[ Date Index ]
[ Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Re: [LUG] OT: Fwd: HP and Lenovo caught installing malware in the BIOS
- To: list@xxxxxxxxxxxxx
- Subject: Re: [LUG] OT: Fwd: HP and Lenovo caught installing malware in the BIOS
- From: Eion MacDonald <eionmac@xxxxxxxxxxxxxx>
- Date: Mon, 24 Aug 2015 23:47:44 +0100
- Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dcglug.org.uk; s=1428397562; h=Sender:Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:List-Unsubscribe:List-Id:Reply-To:Subject:In-Reply-To:MIME-Version:Date:Message-ID:From:References:To; bh=KUIHlSazb1G4ncDjF6Lx1VczNSaYCvLnhppTNPswnFM=; b=XFFD00cS72eaCbUg2qHrdIemz2UbldwXJwebWKrjM/qK64dnhMIw5ZA9QQuAtftgZHR8zrk5D5vmOvF9n0wqMaNff0Wrqma7WTXyK7usHGrbbkeYExOX5UyuhoeEKaEu1CjxguJcR/pVKsc8UxsGxddYvxlVapNIhji0oDnsjjY=;
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btinternet.com; s=s2048; t=1440456464; bh=+F+iNUX/NyJwPpUVCHq8AJVNu+QxhvxkUe1JDnz9nM8=; h=Subject:To:References:From:Date:In-Reply-To:From:Subject; b=X9NzqLOY1BDpQ9SU9bO25LH2D/rizqW3DMDHsraUhIGnYX5P8Z5z7vSS2BLHZclRvggS0t38R1Br423953hwuKXfjeiZaOT7ha+9XpyRcLJIw7QtvtpbcjmFR1oVKwToBm6Jl3oxKAJflGM5SrJkBRg7fEjDw9NpbxlD337oPbHA/KeFhPvuW6ybHUc0KD9CgtwFNo+lceOVT+9ytHqWNByZbGLyGMMlvnHx5BGsU/lsnq/ggaFToR+J4WY4WybSZGKN355SanI/MOL7kw49OfLY5SsbJxqBil1INzuTQhnE5rOKZcxXr7il5XW8cw7RkkEse1p5X7WdzBIwA3gRgQ==
On 24/08/2015 20:49, Simon Avery wrote:
> if I was in that corporate line, one of my buying decisions would be "Do
> I trust this manufacturer not to break our corporate security?"
Umm! Actual computer in use may be smaller risk than its servicing by a
foreign helpdesk.
Outsourcing desktop help or IT admin to remote countries (e.g.India
/Malaysia or *Hawaii*) in my opinion destroys 'company security' as they
the outsourced staff have admin rights over the company servers.
Think Hawaii, Snowdon, outsourced contractor risk in USA. "Cambridge
club" in UK
While an attach vector from outside is one enemy, I know it is much
easier to cultivate the human and get inside the system.
Albeit some attempts have seen me in long conversations thereafter with
a 'committee' officer not to my benefit, but walking away while
"forgetting / leaving" the keys to my car does solve a lot of problems.
--
regards
Eion MacDonald
--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq
