Different actions on different passwords?
Bill Oliver
vendor at billoblog.com
Thu Jan 2 20:47:10 UTC 2014
On Thu, 2 Jan 2014, Joe Zeff wrote:
> On 01/02/2014 08:32 AM, Steve Searle wrote:
>> You would be better off using disc encryption, and claiming that you
>> used a long pass phrase which you had written down rather than
>> remembered, and that you had destroyed the paper it was written on.
>
> Just to toss an idea out here. Imagine an accountant who has all of his work
> data on a big partition mounted at (let's say) /data. If he wanted to hide a
> "second set of books," he could close his accounting program, unmount the
> partition and restart the program, so that /data now pointed to someplace on
> his main partition. When he's done, he exits and remounts the partition.
> The data's there, you can get to it if you know what to do, but I can't help
> but wonder how likely anybody, such as a forensic accountant, that was
> examining your system would even think of such a thing. Any thoughts?
>
A forensic accountant might not see it, since they aren't trained in computer forensics. However, any computer forensics guy will see it (and give it to the accountant).
billo
More information about the users
mailing list