subject:"IBM loses employee data"

Re: IBM loses employee data

2007-05-18 Thread Don Leahy

- Original Message - 
From: Hal Merritt 

Decoding is near impossible without an intimate knowledge of and access
to record layout documentation. Even then, intimate knowledge of exactly
how the file was created would be a critical first step.




Most dangerous of all:  Application programmer with intimate knowledge of 
file teams up with systems programmer who has the keys to bypass RACF and 
decrypt the data.


Hmmm, maybe that's why Management doesn't let us work in the same building 
as the sysprogs.


:-) 


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-15 Thread Hal Merritt

FUD from PC auditors and software/hardware sales folks.  

Such mainframe files are encoded. Every file is in a unique, propriety,
unpublished format.

Decoding is near impossible without an intimate knowledge of and access
to record layout documentation. Even then, intimate knowledge of exactly
how the file was created would be a critical first step. 

Of course the file could eventually be decoded and the content
compromised. But the same is true for encrypted files. I daresay
cracking the encryption is somewhat more viable because there is ample
software available to do just that.   

My $0.02   
 

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Duane Reaugh
Sent: Thursday, May 10, 2007 10:58 AM
To: IBM-MAIN@BAMA.UA.EDU
Subject: IBM loses employee data

 If you work for IBM and have worked for IBM in the past, you might want
to look at this URL

http://www-1.ibm.com/afteribm/us/inquire.shtml

It appears a vendor lost some tapes containing IBM employee data with
things like SSN, DOB, Address. The tapes were not encrypted. Maybe IBM
should look into a product like FDRcrypt from Innovation.

Duane Reaugh
DTS Software
 
NOTICE: This electronic mail message and any files transmitted with it are 
intended exclusively
for the individual or entity to which it is addressed. The message, together 
with any attachment, may contain confidential and/or privileged
information. Any unauthorized review, use, printing, saving, copying, 
disclosure 
or distribution is strictly prohibited. If you have received this message in 
error, please immediately
advise the sender by reply email and delete all copies.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-15 Thread R.S.


Hal Merritt wrote:
FUD from PC auditors and software/hardware sales folks.  


Such mainframe files are encoded. Every file is in a unique, propriety,
unpublished format.


Decoding is near impossible without an intimate knowledge of and access
to record layout documentation. Even then, intimate knowledge of exactly
how the file was created would be a critical first step. 


Of course the file could eventually be decoded and the content
compromised. But the same is true for encrypted files. I daresay
cracking the encryption is somewhat more viable because there is ample
software available to do just that.   


I agree with othe above pinion about FUD. No doubt, auditors - as others 
- are interested in keeping their role important, even crucial. They 
want you to feel unsafe, because then you feel you need them g.


Regarding data on tape: tape are accidentally lost, not stolen becasue 
of sophisticated plan of robbery. That's our knowledge (maybe untrue) 
that's what is discussed from time to time. Even stolen suitcase is 
usually stolen without awareness what's inside.
However tape lost *can be* - although very unlikely - planned attack on 
data.
In this case you cannot rely on rare hardware needed to read the tapes, 
unknown data format, etc. Encryption is a little bit different animal 
and, no doubt it improves security, because timeeffort needed to 
decrypt the data are significantly higher. From the other hand easier 
method to get data, instead of stealing the tapes, decoding, etc. is 
simply PAY someone inside. Everybody is very honest untils his price 
g. Another option is blackmail.


My $0.02
--
Radoslaw Skorupka
Lodz, Poland


--
BRE Bank SA
ul. Senatorska 18
00-950 Warszawa
www.brebank.pl

Sd Rejonowy dla m. st. Warszawy 
XII Wydzia Gospodarczy Krajowego Rejestru Sdowego, 
nr rejestru przedsibiorców KRS 025237

NIP: 526-021-50-88
Wedug stanu na dzie 01.01.2007 r. kapita zakadowy BRE Banku SA (w caoci 
opacony) wynosi 118.064.140 z. W zwizku z realizacj warunkowego 
podwyszenia kapitau zakadowego, na podstawie uchwa XVI WZ z dnia 21.05.2003 
r., kapita zakadowy BRE Banku SA moe ulec podwyszeniu do kwoty 118.760.528 
z. Akcje w podwyszonym kapitale zakadowym bd w caoci opacone.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-15 Thread Ed Finnell

 
In a message dated 5/15/2007 2:47:45 P.M. Central Daylight Time,  
[EMAIL PROTECTED] writes:

that's  what is discussed from time to time. Even stolen suitcase is 
usually  stolen without awareness what's inside.
However tape lost *can be* -  although very unlikely - planned attack on 




Guess the burglars hit different areas. Well, one physics professor who  
hunted went down to the swamps and managed to trap a good sized bobcat. He  
waited 
for daybreak and moved the car around the block and turned off all the  
lights, placing the Samsonite with angry feline on garage steps. Shortly  
thereafter footsteps approached and snagged the luggage. Got about a block and 
a  half 
away and all four doors opened as the car screeched to a halt with an angry  
animal holding forth with teeth and claws. The constabulary came and hauled 
away  the car and waited for the robbers to show up in various states of 
disarray.  Never did catch the bobcat.   



** See what's free at http://www.aol.com.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-15 Thread Mark Zelden

On Tue, 15 May 2007 21:46:55 +0200, R.S. [EMAIL PROTECTED] wrote:

 From the other hand easier
method to get data, instead of stealing the tapes, decoding, etc. is
simply PAY someone inside. Everybody is very honest untils his price
g. Another option is blackmail.


Hmmm... if I didn't know better I'd say you have first hand knowledge
of these things.  :-)

--
Mark Zelden
Sr. Software and Systems Architect - z/OS Team Lead
Zurich North America / Farmers Insurance Group:  G-ITO
mailto:[EMAIL PROTECTED]
z/OS and OS390 expert at http://searchDataCenter.com/ateExperts/
Systems Programming expert at http://expertanswercenter.techtarget.com/
Mark's MVS Utilities: http://home.flash.net/~mzelden/mvsutil.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-15 Thread Paul Gilmartin

On Tue, 15 May 2007 16:19:15 EDT, Ed Finnell wrote:

Guess the burglars hit different areas. Well, one physics professor who
hunted went down to the swamps and managed to trap a good sized bobcat. He  
waited

http://www.snopes.com/critters/farce/wildcat.asp

-- gil

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-15 Thread Ed Finnell

 
In a message dated 5/15/2007 3:30:28 P.M. Central Daylight Time,  
[EMAIL PROTECTED] writes:

http://www.snopes.com/critters/farce/wildcat.asp




Not being eyewitness, don't know. Two reputable sources...at the time.  
Earlier than '74.



** See what's free at http://www.aol.com.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

IBM loses employee data

2007-05-10 Thread Duane Reaugh

 If you work for IBM and have worked for IBM in the past, you might want
to look at this URL

http://www-1.ibm.com/afteribm/us/inquire.shtml

It appears a vendor lost some tapes containing IBM employee data with
things like SSN, DOB, Address. The tapes were not encrypted. Maybe IBM
should look into a product like FDRcrypt from Innovation.

Duane Reaugh
DTS Software

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-10 Thread Lizette Koehler

Perhaps IBM should be using the IBM Hardware Encyption Tape Drives (TS1120)?  I 
think IBM makes them.

Lizette


Or the product I work on; CA Tape Encryption.
 If you work for IBM and have worked for IBM in the past, you might want
to look at this URL

http://www-1.ibm.com/afteribm/us/inquire.shtml

It appears a vendor lost some tapes containing IBM employee data with
things like SSN, DOB, Address. The tapes were not encrypted. Maybe IBM
should look into a product like FDRcrypt from Innovation.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-10 Thread Walt Farrell


On 5/10/2007 11:58 AM, Duane Reaugh wrote:

The tapes were not encrypted. Maybe IBM
should look into a product like FDRcrypt from Innovation.



I would hope that rather than using someone else's, IBM would use its 
own encryption facilities (e.g., Encryption Facility for z/OS) or its 
encrypting tape drives (TS1120).


Walt

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-10 Thread Chris Hoelscher

Why couldn't they have lost billing data instead ...?

This is Chris Hoelscher and I approved this message!

Chris Hoelscher
Senior IDMS  DB2 Database Administrator
Humana Inc
502-476-2538
[EMAIL PROTECTED]



The information transmitted is intended only for the person or entity to which 
it is addressed and may contain CONFIDENTIAL material.  If you receive this 
material/information in error, please contact the sender and delete or destroy 
the material/information.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-10 Thread Chicklon, Tom

As a former IBM employee, I fail to see the humor in any of this.

I would have hoped that they would have used these BEFORE the data was
lost...


Tom Chicklon

--

 The tapes were not encrypted. Maybe IBM
 should look into a product like FDRcrypt from Innovation.


I would hope that rather than using someone else's, IBM would use its 
own encryption facilities (e.g., Encryption Facility for z/OS) or its 
encrypting tape drives (TS1120).

Walt

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-10 Thread Taylor, Clarence B

But if you do after the data is lost, the cpu savings would be
tremendous 


Brad Taylor

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On
Behalf Of Chicklon, Tom
Sent: Thursday, May 10, 2007 1:01 PM
To: IBM-MAIN@BAMA.UA.EDU
Subject: Re: IBM loses employee data

As a former IBM employee, I fail to see the humor in any of this.

I would have hoped that they would have used these BEFORE the data was
lost...


Tom Chicklon

--

 The tapes were not encrypted. Maybe IBM should look into a product 
 like FDRcrypt from Innovation.


I would hope that rather than using someone else's, IBM would use its
own encryption facilities (e.g., Encryption Facility for z/OS) or its
encrypting tape drives (TS1120).

Walt

--
For IBM-MAIN subscribe / signoff / archive access instructions, send
email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search
the archives at http://bama.ua.edu/archives/ibm-main.html

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

2007-05-10 Thread Tony

I would like to know why any organisation feels it has the right to send or
share any personal information about me with any other organisation without
my specific consent to other parties. I would like them to tell me exactly
what infomation is being sent and why.

I would like every organisation who owns any information about my personal
details to tell me what information they have about me. Right down to every
field in every record.

I want the abilty to control who gets that information.

It seems we live in a world of rules and regulations generateted by those
who keep our most precious secrets rather than the other way around.

Oh and yes I know of a way to encrypt tapes.

-Original Message-
From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] Behalf
Of Duane Reaugh
Sent: 10 May 2007 16:58
To: IBM-MAIN@BAMA.UA.EDU
Subject: IBM loses employee data


 If you work for IBM and have worked for IBM in the past, you might want
to look at this URL

http://www-1.ibm.com/afteribm/us/inquire.shtml

It appears a vendor lost some tapes containing IBM employee data with
things like SSN, DOB, Address. The tapes were not encrypted. Maybe IBM
should look into a product like FDRcrypt from Innovation.

Duane Reaugh
DTS Software

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
No virus found in this incoming message.
Checked by AVG Free Edition. 
Version: 7.5.467 / Virus Database: 269.6.6/795 - Release Date: 09/05/2007
15:07

No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.467 / Virus Database: 269.6.6/795 - Release Date: 09/05/2007
15:07
 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Re: IBM loses employee data

Re: IBM loses employee data

Re: IBM loses employee data

Re: IBM loses employee data

Re: IBM loses employee data

Re: IBM loses employee data

Re: IBM loses employee data

IBM loses employee data

Re: IBM loses employee data

Re: IBM loses employee data

Re: IBM loses employee data

Re: IBM loses employee data

Re: IBM loses employee data

Re: IBM loses employee data

14 matches

Site Navigation

Mail list logo

Footer information