headers
Mary Hawking | 1 Oct 2007 09:58
Picon
Picon
Favicon

Restrospective effect of Part III

In message
<20071001064510.17169.68910.Mailman@...>, 
ukcrypto-request@... writes

>I don't recall ever seeing a discussion on the effective retrospective 
>effect (try saying that on a packet of winegums) of Part III...
>
>  http://www.lightbluetouchpaper.org/2007/09/30/time-to-forget/

Is the suggestion of investing in a sledgehammer a realistic one?
It might be construed as an admission of guilt...

Mary Hawking
>
>--
>richard                                                   Richard 
>Clayton

--

-- 
Mary Hawking
Permalink | Reply | 7 comments |
headers
Ian G Batten | 1 Oct 2007 10:58

Re: Restrospective effect of Part III


On 01 Oct 07, at 0858, Mary Hawking wrote:

> In message  
> <20071001064510.17169.68910.Mailman@...>,  
> ukcrypto-request@... writes
>
>> I don't recall ever seeing a discussion on the effective  
>> retrospective effect (try saying that on a packet of winegums) of  
>> Part III...
>>
>>  http://www.lightbluetouchpaper.org/2007/09/30/time-to-forget/
>
> Is the suggestion of investing in a sledgehammer a realistic one?
> It might be construed as an admission of guilt...

We tried smashing up the 3.5" disk from a machine which had spent a  
year in a locked room doing confidential stuff.  We'd overwritten the  
disk a few times, and the material wasn't that confidential anyway,  
but it was surprisingly difficult with an ordinary hammer until we  
put the disk into a vice.   If I had the time and the requirement I'd  
be inclined to open up the enclosure with a screwdriver and then  
destroy the platters individually.

I was told by someone with Reason To Know that military advice  
involves a bag, a grenade and a good throwing arm, but that's not a  
practical alternative for the rest of us.

ian
(Continue reading)

Permalink | Reply | 6 comments |
headers
Mary Hawking | 1 Oct 2007 10:56
Picon
Picon
Favicon

NHS IT log-in delay

In message
<20070926064516.17075.10556.Mailman@...>, 
ukcrypto-request@... writes

>Mary Hawking wrote (in thread 'Security of American Health records'):
>> One of the complaints about using smartcards in the NHS is that they 
>>slow down the system and create a significant delay in all aspects of 
>>the consultation.
>> I'm all right - as a GP I have a limited number of patients in a 
>>contained database.
>> The harassed SHO in A&E would have huge problems with a central 
>>single  record - especially as he/she would presumably have to access 
>>the  record in person, rather than asking the clerk to get it for him/her.
>
>A couple of days ago I found a Jan 2007 article at
>
>http://www.computerweekly.com/blogs/tony_collins/2007/01/smartcard-shari
>ng-comment-by-m-1.html
>
>*Smartcard sharing - comment by Martyn Thomas*

There is yet another scenario - *planned* smartcard sharing.
This applies to pharmacists - and has arisen from including community 
pharmacists (who, like GPs, are independent contractors - but with 
business outside the NHS) in the electronic systems in the NHS (or at 
any rate, NPfIT) - and the problem will get worse if they are to be 
trained in minor illness and chronic disease management, when access to 
patient records as well as demographics will be needed.
The problem goes like this:
A registered pharmacist logs onto the system (I believe this applies to
(Continue reading)

Permalink | Reply | 10 comments |
headers
Paul Ryland | 1 Oct 2007 12:59
Favicon

RE: Restrospective effect of Part III


Ian G Batten wrote:
> We tried smashing up the 3.5" disk from a machine which had spent a  
> year in a locked room doing confidential stuff.  We'd overwritten the  
> disk a few times, and the material wasn't that confidential anyway,  
> but it was surprisingly difficult with an ordinary hammer until we  
> put the disk into a vice.   If I had the time and the 
> requirement I'd  
> be inclined to open up the enclosure with a screwdriver and then  
> destroy the platters individually.
> 
> I was told by someone with Reason To Know that military advice  
> involves a bag, a grenade and a good throwing arm, but that's not a  
> practical alternative for the rest of us.

What you ideally want is to reduce them to "non-discernable material".  
I highly recommend these guys for doing it:

<http://www.data-terminators.co.uk/hard_drive_destruction.htm>

Their hard-drive shedder cuts the drives into 1cm wide strips, these 
are then sent to a smelter.

There are many similar companies scattered around the UK.

Paul
Permalink | Reply | 1 comment |
headers
Callum Finlayson | 1 Oct 2007 12:12
Picon

Re: Restrospective effect of Part III

On 10/1/07, Ian G Batten wrote:
> I was told by someone with Reason To Know that military advice
> involves a bag, a grenade and a good throwing arm, but that's not a
> practical alternative for the rest of us.

Nice idea :) but I'm not sure I'd rely on that! I suspect it's more
likely to involve a degausser, a big metal spike, and/or a furnace.

  Callum
Permalink | Reply | 1 comment |
headers
David Biggins | 1 Oct 2007 16:40

RE: Restrospective effect of Part III

In the late 80s and early 90s I used to work for a company with some MOD
maintenance contracts.   

It was written in the agreement that dead drives would be removed,
hammered and furnaced rather than returned to us for repair, and that
any drive accidentally reaching us had to be returned so that this could
be done.

In the later 90s I encountered this again while bidding to supply
certain secure systems.

Dave.

> -----Original Message-----
> From: ukcrypto-admin@... 
> [mailto:ukcrypto-admin@...] On Behalf Of 
> Callum Finlayson
> Sent: 01 October 2007 11:12
> To: ukcrypto@...
> Subject: Re: Restrospective effect of Part III
> 
> On 10/1/07, Ian G Batten wrote:
> > I was told by someone with Reason To Know that military advice 
> > involves a bag, a grenade and a good throwing arm, but that's not a 
> > practical alternative for the rest of us.
> 
> Nice idea :) but I'm not sure I'd rely on that! I suspect 
> it's more likely to involve a degausser, a big metal spike, 
> and/or a furnace.
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
David Biggins | 1 Oct 2007 16:43

RE: Restrospective effect of Part III

I'm reliably informed that in Inverness, the recycling centre has a
suitable hard drive shredder available as a "coin in the slot" service,
and arranged with enough transparent casing that you can actually see
that your drive really has gone in and been destroyed.

Dave.

> -----Original Message-----
> From: ukcrypto-admin@... 
> [mailto:ukcrypto-admin@...] On Behalf Of 
> Paul Ryland
> Sent: 01 October 2007 11:59
> To: ukcrypto@...
> Subject: RE: Restrospective effect of Part III
> 
>  
> Ian G Batten wrote:
> > We tried smashing up the 3.5" disk from a machine which had spent a 
> > year in a locked room doing confidential stuff.  We'd 
> overwritten the 
> > disk a few times, and the material wasn't that confidential anyway, 
> > but it was surprisingly difficult with an ordinary hammer until we
> > put the disk into a vice.   If I had the time and the 
> > requirement I'd
> > be inclined to open up the enclosure with a screwdriver and then 
> > destroy the platters individually.
> > 
> > I was told by someone with Reason To Know that military advice 
> > involves a bag, a grenade and a good throwing arm, but that's not a 
> > practical alternative for the rest of us.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Ian Mason | 1 Oct 2007 16:46
Picon

Re: Restrospective effect of Part III


On 1 Oct 2007, at 09:58, Ian G Batten wrote:

>
> On 01 Oct 07, at 0858, Mary Hawking wrote:
>
>> In message  
>> <20071001064510.17169.68910.Mailman@...>,  
>> ukcrypto-request@... writes
>>
>>> I don't recall ever seeing a discussion on the effective  
>>> retrospective effect (try saying that on a packet of winegums) of  
>>> Part III...
>>>
>>>  http://www.lightbluetouchpaper.org/2007/09/30/time-to-forget/
>>
>> Is the suggestion of investing in a sledgehammer a realistic one?
>> It might be construed as an admission of guilt...
>
> We tried smashing up the 3.5" disk from a machine which had spent a  
> year in a locked room doing confidential stuff.  We'd overwritten  
> the disk a few times, and the material wasn't that confidential  
> anyway, but it was surprisingly difficult with an ordinary hammer  
> until we put the disk into a vice.   If I had the time and the  
> requirement I'd be inclined to open up the enclosure with a  
> screwdriver and then destroy the platters individually.
>
> I was told by someone with Reason To Know that military advice  
> involves a bag, a grenade and a good throwing arm, but that's not a  
> practical alternative for the rest of us.
(Continue reading)

Permalink | Reply | 1 comment |
headers
Charles Lindsey | 1 Oct 2007 19:02
Picon
Picon

Re: NHS IT log-in delay

On Mon, 01 Oct 2007 09:56:02 +0100, Mary Hawking  
<maryhawking@...> wrote:

> There is yet another scenario - *planned* smartcard sharing.
> This applies to pharmacists - and has arisen from including community  
> pharmacists (who, like GPs, are independent contractors - but with  
> business outside the NHS) in the electronic systems in the NHS (or at  
> any rate, NPfIT) - and the problem will get worse if they are to be  
> trained in minor illness and chronic disease management, when access to  
> patient records as well as demographics will be needed.
> The problem goes like this:
> A registered pharmacist logs onto the system (I believe this applies to  
> current commercial systems as well as ETP - electronic transfer of  
> prescriptions - the NHS bit) and all the dispensers in the pharmacy use  
> this logon.
> It would be possible to issue community pharmacists with a smartcard  
> based on their PCT of residence (as with sessional GPs) *but* many  
> (?Most) are locums and will have short sessions scattered throughout the  
> country at very short notice - and only coincidental contact with their  
> PCT of residence.
> RA02 (the form used to approve the roles required for that job and  
> identify the place and therefore population - signed by the relevant  
> local Registration Authority) would be a problem - let alone the fact  
> that unidentifiable dispensers would still have access, and be even less  
> identifiable if the pharmacist had had several locum posts within a very  
> short space of time.
> Alternatively, it might be possible to limit the access provided to this  
> group of extended practitioners - but that would mean stopping access to  
> the information needed for safe management, particularly of chronic  
> disease.
(Continue reading)

Permalink | Reply | 9 comments |
headers
John Wilson | 1 Oct 2007 19:12
Picon

Re: NHS IT log-in delay

On 10/1/07, Charles Lindsey <chl@...> wrote:
> On Mon, 01 Oct 2007 09:56:02 +0100, Mary Hawking
> <maryhawking@...> wrote:
>
[snip]
>
> I was watching a barman in a pub a few days ago. There were several
> screens/tills/whatever along the counter. When he arrived at a particular
> one to serve a customer/enter an order for food/whatever, he had a small
> widget on a chain attached to his person which he applied to a point on
> the screen (it seemed to adhere magnetically).
>
> So whichever barman approached that till, he would be recognized by his
> personal widget (and presumably unauthorized widgets would be rejected).
>
> Seems that would work fine for a group of pharmacists in one pharmacy. At
> the start of the day, you log in to the system and identify the the
> various users with their access privileges and confirm their identitites
> to the system using there smartcards etc (taking 90 seconds each if worst
> comes to worst), and associating each with his widget. Thereafter, they
> identify themselves to the screen(s) with their widgets (desgined to be
> easily used, and impossible to leave behind or for someone else to use
> unless he is standing right beside the recognised user. At the end of the
> day, shut the whole system down and reopen next day with a new set of
> pharmacists/widgets/etc.

It was almost certainly a Maxim iButton
(http://www.maxim-ic.com/products/ibutton/ibuttons/).

These are robust and tamper resistant. They work using the Maxim "one
(Continue reading)

Permalink | Reply | 1 comment |

Gmane