Posted: 2/29/2008 9:44:49 AM EDT
|
I read in the Cav Arms posts that the ATF took all the computer system in the facility and Cav Arms is operating without its business information system. My company has developed various business continuity plans to keep the information systems up and running in the event of a "disaster". Some of the more robust solutions include disk to disk backups stored off site and use of standardized hardware and virtual server technology. All this means our clients facility could go up in a ball of fire and we could recreate their business system in and other location (Hotel conference room, community center, owners garage, etc.) within hours. My question is; If the ATF took all the on site business systems and Cav Arms had a business continuity plan and basically "recovered" 48 hours later, would the ATF come and take that system too? My thought is gun industry manufactures may want to get real serious about their business continuity plans after this case. For the record I do not condone any illegal activity and I don't even know what, if anything, Cav Arms is being accused of. I am assuming based on their public and industry reputation that they are innocent until proven guilty. |
|
Data is the most oimportant part of any computer system - the rest is just bells and whistles. At my job, we have a series of large USB drives to run backups on, with the most recent always, always, always stored offsite. The backup software we use stores the info in a format that windows can natively read, but still has good compression, etc. Bottom line - for not much mooney in the grand scheme of things, we will never lose more than a weeks worth of data (annoying, but not crippiling), and I can get data up and running as soon as I have boxes to run it on. Every company should have offsight backups of data - no matter how small. |
|
ALL BUSINESSES SHOULD HAVE A DISASTER RECOVERY PLAN COMPLETE WITH HOT SITE FAILOVER. Without a court order forcing the entity to stop conducting business, I don't think that using a duplicate copy of the confiscated data in the initial warrant search constitutes any basis to come and search it again. |
|
It'd be a real shame if, while the Cav Arms computer systems were being investigated, a short in an electrical line caused noxious fumes to be released and people got sick as a result. That would really suck, especially so, if someone actually died as a result. Hopefully the BATFU takes better care of all those computers than they did all the inventory, otherwise they might have a disaster on their hands. |
They would probably get a warrent for that location. Assuming a Judge would sign it. |
Thats why you only let need to know people about the backups |
True, what if they ask you about backups? Remember lying to a FLEO is a crime. |
|
Can civies get encryption that the .gov either can't crack or would take so long as to be impractical? They have some pretty daunting resources to throw at it. Not that I'd recommend anything illegal... A group of Princeton researchers recently reported methods to crack AES, RSA, DES, Bitlocker and Filevault. MS says they can prevent that but for how long before the next method is invented? linkie to article: http://arstechnica.com/news.ars/post/20080221-researchers-crack-filevault-bitlocker-with-canned-air-hack.html |
Obama forbid that anyone would encrypt gibberish and leave it in the safe marked "File X backups" or some such and let their computers overheat trying to make sense of it... 
|
That's why you should shut up and only talk through your lawyer. When I took my first CCW class, it was taught by a local Judge. He said if I ever had to shoot someone in self defense to tell the officers “I was in fear of my life and I want my lawyer”. Then to shut my mouth and let my lawyers take it from there. |
They "cracked" those only in cases where the file was recently accessed and the password was still in the computer's memory. A truecrypt file stored offsite wouldn't have that vulnerability. |
So your offsite backup is outside of US jurisdiction  From past experience it appears there are no real limits to what a judge will sign 
|
Does anyone know if the cops also took the computers that control the CNC machines? In 1995 I saw cops in Greenville, SC take the embedded systems out of about twenty textile machines so anything is possible. If so, it will take Cav Arms a very long time to recover. In the case of the textile company they never got their VAXes running again after the cops destroyed them while removing them from the machines. A hammer and a chisel are not appropriate tools for computer disassembly.z |
Yeah, but simultaneous hits on the primary server(s) and any hot networked backup site would provide the same opportunity to hack RAM. Actually, some sort of BATFU or FBI zero day hack might accomplish the same purpose... Who says all hacks are by (civilian) criminals? Not all pen testers work for business. That's actually an interesting thought. Criminals hack networks to steal financially beneficial information. What's to stop government from doing the same (but with millions of dollars backing their software) thing for their own ends? |
This is very disturbing that although you may be innocent until proven guilty, you are out of business (seemingly) until they decide to allow you back. It's not even like a health dept. notice where you are shut down till you correct a problem. If they can keep taking your systems (assuming you can re-consitute it) then it's just plain harassment. This is insanity. |