Slashdot Mirror

← Back to Stories (view on slashdot.org)

Delete Data On Netbook If Stolen?

Posted by kdawson on from the grab-brick-smash-window dept.

An anonymous reader writes "I have just moved overseas on a 2-year working holiday visa and so I picked up a netbook for the interim, an MSI Wind U100 Plus running WinXP. I love it to bits. But as I am traveling around I am somewhat worried about theft. Most of my important stuff is in Gmail and Google Docs; however, I don't always have Net access and find it useful to gear up the offline versions for both. Ideally I would like to securely delete all the offline data from the hard drive if it were stolen. Since it is backed up in the cloud, and the netbook is so cheap I don't really care about recovery, a solution that bricks it would be fine — and indeed would give me a warm glow knowing a prospective thief would have wasted their time. But it's not good if they can extract the HD and get at the data some other way. All thief-foiling suggestions are welcome, be they software, hardware, or other."

2 of 459 comments (clear)

  1. Are you evil enough? by saynt · · Score: 5, Interesting

    First, get truecrypt, that takes care of your data.

      Now then, If you have the spark of evil in you, here's the plan.

        1. Set up multi-boot config.
        2. Create a bootable partition that has enough OS on it to run the drive and network, name it something interesting like 'Confidential'.
        3. Get the BIOS flash utils for your netbook, create a corrupt bios image that will still pass muster enough to install.
        4. Set up a boot time process on the netbook that does a 'wget' from a web site that you control. If it gets a file, quietly flash the BIOS with what it downloads.

        If you ever get ripped off, move the nasty BIOS image to the file location on your web site and bask in the glow of pure wickedness...

        You can test this with a valid BIOS image, but don't look at me if something terrible happens, you're playing with fire here.

  2. Re:Encryption by Sodakar · · Score: 5, Interesting

    On N270 Atoms, whole-disk AES encryption works perfectly fine, and the only time I notice a slow-down is when I'm running a benchmark program side-by-side with a model that has an unencrypted drive. For regular browsing and e-mail (which is what the person asking the question listed as a qualification), it's a non-issue.

    As some others have posted, and what my local police have told me, the laptop will likely have been sold for cash in less than 24 hours. Unless you are being targeted specifically for something of significant value such as corporate IP, it's unlikely that anyone is going to spend the time to try to unencrypt your drive.

    But other threats still loom...

    If you plan on connecting to any network, you will expose your machine to any network-based threat, so you ought to harden your machine accordingly.

    Make sure you still have a strong password for your account login. If your machine is in hibernate, the crypto authentication prompt will stop them, but if your machine was sleeping, it'll return to the OS prompt.

    The one scenario where you're not protected at all is if the machine is powered on, logged in, and someone grabs it by force. I realize there are proximity-based USB dongles that will lock the screen when the remote adapter is beyond range, but this may be far too impractical to use. A USB security dongle sticking out the side is a quick recipe for a broken USB port...