Dismiss Notice
Join Physics Forums Today!
The friendliest, high quality science and math community on the planet! Everyone who loves science is here!

British army officer leaves laptop at pub

  1. Feb 12, 2008 #1
    http://www.upi.com/NewsTrack/Top_News/2008/02/12/british_army_officer_leaves_laptop_at_pub/2351/

    As a Canadian I can't really point & laugh. Back in the 1980s Canada's minister of defence took a big folder full of sensitive NATO documents with him to a strip club in Germany. (at least he resigned soon afterwards)
     
  2. jcsd
  3. Feb 12, 2008 #2

    mgb_phys

    User Avatar
    Science Advisor
    Homework Helper

    The goverment just lost a couple of CD with the name,address and bank account details of 20million people on them! It put them in the post and they never arrived - that was standard operating procedure for tranferring data!

    Last year it lost a laptop containing the name, bank details and passport info for 600,000 people who had applied to join the army.
    http://www.theregister.co.uk/2008/01/22/mod_gives_away_data/
     
  4. Feb 12, 2008 #3
    That would seem to imply that the hard drive wasn't encrypted. I knew they'd scrapped plans to have a nuclear-powered navy but the British military must really be strapped for cash because that kind of technology is available free.
     
  5. Feb 12, 2008 #4
    Why would someone who knew that the laptop belonged to a military officer take that information to the press instead of returning it to the military? And why would an officer bring sensitive military information into a public bar? I don't trust my government completely either, but I don't understand intentionally sabotaging it for any particular reason. The courteous thing to do is to return property to the owner, regardless of what one thinks of them. Someone stole the laptop and the information on it and should be held accountable for it.
     
  6. Feb 13, 2008 #5
    Assuming that the laptop is eventually returned to the military and that the newspaper vouchsafed that it would be, was the laptop really stolen? Holding the government accountable for being delinquent in its duties like national security rates much higher for me than holding someone accountable for maybe stealing property. And if the laptop had gone directly back to the military I doubt anyone would have found out about the security slip-up. There is not any sort of civic duty to help the government cover up its messes and mistakes, in fact your civic duty is exactly the opposite, to make sure the government is held accountable.

    One of the points made in Michael Moore's movie Sicko was “In America the people are afraid of the government, in France the government is afraid of the people.” A nationalist and bombastic sentiment to be sure by the Frenchman who said it but here in the U.S. we ought to be trying harder to make sure the government is afraid of us rather than the other way around.
     
  7. Feb 13, 2008 #6
    What you say is true to some extent, but I would say there is a difference between covering up the government's mistakes, and exposing potentially sensitive information to the media. To me, a more appropriate course would be to return the laptop to the rightful owner/government, but inform the media of what happened. I don't know the nature of the information on the laptop, so I can't say how serious it is that it got leaked.
     
  8. Feb 13, 2008 #7

    Moonbear

    User Avatar
    Staff Emeritus
    Science Advisor
    Gold Member

    I was thinking this too. Who takes a found laptop straight to the media? Why not give it over to the pub owner to return when someone comes looking for it?

    For that matter, how did the person who found it know it contained anything worth handing over to the press, and I agree, why was he carrying around the laptop like that to a pub anyway?

    Something about this all sounds hinky. Was the officer disgruntled about something and set up the scenario to leak something to the press? Perhaps it was intentionally leaked for some reason only known to the military (faked plans to throw the press off the trail of their real plans)?
     
  9. Feb 13, 2008 #8

    mgb_phys

    User Avatar
    Science Advisor
    Homework Helper

    The old cock-up vs conspiracy arguement.

    The explanation for a lot of these problems is that since IT for goverment and military has been outsourced it is very difficult to use any of it since any request immediately turns into large consulatancy bills that need levels of approval - so there is an unoffical parallel IT system of Excel spreadsheets and Access databases being passed around people's laptops.
    Ironically extra security requirements seems to have made this worse - if it now takes you 2 hours to get to read your email because you have to go to a special secure terminal and have it's use approved by 3 senior officers there is a strong incentive to just forward everything to your hotmail account.

    Anyone who has worked in engineering spends most of their time trying to work around new processes put in place by management for either security or economy or accountablility - looks like the army is no different.
     
  10. Feb 13, 2008 #9
    But if the laptop was simply returned outright and no one actually examined it, don't you think that the military would have simply said that it was his personal laptop and it didn't have any sensitive material on it, and that their security procedures are working flawlessly? If you're going to put so much trust in the government to be honest why not put the same trust in journalists?

    Doesn't sensitive material usually fall into the hands of “the enemy” through government malfeasance, rather than journalistic malfeasance?
     
  11. Feb 13, 2008 #10

    mgb_phys

    User Avatar
    Science Advisor
    Homework Helper

    Except the enemy are the journalists.
    If the enemy find a secret they can't do anything with it unless there's a war.
    If the press find out, your job is in danger the next morning!
     
  12. Feb 13, 2008 #11

    mheslep

    User Avatar
    Gold Member

    The most recently famous US case must be that of John O'Neil, the FBI counter terrorism specialist who raised many alarms about AQ prior to 9/11. O'neil lost his job w/ the FBI after leaving classified documents in a hotel. He subsequently became the WTC security chief and was killed in a tower collapse.
     
  13. Feb 13, 2008 #12
    Sh*t happens. What you going to do now? I think, they suppose to have all their info on the net
     
  14. Feb 13, 2008 #13

    Evo

    User Avatar

    Staff: Mentor

    When I worked with a laptop that carried sensitive information, when I left work, I carried the laptop with me. If we decided to stop somewhere after work, we had two choices, lock the laptop in the car, or bring it in with you.

    You'd think locking it in the car would be safe. No. On one occasion one of my co-workers had his laptop locked in the trunk. Thieves broke into the car and stole his laptop. We all then ran out to the parking lot to check on our cars and we then brought our laptops into the bar to keep them with us. Of course our laptops had all kinds of security that prevented the laptop from working, you'd have to enter a password, and then there was a separate "card" that would display a nine digit number every 60 seconds that was synched to only my laptop that had to be entered. Otherwise nothing would happen, you would never complete setup.

    Anything can be hacked, but your normal thief would find the computer to be useless.
     
  15. Feb 13, 2008 #14

    f95toli

    User Avatar
    Science Advisor
    Gold Member

    I suspect the answer is at the end of the quote: "...The Sun reported".
    I think we can safely assume that whoever brought the laptop to The Sun made some money.
    The Sun is the worst kind of tabloid and they thrive on stories that makes the government (regardless of which party is in power) look incompetent.
    I must admitt I also have some prejudice against people who read The Sun on a regular basis.
     
  16. Feb 13, 2008 #15
    Anything can be hacked, anything can be socially engineered, but using a hard drive encryption tool is waaaaay safer than just relying on your password or possession of a computer to physically protect really sensitive data. For exactly this lost laptop scenario. And as I noted above extremely high-quality hard drive encryption tools are available for free, so there's no excuse.

    Although if I was a bad guy I would suck all the existing data off of it, load it up with spying and infiltrating viruses, and then return it. I hope the military et cetera has decontamination procedures for when things like this happen.

    Despicable though tabloids like the Sun are I think that in this case by serving their craven self-interest they're actually doing a public service. A military or government organization would normally have to pay top dollar (£?) for this kind of security penetration testing. If their procedures and rules are tidied up at all because of this it has done good, whether it's because those procedures aren't in place or because the guy who the laptop belonged to didn't understand them.
     
    Last edited: Feb 13, 2008
  17. Feb 13, 2008 #16

    mgb_phys

    User Avatar
    Science Advisor
    Homework Helper

    The problem is that truecrypt isn't the MOD standard so you aren't allowed to use it. The official standard of course won't be available on the laptop because they generally run about 10years behind current technology and the standard will have to include all sorts of stuff about TEMPEST sheidling and explosive self destruct so isn't practical - the result is no security at all.


    The missing CD-ROMS was funnier. The dept had a security policy for encrypting data when sent between departments but the worker who sent the data wasn't allowed to know about it because the security policy was classified :rolleyes:
     
  18. Feb 13, 2008 #17

    Evo

    User Avatar

    Staff: Mentor

    Believe me whatever was possible to prevent access to information on the hard drive was on this laptop, the main issue was what my computer was capable of accessing that had to be disabled.

    Having an additional password that changes every 60 seconds makes things a bit harder to get into.
     
  19. Feb 13, 2008 #18
    Ha. :tongue2:
     
  20. Feb 13, 2008 #19

    mgb_phys

    User Avatar
    Science Advisor
    Homework Helper

    There isn't a lot of logic about security services.
    At work we got a defence contract so there was a call for anyone who had security clearance.
    But having a classified clearance is itself classified.
    But you would only know that if you had classified clearance!

    So you couldn't say yes and couldn't say no !!!
     
    Last edited: Feb 13, 2008
  21. Feb 13, 2008 #20
    I can definitely confirm that. The same thing happens in many of my larger clients because the IT staff is siloed.

    I can say that I've had the pleasure of avoiding that because I've mostly worked at high-tech startups. But on the other hand I've also seen engineers at those sorts of companies do some incredibly shoddy engineering (often again under the frenzied lash of managers) that ends up getting shipped directly to the customer.
     
Know someone interested in this topic? Share this thread via Reddit, Google+, Twitter, or Facebook

Have something to add?



Similar Discussions: British army officer leaves laptop at pub
  1. British sitcoms (Replies: 53)

  2. Korean Salvation Army (Replies: 3)

  3. Pub quizes (Replies: 10)

Loading...