alt Hacker News> The couple also allegedly photographed hundreds of computer screens containing confidential information from Google and Company 2, in what appeared to be an attempt at circumventing digital monitoring tools.
I guess all the MDM and document restrictions in the world can't help you against photos of screens. Is it even possible to protect against this, short of only allowing access to confidential files in secure no-cell-phone zones?
Replies
Keep in mind that many secure no-cell-phone zones, even those that host classified data are still relatively physically open. The personnel allowed inside them are strictly vetted and trained to be self-policing, but it's only the threat of discovery and harsh punishment stopping someone with the right badge/code from physically bringing in a phone. There generally aren't TSA-style checkpoints or patdowns. Happens accidentally all the time, especially in the winter with jackets.
No you can’t. It’s formally called “the analog hole” when security folks yap about it. Usually it’s used to end DLP discussions after too many what-ifs
Especially when you consider that a phone can record hd video, so you can make a player that scrolls through pages and pages of pdfs very fast for example, you record the screen in hd video on a phone and then write a decoder that takes video back to a pdf of the images. Literally the only thing you lose is the ability to cut and paste the text of the pdf and you can even get that back if you trouble yourself to put the images through ocr.
Similarly you could hypothetically exfil binary data by visually encoding it (think like a qr code) and video recording it in the same way.
Just remember that it's significantly more time consuming to photograph a screen than steal large group of files. Thus, even though it's not preventable, it adds enough friction to be effective.
> Is it even possible to protect against this, short of only allowing access to confidential files in secure no-cell-phone zones?
Isn't that how congressmen and senators view them in the US? At least, that's how I've understood it to be. If so, what's good for the goose...
"Google said it had detected the alleged theft through routine security monitoring", so it seems it is possible.
There's not much you can do about it, as sibling comment mentions it's a known gap. There is some work [0] in this space on the investigative side to trace the leak's source, but again the only way it would work is if you can obtain a leaked copy post hoc (leaked to press, discovered through some other means, etc.).
0: https://www.echomark.com/post/goodbye-to-analog-how-to-use-a...