Slashdot Mirror

← Back to Stories (view on slashdot.org)

Delete Data On Netbook If Stolen?

Posted by kdawson on from the grab-brick-smash-window dept.

An anonymous reader writes "I have just moved overseas on a 2-year working holiday visa and so I picked up a netbook for the interim, an MSI Wind U100 Plus running WinXP. I love it to bits. But as I am traveling around I am somewhat worried about theft. Most of my important stuff is in Gmail and Google Docs; however, I don't always have Net access and find it useful to gear up the offline versions for both. Ideally I would like to securely delete all the offline data from the hard drive if it were stolen. Since it is backed up in the cloud, and the netbook is so cheap I don't really care about recovery, a solution that bricks it would be fine — and indeed would give me a warm glow knowing a prospective thief would have wasted their time. But it's not good if they can extract the HD and get at the data some other way. All thief-foiling suggestions are welcome, be they software, hardware, or other."

19 of 459 comments (clear)

  1. Whole Disk Encryption by seifried · · Score: 5, Insightful

    The answer to your problem is whole disk encryption, not trying to delete the data.

    1. Re:Whole Disk Encryption by sexconker · · Score: 2, Insightful

      You often aren't able to run a live disc on any sort of public PC. Either there's no disc drive, you don't have access to the boot menu/bios, or you simply don't have physical access to the machine.

      Either way, running from a live disc and a flash drive won't secure shit. For all you know there could be a hardware keylogger. For all you know there's some guy in the back room watching split video signals from all the machines in the coffee shop. If you're going to be paranoid, at least be paranoid.

  2. Identity Theft or Physical Theft by MountainMan101 · · Score: 4, Insightful

    If it's physical theft I would think they would bin the HDD or sell it "as is" without even looking at what's on it. Bricking it doesn't do a lot, you'd probably just replace the HDD anyway.

    Identity theft is more worrying. Why not encrypt the HDD with something like Fedora / Ubuntu offers - ie an encrypted /home or MyDocuments. That way the laptop won't log on for the thief.

    1. Re:Identity Theft or Physical Theft by Anonymous Coward · · Score: 4, Insightful

      If a thief grabs it, they would inevitably tuck it under their arm (walking around with an open netbook would slow them down and make them easier to spot). So set the netbook to shutdown when the lid is closed.

  3. Re:Encryption by man_ls · · Score: 5, Insightful

    Whole-Disk AES via TrueCrypt is only BARELY above the "acceptable" threshold on a Core Solo. I cringe to think what it'd be like on an Atom. A better bet would be to use a container-hosted TrueCrypt volume, and set your My Documents folder into that volume.

  4. Re:a hack by jbacon · · Score: 2, Insightful

    That's a TERRIBLE idea... Like, HOLY SHIT terrible.

    Full disk encryption gets my vote as well - Truecrypt will do the job quite nicely, and relatively pain-free.

  5. Truecrypt + fake account by dargaud · · Score: 5, Insightful

    As others will have already said: use truecrypt. In addition, use two account: yours with a password, and another one (visible from the login shell) without password. Put a script in it that wipes the disk if anybody logs in it.

    --
    Non-Linux Penguins ?
    1. Re:Truecrypt + fake account by nil_orally · · Score: 1, Insightful

      And the way to test this has been done correctly would be........?

    2. Re:Truecrypt + fake account by Zebedeu · · Score: 2, Insightful

      Image the disk, test, bitcopy. Obviously.

      The bonus is that you now have a ready-made image for your next netbook when this one is stolen.

  6. Re:a hack by MichaelSmith · · Score: 2, Insightful

    That's a TERRIBLE idea... Like, HOLY SHIT terrible.

    Why? The laptop is a backup for online data. He can afford to throw it away and reload it next time he goes on line.

    --
    http://michaelsmith.id.au
  7. Multilayered Security by Anonymous Coward · · Score: 1, Insightful

    You could also use two layers of security. 1) Truecrypt the entire laptop and run a mobile OS with truecrypt off a flash drive, then make sure the flash drive never leaves your sight. 2) Truecrypt the entire laptop and store your personal data on a flash drive, again with truecrypt.

  8. Slow News Day - WTF? by mcrbids · · Score: 4, Insightful

    Google: windows encrypted drive + "I'm feeling lucky".

    Here's what I got:

    http://www.truecrypt.org/

    I'm OK with "Ask Slashdot" being used to gather the collective experience of the techies that like to hang out off-hours here at /. - but.. this?!?

    Something that could be addressed by a moment or two spent at Google or even (god's sake) Bing is a WASTE OF HITS. But maybe that's the plan - get droves of angry techies to bitch about the lameness of the stories, delivering ad impressions?

    Crazy like a fox?

    I'm on to you, Cmdr Taco, if that is your real name!

    --
    I have no problem with your religion until you decide it's reason to deprive others of the truth.
    1. Re:Slow News Day - WTF? by DiLLeMaN · · Score: 2, Insightful

      I have this "Disable ads" checkbox near the top of the page because I've been a good /.'er, you insensitive clod!

      Besides, ABP is for n00bs. Squid -- with some general blocking rules -- keep ALL my browsers on ALL my machines ad-free.

      --
      /var/run/twitter.sock is a twitter socket puppet.
    2. Re:Slow News Day - WTF? by eggy78 · · Score: 2, Insightful

      I realize that maybe it's obnoxious for you, but I actually clicked over to /. from my RSS reader to view this post because it actually sounded pretty interesting and it's the kind of thing I wouldn't normally think about. There are a lot of really sharp people here and there have been times where I've spent a long while searching Google for just the right solution to come up with nothing, and then a week or two later somebody on /. has the perfect answer. I, for one, really appreciate this kind of post. Plus it's not like you can't skip over it. That's what I do with at least 30% of the stuff that shows up for me. Of course, you're welcome to your opinion; I just thought I'd say that you're not speaking on behalf of everyone. Unfortunately, I don't have any great advice for the OP because I came here to learn something cool!

  9. Maybe I don't understand something... by jalet · · Score: 3, Insightful

    but if you care about confidentiality of your datas once your laptop is stolen, and at the same time you store most of your datas on servers owned and administered by someone who is not you (the Google company in this case), then maybe you should think twice about what you do.

    --
    Votez ecolo : Chiez dans l'urne !
  10. fencing by reiisi · · Score: 5, Insightful

    All the more reason to use a Linux or BSD based OS.

    To the average thief or receiver of stolen goods, a netbook running an alternate OS is as good as bricked.

    --
    Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
  11. fencing (repost) by reiisi · · Score: 3, Insightful

    To the average thief, and to the average receiver of a stolen netbook, if the netbook boots an alternative OS, it might as well be bricked.

    --
    Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
  12. Re:Quick'n'easy by Mistlefoot · · Score: 3, Insightful



    And while at Custom's, have the border guard try to log in to your computer. Have him "access" the second account, delete all the data and then discover that you find yourself in some foreign court charged with destroying whatever it is they claim you destroy.

    I do believe there have been cases in the US where people have been compelled by the courts to produce encryption keys for data on laptops they have tried to carry past customs. The poster does want to do this for protection while traveling "overseas". I wouldn't suggest entering some countries and claiming you just had a script delete everything on your harddrive - when their customs tried to log - but "you have nothing to hide - honest".

  13. Before it's stolen by AlpineR · · Score: 2, Insightful

    Simple. Cover the message with black duct tape. Nobody sees the message and nobody bothers you. But when the thief peels off the tape, they are DOOMED.