re: PC Lockdowns Eyed As IP Theft Tool
So, now, wait a minute... companies should be allowed to "hack back" at people who have stolen their Intellectual Property? Thinking like someone who follows best practices here, what does an intelligent user do when they have data that is valuable? They save it, they back it up and they make sure that their backup works. Now, if I was "hacking for fun and profit", wouldn't it make sense that as soon as I stole data that I thought could ever be useful, important or valuable, that I'd make multiple copies? Even better, depending on the sophistication of the hacker's strategy, those multiple copies could be geographically dispersed, encrypted, saved to multiple medias, even burnt to optical. At that point, what does the hacked company do? My mantra when it comes to information security - once it's digital and outside of your security envelope, it's public knowledge (or might as well be).
Again, wait a minute... "If an unauthorized person accesses the information, a range of actions might then occur. For example, the file could be rendered inaccessible and the unauthorized user's computer could be locked down, with instructions on how to contact law enforcement to get the password needed to unlock the account." Yeah, THIS isn't going to work - turning law enforcement officers into technical support personnel is NOT going to be beneficial. What happens when mommy or daddy brings their work PC home and little Johnny decides to start mashing keys on the keyboard, ends up trying to open a protected file, and then blows the password enough times to lock the account. Mommy or daddy have to call a law enforcement agency and explain the situation to get their account unlocked? I'd like to think that our law enforcement agencies out there have more to do than just sit around in a call center and wait for a prospective hacker to ring them for assistance.
This whole idea's bothersome - what's even worse is that someone paid for all of the work that went into this.