Really? Every place I have worked with more than about 50 employees has used full drive encryption, so a laptop being stolen is not an infosec risk at all.
FDE only works if the machine is powered off. If a machine is stolen while it is still running there's a risk the user account could be compromised. Depending how sophisticated your adversary is they could potentially completely compromise the machine and extract all of the data. When you have physical access and no time pressure the options are vast.
FDE could be made to protect the data when the machine is out of range of its secure home network too.
Leaving it on, the machine would detect loss of home network fairly quickly and lock itself.
The FDE key would depend on a key server on the home network, so it could not be rebooted and unlocked just with the physical on-board devices.
If some parts of the FDE were handled on the storage itself and required a periodic end-to-end refresh with the home network key server, then even freezing main RAM (literally) to extract keys later would not work.
More generally, the FDE key could be split over a number of components on the machine, all of them requiring end-to-end periodic refresh from the home network key server, making it extremely difficult to freeze all on-board devices effectively enough to extract the whole key and decrypt the storage contents. Add RAM encryption to complete the job.
The videos I saw don't inspire much dread, there, but they may give the laptop to someone that can do digital forensics. Lots of LEOs in that lot. They would be smart enough to stay out of the building, but might have been waiting for someone to come out with something like that.
But, as someone pointed out, a lot of the folks wouldn't bother trying to read anything. They'd probably try to plant their own fantasies onto it, and send it to Rudy The Hair Dye Man.
On another note, the same publication (a redtop, so the language is rather "pithy") has this story[0], in which the "Fine People on All Sides" smeared feces around the place.
They have a photo of a guy on his hands and knees, cleaning the place. He's a congressman.[1]
They'll probably give it to that computer repair guy in Deleware so he can pull off all of the emails from March of 2021 and somehow lose them in the mail when he tries to send them to Fox News.
Who is to say that a few opportunistic spies weren't in that push looking for anything of interest? Historically, this has been the case during these sorts of events. When the Stasi HQ was overwhelmed by protestors, Western intelligence agents were the first in the building securing lots of information.
Really? When I worked at one of the Big Four a stolen/lost laptop was DefCon 4, despite all of the security precautions. We were actually required to notify a partner in the firm before contacting law enforcement.
me too, i have a special "corporate 911" card that i've been informed during onboarding is the "real" 911. No matter the emergency, lost/stolen passports, lost/stolen corp computer, place crash, car crash, anywhere in the world the company does business, i've been told to call it first before doing anythign else.
Not to detract from the point you're trying to make with meaningless pedantry, but minimum DEFCON is 5, current is 4, we spend most of our time swapping between the two. I assume what you mean is 2.
Uh.. I think it's standard security policy in most enterprises to discuss matters internally before getting law enforcement involved. That's just prudent. If I walked into a company where the policy was "let IT staff talk to LE first, then notify chief counsel" I'd change that on day 1.