Slashdot Mirror

← Back to Stories (view on slashdot.org)

Delete Data On Netbook If Stolen?

Posted by kdawson on from the grab-brick-smash-window dept.

An anonymous reader writes "I have just moved overseas on a 2-year working holiday visa and so I picked up a netbook for the interim, an MSI Wind U100 Plus running WinXP. I love it to bits. But as I am traveling around I am somewhat worried about theft. Most of my important stuff is in Gmail and Google Docs; however, I don't always have Net access and find it useful to gear up the offline versions for both. Ideally I would like to securely delete all the offline data from the hard drive if it were stolen. Since it is backed up in the cloud, and the netbook is so cheap I don't really care about recovery, a solution that bricks it would be fine — and indeed would give me a warm glow knowing a prospective thief would have wasted their time. But it's not good if they can extract the HD and get at the data some other way. All thief-foiling suggestions are welcome, be they software, hardware, or other."

27 of 459 comments (clear)

  1. Whole Disk Encryption by seifried · · Score: 5, Insightful

    The answer to your problem is whole disk encryption, not trying to delete the data.

    1. Re:Whole Disk Encryption by Anonymous Coward · · Score: 4, Informative

      I know it doesn't help the OP, but on linux-based netbooks it's trivial to re-install linux with whole disk encryption if you want to upgrade to Ubuntu anyway. I've been running this way on my primary laptop for over a year and haven't really noticed any performance degradation.

    2. Re:Whole Disk Encryption by grcumb · · Score: 5, Funny

      The answer to your problem is whole disk encryption, not trying to delete the data.

      Feh. Your so-called answer does not include the word 'thermite' or the phrase 'earth-shattering kaboom'. And you call yourself a geek?

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
    3. Re:Whole Disk Encryption by mjwx · · Score: 5, Funny

      Feh. Your so-called answer does not include the word 'thermite' or the phrase 'earth-shattering kaboom'. And you call yourself a geek?

      Where's the ka-boom. There was supposed to be an earth shattering ka-boom.

      --
      Calling someone a "hater" only means you can not rationally rebut their argument.
    4. Re:Whole Disk Encryption by Anonymous Coward · · Score: 5, Funny

      the part where the original poster said "Running WinXP" may not have made it all the way in.

      I despise answers that randomly suggest competing products without really answering the question. It's like "My lawnmower won't start" and "Well, if you had goats, then you could feed them a different feed to make them more motivated." Try to advertise less and answer the frakking question more, MMkay?

    5. Re:Whole Disk Encryption by Krneki · · Score: 4, Funny

      Easy solution.

      Install a Sony battery.

      Ka-boom.
      http://geeksaresexy.blogspot.com/2006/11/lithium-ion-laptop-battery-explosion.html

      P.S: It was made by a Gnome, so it might explode before it gets stolen.

      --
      Love many, trust a few, do harm to none.
    6. Re:Whole Disk Encryption by hairyfeet · · Score: 5, Funny

      The correct answer is truecrypt for Windows XP then simply encrypt the drive and voila! No password no data. But I can't think of any other way to totally brick it and still have it legal to travel with. After all customs tends to frown on C4, even if all you are doing is trying to teach thieves a valuable lesson in respecting peoples property.

      Of course if you really wanted to make them suffer you could keep a small DOS partition and have it set to load in case of incorrect password and then use a batch file to play slides of Goatse and Tubgirl and maybe a few choice selections from 2 girls one cup, while playing a wav file of that damned annoying frog full blast on endless loop, but I think you may risk getting arrested for crimes against humanity. But I'm sure after the thief was done throwing up and washing out his eyes with bleach a valuable lesson would be learned.

      --
      ACs don't waste your time replying, your posts are never seen by me.
  2. Encryption by pyite · · Score: 5, Informative

    Encrypt the entire drive with TrueCrypt or something. Use a strong cipher and a very strong passphrase. The laptop is as good as bricked to anyone who gets it.

    --

    "Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman

    1. Re:Encryption by man_ls · · Score: 5, Insightful

      Whole-Disk AES via TrueCrypt is only BARELY above the "acceptable" threshold on a Core Solo. I cringe to think what it'd be like on an Atom. A better bet would be to use a container-hosted TrueCrypt volume, and set your My Documents folder into that volume.

    2. Re:Encryption by wvmarle · · Score: 4, Informative

      Your average thief will try to resell it as soon as he can. Most thieves are not interested in the loot as such but in the money they can get for it.

    3. Re:Encryption by Sodakar · · Score: 5, Interesting

      On N270 Atoms, whole-disk AES encryption works perfectly fine, and the only time I notice a slow-down is when I'm running a benchmark program side-by-side with a model that has an unencrypted drive. For regular browsing and e-mail (which is what the person asking the question listed as a qualification), it's a non-issue.

      As some others have posted, and what my local police have told me, the laptop will likely have been sold for cash in less than 24 hours. Unless you are being targeted specifically for something of significant value such as corporate IP, it's unlikely that anyone is going to spend the time to try to unencrypt your drive.

      But other threats still loom...

      If you plan on connecting to any network, you will expose your machine to any network-based threat, so you ought to harden your machine accordingly.

      Make sure you still have a strong password for your account login. If your machine is in hibernate, the crypto authentication prompt will stop them, but if your machine was sleeping, it'll return to the OS prompt.

      The one scenario where you're not protected at all is if the machine is powered on, logged in, and someone grabs it by force. I realize there are proximity-based USB dongles that will lock the screen when the remote adapter is beyond range, but this may be far too impractical to use. A USB security dongle sticking out the side is a quick recipe for a broken USB port...

    4. Re:Encryption by Wrath0fb0b · · Score: 5, Informative

      My personal experience with a Inspiron 1520 is that whole disk encryption significantly reduces battery life, which is a real usability problem.

      Most likely, when I get back to the states (I only encrypted for some overseas travel anyway), I will decrypt it and move back to an encrypted truecrypt container for the small number of documents that are really sensitive.

  3. a hack by binford2k · · Score: 5, Funny

    set up a scheduled task to wipe the drive unless you cancel it. Then don't forget to cancel it.

    1. Re:a hack by RsG · · Score: 4, Funny

      That's a TERRIBLE idea... Like, HOLY SHIT terrible.

      Then your threshold for terrible needs adjusting. I'm sure I can think of something worse than what the AC suggested :-P

      For example: a small thermite charge, proximate to the hard drive platter. It's fused to go off if a particular peripheral isn't detected upon boot-up; you keep the peripheral "key" with you, perhaps attached to your regular key-chain. A thief tries to boot, and BOOM (okay, thermite doesn't "boom", but you get the idea) - no more HDD. Or netbook. Or whatever it happened to be on top of. Bonus points if the thief happens to have it on their lap at the time.

      Now that, ladies and gentlemen, is how you propose a terrible idea. Compared to this, a full disk wipe sounds positively safe and reasonable.

      (IMPORTANT: If anyone out there is stupid enough to take this suggestion seriously and implement this obvious deathtrap, I cannot be held accountable for any loss of property, organic damage or Darwin award nominations that result.)

      --
      Erotic is when you use a feather. Exotic is when you use the whole chicken.
    2. Re:a hack by YourExperiment · · Score: 5, Funny

      The OP says he's moved "overseas" so presumably some day he'll be travelling back to which ever country he came from

      Not necessarily, he might have moved out of the U.K.

      (No flames please, I'm British :)

  4. Identity Theft or Physical Theft by MountainMan101 · · Score: 4, Insightful

    If it's physical theft I would think they would bin the HDD or sell it "as is" without even looking at what's on it. Bricking it doesn't do a lot, you'd probably just replace the HDD anyway.

    Identity theft is more worrying. Why not encrypt the HDD with something like Fedora / Ubuntu offers - ie an encrypted /home or MyDocuments. That way the laptop won't log on for the thief.

    1. Re:Identity Theft or Physical Theft by Anonymous Coward · · Score: 4, Insightful

      If a thief grabs it, they would inevitably tuck it under their arm (walking around with an open netbook would slow them down and make them easier to spot). So set the netbook to shutdown when the lid is closed.

  5. Truecrypt + fake account by dargaud · · Score: 5, Insightful

    As others will have already said: use truecrypt. In addition, use two account: yours with a password, and another one (visible from the login shell) without password. Put a script in it that wipes the disk if anybody logs in it.

    --
    Non-Linux Penguins ?
  6. Are you evil enough? by saynt · · Score: 5, Interesting

    First, get truecrypt, that takes care of your data.

      Now then, If you have the spark of evil in you, here's the plan.

        1. Set up multi-boot config.
        2. Create a bootable partition that has enough OS on it to run the drive and network, name it something interesting like 'Confidential'.
        3. Get the BIOS flash utils for your netbook, create a corrupt bios image that will still pass muster enough to install.
        4. Set up a boot time process on the netbook that does a 'wget' from a web site that you control. If it gets a file, quietly flash the BIOS with what it downloads.

        If you ever get ripped off, move the nasty BIOS image to the file location on your web site and bask in the glow of pure wickedness...

        You can test this with a valid BIOS image, but don't look at me if something terrible happens, you're playing with fire here.

  7. Quick'n'easy by nick_davison · · Score: 4, Interesting

    1) Set up two accounts. Your actual one behind a password and an unprotected one.
    2) In the unprotected one's startup, set it to delete all of your personal data.

    You'll never log on via the unprotected account. Therefore you'll never accidentally delete everything. Even if you do manage to, as soon as you're next near a net connection it sounds like you can pull it back anyway.

    Most casual thieves (sorry, your life isn't actually important enough that crack teams of ninja espionage winged monkeys will track you down and deliberately steal your data) will be perfectly happy to log on via the one account they can get on via and won't notice a suitably disguised process quietly cleaning everything sensitive off the machine.

    It's not perfect, it's not infallible but, honestly, your data really isn't worth the hassle of defeating it for the average opportunistic thief.

    You want to have more fun with them...

    Set a scheduled task on that account to open Firefox 3.5 every 15 minutes and go to an address on your own server where it promptly gives its geolocation info before more obviously redirecting itself to some apparent malware site. They'll assume your machine's just infected with malware while you and the cops are given constant updates on their location.

    Again, it's not perfect and most of /. could easily defeat it... But the average thief isn't a /. reader, they're just an opportunist who thinks they're getting something for free.

  8. Re:Encryption and BIOS settings by JSBiff · · Score: 4, Interesting

    "Yes, the thief could remove the BIOS battery, but he would have to tear the case open. If he knew how to open a laptop without breaking it, he has more skill than I would associate with a petty thief."

    Did it ever occur to you that the thief might be part of a larger crime organization, which organization might have a few people with pretty advanced technical skills? Or, even if they aren't, it's entirely possible/probable that after the thief fences the stolen computer, it will end up in the hands of someone both unscrupulous, and technically saavy?

  9. On a netbook? by Chuck+Chunder · · Score: 4, Funny

    The laptop is as good as bricked to anyone who gets it.

    Including the owner!

    --
    Boffoonery - downloadable Comedy Benefit for Bletchley Park
  10. What do they want to steal? by 1s44c · · Score: 4, Informative

    Most casual thieves want the hardware to use, resell, or simply because it's pretty. They don't give a toss about your data unless they can get easy cash out of it.

    Encrypt the disk to protect your data. It doesn't even have to be very strong encryption but obviously good encryption is better if your CPU can handle it. You can save CPU cycles by only encrypting data that really needs to be kept personal.

    Personally I'd be tempted to have some kind of low trick on there just to fuck with their minds. Add a script like
    echo "GPS location tracking started..."
    sleep 13
    echo "Device location found and reported."
    read x

    There is absolutely no security in this but casual thieves are normally not too smart so might shit their pants.

    1. Re:What do they want to steal? by subreality · · Score: 4, Informative

      It doesn't even have to be very strong encryption but obviously good encryption is better if your CPU can handle it.

      AES is quite fast on 32-bit CPUs. There's no excuse for bad crypto.

  11. Take to it with a hammer! by syousef · · Score: 4, Funny

    Right now! No thief will ever get your data if you destroy it right now!

    Oh you wanted to use it in the meantime. Well that's different...

    --
    These posts express my own personal views, not those of my employer
  12. Slow News Day - WTF? by mcrbids · · Score: 4, Insightful

    Google: windows encrypted drive + "I'm feeling lucky".

    Here's what I got:

    http://www.truecrypt.org/

    I'm OK with "Ask Slashdot" being used to gather the collective experience of the techies that like to hang out off-hours here at /. - but.. this?!?

    Something that could be addressed by a moment or two spent at Google or even (god's sake) Bing is a WASTE OF HITS. But maybe that's the plan - get droves of angry techies to bitch about the lameness of the stories, delivering ad impressions?

    Crazy like a fox?

    I'm on to you, Cmdr Taco, if that is your real name!

    --
    I have no problem with your religion until you decide it's reason to deprive others of the truth.
  13. fencing by reiisi · · Score: 5, Insightful

    All the more reason to use a Linux or BSD based OS.

    To the average thief or receiver of stolen goods, a netbook running an alternate OS is as good as bricked.

    --
    Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.