t
even return to the US<o:p></o:p>

Exploitation
of consumer devices is a business all to its own<o:p></o:p>

Same
protocol  goes for smart phones and GSM devices<o:p></o:p>

The
same protocol should be followed for any electronic device in questionable =
or
area known for exploitive tactics<o:p></o:p>

Bregman
is a smart man………<o:p></o:p>

<o:p> </o:p>

Mitch
Davis 
TSCM/Special Operations Group 
20 Music Square West,Suite 208 
Nashville,TN 37203 USA 
615 251 0441 
Fax 615 523 0300 
mit..._at_tscmusa.com 
<a href=3D"http://www.tscmusa.com">www.tscmusa.com</a><o:p></o:p>

"maintaining a higher degree of
excellence" 
*=
***************************** 
Tools for investigators at <a
href=3D"http://www.covertworx.com">www.covertworx.com</a><o:p></o:p>

CONFIDENTIALITY
NOTICE: This communication may contain privileged or other 
confidential information, protected from disclosure under applicable law. I=
f 
you are not the intended recipient, or the employee or agent responsible fo=
r 
delivering the message to the intended recipient, or if you believe that yo=
u 
have received this communication in error, please do not print, copy, 
retransmit, disseminate, or otherwise use the information contained herein.=
 
Also, please indicate to TSCM Group via phone or fax that you have received
this e-mail in 
error, and delete the copy you have received. Thank you. 
&nbsp=
;<o:p></o:p>

<o:p> </o:p>

 

<o:p> </o:p>

</div>

</body>

</html>

------=_NextPart_000_0009_01CA36FC.6A6CE3A0--
Received on Sat Mar 02 2024 - 00:57:28 CST

This archive was generated by hypermail 2.3.0 : Sat Mar 02 2024 - 01:11:46 CST