Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Delete Data On Netbook If Stolen?

kdawson posted about 5 years ago | from the grab-brick-smash-window dept.

Portables 459

An anonymous reader writes "I have just moved overseas on a 2-year working holiday visa and so I picked up a netbook for the interim, an MSI Wind U100 Plus running WinXP. I love it to bits. But as I am traveling around I am somewhat worried about theft. Most of my important stuff is in Gmail and Google Docs; however, I don't always have Net access and find it useful to gear up the offline versions for both. Ideally I would like to securely delete all the offline data from the hard drive if it were stolen. Since it is backed up in the cloud, and the netbook is so cheap I don't really care about recovery, a solution that bricks it would be fine — and indeed would give me a warm glow knowing a prospective thief would have wasted their time. But it's not good if they can extract the HD and get at the data some other way. All thief-foiling suggestions are welcome, be they software, hardware, or other."

cancel ×

459 comments

Whole Disk Encryption (5, Insightful)

seifried (12921) | about 5 years ago | (#28766409)

The answer to your problem is whole disk encryption, not trying to delete the data.

Re:Whole Disk Encryption (4, Informative)

Anonymous Coward | about 5 years ago | (#28766583)

I know it doesn't help the OP, but on linux-based netbooks it's trivial to re-install linux with whole disk encryption if you want to upgrade to Ubuntu anyway. I've been running this way on my primary laptop for over a year and haven't really noticed any performance degradation.

Re:Whole Disk Encryption (1)

rapiddescent (572442) | about 5 years ago | (#28766785)

GPP doesn't mention what level of risk there is with having a weee pc from being stolen; however my own Asus Eeepc 904hd (fedora 10) has only the /home partition encrypted using in-built truecrypt. It's all configurable from the installation process (anaconda) - actually, it's just a checkbox when you configure the disk layout. This doesn't slow the performance noticeably but gives me a little reassurance that if it's stolen then it'll just be over-written with windows and sold on.

Re:Whole Disk Encryption (5, Funny)

grcumb (781340) | about 5 years ago | (#28766597)

The answer to your problem is whole disk encryption, not trying to delete the data.

Feh. Your so-called answer does not include the word 'thermite' or the phrase 'earth-shattering kaboom'. And you call yourself a geek?

Re:Whole Disk Encryption (5, Funny)

mjwx (966435) | about 5 years ago | (#28766689)

Feh. Your so-called answer does not include the word 'thermite' or the phrase 'earth-shattering kaboom'. And you call yourself a geek?

Where's the ka-boom. There was supposed to be an earth shattering ka-boom.

Re:Whole Disk Encryption (0)

Anonymous Coward | about 5 years ago | (#28766807)

Darn it, those customs guys stole the KABOOM!

Re:Whole Disk Encryption (1)

master5o1 (1068594) | about 5 years ago | (#28766783)

Well, you see, a the fourth failed attempt to decrypt the data would cause an earth shattering ka-boom ;)

Re:Whole Disk Encryption (0, Offtopic)

auric_dude (610172) | about 5 years ago | (#28766657)

If using Ubuntu then visit and ask the question at http://ubuntuforums.org/forumdisplay.php?f=338 [ubuntuforums.org] , they are friendly bunch and don't bite.

Re:Whole Disk Encryption (5, Funny)

Anonymous Coward | about 5 years ago | (#28766791)

the part where the original poster said "Running WinXP" may not have made it all the way in.

I despise answers that randomly suggest competing products without really answering the question. It's like "My lawnmower won't start" and "Well, if you had goats, then you could feed them a different feed to make them more motivated." Try to advertise less and answer the frakking question more, MMkay?

Re:Whole Disk Encryption (3, Funny)

someone1234 (830754) | about 5 years ago | (#28766809)

If your lawnmower doesn't work, one answer would be: try goats.

fencing (repost) (3, Insightful)

reiisi (1211052) | about 5 years ago | (#28766917)

To the average thief, and to the average receiver of a stolen netbook, if the netbook boots an alternative OS, it might as well be bricked.

Re:Whole Disk Encryption (1)

sofar (317980) | about 5 years ago | (#28766723)

not really, a serious alternative exists:

        not store any data at all locally, which is generally faster and uses less battery power etc. (than whole disk encryption).

Since he doesn't care about losing the system, not having any data on it would guarantee that he'd never lose any real data. Whole disk encryption would just invite him to store "some" data on the netbook.

Re:Whole Disk Encryption (0)

Anonymous Coward | about 5 years ago | (#28766801)

Except what gets cached, of course.

Re:Whole Disk Encryption (1)

Dayze!Confused (717774) | about 5 years ago | (#28766935)

except that he says that sometimes he doesn't have internet access so he DOES have to store things locally. I guess a different alternative would be to have a usb thumbdrive for that, but then that may get stolen.

Slow News Day - WTF? (4, Insightful)

mcrbids (148650) | about 5 years ago | (#28766775)

Google: windows encrypted drive + "I'm feeling lucky".

Here's what I got:

http://www.truecrypt.org/ [truecrypt.org]

I'm OK with "Ask Slashdot" being used to gather the collective experience of the techies that like to hang out off-hours here at /. - but.. this?!?

Something that could be addressed by a moment or two spent at Google or even (god's sake) Bing is a WASTE OF HITS. But maybe that's the plan - get droves of angry techies to bitch about the lameness of the stories, delivering ad impressions?

Crazy like a fox?

I'm on to you, Cmdr Taco, if that is your real name!

Re:Whole Disk Encryption (2, Informative)

muckracer (1204794) | about 5 years ago | (#28766863)

Would also like to mention FreeOTFE (http://www.freeotfe.org). Unlike Truecrypt it happens to be Linux/LUKS compatible.

Encryption (5, Informative)

pyite (140350) | about 5 years ago | (#28766411)

Encrypt the entire drive with TrueCrypt or something. Use a strong cipher and a very strong passphrase. The laptop is as good as bricked to anyone who gets it.

Re:Encryption (5, Insightful)

man_ls (248470) | about 5 years ago | (#28766439)

Whole-Disk AES via TrueCrypt is only BARELY above the "acceptable" threshold on a Core Solo. I cringe to think what it'd be like on an Atom. A better bet would be to use a container-hosted TrueCrypt volume, and set your My Documents folder into that volume.

Re:Encryption (1, Informative)

Anonymous Coward | about 5 years ago | (#28766471)

Get a seagate momentus FDE and do pre-boot authentication.
encryption is done in hardware, on the drive, viola.

Just make sure you get one of the FDE drives that does AES CBC not AES ECB.

Re:Encryption (3, Informative)

MichaelSmith (789609) | about 5 years ago | (#28766485)

Your average thief will spend five seconds looking for porn to keep, then reinstall the lot. The crummiest possible encryption would satisfy 99% of cases.

Re:Encryption (4, Informative)

wvmarle (1070040) | about 5 years ago | (#28766553)

Your average thief will try to resell it as soon as he can. Most thieves are not interested in the loot as such but in the money they can get for it.

fencing (5, Insightful)

reiisi (1211052) | about 5 years ago | (#28766901)

All the more reason to use a Linux or BSD based OS.

To the average thief or receiver of stolen goods, a netbook running an alternate OS is as good as bricked.

Re:Encryption (2, Interesting)

drb_chimaera (879110) | about 5 years ago | (#28766563)

I think he is referring to performance - theres a more than noticable hit on the performance of a netbook utilising full disk encryption (I read a couple of benchmarks suggesting it was in the region of 10-20%). YMMV as to whether its worth the hit for the security of what you want to store on the Eee

Re:Encryption (1)

Repossessed (1117929) | about 5 years ago | (#28766557)

They make netbooks with VIA processors, which have encryption functions built into the processor instruction sets.

I'm not sure if truecrypt would take advantage but if it did it would help immensely.

Re:Encryption (5, Interesting)

Sodakar (205398) | about 5 years ago | (#28766585)

On N270 Atoms, whole-disk AES encryption works perfectly fine, and the only time I notice a slow-down is when I'm running a benchmark program side-by-side with a model that has an unencrypted drive. For regular browsing and e-mail (which is what the person asking the question listed as a qualification), it's a non-issue.

As some others have posted, and what my local police have told me, the laptop will likely have been sold for cash in less than 24 hours. Unless you are being targeted specifically for something of significant value such as corporate IP, it's unlikely that anyone is going to spend the time to try to unencrypt your drive.

But other threats still loom...

If you plan on connecting to any network, you will expose your machine to any network-based threat, so you ought to harden your machine accordingly.

Make sure you still have a strong password for your account login. If your machine is in hibernate, the crypto authentication prompt will stop them, but if your machine was sleeping, it'll return to the OS prompt.

The one scenario where you're not protected at all is if the machine is powered on, logged in, and someone grabs it by force. I realize there are proximity-based USB dongles that will lock the screen when the remote adapter is beyond range, but this may be far too impractical to use. A USB security dongle sticking out the side is a quick recipe for a broken USB port...

Re:Encryption (1)

tehfly (1129653) | about 5 years ago | (#28766519)

Sure, I can agree that the data is unreadable, but that particular laptop is hardly bricked by it. You can still switch out the harddrive or boot from a USB stick. (afaik bricked means you can't use it anymore)

Re:Encryption (1)

dotgain (630123) | about 5 years ago | (#28766879)

Don't you love it when technical terms find their way into popular culture? Nowadays when people say "my laptop was bricked by hackers" they probably simply mean their screen is all smudgy.

On a netbook? (4, Funny)

Chuck Chunder (21021) | about 5 years ago | (#28766549)

The laptop is as good as bricked to anyone who gets it.

Including the owner!

Re:Encryption (0)

Anonymous Coward | about 5 years ago | (#28766599)

Agreed

Banks use a similar system on their fleets of laptops - a Truecrypt-like program asks for a password from the MBR on boot.

Re:Encryption (1)

rvw (755107) | about 5 years ago | (#28766759)

Encrypt the entire drive with TrueCrypt or something. Use a strong cipher and a very strong passphrase. The laptop is as good as bricked to anyone who gets it.

Use a passphrase that's easy and quick to type. Easy to type doesn't mean it has to be a bad password. My guess is that nobody cares about your documents, unless you work for some government or big company, or unless you're a celebrity. So an 8 or 10 character long password is good enough, and nobody will even attempt to break it.

nobody cares? (1)

reiisi (1211052) | about 5 years ago | (#28766931)

A number of people have suggested that the data is not important.

But what about cached credit card numbers or passwords?

Re:Encryption (1)

NitroWolf (72977) | about 5 years ago | (#28766765)

Encrypt the entire drive with TrueCrypt or something. Use a strong cipher and a very strong passphrase. The laptop is as good as bricked to anyone who gets it.

I'm really curious as to how it's "as good as bricked" to anyone who gets it? Seems to me, with this solution, a simple reformat/reinstall of the OS would make the computer 100% usable. Is this not the case? I'm not familiar with the netbook in question, so maybe it's impossible to reinstall the OS on it... but if it's like a normal computer, trashing the drive does not in any way, shape or form brick the computer.

Care to enlighten us as to how a scrambled hard drive bricks a computer?

Re:Encryption (1)

reiisi (1211052) | about 5 years ago | (#28766941)

As in, requires the receiver to "fix" the machine to use it. (In this case, an OS re-install is the way it would be fixed, but the average computer user doesn't really know for software or hardware.

a hack (5, Funny)

binford2k (142561) | about 5 years ago | (#28766413)

set up a scheduled task to wipe the drive unless you cancel it. Then don't forget to cancel it.

Re:a hack (0)

Anonymous Coward | about 5 years ago | (#28766443)

That wouldn't help much if the laptop's HDD were removed, i too support the whole disk encryption idea.

Re:a hack (2, Insightful)

jbacon (1327727) | about 5 years ago | (#28766451)

That's a TERRIBLE idea... Like, HOLY SHIT terrible.

Full disk encryption gets my vote as well - Truecrypt will do the job quite nicely, and relatively pain-free.

Re:a hack (4, Funny)

RsG (809189) | about 5 years ago | (#28766503)

That's a TERRIBLE idea... Like, HOLY SHIT terrible.

Then your threshold for terrible needs adjusting. I'm sure I can think of something worse than what the AC suggested :-P

For example: a small thermite charge, proximate to the hard drive platter. It's fused to go off if a particular peripheral isn't detected upon boot-up; you keep the peripheral "key" with you, perhaps attached to your regular key-chain. A thief tries to boot, and BOOM (okay, thermite doesn't "boom", but you get the idea) - no more HDD. Or netbook. Or whatever it happened to be on top of. Bonus points if the thief happens to have it on their lap at the time.

Now that, ladies and gentlemen, is how you propose a terrible idea. Compared to this, a full disk wipe sounds positively safe and reasonable.

(IMPORTANT: If anyone out there is stupid enough to take this suggestion seriously and implement this obvious deathtrap, I cannot be held accountable for any loss of property, organic damage or Darwin award nominations that result.)

Re:a hack (2, Insightful)

MichaelSmith (789609) | about 5 years ago | (#28766505)

That's a TERRIBLE idea... Like, HOLY SHIT terrible.

Why? The laptop is a backup for online data. He can afford to throw it away and reload it next time he goes on line.

Re:a hack (1)

socceroos (1374367) | about 5 years ago | (#28766539)

I'll take one of your openmoko phones off your hands if you're offering.

Back on topic, having to re-build the OS because you forgot to stop the cron job would be an almighty PITA.

Re:a hack (1)

MichaelSmith (789609) | about 5 years ago | (#28766631)

I haven't bought the phones yet. I was looking for people who want to collectively buy a pack. Are you in Melbourne? If not then shipping may cancel the advantage of buying in bulk. I have created a journal entry for people to express interest through.

Back on topic. Yeah I suppose so, especially with windows. I can netboot netbsd pretty fast.

Re:a hack (1)

KahabutDieDrake (1515139) | about 5 years ago | (#28766729)

You don't have a DVD case somewhere with all your systems backed up into with a known good build? Really? What the hell kind of geek are you?

I've got disk images on my server, and DVD hardcopies in a disc case for every computer I own (more than a few). Anytime one of my systems goes down, gets funked or catches a cold, I pop in a DVD and reboot. Half an hour later I'm rebooting into my fully configured and installed OS of choice.

Combined with a little intelligent partitioning you can make restoring a known good OS childsplay. I put aps and data on 2 separate partitions with the OS on a third. The only real downside is the sometimes tricky business of balancing disk usage. Win XP makes that about as hard as they can, because aps don't respect proper user directories. However it's not impossible and not even hard for a geek.

On to the subject at hand, I'm gonna throw in my 2 cents for Truecrypt also. I've been using it for ages and it's a beautiful thing. As to making it safe on a laptop that may be stolen, a friend of mine did this. Move all sensitive data to one drive/partition/directory (your choice), encrypt the hell out of that unit. Now write a shell script that nukes that unit if a certain key combination isn't pressed within X minutes of log in. Include a prompt that waits for input if you want to be fail safe. Problem solved. Now if you ever lose track of the laptop, and someone attempts to access it, all the important info will be encrypted to start, and erased most likely. This also foils most attempts to extract the HDD and read it with another machine as the data is safely encrypted in a junk file that no one but a pro will recognize. If you throw in a few other "junk" containers as decoys, you're pretty safe. No one is going to apply the horsepower required to even begin cracking the key, even assuming they find the correct file to unlock

For added fun, you can use a duress password which can be set to trigger any number of fun events. From formats to lock outs to fake data.

I'm not paranoid, I'm just careful. I don't think anyone is out to get me, nor do I think the data on my computer would be worth the effort of getting, but I'm damn sure going to make it REALLY hard, just in case. (also, I'm spiteful)

That being said, I liked the thermite idea. It might be a pain to travel with, somehow I'm thinking the airport guys are going to have a problem with even a small thermite charge. You could go EMP, but I'm not sure you could fit the power verter and the coil into the netbook... maybe a full sized laptop...

Re:a hack (0)

Anonymous Coward | about 5 years ago | (#28766869)

That's a TERRIBLE idea... Like, HOLY SHIT terrible.

Hmmm. I'm pretty sure the poster was joking.

Encryption (0)

Anonymous Coward | about 5 years ago | (#28766419)

Full Disk Encryption [truecrypt.org]

Encryption (2, Informative)

swmike (139450) | about 5 years ago | (#28766425)

That is what encryption is for. Get truecrypt or other similar application and then the data won't be extractable by anyone without the password.

Identity Theft or Physical Theft (4, Insightful)

MountainMan101 (714389) | about 5 years ago | (#28766433)

If it's physical theft I would think they would bin the HDD or sell it "as is" without even looking at what's on it. Bricking it doesn't do a lot, you'd probably just replace the HDD anyway.

Identity theft is more worrying. Why not encrypt the HDD with something like Fedora / Ubuntu offers - ie an encrypted /home or MyDocuments. That way the laptop won't log on for the thief.

Re:Identity Theft or Physical Theft (2, Interesting)

BikeHelmet (1437881) | about 5 years ago | (#28766481)

What if it was already logged in?

Ex: Someone grabs it at an internet cafe, while you're ordering something?

I know everyone else is thinking the same thing, but I'll say it anyway - encrypt the entire partition, with a tool like TrueCrypt.

Re:Identity Theft or Physical Theft (1)

BikeHelmet (1437881) | about 5 years ago | (#28766495)

(I'm aware that my suggestion doesn't deal with an already-logged in scenario. If anyone has an answer to that one, please, do reply with it!)

I suppose you could always hope they shut down the computer and can't get back in, but that's a pretty bad plan IMHO. :P

Re:Identity Theft or Physical Theft (4, Insightful)

Anonymous Coward | about 5 years ago | (#28766555)

If a thief grabs it, they would inevitably tuck it under their arm (walking around with an open netbook would slow them down and make them easier to spot). So set the netbook to shutdown when the lid is closed.

Re:Identity Theft or Physical Theft (2, Interesting)

cowbutt (21077) | about 5 years ago | (#28766567)

(I'm aware that my suggestion doesn't deal with an already-logged in scenario. If anyone has an answer to that one, please, do reply with it!)

Sounds like you need some kind of RF token and a receiver attached to the netbook; if the token goes out of range, the machine logs you out and/or shuts down. If push came to shove, I imagine you could bodge something together with a Bluetooth receiver and a Bluetooth enabled phone like BluePromixity [sourceforge.net] does.

Re:Identity Theft or Physical Theft (1, Informative)

Anonymous Coward | about 5 years ago | (#28766637)

You could just use something as simple as a screensaver password. After a few minutes of not using the machine, they would need the password to get back to your session.

There would be no way for them to run any tool to brute force the password or anything, without rebooting the machine. But then if they reboot the machine, they have to decrypt the drive again.

Re:Identity Theft or Physical Theft (1)

mjwx (966435) | about 5 years ago | (#28766735)

I suppose you could always hope they shut down the computer and can't get back in, but that's a pretty bad plan IMHO. :P

Automatic session time-outs?

But that's not the problem. If someone has physical access to the machine encryption is at best a roadblock, not a solution. All important files should be recoverable from recent backups. The encrypted data should be set to automatically delete after 5 or so incorrect password attempts, so in the event of theft and the thief wants access to your data then they will run the risk of deleting it. This can be worked around easily by using a separate OS though, so the only real way is to have the disk wiped by a device that is not connected to the OS and can be activated by remote but at this level of paranoia, why is data leaving a secure facility on a laptop of all things and not under armed guard.

But with most laptop thefts, the thief will sell it to the nearest pawn shop who will get the closest unscrupulous geek to install a new OS.

Nuke it from orbit (1, Funny)

Anonymous Coward | about 5 years ago | (#28766437)

It's the only way to be sure.

Booby trap it? (2, Funny)

Runaway1956 (1322357) | about 5 years ago | (#28766455)

There is probably room in the case for a few ounces of C4 explosive, and a detonator. You might have a hard time getting it through customs though..... and you had better never drop the thing so the detonator goes off!!

Re:Booby trap it? (0)

Anonymous Coward | about 5 years ago | (#28766603)

C4 it too much to just destroy the laptop, I suggest something smaller.

Re:Booby trap it? (1, Informative)

Anonymous Coward | about 5 years ago | (#28766633)

There is probably room in the case for a few ounces of C4 explosive, and a detonator. You might have a hard time getting it through customs though.....

I doubt it. The security theater at the airports I've seen only exists to inconvenience and intimidate, it would be pretty easy to for someone of average or greater intelligence to get knives, bombs, or other improvised weapons though.

Lojack for Laptops (3, Informative)

zhiwenchong (155773) | about 5 years ago | (#28766457)

Website: http://www.absolute.com/products/lojack [absolute.com]
FAQ: http://www.absolute.com/resources/public/FAQ/L4L-FAQ-E.pdf [absolute.com]

Costs $59.95/year for the premium package which supports Remote Wipe. Embeds itself in the BIOS/EFI. Supports XP and OS X.

Re:Lojack for Laptops (-1)

dokebi (624663) | about 5 years ago | (#28766491)

God damn it, RTF Summary! At this rate, I'll be yelling RTF Title by 2020.

Re:Lojack for Laptops (1)

zhiwenchong (155773) | about 5 years ago | (#28766529)

I did read the summary. I passed on information on a remote wipe service, which is one of the many options for doing what the poster wanted.
What part of the summary did you have trouble understanding?

Re:Lojack for Laptops (1)

JoshRosenbaum (841551) | about 5 years ago | (#28766757)

The part of the summary that the grandparent probably meant you missed was this: "But it's not good if they can extract the HD and get at the data some other way. "

Remote wipe does no good if the hard drive isn't in the machine.

alpha particles (2, Funny)

Anonymous Coward | about 5 years ago | (#28766459)

Carefully paint over the letters on the "T" and "E" keys with polonium-218 laced paint, then just remember to wear gloves when typing unless your name is something like "Frank" and your password is all digits.

Truecrypt + fake account (5, Insightful)

dargaud (518470) | about 5 years ago | (#28766469)

As others will have already said: use truecrypt. In addition, use two account: yours with a password, and another one (visible from the login shell) without password. Put a script in it that wipes the disk if anybody logs in it.

Re:Truecrypt + fake account (1, Insightful)

nil_orally (1574491) | about 5 years ago | (#28766687)

And the way to test this has been done correctly would be........?

Re:Truecrypt + fake account (2, Insightful)

Zebedeu (739988) | about 5 years ago | (#28766795)

Image the disk, test, bitcopy. Obviously.

The bonus is that you now have a ready-made image for your next netbook when this one is stolen.

folder encrypt (0)

Anonymous Coward | about 5 years ago | (#28766475)

... just keep all your important files in an encrypted folder using truecrypt. no reason to encrypt the entire drive...

Re:folder encrypt (1)

JSBiff (87824) | about 5 years ago | (#28766527)

Well, there is are a couple arguments for encrypting the whole drive. . .

1) Are you 100% certain that every program you use is allowing you to store data in the folder of your choosing (the TC 'drive') instead of shoving data either in program files (any app dev who puts data in Program Files needs to be taken out, have their geek card torn up, thrown on the ground, spit on, stomped on, then the dev gets beat up till they bleed, damn dumbasses, but unfortunately, it happens all the time, even with programs from very large IT vendors who should know better), or somewhere like %userprofile%\Application Data\AppName (that, at least, is not an actively *bad* place to put it, but doesn't always work well with encryption)? Or under a Unix-like environment, even if your home directories are encrypted, data might be getting saved to other folders like /usr/local, /var, /opt, etc.

2) What about the temp files directory? The page file? Interesting stuff might get stored in the temp files directory, and copies of all the encrypted data will likely be loaded into memory, and copied into the page file, at some point.

The only way to really be sure your data actually is encrypted, is to encrypt the whole drive.

Encryption and BIOS settings (2, Interesting)

orzetto (545509) | about 5 years ago | (#28766489)

Of course full-disk encryption, as lots of people have already suggested, but since you want the thief's time to be wasted, remember to password-protect the BIOS and disallow booting from USB drives or external units. Same goes for GRUB if you were on Linux. That way the thief will not be able to resell the netbook.

Yes, the thief could remove the BIOS battery, but he would have to tear the case open. If he knew how to open a laptop without breaking it, he has more skill than I would associate with a petty thief.

You might also consider Adeona [washington.edu] .

Re:Encryption and BIOS settings (4, Interesting)

JSBiff (87824) | about 5 years ago | (#28766547)

"Yes, the thief could remove the BIOS battery, but he would have to tear the case open. If he knew how to open a laptop without breaking it, he has more skill than I would associate with a petty thief."

Did it ever occur to you that the thief might be part of a larger crime organization, which organization might have a few people with pretty advanced technical skills? Or, even if they aren't, it's entirely possible/probable that after the thief fences the stolen computer, it will end up in the hands of someone both unscrupulous, and technically saavy?

Re:Encryption and BIOS settings (1)

jgrahn (181062) | about 5 years ago | (#28766607)

Of course full-disk encryption, as lots of people have already suggested, but since you want the thief's time to be wasted, remember to password-protect the BIOS and disallow booting from USB drives or external units. Same goes for GRUB if you were on Linux. That way the thief will not be able to resell the netbook.

Yes, the thief could remove the BIOS battery, but he would have to tear the case open. If he knew how to open a laptop without breaking it, he has more skill than I would associate with a petty thief.

I don't know what it's like where you live, but around here a thief is likely to be a junky who wants to transform your laptop into smack ASAP. The fence he sells it to has more skill; maybe he even specializes in computers.

Are you evil enough? (5, Interesting)

saynt (19633) | about 5 years ago | (#28766499)

First, get truecrypt, that takes care of your data.

  Now then, If you have the spark of evil in you, here's the plan.

    1. Set up multi-boot config.
    2. Create a bootable partition that has enough OS on it to run the drive and network, name it something interesting like 'Confidential'.
    3. Get the BIOS flash utils for your netbook, create a corrupt bios image that will still pass muster enough to install.
    4. Set up a boot time process on the netbook that does a 'wget' from a web site that you control. If it gets a file, quietly flash the BIOS with what it downloads.

    If you ever get ripped off, move the nasty BIOS image to the file location on your web site and bask in the glow of pure wickedness...

    You can test this with a valid BIOS image, but don't look at me if something terrible happens, you're playing with fire here.

Try a File Shredder (1)

fragmentate (908035) | about 5 years ago | (#28766517)

Try Eraser [heidi.ie]

Works fine for removing data. Might not work if advanced forensic techniques are used.

Most thieves don't have access to those forensic tools. And I'm assuming you don't need this level of protection. I'm assuming you're not trying to obfuscate your illegal Tracy Lord mpegs.

OS on a flashdrive? (1)

NoPantsJim (1149003) | about 5 years ago | (#28766533)

This might be a bit of overkill, and personally it is not something I've tried myself (yet). Install a user un-friendly version of Linux (just to confound the criminal) and use an Iron Key [ironkey.com] to run a super small Linux distro on. Keep all of your important data on the key. Don't store the laptop and the key together.

Added bonus - if you are around a desktop or a laptop better than a netbook, you can run your OS and all your documents through the drive.

Quick'n'easy (4, Interesting)

nick_davison (217681) | about 5 years ago | (#28766535)

1) Set up two accounts. Your actual one behind a password and an unprotected one.
2) In the unprotected one's startup, set it to delete all of your personal data.

You'll never log on via the unprotected account. Therefore you'll never accidentally delete everything. Even if you do manage to, as soon as you're next near a net connection it sounds like you can pull it back anyway.

Most casual thieves (sorry, your life isn't actually important enough that crack teams of ninja espionage winged monkeys will track you down and deliberately steal your data) will be perfectly happy to log on via the one account they can get on via and won't notice a suitably disguised process quietly cleaning everything sensitive off the machine.

It's not perfect, it's not infallible but, honestly, your data really isn't worth the hassle of defeating it for the average opportunistic thief.

You want to have more fun with them...

Set a scheduled task on that account to open Firefox 3.5 every 15 minutes and go to an address on your own server where it promptly gives its geolocation info [mozilla.com] before more obviously redirecting itself to some apparent malware site. They'll assume your machine's just infected with malware while you and the cops are given constant updates on their location.

Again, it's not perfect and most of /. could easily defeat it... But the average thief isn't a /. reader, they're just an opportunist who thinks they're getting something for free.

Multilayered Security (1, Insightful)

Anonymous Coward | about 5 years ago | (#28766537)

You could also use two layers of security. 1) Truecrypt the entire laptop and run a mobile OS with truecrypt off a flash drive, then make sure the flash drive never leaves your sight. 2) Truecrypt the entire laptop and store your personal data on a flash drive, again with truecrypt.

What do they want to steal? (4, Informative)

1s44c (552956) | about 5 years ago | (#28766577)

Most casual thieves want the hardware to use, resell, or simply because it's pretty. They don't give a toss about your data unless they can get easy cash out of it.

Encrypt the disk to protect your data. It doesn't even have to be very strong encryption but obviously good encryption is better if your CPU can handle it. You can save CPU cycles by only encrypting data that really needs to be kept personal.

Personally I'd be tempted to have some kind of low trick on there just to fuck with their minds. Add a script like
echo "GPS location tracking started..."
sleep 13
echo "Device location found and reported."
read x

There is absolutely no security in this but casual thieves are normally not too smart so might shit their pants.

Take to it with a hammer! (4, Funny)

syousef (465911) | about 5 years ago | (#28766593)

Right now! No thief will ever get your data if you destroy it right now!

Oh you wanted to use it in the meantime. Well that's different...

Napalm (0)

Anonymous Coward | about 5 years ago | (#28766595)

Well, not quite Napalm. Set your computer up with an embedded SIM card and a remote switch that disables the fans and ignites a small charge that shreds the board.

To set off? Have the SIM set to a custom phone number, prepaid, low cost, make sure it is full, and set to 1) answer and 2) require a passcode to activate. Then all you have to do is dial, punch in the passcode, and the computer fries itself. Alternatively, if hooked to GPS also, you could track its location and wipe it.

THERMITE! (1, Funny)

Anonymous Coward | about 5 years ago | (#28766611)

come on! this isn't tagged with 'thermite' yet? Consider me disappointed...

Ironkey? (0)

Anonymous Coward | about 5 years ago | (#28766615)

Try getting one of them Ironkey usb drives I been hearing about. These sound like they got some good protection to them. If someone tries to hack and break into them, or they guess the password wrong too many times, the thing destroys the encryption keys and the data can't ever be retrieved. They are a little pricey, but they might just be worth it.

truecrypt is not brickin it (1)

fsiefken (912606) | about 5 years ago | (#28766659)

Perhaps the poster meant to truly "brick" the netbook instead of just making sure no sensitive data can get stolen from the hard drive. In this case autoflashing the rom/bios with something nasty under some condition can do the trick.

Re:truecrypt is not brickin it (0)

Anonymous Coward | about 5 years ago | (#28766919)

I very much doubt that considering that the poster is an idiot.

He probably doesn't know 'data' existing and his laptop 'working' are very different things.

Hmmm (0)

Anonymous Coward | about 5 years ago | (#28766661)

I am an anonymous, cowardly thief. Thanks for the heads up.

encrypt anything mobile for the love of god (1)

timmarhy (659436) | about 5 years ago | (#28766663)

people this is 2009, how is it you haven't heard of encryption???!!

Re:encrypt anything mobile for the love of god (0)

Anonymous Coward | about 5 years ago | (#28766945)

then where is my personal jetpack and flying car?

Other question (0, Redundant)

obarthelemy (160321) | about 5 years ago | (#28766669)

Is any of you data valuable enough that anyone would care ?

Not to be rude, but your family photos, PhD paper, and Facebook journal aren't worth sh*t.

Why do they want your E-mail? (2, Informative)

ogl_codemonkey (706920) | about 5 years ago | (#28766673)

Firstly: You're not that interesting - nobody wants to read your E-mail, and the 'important' stuff (like your PGP keys) are individually passphrase protected, aren't they.

Secondly: You're not that interesting - the thief either wants the device for themselves, or to fence it for $50 worth of crack (or food, depending on where you travel). If they want it for themselves - chances are they'll just wipe it with a clean Windows install (you even leave the registration key on that little sticker on the back, don't you...) to get past your login/resume password. If they don't whoever fences it will.

Google docs and security? (1)

justinlee37 (993373) | about 5 years ago | (#28766701)

I find it hilarious that the submitter is worried about security, but keeps their "most" of their "important" stuff on google docs. If more people were biting on that obvious contradiction I'd say the submitter had successfully trolled the /. front page.

Re:Google docs and security? (0)

Anonymous Coward | about 5 years ago | (#28766829)

Yea that was the first thought that came to my mind, too. I mean:

"I have just moved overseas ... Most of my important stuff is in Gmail and Google Docs .. Since it is backed up in the cloud ...

So basically he's saying all his data is already in the hands of multiple 3rd parties; apparently even foreign 3rd parties.

Next there will be somebody asking for advice how to secure his car. He already gave his keys and papers to some random bloke on the street but wants to make sure nobody steals the pack of hankerchiefs in the glove compartment :D

Probably the most complicated idea (0)

Anonymous Coward | about 5 years ago | (#28766715)

It might be possible to buy a thin high power magnetic coil and rig up a small super capacitor to it in a way that the capacitor is charged off the battery and if the hd compartment is ever opened runs current through the coil erasing the hd contents (possibly damaging the drive too). then you simply disable cd booting in the bios password protect the bios and encrypt the hd. This idea is the safest (no possibility of accidental detonation) and most secure. if you rig it right the only way to get your data would be to drill through the case and cut the coil wire, which isn't likely.
But this is for the paranoid user, most stolen laptops have their hd's wiped almost immediately. It's easier to just put a fresh install into the laptop than try to hack the data. Most thieves aren't skilled enough to do that anyway.

Multi boot (1)

Joce640k (829181) | about 5 years ago | (#28766717)

Set it up with multiple boot options, and the default one does something nasty.

 

If you don't select the right boot option when you switch it on ... Zap! One wiped disk.

 

If you can wipe the BIOS...even better.

You already have your solution... (1)

stms (1132653) | about 5 years ago | (#28766739)

If it has Winxp on it it will self destruct eventually anyway.

Is this advertisement? (1)

Iffie (1410897) | about 5 years ago | (#28766789)

Sounds like an ad vor cloud computing and netbooks. If they steal your netbook its not the data they are after.

Deleting data not best solution (1)

dimethylxanthine (946092) | about 5 years ago | (#28766811)

Deleting data will likely not work for two reasons:

1) Shredding data (and that's what you want to do to reduce chance of recovering) on a hard drive takes time, and it is unlikely Someone Who Isn't You in possession of your laptop/netbook will wait patiently while your drive is being wiped clean, and so have the computer on; additionally you'd need a pretty long battery life to reliably shred even 60GB of space.
2) In case the above were possible, it would need to be done both discretely and effectively, thus requiring the shredder to a) operate on a running OS, b) delete all sensitive data in descending order of priority; which even then would not be 100% reliable.

So, unless your netbook ships with a remote controlled EMP module, your best bet is encryption.

- Anon

Odd (1)

PGC (880972) | about 5 years ago | (#28766823)

You are sharing your important data with a third party, however, the unimportant data should be destroyed?

SurfMan (1)

SurfMan (969573) | about 5 years ago | (#28766835)

I think the poster should worry about other things, like who the hell gave you the idea that storing your stuff at Google's is safe in the first place?? Fuck the netbook, get a decent place to store your "important" shizzle.

Maybe I don't understand something... (3, Insightful)

jalet (36114) | about 5 years ago | (#28766865)

but if you care about confidentiality of your datas once your laptop is stolen, and at the same time you store most of your datas on servers owned and administered by someone who is not you (the Google company in this case), then maybe you should think twice about what you do.

Groove (1)

pljvp (815748) | about 5 years ago | (#28766875)

Try MS Groove. It supports offline working, synchronizes your data (and forms and stuff) when your connection is up, and stores local copies in an encryped 'vault'. ...But there's a catch: you need to build something for your geared Gmail and Groove to sync.

crypto (1)

fishbowl (7759) | about 5 years ago | (#28766899)

A good encrypted filesystem is better than deleting: It's equivalent to overwriting the disc with random data.

Easy and Free (1)

spyguy99 (1278334) | about 5 years ago | (#28766913)

I use LaptoLock http://www.thelaptoplock.com/ [thelaptoplock.com] , its free to use and easy to set up, but it is Windows only. It is a bit old though, the last time it was updated was in 2007, but it works like a charm.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...