infinite51

Does anyone have a Disaster Recovery Plan, for FBI raids?

44 posts in this topic

Dinscurge's Disaster Recovery Plan, in a Nutshell:

Digg up the drives you buried earlier when you saw the black Crown Victorias pulling up. Just brilliant, boy. It's amazing how you cut through red tape with only a shovel...

i never said bury it when they come you can bury it and get a long cable to update them then all you do is pull out the cable, hell you could have a small lowpower old box updating it from wifi so you wouldnt have to do anything when they come but power off from ssh.

Discurge: Many of the companies we are talking about here are legitimate companies that have partnerships with well respected companies such as Kelly Blue book, eBay, ect. They were again, not associated with the alleged fraud, other than having servers (costing in access of $400,000 in the same data-center). So as it relates to your off the wall Disaster Recovery plan, I am sorry but I don't think it's going to fly. Unless you are talking about an off shore version of StrataSpace a (underground colocation facility http://www.strataspace.com , which is located in the US).

_MG_7405_benifits(2).jpg

0

Share this post


Link to post
Share on other sites

If your activities at your US based co-location involve illegal activities inside this country, we shouldn't even be having this conversation because you're probably too stupid to comprehend the world we live in.

That said, the OP article mentioned two datacenters. One who's warrant specified a particular rack. The other was in a "office" environment.

The warrant against a particular rack is justifiable to clean everything out unless for some reason you went cheap and only host by the size of server space (selling by the U Stop). If that's the case, then the colocation provider has a duty to make it known when asked by Law Enforcement that they (the suspect) rented out U23-25 inside rack XYZ to make the warrant as specific as possible. Think of it as if you ran a mail drop and you got a warrant saying to confiscate everything at 123 xyz street without mentioning which box number. That wouldn't be cool to many of the other people and I don't think Law Enforcement people intentionally set out to do harm to the innocent. That's what lawyers do.

Now the colocation in the "office" environment is a different case because it seemed like the offices and desk were used by Faulkner's employees or representatives. If they were actually a independent colocation, it would be entirely different but there was enough evidence just laying around that the LEO thought they were in collusion.

If you're not sure who runs your colocation or even what it looks like, you may want to pay a visit to them. After all, you pay them thousands of dollars a month (if you own racks). Why shouldn't you see where your data is housed. I've heard many horror stories about some overseas "colocations" with leaky roofs and flaky power, smoking and domino playing right next to your multi-million dollar proprietary hardware, little more than a storage locker with a latch for security, etc...

0

Share this post


Link to post
Share on other sites

An unrelated story, but one you might find interesting:

I once knew a medium-scale pot grower who ran a fully-automated business using old 486 computers running DOS and some custom-made management software.

He rented out a number apartments all over town under assumed names. In these apartments, he blocked up all the windows and installed growing systems including lights, hydroponics setups, etc. All the systems were automated and controlled through a computer program which he and a friend had written. The apartments also had burglar alarm systems with triggers at all the windows and doors, which were wired into a second computer through the serial port. There was a program running on that machine which would place a telephone call to his pager in the event of anybody entering the unit. After setting up the growing operations, he only had to go back to the apartments when the time came to harvest his buds, which he did about every 2-3 months. If he ever received a page from the burglar alarm computer, he'd know somebody had entered the place and he'd never go back to that apartment.

He ran this operation for several years before he got busted. His grow operations did not lead to his bust though. From what I was told, his personal apartment got broken into by burglars and his neighbors heard the break-in and called the police. Meanwhile, the burglars found his own personal stash and got nabbed by police while leaving the scene with several pounds of weed in Ziploc bags. This all happened over 10 years ago, and I haven't talked to him since months prior to his bust, so I never got to hear his side of the story. Despite his penchant for crime, he's a clever guy. I wonder what he's doing these days.

Edited by Colonel Panic
0

Share this post


Link to post
Share on other sites
An unrelated story, but one you might find interesting:

I once knew a medium-scale pot grower who ran a fully-automated business using old 486 computers running DOS and some custom-made management software.

He rented out a number apartments all over town under assumed names. In these apartments, he blocked up all the windows and installed growing systems including lights, hydroponics setups, etc. All the systems were automated and controlled through a computer program which he and a friend had written. The apartments also had burglar alarm systems with triggers at all the windows and doors, which were wired into a second computer through the serial port. There was a program running on that machine which would place a telephone call to his pager in the event of anybody entering the unit. After setting up the growing operations, he only had to go back to the apartments when the time came to harvest his buds, which he did about every 2-3 months. If he ever received a page from the burglar alarm computer, he'd know somebody had entered the place and he'd never go back to that apartment.

He ran this operation for several years before he got busted. His grow operations did not lead to his bust though. From what I was told, his personal apartment got broken into by burglars and his neighbors heard the break-in and called the police. Meanwhile, the burglars found his own personal stash and got nabbed by police while leaving the scene with several pounds of weed in Ziploc bags. This all happened over 10 years ago, and I haven't talked to him since months prior to his bust, so I never got to hear his side of the story. Despite his penchant for crime, he's a clever guy. I wonder what he's doing these days.

Nice story. It seems pot growers are a creative bunch in general. Wonder if it has to do with what they're smoking... ;) This story actually brings another issue to mind. How many times have mastermind or untouchable criminals gotten busted by rare, random events? The serial killer who gets caught during a traffic stop over a blinker that didn't work. The pot grower who is busted due to a burglary and his neighbor's kindness. (lol) I think crime is a special class of risk management. You can't just anticipate and watch out for the common or sensible stuff. You have to plan for every little [totally unlikely] thing because they are all equally devastating: jail time. This is why crime doesn't pay off over the long term. And why I'm not a career criminal... ;)

0

Share this post


Link to post
Share on other sites

Exactly. No matter how clever you think you are, you can never take into account all the infinite number of things that could possibly lead to your getting busted.

Not to mention that the longer a person gets away with criminal behavior, the more arrogant and brazen their attitude will become until they start taking really stupid risks on the assumption that the authorities are too inept to ever stop them.

0

Share this post


Link to post
Share on other sites
If your activities at your US based co-location involve illegal activities inside this country, we shouldn't even be having this conversation because you're probably too stupid to comprehend the world we live in.

That said, the OP article mentioned two datacenters. One who's warrant specified a particular rack. The other was in a "office" environment.

The warrant against a particular rack is justifiable to clean everything out unless for some reason you went cheap and only host by the size of server space (selling by the U Stop). If that's the case, then the colocation provider has a duty to make it known when asked by Law Enforcement that they (the suspect) rented out U23-25 inside rack XYZ to make the warrant as specific as possible. Think of it as if you ran a mail drop and you got a warrant saying to confiscate everything at 123 xyz street without mentioning which box number. That wouldn't be cool to many of the other people and I don't think Law Enforcement people intentionally set out to do harm to the innocent. That's what lawyers do.

Now the colocation in the "office" environment is a different case because it seemed like the offices and desk were used by Faulkner's employees or representatives. If they were actually a independent colocation, it would be entirely different but there was enough evidence just laying around that the LEO thought they were in collusion.

If you're not sure who runs your colocation or even what it looks like, you may want to pay a visit to them. After all, you pay them thousands of dollars a month (if you own racks). Why shouldn't you see where your data is housed. I've heard many horror stories about some overseas "colocations" with leaky roofs and flaky power, smoking and domino playing right next to your multi-million dollar proprietary hardware, little more than a storage locker with a latch for security, etc...

Jfalcon: Great point's I am in the process of zipping up all of the evidence, court testimony and hopefully we can get to the bottom of this. In the orginal warrant the Colo cage was not specific to the machines that were implicated in the fraud. Other than "its a blue cage, there may be evidence of the fraud on the machines enclosed in it"...

Since all the documents in total are over 100 pages, I will briefly recap one company that was affected by this raid. That I believe after speaking with other CEO and owners of similarly situated companies and reading court testimony appears to be credible.

http://www.webhostingtalk.com/showthread.php?t=852163

"My company was in the affected colocation facilities of CoreIP and I wanted to share facts with the community to help you so what happened to our company doesn't happen to yours.

1. Your equipment can be seized if your colo provider or network provider is alleged to have committed criminal activities. We owned all our own equipment and the colo company did not have login access to any of our equipment. But since they provided the network connection to our firewall and had physical access to our equipment (could touch the equipment), the FBI seized the equipment. A judge in federal court upheld the FBI could do this when one of the affected companies sued the government and FBI for a temporary restraining order. This is very scary for all of our civil liberties! You should probably do background checks on anyone you rent space from. This includes your office space, your apartment, your public storage and your data center. If the owner is alleged to commit a crime, you property in facilities they own can be seized for analysis.

2. Your offsite DR should be with a different colo company and with a different network provider (ours wasn't - shame on us, just never thought of this scenario). The DR companies should have no relation to your production colo company and network provider. We planned for power, network, fire, terrorists, etc., just not multi-site FBI seizures. We probably need a criminal mind to consider this as a scenario. Now you don't.

3. You should have enough reserves in the bank to be able to buy all new equipment because if the FBI seizes your equipment, they will keep it until they have analyzed all of it. That takes many months. You need the reserves because even if your DR plans work, you now need another site for DR the minute your main site is seized. We had buy all new equipment over the last 5 days even though we will get our seized equipment back some time in the future.

4. I would recommend using virtualized servers and keep images of the servers off-site so once you buy new servers, you can quickly get them up and running. The backups they provide you will not run on other equipment. (i.e. it is not dd images). Our off-site images would not run on the new equipment either as servers have changed so much in the last 3 years. We had to build servers from the ground up and restore just configuration.

5. Have great vendors. You will need them to help so you can get back up and running fast. Many components we had take weeks to order and some of our vendor expedited delivery to help us out. They also provided on site engineers to help reconfigure the new environment. We now know who to do business with in the future.

The unfortunate situation is the FBI is trying to catch bad guys and I support their intent. I just don't support their execution. The collateral damage they inflicted has caused more in losses for the innocent businesses affected than the alleged crimes of the people they are after. They do not understand colocation or data centers, nor do the judges. That is clear from their actions and the discussions we have had with them."

0

Share this post


Link to post
Share on other sites
If your activities at your US based co-location involve illegal activities inside this country, we shouldn't even be having this conversation because you're probably too stupid to comprehend the world we live in.

That said, the OP article mentioned two datacenters. One who's warrant specified a particular rack. The other was in a "office" environment.

The warrant against a particular rack is justifiable to clean everything out unless for some reason you went cheap and only host by the size of server space (selling by the U Stop). If that's the case, then the colocation provider has a duty to make it known when asked by Law Enforcement that they (the suspect) rented out U23-25 inside rack XYZ to make the warrant as specific as possible. Think of it as if you ran a mail drop and you got a warrant saying to confiscate everything at 123 xyz street without mentioning which box number. That wouldn't be cool to many of the other people and I don't think Law Enforcement people intentionally set out to do harm to the innocent. That's what lawyers do.

Now the colocation in the "office" environment is a different case because it seemed like the offices and desk were used by Faulkner's employees or representatives. If they were actually a independent colocation, it would be entirely different but there was enough evidence just laying around that the LEO thought they were in collusion.

If you're not sure who runs your colocation or even what it looks like, you may want to pay a visit to them. After all, you pay them thousands of dollars a month (if you own racks). Why shouldn't you see where your data is housed. I've heard many horror stories about some overseas "colocations" with leaky roofs and flaky power, smoking and domino playing right next to your multi-million dollar proprietary hardware, little more than a storage locker with a latch for security, etc...

Jfalcon: Great point's I am in the process of zipping up all of the evidence, court testimony and hopefully we can get to the bottom of this. In the orginal warrant the Colo cage was not specific to the machines that were implicated in the fraud. Other than "its a blue cage, there may be evidence of the fraud on the machines enclosed in it"...

Since all the documents in total are over 100 pages, I will briefly recap one company that was affected by this raid. That I believe after speaking with other CEO and owners of similarly situated companies and reading court testimony appears to be credible.

http://www.webhostingtalk.com/showthread.php?t=852163

"My company was in the affected colocation facilities of CoreIP and I wanted to share facts with the community to help you so what happened to our company doesn't happen to yours.

1. Your equipment can be seized if your colo provider or network provider is alleged to have committed criminal activities. We owned all our own equipment and the colo company did not have login access to any of our equipment. But since they provided the network connection to our firewall and had physical access to our equipment (could touch the equipment), the FBI seized the equipment. A judge in federal court upheld the FBI could do this when one of the affected companies sued the government and FBI for a temporary restraining order. This is very scary for all of our civil liberties! You should probably do background checks on anyone you rent space from. This includes your office space, your apartment, your public storage and your data center. If the owner is alleged to commit a crime, you property in facilities they own can be seized for analysis.

2. Your offsite DR should be with a different colo company and with a different network provider (ours wasn't - shame on us, just never thought of this scenario). The DR companies should have no relation to your production colo company and network provider. We planned for power, network, fire, terrorists, etc., just not multi-site FBI seizures. We probably need a criminal mind to consider this as a scenario. Now you don't.

3. You should have enough reserves in the bank to be able to buy all new equipment because if the FBI seizes your equipment, they will keep it until they have analyzed all of it. That takes many months. You need the reserves because even if your DR plans work, you now need another site for DR the minute your main site is seized. We had buy all new equipment over the last 5 days even though we will get our seized equipment back some time in the future.

4. I would recommend using virtualized servers and keep images of the servers off-site so once you buy new servers, you can quickly get them up and running. The backups they provide you will not run on other equipment. (i.e. it is not dd images). Our off-site images would not run on the new equipment either as servers have changed so much in the last 3 years. We had to build servers from the ground up and restore just configuration.

5. Have great vendors. You will need them to help so you can get back up and running fast. Many components we had take weeks to order and some of our vendor expedited delivery to help us out. They also provided on site engineers to help reconfigure the new environment. We now know who to do business with in the future.

The unfortunate situation is the FBI is trying to catch bad guys and I support their intent. I just don't support their execution. The collateral damage they inflicted has caused more in losses for the innocent businesses affected than the alleged crimes of the people they are after. They do not understand colocation or data centers, nor do the judges. That is clear from their actions and the discussions we have had with them."

Thanks for sharing that. It's actually some good advice, particularly using a backup at a completely different colo and network segment. I also second the virtualization option, but still need two different colo's or at least critical data backed up on different site. It's a nice FBI-proof DRP plan for colocation though.

0

Share this post


Link to post
Share on other sites

I have gathered all of the court documents and many of the reports, including the full amended complaint filed by Liquid Motors. Liquid Motors was the first company that had filed legal proceedings in the case of Liquid Motors, LLC v Allyn Lynd / USA. Claiming that the company’s, fourth amendment rights (pertaining to against reasonable searches & seizures) have been violated. You can view all case material at

http://www.securityfocus.tv/dallascolo/

0

Share this post


Link to post
Share on other sites

Why do so many people have this "omgz teh feds might be reading, don't reveal any of our super-secret secrets!!!" attitude? Have we learned nothing from open crypto?

Any security-related system shares at least one important thing with good crypto. If it's truly secure, it should still be secure after a million people and every government in the world know exactly how it works. If I post here and say "If the feds come to my door I could wipe the keyfiles to all my truecrypt volumes" and the feds read it, there's no difference between then and now. Before I post, I have basically the same chance to trash those keys as I do after I post.

Maybe I'm just high-strung right now (posting from work) but if I have to say this one more time I'm just gonna snap. Any system which is only "secure" based on the secrecy of its methods, cannot truly be considered "secure."

Peer Review is our friend, people.

0

Share this post


Link to post
Share on other sites

I have explosives wired to my "important" hard drives :) flip 2 switches then press button and they're fried :)

0

Share this post


Link to post
Share on other sites
I have explosives wired to my "important" hard drives :) flip 2 switches then press button and they're fried :)

The best way to do it, make a script that deletes every file, and makes like a million copies of one pornographic photo.

No but seriously, the best way, don't put anything on your drive that's illegal or questionable under law.

0

Share this post


Link to post
Share on other sites
I have explosives wired to my "important" hard drives :) flip 2 switches then press button and they're fried :)

The best way to do it, make a script that deletes every file, and makes like a million copies of one pornographic photo.

No but seriously, the best way, don't put anything on your drive that's illegal or questionable under law.

but I like my Pron...

:roll:

0

Share this post


Link to post
Share on other sites
I have explosives wired to my "important" hard drives :) flip 2 switches then press button and they're fried :)

The best way to do it, make a script that deletes every file, and makes like a million copies of one pornographic photo.

No but seriously, the best way, don't put anything on your drive that's illegal or questionable under law.

but I like my Pron...

:roll:

If your pron is illegal, then, um, wow, you're not my friend.

0

Share this post


Link to post
Share on other sites
I have explosives wired to my "important" hard drives :) flip 2 switches then press button and they're fried :)

The best way to do it, make a script that deletes every file, and makes like a million copies of one pornographic photo.

No but seriously, the best way, don't put anything on your drive that's illegal or questionable under law.

but I like my Pron...

:roll:

If your pron is illegal, then, um, wow, you're not my friend.

Chix0r pron is sooo illegal ^_~

Jk my slate is clean

0

Share this post


Link to post
Share on other sites
I have explosives wired to my "important" hard drives :) flip 2 switches then press button and they're fried :)

The best way to do it, make a script that deletes every file, and makes like a million copies of one pornographic photo.

No but seriously, the best way, don't put anything on your drive that's illegal or questionable under law.

but I like my Pron...

:roll:

If your pron is illegal, then, um, wow, you're not my friend.

Chix0r pron is sooo illegal ^_~

Jk my slate is clean

:huh:

0

Share this post


Link to post
Share on other sites
Why do so many people have this "omgz teh feds might be reading, don't reveal any of our super-secret secrets!!!" attitude? Have we learned nothing from open crypto?

Any security-related system shares at least one important thing with good crypto. If it's truly secure, it should still be secure after a million people and every government in the world know exactly how it works. If I post here and say "If the feds come to my door I could wipe the keyfiles to all my truecrypt volumes" and the feds read it, there's no difference between then and now. Before I post, I have basically the same chance to trash those keys as I do after I post.

Maybe I'm just high-strung right now (posting from work) but if I have to say this one more time I'm just gonna snap. Any system which is only "secure" based on the secrecy of its methods, cannot truly be considered "secure."

Peer Review is our friend, people.

Not really. I'm generally all for open-source, peer review and design according to Kerckhoff's Principle. However, there are many situations where obfuscation is a very effective tactic. The FBI-proof design I mentioned is based mostly on techniques that will work even if FBI has source. However, they might find a way to circumvent it if they know implementation specifics. Obfuscation will at least slow them down, and may stop them entirely if a killswitch is successfully disguised (and tripped by the attackers who are working blind). So, my approach is to combine rigorous security best practices with strong obfuscation to add extra assurance even in face of dedicated and sophisticated attackers.

Since you mentioned crypto, an example would be hiding which encryption algorithm was used on a data stream, but choosing it randomly from one of several AES finalists. If they the all-knowing attackers recover the source, they have to brute force using a peer-reviewed encryption algorithm. If they can't beat my obfuscation, then they have to brute force using six. As a matter of fact, they can't even be sure I'm actually using an AES finalist because the hint could have been planted intentionally in a low assurance component. The bottom line of the security systems I make are always based on industry best practices and mature software. However, I like to add obfuscation to make their lives more miserable. An obfuscation that costs them many man-months to beat might take me 10 minutes to create. Now that's just plain funny... lol

Edited by army_of_one
0

Share this post


Link to post
Share on other sites

I think the best way to deal with a LEO raid (the U.S. isn't the only one doing this) depends on the legitimacy of your site and whether continuity or privacy is more important.

First, continuity- can you get your site back up quickly and with no loss

If you're running a legitimate (not underground- easily traced back to your real world identity and address) site, cooperation might just be the best approach. If you're willing to point out to the nice officers which drives hold which data, they might not take out your entire data center. Think AOL or Verizon here. They have a warrant/subpoena department that cleanly hands out data to 'legitimate' parties using legal process.

Of course, you're admitting to control/dominion of that data- not good if it contains contraband- you're waiving some 5th amendment rights right there.

Multiple co-los in different jurisdictions could also help, but that gets expensive.

If you're running an underground site- you can have fun with massively distributed, massively redundant hosting (like a botnet). You can't use a rifle to shoot gnats.

Privacy- If you're legitimate, encryption doesn't really help you against LEO. A grand jury can issue a subpoena for the key. Not giving up the key means jail time until you do.

Of course, if you can't be found (underground), encryption is the way to go.

0

Share this post


Link to post
Share on other sites
Kim Zetter of Wired.com Reported: FBI Defends Disruptive Raids on at least two confirmed Texas Data Centers

http://blog.wired.com/27bstroke6/2009/04/d...centers-ra.html

"Among more than 300 legitimate businesses affected by the raid on Crydon were Intelmate, which provides inmate calling services for prisons and jails and had about $100,000 in equipment seized in the raid; a credit card processing company that had just become PCI compliant and was in the process of signing on its first customers; Primary Target, a video game company that makes first-person shooters; a mortgage brokerage; and a number of VoIP companies and international telecoms that provided customers with service to the U.S. through servers belonging to a separate company Faulkner ran called Intelivox. These customers essentially lost connectivity to the U.S. after the raid, Faulkner says."

CBS also has run a story on the raids at:

http://cbs11tv.com/local/Core.IP.Networks.2.974706.html ,including video of the FBI loading hundreds of computers in the back of trucks.

If company's such as Liquid Motors, LLC ( http://www.liquidmotors.com ) can be put out of business and have the FBI and government confiscate all of their equipment valued of over $400,000+ because they sublet space out of a Core IP cages.

Wired.com Magazine also published the court documents and TRO and lawsuit filed by Liquid Moters, Inc v Lynd/ USA at

http://blog.wired.com/27bstroke6/2009/04/company-caught.html

Not only does it bring up the legality of the FBI to seize servers and digital data that Law Firms, CPA's, Doctors, and anyone else that in entrusted with sensitive information and is bound to protect, that has equipment in Data Center's or Colocation Facilities.

But it also now brings up how to work with your Insurance providers, lawyers, and Data Centers to incorporate into your Businesses Disaster Recovery Plan, so you can get back online and functioning. Any Ideas ?

I have compiled a listing of numerous documents and links to news stories http://www.securityfocus.tv/dallascolo/ , I will also be working on .zipping all of the documents up so they can be easily downloaded.

I'd like to note part of what was said HERE at one of the links you provided and then comment below it :

But a 39-page affidavit (.pdf) related to the Crydon raid provides a convoluted account of the investigation. It alleges that a number of conspirators, some of who may have connections to Faulkner, conspired to obtain agreements from AT&T and Verizon to purchase connectivity services with the telecoms. Several documents used to provide proof of business ownership and financial stability were forged, according to the affidavit. For example, the affidavit claims that one of the conspirators named Ronald Northern sent AT&T a bill from Verizon to show that he had a history of paying for services on time. The bill was allegedly forged with Verizon's logo — which the company is claiming is a trademark infringement — and that the corporation number the conspirator used actually belonged to a different Verizon customer.

Northern could not be reached for comment.

The affidavit claims that Faulkner, Northern and others committed mail and wire fraud, criminal e-mail abuse (stemming from separate allegations of spamming), criminal copyright infringement and criminal use of fraudulent documents. The affidavit mentions several companies that Faulkner has been connected to including, Crydon, Premier Voice and Union Datacom.

My comment :

Considering the above was said in this article and taking into considering who it was who thinks the FBI raided for some other reason, I'd have to conclude that I don't buy that the FBI picked on the innocent.

I've seen this before, and actually it's very common, where the guilty proclaim, "We're innocent!" In fact, it's so common, that I've rarely heard the guilty say otherwise. I'll continue on this point to add this, since most claim they're innocent, does it mean just because they say so it makes their claims true? Are all guilty people innocent then because they say they are? I find that hard to believe.

Not to say I'm dumb enough to believe the innocent never get busted for no good reason, however I don't think this is one of those cases.

Now to comment on something that was said HERE which is another link you provided. I'll quote the part of the article and then comment below it :

Mark Burack, executive vice president for Liquid Motors, said his company did get its data back after supplying the FBI with hard drives, but that the company had to buy all new servers to restore its business.

"We had to replace everything," he said, noting that they won't know how much the raid cost them financially for a while. He said the company has more than 750 customers who were affected by the raid, and that they're working on restoring service to those customers.

First, this VP complained that servers were even taken though Liquid Motors wasn't the subject of the investigation. He forgot the fact that since the bandwidth ran through his servers, this equipment would need to be checked for any evidence it may reveal to help prosecute their target. So, this was necssary.

Secondly, notice this person complained the raid cost him financially by having to buy all new servers? Let me inform everyone here this is nothing new when law enforcement does any type of bust. IF any damage is done to property of any type, it's up to that property owner to repair/replace said property. That's just the way it's done in America and is not unique to this situation, though this VP thinks it is.

How do I know this? Let me relate a recent case of law enforcement doing something in an apartment building's front lobby. Several cops chased a robbery suspect into the front the lobby and the suspect had a weapon and threatened them with it, so the cops all fired on him and left many bulletholes in the front door, the walls, and the mailbox. Guess what happened regarding said property damages? The apartment owner had to replace the front door out of his pocket and repair the holes also out of his pocket. Why is that so? Because, again, if any property is damaged and needs to be repaired/replaced, it's up to the owner to shell out the money for these things. At best my apartment owner is hoping he can get reimbursed from the city at a later date. But, that's life as they say - if your property is damaged or even lost because of a police action, this is what will happen - so this VP in this article complaining as if he were some sort of target simply isn't the case - this happens all the time when law enforcement comes knocking anywhere and isn't unique to him or this case.

Most people haven't seen law enforcement in action and been in that situation to know the parties involved, but I have and this is how America works. And this isn't the first case of this I've seen either. Here where I live in "the hood" crimes are common and this happens all the time people, all the time.

So, for this VP (or anyone else) to blame law enforcement for this fact is not the right place to put the blame. He should blame the states for not being willing to, like in my apartment owners case, replace the door the next day out their pocket. So the complaining on this issue should be aimed there, law enforcement is not in charge of budgets. But I guess he doesn't know this - not everyone lives in "the hood" and gets to see America at work like myself.

0

Share this post


Link to post
Share on other sites

And btw, the title of this thread is "Does anyone have a Disaster Recovery Plan, for FBI raids?".

My comment to that question is :

Why have one? That's for people who walk around with blinders on. Here's why I say this :

To prepare ahead is the ONLY GOOD PLAN. It would prudent to check the background of businesses and people you're thinking of doing business with so if that party if a sleeze, you can backout of any ideas to deal with them before ever getting some product/service from them. Being proactive is the best way to handle everything in life, and this is no different.

Anyone who ended up in that situation has done so because of their failure to check into the parties they're thinking of dealing with. People are told to do this as good consumers, well as good business people, the advice should be the same.

This is like looking for some place when you're thinking of buying stocks. If you don't check first, you'll end up a victim of another Bernie Madoff. See what I mean, this is no different. Check first - be proactive.

This is best plan, period.

For example, in the case of this particular raid, the FBI said they found phoney documents. Well, as a good business person, if it had been me, I would've did that proactive checking first and discovered these phoney documents and thus never would've done any business with them, period. But that's the advantage of thinking ahead, you can keep away the potential for bad before anything hits.

But that's what will happen when 1)you don't think before acting, and 2)you blindly trust people. You get bit in the ass following that type of thinking in life. This FBI raid case is a perfect example of this.

Edit :

Decided to add this -

I have an observation to make. No offence meant as I say this. But I have read prior posts of yours and once read how you had an issue, suffered loss, etc, because you turned in some evidence against "bad hackers" and they swatted you as revenge (among other things). Well, add that news into this threads title and I can see why you titled this thread the way you did. You are one of those who do not think ahead, who do not check into things and people first, so it's no wonder you're thinking along the lines of "How to recover after shit has hit the fan" a.k.a. "What to do afterwards because I failed to think before I acted".

What I'm referring to is the example case of your experience with the bad hackers who revenged you. The only reason you were their target is because like a fool frankly, you plaster your real name and phone number and other personal info all over the place, therefore when you helped get them in trouble this made you an easy target for their revenge since you already supplied them with all the info they needed. Plus, if you do this because it's advertising for your security business it's just common sense to not plaster it here - in fact, your account here should be anonymous if you had sense since bad hackers do come to binrev, have accounts no doubt, and also read the stuff (which means you're exposing yourself again for no good reason) (no doubt, this is what you did before with the bad hackers, you had your personal info plastered on hacker sites and then wondered why they used it- duh), plus there are other things than could've been done in that case to protect you, yet you did nothing. See what I mean? You're the type who doesn't think ahead to keep away the bad in case it hits, you instead walk blindly into situations and then wonder why shit hits the fan so you end up having to ask yourself questions like "Distaster recovery plans". This question of yours wouldn't be an issue if you wouldn't "walk around with blinders on" but instead thought proactively regarding self protection.

So, I'm not surprised it's you who'd title a thread this way. It reveals your lack of thinking first in life. Which will always keep backfiring might I add, so don't be surprised when it keeps hitting you.

An example is that I once knew someone who turned in evidence against bad hackers, but guess what? He never once got hit from them as a result. But that's because he thought ahead for self protection, so when they came looking for him they couldn't find him. This is not something you'd do, see what I'm saying? If that person I knew could protect themselves, so could have you but as I said you don't think ahead before taking action so you got hit but he didn't.

Edited by totallyAunti
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now