<![CDATA[[SecurityRatty] tag: leapfrog]]> http://securityratty.com/tag/leapfrog Thu, 28 Feb 2008 13:10:38 +0000 iRatty Engine http://blogs.law.harvard.edu/tech/rss <![CDATA[Our Inherent Capability for Evil]]> http://securityratty.com/article/284b63d1490318eea25c099cdd39fdb4 http://securityratty.com/article/284b63d1490318eea25c099cdd39fdb4 This is interesting:

What took place on a peaceful Californian university campus nearly four decades ago still has the power to disturb. Eager to explore the way that "situation" can impact on behaviour, the young psychologist enrolled students to spend two weeks in a simulated jail environment, where they would randomly be assigned roles as either prisoners or guards.

Zimbardo's volunteers were bright, liberal young men of good character, brimming with opposition to the Vietnam war and authority in general. All expressed a preference to be prisoners, a role they could relate to better. Yet within days the strong, rebellious "prisoners" had become depressed and hopeless. Two broke down emotionally, crushed by the behaviour of the "guards", who had embraced their authoritarian roles in full, some becoming ever-more sadistic, others passively accepting the abuses taking place in front of them.

Transcripts of the experiment, published in Zimbardo's book The Lucifer Effect: Understanding How Good People Turn Evil, record in terrifying detail the way reality slipped away from the participants. On the first day ­ Sunday ­ it is all self-conscious play-acting between college buddies. On Monday the prisoners start a rebellion, and the guards clamp down, using solitary confinement, sleep deprivation and intimidation. One refers to "these dangerous prisoners". They have to be prevented from using physical force.

Control techniques become more creative and sadistic. The prisoners are forced to repeat their numbers over and over at roll call, and to sing them. They are woken repeatedly in the night. Their blankets are rolled in dirt and they are ordered painstakingly to pick them clean of burrs. They are harangued and pitted against one another, forced to humiliate each other, pulled in and out of solitary confinement.

On day four, a priest visits. Prisoner 819 is in tears, his hands shaking. Rather than question the experiment, the priest tells him, "You're going to have to get less emotional." Later, a guard leads the inmates in chanting "Prisoner 819 did a bad thing!" and blaming him for their poor conditions.

Zimbardo finds 819 covering his ears, "a quivering mess, hysterical", and says it is time to go home. But 819 refuses to leave until he has proved to his fellow prisoners that he isn't "bad". "Listen carefully to me, you're not 819," says Zimbardo. "You are Stewart and my name is Dr Zimbardo. I am a psychologist not a prison superintendent, and this is not a real prison."819 stops sobbing "and looks like a small child awakening from a nightmare", according to Zimbardo. But it doesn't seem to occur to him that things are going too far.

Guard Hellmann, leader of the night shift, plumbs new depths. He wakes up the prisoners to shout abuse in their faces. He forces them to play leapfrog dressed only in smocks, their genitals exposed. A new prisoner, 416, replaces 819, and brings fresh perspective. "I was terrified by each new shift of guards," he says. "I knew by the first evening that I had done something foolish to volunteer for this study."

The study is scheduled to run for two weeks. On the evening of Thursday, the fifth day, Zimbardo's girlfriend, Christina Maslach, also a psychologist, comes to meet him for dinner. She is confronted by a line of prisoners en route to the lavatory, bags over their heads, chained together by the ankles. "What you're doing to these boys is a terrible thing," she tells Zimbardo. "Don't you understand this is a crucible of human behaviour?" he asks. "We are seeing things no one has witnessed before in such a situation." She tells him this has made her question their relationship, and the person he is.

Downstairs, Guard Hellmann is yelling at the prisoners. "See that hole in the ground? Now do 25 push-ups, fucking that hole. You hear me?" Three prisoners are forced to be "female camels", bent over, their naked bottoms exposed. Others are told to "hump" them and they simulate sodomy. Zimbardo ends the experiment the following morning.

To read the transcripts or watch the footage is to follow a rapid and dramatic collapse of human decency, resilience and perspective. And so it should be, says Zimbardo. "Evil is a slippery slope," he says. "Each day is a platform for the abuses of the next day. Each day is only slightly worse than the previous day. Once you don't object to those first steps it is easy to say, 'Well, it's only a little worse then yesterday.' And you become morally acclimatised to this kind of evil."

]]> Wed, 16 Apr 2008 02:40:29 +0000 prisoners fellow prisoners zimbardo tells zimbardo dangerous prisoners prisoners start day day sunday previous day Our Inherent Capability for Evil <![CDATA[Laptop bought on eBay contained "highly confidential" Home Office disk]]> http://securityratty.com/article/542dae17dbc72823ffb04451ce5a44c0 http://securityratty.com/article/542dae17dbc72823ffb04451ce5a44c0 Security Breach

Date Reported:
2/28/07

Organization:
The Home Office (UK)*

*"The Home Office is the government department responsible for leading the national effort to protect the public from terrorism, crime and anti-social behaviour." - Source Home Office About Us page

Contractor/Consultant/Branch:
Leapfrog Computers

Victims:
N/A

Number Affected:
N/A

Types of Data:
Unknown - labeled "Home Office - highly confidential"

Breach Description:
A laptop reportedly purchased through eBay contained a CD marked "Home Office - highly confidential" under the keyboard and above the circuit board.  The purchaser brought the computer to Leapfrog Computers in Westhoughton (UK) for repair where the technician discovered the encrypted compact disc.

Reference URL:
The Bolton Evening News
BBC News
Associated Press
Leapfrog Computers online statement

Report Credit:
Lee Bevan, Leapfrog Computers, brought to the attention of The Breach Blog by an informed reader

Response:
From the online sources cited above:

A highly confidential Home Office disk was found hidden in a laptop computer sold on eBay.

The CD was found between the keyboard and circuit board of the laptop by computer repair technicians
[Evan] Obviously the CD was put under the laptop on purpose.  But why and by whom?

Technicians at the shop called police who sent around anti-terrorist officers to confiscate the machine

The Home Office said investigations were under way into the incident.

The laptop had been taken into the Leapfrog Computers store by a customer who bought it on the internet auction site.

When engineers took off the keyboard they found a CD marked "Home Office - highly confidential".

Managing director Lee Bevan said: "I thought it was a spoof at first - I just figured someone was having a joke."

Mr Bevan put the disk into the drive to check it and found it was encrypted.
[Evan] I understand how curiosity can drive someone to put the disk in the drive to find out what is/was on it, but I wouldn't suggest doing this if it's marked "Home Office - highly confidential".  Thankfully the disk was encrypted because this could have been a different story for Mr. Bevan had it not been.

Founder and managing director Lee Bevan contacted police, who spent three hours interviewing him.

Officers from Greater Manchester Police took the laptop and disk away but have now concluded their investigation

The Home Office — the government body responsible for maintaining law and order and fighting terrorism — confirmed the disc was genuine and said it was investigating the incident.

A Home Office spokesman said: "Both the laptop and the disk were encrypted, thus safeguarding any information that might be stored on them.

"Investigations are now under way. It would be inappropriate to comment further while they are ongoing."

Staff at Leapfrog are being finger-printed and having DNA swabs to rule them out of the investigation.
[Evan] Think the Home Office is taking this seriously?  Uh, yeah I would say so.

Mr Bevan, aged 36, said: "The disc had been put inside the laptop on purpose. As soon as we found it, we contacted the police, who came immediately.

"I'm just glad it's turned up here rather than landing in the wrong hands.

"I don't know where the disc has come from. I have never seen a disc stored in this way before."

Commentary:
This is very interesting and mysterious.  How did the disk get there, who put it there, and for what purpose?  I wonder if the disk was put under the laptop keyboard in order to get it out of a building or other secure facility without being noticed.  Some high security organizations will actually check baggage and drives for the existence of disks, thumb drives and other mobile media. 

Q.  What could have made this much worse?
A.  If the data on the disk is/was actually "highly confidential", the disk was not encrypted, and someone with bad intentions found it.  Encryption is a very good thing, but only as good as the key management process that goes along with it.  For instance, full disk encryption can easily be defeated on a laptop with a Post-It note that says "Username: john.doe, Password: G3tMy!-Key".  Get what I am saying?

Past Breaches:
Unknown

]]> Thu, 28 Feb 2008 13:10:38 +0000 home office disk laptop source home office home office spokesman director lee bevan lee bevan highly confidential leapfrog computers Laptop bought on eBay contained "highly confidential" Home Office disk