"Our credential scanning methods did not detect its presence (this issue has been corrected)."

Scanning binary blobs for sensitive information will always be a heuristic prone to false negatives and false positives. It's a good tactic but not the right solution to this problem. The real bug here is that they were using what seems like a very sensitive signing key held in memory, rather than a one held in a Hardware Security Module (HSM). That key should have been created in the HSM and done all it's signing from within the HSM. It should never have been in main memory to being with.

The first time I read the headline it said "Software Developer says MegaMan Master keys are Retrievable" so I thought it in regards to was some kind of ROM DRM. Second time I read it, it said "Software Developer says Sega Mega Keys are retrievable". So I googled Sega Mega only find that the Sega Genesis (or some variation) was marketed with that name in some parts of the world. This made some sense, although didn't really seem to belong in YRO. Is my mind deteriorating faster than I expected or is the Illuminati **cking with me?

Oh boy, instead of buying a $US0.50 stylus, I can buy a $US20.00 pair of gloves!

Too early to tell what "most applications" will be.

I bet only the kooks who made the forums so awful in the first place will pay the fee. They'll be the only ones with enough motivation to pay the money for the privilege of commenting.

Instigate a revolution, successfully overthrow the government, and instate a new government with more liberal social policies.

Once the power comes back on, and telecommunication services have recovered (and reconfigured) enjoy free western-style Internet access!

OH GOD YES

McAfee Stinger

http://vil.nai.com/vil/stinger/

Does even 1% of the population know or care if someone steals your car?

Does Cisco care that their IOS product name is being infringed? I don't think the USPTO differentiates case.

Nice to see that America’s elected officials can be culturally aware while remaining ignorant and ironic at the same time.

Don't use use your personal assets for work. Beyond the trouble you're already experiencing, it causes other problems: it prevents management from understanding the total cost of IT operations; it's likely to create unrealized dependencies on personnel (which will be realized upon their departure or transfer); and it complicates the creation of Disaster Recovery and Continuity of Operations plans.

The measures your hospital is taking may be draconian, but in the face of countless new articles trumpeting that latest XYZ agency/company/government who lost a laptop with account records full of very personal and very accessible information, it's understandable. It's very, very difficult for a corporation to maintain appropriate level of control over their own mobile assets. It's an unsolved problem, and to me at least, not obviously solvable without substantial changes to the underlying operating system and communication technology. (And then, will the resulting Internet be open, extensible, and autonomous like the one we have today?) But I digress...

If the system isn't bootable, and you have the right drive controller, carefully connect the old drive to a new system and use something like "ddrescue" ( http://www.forensicswiki.org/wiki/Ddrescue) or "dd_rescue" ( http://www.forensicswiki.org/wiki/Dd_rescue) to take a disk image. Both those programs try to recover from bad blocks, whereas standard dd usually will error out. (Personally, I'd make an image even if the system is bootable.)

With the disk image extracted, you can pack the hardware away or do whatever with it. Then you can focus on finding (or writing) tools to read the disk image. If you find that there is a Linux filesystem driver, you can use the loopback behaviour (see the man pages for "mount" or "losetup") to treat the disk image as if it were a drive. If you don't find a driver, perhaps you'll find some specialty command-line tools that can extract information, or documentation to write your own. At worst, you could use the "strings" command to read any text found on the image. Since you're working against an image, you can take your time, experiment with ad hoc techniques, make mistakes (remember to make backups), and try again and again.