A lost laptop or how to have your identity stolen and expose other peoples credit card information

September 21st, 2006

Losing a laptop can cause a lot of grief, the lost photos from the holiday in Swiss Alps is ofton the smallest problem, private information in the wrong hands can be a lot bigger, especially when it is not only your own information.
With a standard Windows XP installation the protection is very poor, even when using boot up bios passwords and a password protected account. There are many ways to crack a laptop.

The main problem is, that most data on the harddrive is in unencrypted form - making it possible for anyone with physical access to the drive to read the data of the drive.
How to protect the sensitive data

There are some different ways to keep your sensitive data safe

1)Keep the data completely of the hard drive.

Use the laptop as terminal. Boot from a live-cdrom or the image of one. But don’t keep the data of the hard drive. Access the data via an encrypted network connection like ssh or vpn. The advantage is that if the file data is only stored in the ram it should be completely of once the laptop is restarted.
One efficient way to this is to use remote access protocols (VNC, Windows Terminal Service…etc), in this case the data will never be on the local laptop since everything will be going on on the server.

2)Keep the data on the hard drive but encrypted
Encrypt a partition: an encrypted drive can be an efficient protection. Just be carefull that backups or other copies of the data are not saved outside the encrypted partion.

You can use a encrypted data partition, along an unencrypted system partition for

Truecrypt is efficient for this. Read an overview here or a howto in encrypting a drive here.

Encrypt the data file by file:Possible, and maybe a solution if it is very few files which is only accessed rarely. This can be done by GnuPG or similar.

Conclusion

As a ordinary home user, with mostly none-sensible data I find an encrypted partition to be the the obvios choice, since it requires no server and use free software (truecrypt) it is very cheap. The data can still be compromised, but it is difficult and requires time and resources.

UPDATE

——————————————————

A great article about how easy it is to break in to a mac, if you have physical access.

Entry Filed under: security, tech

Leave a Comment

You must be logged in to post a comment.

Trackback this post  |  Subscribe to the comments via RSS Feed

Archives

Related Posts

Track stolen Gadgets with Gadget-Track
With Gadget-Tracks system your stolen gadgets phone home. The system is very simple, the gadget has

How to easily sync Outlook calendar with an ordinary cell phone
A week ago I discussed the possible ways one could sync the cell phone with

E T(heme) phone home – Wordpress Themes monitors secretely?
I was pretty surprised when I found Google Analytics tracking code in the footer of

Does the future belong to Google Office?
I thought the online office suite would fail without doubt, but after trying out

Travelling safely - keeping digital copies of the important documents in hand
When travelling digital copies of important documents can come in handy When going on my last

Most Recent Posts

Ads