Photocopied Butt
November 10, 2010

Vodpod videos no longer available.

Well it’s that time of year again, where people drink too much and make an ass of themselves. As seen in this video, don’t go and photocopy your butt!

The glass could break and you will be spending a few hours in the emergency room getting stitched up.

Not to mention, explaining what happened to your boss and co-workers, and paying to fix the machine.

Instead use this image of a photocopied butt.

Just think, next time you use the photocopier, someone’s bare bottom could have been on there.  Pretty gross huh?

FTC – Photocopier Hard Drives
May 27, 2010

Photocopied Bottom Butt Bum

Update to this blog post:

Serious Photocopier Security Risk – April 30, 2010

FTC gets to the bottom of photocopier hard-drives – The barefaced cheek is not just for Christmas | TechEye.

Those photocopies of your bottom, which you thought would be an original and funny statement of the contents of your soul during the office Christmas party, have started to worry the US Federal Trade Commission.

The FTC is worried that the pictures at the bottom end of the market are being stored on the photocopier’s hard drive and could be used to make an ass of you.

At the moment it is just happy with issuing a warning that if you photocopy your butt on a modern copier, it’s probably still there, but it might be forced to do something about it in the future.

Modern copiers store the image on the copier’s hard drive, along with medical forms, financial documents, and all your company secrets.

Once the copiers are resold or their lease expires it is possible to lift it out and use the information.

CBS got its paws on one of these hard-drives and found “a list of targets in a major drug raid” from the Buffalo Police Narcotics Unit. It also scored Social Security numbers, medical documents, and “$40,000 in copied cheques.”

The Chairman of the FTC, Jon Leibowitz, said his agency is taking the matter quite seriously. After all, there might be a hairy posture view of Leibowitz or any one else in the FTC hanging on a notice board of the Chinese secret service, causing much mirth.

According to Leibowitz, the FTC is now “reaching out” to copier manufacturers, resellers, and retail copy and office supply stores to ensure that they are aware of the privacy risks associated with digital copiers and to determine whether they are warning their customers about these risks.

“We will work with these entities to help ensure that they provide appropriate educational materials on the subject to their clients,” he said.

The FTC said it avoids the problem internally by signing lease agreements that give the agency full ownership of the hard drives inside the copiers.

When the lease is up, the FTC will “erase and subsequently destroy these hard drives” before returning the copiers.

I have a question; Why did it take almost 9 years for the media and now Government to catch onto this security threat? Warnings were given back in 2001, and fell on deaf ears. What gives?

See:
August 31, 2001 issue of CRN
IT Administrators May Be Overlooking Copier/Printer Security Risks

Serious Photocopier Security Risk
April 30, 2010

This news came out a couple months ago on one TV network, other TV networks just recently picking it up, as well as print media,  however doing a search on the net I found an article below, dated 2001, on this same subject.  Someone was on the ball back then.

Here is the article, from the August 31, 2001 issue of CRN.

IT Administrators May Be Overlooking Copier/Printer Security Risks

When it comes to securing corporate data, IT administrators may overlook the risks associated with digital copiers and printers.

According to a survey of more than 1,100 IT professionals recently sponsored by Sharp Electronics, nearly half said they did not believe copiers and printers have hard drives. Sixty-five percent said the machines presented little or no risk to data security.

“People have been focusing on antivirus software and firewalls and protecting workstations but not peripherals,” says Peter Cybuck, senior manager of product planning, marketing and program management at Sharp’s Document & Network Solutions Group.

The most common threats to digital copiers and printers stem from intruders stealing the hard drives containing confidential data, or reprinting documents directly from the machine after the earlier print command was canceled, according to Sharp, based here.

Today’s multifunctional copiers and printers store documents in memory, Cybuck says. “They might not just retain the last job, but the last 20 to 30,” he adds.

Sharp offers a Data Security Kit, through its dealers, that protects confidential documents processed by its digital copiers and printers by overwriting the data with random numbers.

Sharp, based here, recently announced that the kit won a Common Criteria certificate from the National Information Assurance Partnership (NIAP), a joint program of the National Security Agency and the National Institute of Standards and Technology. The Common Criteria program defines general concepts and principles of IT security evaluation.

While high-end copiers have the ability to store print jobs, the amount of storage is limited, compared with network storage, says Jim Kelton, president of Software Unlimited, an IT consulting company in Irvine, Calif.

Companies need to have a system in place to ensure they’re not disclosing confidential information when they discard the machine, he says.

In addition to its Data Security Kit, Sharp’s copier, scanner and printer products include a security feature that requires user authorization to prevent unauthorized viewing of documents sent to shared network printers.

Sharp also offers Windows NT server-based software that puts digital fingerprints on printed documents to determine the origin of final hard copy. The company recently added network interface controls to allow administrators to limit access to the machines.

Xerox (NYSE:XRX) also offers several security features on its digital copiers and printers. Hard drives on the machines are protected from unauthorized users by a strong encryption system, says Mark Burris, manager of product marketing for Xerox’s document center products.

And two years ago, the company addressed a need among its government accounts by providing the ability to remove the hard drive from the machines, he says.

“Security-conscious customers can physically remove those hard drives at the end of the day,” Burris says.

The company also recently unveiled new software that provides authenticated scanning.

——–

Health Insurer Notifies More Than 409,000 Of Potential Breach

Sensitive medical records found on previously leased digital copier, company says

Apr 21, 2010

By Tim Wilson

DarkReading

Affinity Health Plan, a New York managed care service, is notifying more than 400,000 current and former customers employees that their personal data might have been leaked through the loss of an unerased digital copier hard drive.

According to a press release (PDF) quietly issued earlier this month, some personal records were found on the hard drive of a copier found in a New Jersey warehouse. The copier had previously been leased by Affinity and was then returned to the leasing company, the release states.

The disclosure follows the airing of a CBS News report that called attention to the practice of recycling or resale of copiers whose hard drives have not been properly erased.

The report showed the discovery of numerous medical records found on warehoused digital copiers. An executive at a company that makes hard-drive-erasure products used a free forensics tool to glean the data from one of the copiers in the CBS News report.

The CBS investigation also turned up sensitive data from other organizations, including personal information from a restaurant in the Phoenix area and criminal records information from a Buffalo-area police department.

Affinity Health Plan says it has not had a chance to review the data found on the copier, but in a news report, a spokesman said the figure of 409,262 notifications includes former and current employees, providers, applicants for jobs, members, and applicants for coverage.

Failure to properly dispose of medical records is a violation of New York privacy regulations and could carry fines or other sanctions.