Re: Laptop hacked into by security officials during pre-flight check

Ms. Blond 2007 wrote:
Recently y laptop was taken away from me for "security" examination
at JFK Airport at the security check for a flight to a destination
in the Middle East (known for its stringent security procedures).
Given my employment, the interest in the contents of laptop by
these particular security agents was not entirely surprising.

The logbooks give strong reason for me to believe that security
agents hacked into my (Windows password protected) laptop. I also
suspect that my laptop was connected to the internet given that the
Adobe Acrobat Updater had started and the last "offline content"
webpage was the login webpage to my internet email account whilst I
had not recently visited that page. I had absolutely nothing to
hide but feel nevertheless that, absent any probable cause, this
represents a gross invasion of privacy unjustified by any law
enforcement rationale.

How do I confirm that my laptop was hacked into and that it was
connected to the internet? The logbooks have a series of entries
which I find difficult to understand.
Can anybody explain "translate" this particular logbook entry
(copied below) into regular non-IT English? (I've translated some
of this into English from another European language so some of this
may not be standard IT-speak.)

Event Type: Control of succesful events
Origin of event: Security
Category of event: Use of authorizations
Event-ID: 576
Date: [deleted for privacy considerations]
Time: [deleted for privacy considerations]
User: NT AUTHORITY\Netwerkservice
Computer: [deleted for privacy considerations]
Description:
Special authorizations granted to a new logon user:
User name: Netwerkservice
Domein: NT AUTHORITY
Logon-ID: (0x0,0x3E4)
Priviledges: SeAuditPrivilege
SeAssignPrimaryTokenPrivilege
SeChangeNotifyPrivilege

Is this evidence that my laptop was hacked into?

Many thanks.

No.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html


.

Relevant Pages

  • Re: How can I identify a system uniquely using MFC code
    ... If my laptop is stolen, there is no security issue, because I make it a point to never ... (and if you believe that the Next Generation Secure Computing Base will actually make ... The TCB (Trusted Computing Base) does solve some important problems in computer security, ...
    (microsoft.public.vc.mfc)
  • Re: [Full-disclosure] Undisclosed breach at major US facility
    ... If the effects of HIPAA, SOx, GLBA et al could be measured in dollars, it has cost corporations millions of dollars in software, hardware and personnel expenses. ... A perfect example of the dichotomy between what should be and what is is the recent theft of a laptop with millions of VA records on it. ... Furthermore, I'm certain that the theft of the laptop never crossed the mind of the employee who took the records home or of his supervisors, who merely winked at the violation of policy, because they were more concerned about getting "extra" work out of the employee than they were about the potential loss of data should the laptop be stolen. ... When passwords finally go away, almost one-half of the security problem will be solved, simply because humans will no longer be making decisions about what constitutes a secure authentication methodology. ...
    (Full-Disclosure)
  • RE: The VA Stolen Laptop - Lessons Learned
    ... workplace and, anytime sensitive data like that is put on a laptop, encrypt ... I think you have to plan out system security before you implement ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence ...
    (Security-Basics)
  • Re: Rebuilding Simple Home Network - Finding Highest Security Level Avail on Ea Comp
    ... configured with WPA/WPA2 Personal, with WPA enabled and WPA2 disabled. ... network must be configured to use the same security ... you can't set your Linksys to ... use WPA and your laptop to use WEP or WPA2 for instance. ...
    (microsoft.public.windowsxp.general)
  • [Fwd: Re: Security procedure question]
    ... case is the need to re-clone the laptop and lose some number of unmerged ... Subject: Security procedure question ... So indirectly biometrics ... In the case where the USB fingerprint reader is stolen with the ...
    (Security-Basics)