what companies ask employees to destroy laptops that have been touched by TSA or CBP?
 

what companies ask employees to destroy laptops that have been touched by
TSA or CBP? (out of sight of the employee, even if there's no evidence of the
laptop having been turned on at all)

the employees just have to take a couple of pictures of the destroyed laptops
and the company will issue new laptops....

How do you come up with some of your questions?

that was on a TV show I saw on Tuesday... two of the tech writers talked about it, but I missed the beginning where they mentioned the names of the companies. I think one of them writes for the LA Times(may have been the San Francisco Chronicle) technology section, but can't remember his name.

Seems a bit silly. Even if one wished to "destroy" the laptop, why leave that to the employee rather than an IT professional following a set protocol and using an approved disposal method.

Would also think that if one has the sort of data which one seriously believes isn't accessible to the government by means other than at CBP & TSA stations, one would have taken other precautions not to have stored the data on the laptop in the first place.

Stupid ones?

Why destroy the laptop? Replace the hard drive, demagnetize/shred/whatnot the old one

("Destroying" as in smashing it would probably leave the hard drive intact anyway...)

Once the agencies got the info off the device, why destroy it? Barn door, horses, etc...

I'd think the worries would primarily be what the said agencies might have installed on the devices, not what they have read from there.

If they were worried about hardware modifications you might actually want destruction. I can't see how wipe and sell wouldn't be superior, though.

Any company that cared enough about security to destroy a laptop in such a situation would not be stupid enough to let the employee handle the destruction, nor consider photos to be sufficient proof that it had been suitably destroyed.

Well, yes. There is that.

UEFI sort of changes that, the BIOS can now be compromised in ways that just weren't possible before. Among UEFI's features is OS independent network connectivity and file system access.

the implication is that they might have modified it in some way. (software and/or hardware, impossible to detect or remove).

-David

Doesn't your sentence # 2 answer your question in sentence #1?

If I were IT at a company with such security interests, I would wipe the harddrive and donate the machine to charity for the write-off.

As a development coordinator/it director/one who needs new computers , I would gladly take said write-off ;)

Even if the computer has no data of value on it, the computer is a possible exploitation vector. The blackhat would simply need to re-flash UEFI/BIOS or any other embedded micro-controller and hope that the laptop is carried into the target site ... and then connected to a network.

I have witnessed computers being destroyed. The typical process is to toss the laptop into a hammer mill and convert it to dust. Example:

Ok. Let's play with this one. You've just flown into China to close a fifty million dollar deal. Chinese customs has insisted on taking your computer into another room for half an hour.

Do you: (a) abort the meeting and fly home; (b) chance going forward very carefully with your computer; (c) have a fresh machine fedexed to you which risks the same Chinese customs; or, (d) go to the Shanghai Apple store and buy a fresh machine as off the shelf as you can with as little time for Government involvement as possible.

Incidentally, I would never destroy the old machine. I would have IT inspect it, wipe it, and then send it to US authorities. for examination in their ongoing trade fight with China.

Question 2. Do you ever lock your company laptop in your hotel room safe in China? Isn't it every bit as vulnerable to tampering.

Dubai Stu

PS: The only reason I am singling out China is their technical proficiency. There are half a dozen countries I could easily substitute for China.