Slashdot Mirror

← Back to Stories (view on slashdot.org)

Delete Data On Netbook If Stolen?

Posted by kdawson on from the grab-brick-smash-window dept.

An anonymous reader writes "I have just moved overseas on a 2-year working holiday visa and so I picked up a netbook for the interim, an MSI Wind U100 Plus running WinXP. I love it to bits. But as I am traveling around I am somewhat worried about theft. Most of my important stuff is in Gmail and Google Docs; however, I don't always have Net access and find it useful to gear up the offline versions for both. Ideally I would like to securely delete all the offline data from the hard drive if it were stolen. Since it is backed up in the cloud, and the netbook is so cheap I don't really care about recovery, a solution that bricks it would be fine — and indeed would give me a warm glow knowing a prospective thief would have wasted their time. But it's not good if they can extract the HD and get at the data some other way. All thief-foiling suggestions are welcome, be they software, hardware, or other."

15 of 459 comments (clear)

  1. Encryption by pyite · · Score: 5, Informative

    Encrypt the entire drive with TrueCrypt or something. Use a strong cipher and a very strong passphrase. The laptop is as good as bricked to anyone who gets it.

    --

    "Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman

    1. Re:Encryption by MichaelSmith · · Score: 3, Informative

      Your average thief will spend five seconds looking for porn to keep, then reinstall the lot. The crummiest possible encryption would satisfy 99% of cases.

      --
      http://michaelsmith.id.au
    2. Re:Encryption by wvmarle · · Score: 4, Informative

      Your average thief will try to resell it as soon as he can. Most thieves are not interested in the loot as such but in the money they can get for it.

    3. Re:Encryption by Wrath0fb0b · · Score: 5, Informative

      My personal experience with a Inspiron 1520 is that whole disk encryption significantly reduces battery life, which is a real usability problem.

      Most likely, when I get back to the states (I only encrypted for some overseas travel anyway), I will decrypt it and move back to an encrypted truecrypt container for the small number of documents that are really sensitive.

    4. Re:Encryption by AmiMoJo · · Score: 2, Informative

      I have a Pentium 3 Mobile 1.7GHz Thinkpad and Truecrypt makes no appreciable difference in performance. Even during benchmark tests the CPU is only about 50% loaded, so the bottleneck is the HDD itself. 50% sounds like a lot, but keep in mind we are talking artificial benchmarks here. Real world performance is probably in the order of 5-10% when loading an app or large file.

      Truecrypt is by far the best option. Not only does it protect your data in case of theft or over-zealous customs staff, but you can wipe the entire disk instantly just by destroying the TC header (1 sector). Without the header you can't even do a dictionary attack, you would need to brute force AES which is basically impossible in the foreseeable future.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. Encryption by swmike · · Score: 2, Informative

    That is what encryption is for. Get truecrypt or other similar application and then the data won't be extractable by anyone without the password.

  3. Lojack for Laptops by zhiwenchong · · Score: 3, Informative

    Website: http://www.absolute.com/products/lojack
    FAQ: http://www.absolute.com/resources/public/FAQ/L4L-FAQ-E.pdf

    Costs $59.95/year for the premium package which supports Remote Wipe. Embeds itself in the BIOS/EFI. Supports XP and OS X.

  4. What do they want to steal? by 1s44c · · Score: 4, Informative

    Most casual thieves want the hardware to use, resell, or simply because it's pretty. They don't give a toss about your data unless they can get easy cash out of it.

    Encrypt the disk to protect your data. It doesn't even have to be very strong encryption but obviously good encryption is better if your CPU can handle it. You can save CPU cycles by only encrypting data that really needs to be kept personal.

    Personally I'd be tempted to have some kind of low trick on there just to fuck with their minds. Add a script like
    echo "GPS location tracking started..."
    sleep 13
    echo "Device location found and reported."
    read x

    There is absolutely no security in this but casual thieves are normally not too smart so might shit their pants.

    1. Re:What do they want to steal? by subreality · · Score: 4, Informative

      It doesn't even have to be very strong encryption but obviously good encryption is better if your CPU can handle it.

      AES is quite fast on 32-bit CPUs. There's no excuse for bad crypto.

  5. Re:Whole Disk Encryption by Anonymous Coward · · Score: 4, Informative

    I know it doesn't help the OP, but on linux-based netbooks it's trivial to re-install linux with whole disk encryption if you want to upgrade to Ubuntu anyway. I've been running this way on my primary laptop for over a year and haven't really noticed any performance degradation.

  6. Why do they want your E-mail? by ogl_codemonkey · · Score: 2, Informative

    Firstly: You're not that interesting - nobody wants to read your E-mail, and the 'important' stuff (like your PGP keys) are individually passphrase protected, aren't they.

    Secondly: You're not that interesting - the thief either wants the device for themselves, or to fence it for $50 worth of crack (or food, depending on where you travel). If they want it for themselves - chances are they'll just wipe it with a clean Windows install (you even leave the registration key on that little sticker on the back, don't you...) to get past your login/resume password. If they don't whoever fences it will.

  7. Re:Whole Disk Encryption by muckracer · · Score: 2, Informative

    Would also like to mention FreeOTFE (http://www.freeotfe.org). Unlike Truecrypt it happens to be Linux/LUKS compatible.

  8. Re:Whole Disk Encryption by shentino · · Score: 2, Informative

    Google did IIRC.

  9. Re:Are you evil enough? by saynt · · Score: 2, Informative

    True, but there are ways to get a reasonably high level of confidence that something will happen. Most flash utils that I've dealt with either do no checking on the image, which is awful, or simply check it for size, extension, or a basic checksum. I'm guessing that this is because the developers believe that only an insane person would try to flash a .jpg or whatever to their BIOS. Since this is one of a very few things that can actually make your computer unusable, you would think that they would take more care, but they don't. As for testing, most of the flash utilities that I've used give you at least two chances to confirm that you really want to perform the flash, usually the last one is after the new BIOS has been read in and, presumably, passed any checks being done. If you were very familiar with the flash program and had the fortitude, you could run the process right up to the point of no return and then say 'no', and I would be pretty confident that something bad would have happened should you have gone ahead...

  10. Re:encryption is not the answer by swillden · · Score: 2, Informative

    The Atom can only barely play higher-quality youtube videos. Any little thing will tip it over the edge. I agree that it is only a minor impact for most users. But Atoms are a different case.

    You should actually try it. I have an OLPC XO-1 (with a Geode processor -- even slower than the Atom) and full-disk encryption makes no detectable difference in performance.

    What you're missing is the fact that symmetric ciphers, which are actually what the bulk encryption is done with, are very fast. Even low-end processors are typically able to encrypt/decrypt *many* times faster than they can read or write data to disk/flash. And, actually, there shouldn't be any storage I/O involved in playing a youtube video, so even if full-disk encryption were slow, it wouldn't cause a problem with that.

    --
    Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.