Making Search Harder: Hiding Information at Work

April 19, 2009

I found it interesting that CNet published “How to Hide Your Tracks at Work”. The write up is in the spirt of the book Big Secrets, published in the 1980s. You can still get a copy of William Poundstone’s original from Amazon here. Write ups that provide tricks and insights are popular and deservedly so. However, if you have been involved in a legal matter, the task of finding informatoin is tough without having to deal with the many different ways to hide or obscure information. Forensic analysis makes short work of hidden files, folders, and partitions. Even encryption can be handled. But there are a number of new methods available to the clever or possibly the criminal individual.

To get some insight into these interesting methods, you will find Don Reisinger’s article fun reading. He touches upon with links if you want to try out these methods hiding access to Web services, stealth tips, and panic switches.

Most of these methods are not rocket science. In my opinion, work systems should be swept of stealth, cloaking, and related technologies. Even thought I am a marginalized, addled goose, I have to fight my instinct to make computers plain vanilla. I want every machine to have the same software and the same security features. That means no scampering dogs, no unauthorized third party programs, and no USB, wireless netbooks, and other digital sidekicks. Security breaks down with a single individual.

You can tell that I am not much fun. True. Mr. Reisinger’s tips, if implemented in my office, would be swept from the machine. The person responsible would be asked to pick up trash on the muddy bank of the mine drainage pond which is my home.

Stephen Arnold, April 19, 2009

Written by Stephen E. Arnold · Filed Under Uncategorized

Comments

One Response to “Making Search Harder: Hiding Information at Work”

Andrew on April 19th, 2009 8:26 am

IMNSHO, I doubt that strong lockdowns would actually work. “Locks are for honest people,” as I once heard said.

For the nefarious employee, they’ll figure something out. If these machines are on a network of any capacity a method of stealing/hiding/destroying data will be found. If you allow sharing, you allow stealing.

The the nefarious hacker, social engineering will get them access.

I’m curious how heavy lockdown places (like the NSA) approach this. My guess is through eliminating the nefarious employee to begin with via incredibly tight screening and background checks, etc. And even then it doesn’t work in all cases.

These techniques would be out of reasonable reach to the average enterprise, so I think they have to take reasonable precautions against the known risks and trust in the integrity of the employee and treat them respectfully. If you treat them like criminals, there’s more chance they’ll act like it out of spite.

Of course, I haven’t read-the-fn-article yet, so what do I know?

Search the site
Subscribe to Beyond Search
Feature archive
News archive

Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.