Hi Joerg,

On 8/13/2014 2:47 PM, Joerg wrote:

My McGyver moment came in a missing child case. Not much time was
available. The parents asked me to see if the computer could be accessed
somehow but that it was password-protected for each user. A few minutes
later it was open, for all users, the whole wide hard drive. Some jaws
dropped when dad saw his tax return files pop up. Of course I did not
open any of those.

Most people don't think about how to get around "security"
measures -- which is why they are reasonably effective!
I.e., the *initial* impediment tells them, "you shouldn't
be doing this" -- and, they comply!

But, if you are *truly* trying to protect something, then you
have to take into consideration *every* adversary. Including
those that would "invest" *more* than the (apparent!) value of
the item being protected (perhaps because they evaluate its
value -- and their costs! -- on a different scale from yours)

A friend is actively involved in disaster preparedness for
state and federal agencies. He always delights in how "well"
the drills, full-scale exercises turn out! I gently remind
him that the folks involved in those drills *want* them to work
out well -- even the "volunteers" posing as victims, etc.

"Want an idea of what a *real* scenario will likely be? Put
a pile of cash in the room (i.e., the "scarce resources you will
be metering out in a disaster) and open the event 'to all comers'.
And, make sure you've got live ammo in your weapons -- cuz some
of the self-invited participants likely will!"