Delete Data On Netbook If Stolen? 459
An anonymous reader writes "I have just moved overseas on a 2-year working holiday visa and so I picked up a netbook for the interim, an MSI Wind U100 Plus running WinXP. I love it to bits. But as I am traveling around I am somewhat worried about theft. Most of my important stuff is in Gmail and Google Docs; however, I don't always have Net access and find it useful to gear up the offline versions for both. Ideally I would like to securely delete all the offline data from the hard drive if it were stolen. Since it is backed up in the cloud, and the netbook is so cheap I don't really care about recovery, a solution that bricks it would be fine — and indeed would give me a warm glow knowing a prospective thief would have wasted their time. But it's not good if they can extract the HD and get at the data some other way. All thief-foiling suggestions are welcome, be they software, hardware, or other."
Re:Identity Theft or Physical Theft (Score:3, Interesting)
What if it was already logged in?
Ex: Someone grabs it at an internet cafe, while you're ordering something?
I know everyone else is thinking the same thing, but I'll say it anyway - encrypt the entire partition, with a tool like TrueCrypt.
Encryption and BIOS settings (Score:3, Interesting)
Of course full-disk encryption, as lots of people have already suggested, but since you want the thief's time to be wasted, remember to password-protect the BIOS and disallow booting from USB drives or external units. Same goes for GRUB if you were on Linux. That way the thief will not be able to resell the netbook.
Yes, the thief could remove the BIOS battery, but he would have to tear the case open. If he knew how to open a laptop without breaking it, he has more skill than I would associate with a petty thief.
You might also consider Adeona [washington.edu].
Are you evil enough? (Score:5, Interesting)
First, get truecrypt, that takes care of your data.
Now then, If you have the spark of evil in you, here's the plan.
1. Set up multi-boot config.
2. Create a bootable partition that has enough OS on it to run the drive and network, name it something interesting like 'Confidential'.
3. Get the BIOS flash utils for your netbook, create a corrupt bios image that will still pass muster enough to install.
4. Set up a boot time process on the netbook that does a 'wget' from a web site that you control. If it gets a file, quietly flash the BIOS with what it downloads.
If you ever get ripped off, move the nasty BIOS image to the file location on your web site and bask in the glow of pure wickedness...
You can test this with a valid BIOS image, but don't look at me if something terrible happens, you're playing with fire here.
Quick'n'easy (Score:5, Interesting)
1) Set up two accounts. Your actual one behind a password and an unprotected one.
2) In the unprotected one's startup, set it to delete all of your personal data.
You'll never log on via the unprotected account. Therefore you'll never accidentally delete everything. Even if you do manage to, as soon as you're next near a net connection it sounds like you can pull it back anyway.
Most casual thieves (sorry, your life isn't actually important enough that crack teams of ninja espionage winged monkeys will track you down and deliberately steal your data) will be perfectly happy to log on via the one account they can get on via and won't notice a suitably disguised process quietly cleaning everything sensitive off the machine.
It's not perfect, it's not infallible but, honestly, your data really isn't worth the hassle of defeating it for the average opportunistic thief.
You want to have more fun with them...
Set a scheduled task on that account to open Firefox 3.5 every 15 minutes and go to an address on your own server where it promptly gives its geolocation info [mozilla.com] before more obviously redirecting itself to some apparent malware site. They'll assume your machine's just infected with malware while you and the cops are given constant updates on their location.
Again, it's not perfect and most of /. could easily defeat it... But the average thief isn't a /. reader, they're just an opportunist who thinks they're getting something for free.
Re:Encryption and BIOS settings (Score:5, Interesting)
"Yes, the thief could remove the BIOS battery, but he would have to tear the case open. If he knew how to open a laptop without breaking it, he has more skill than I would associate with a petty thief."
Did it ever occur to you that the thief might be part of a larger crime organization, which organization might have a few people with pretty advanced technical skills? Or, even if they aren't, it's entirely possible/probable that after the thief fences the stolen computer, it will end up in the hands of someone both unscrupulous, and technically saavy?
Re:Encryption (Score:2, Interesting)
Re:Identity Theft or Physical Theft (Score:3, Interesting)
(I'm aware that my suggestion doesn't deal with an already-logged in scenario. If anyone has an answer to that one, please, do reply with it!)
Sounds like you need some kind of RF token and a receiver attached to the netbook; if the token goes out of range, the machine logs you out and/or shuts down. If push came to shove, I imagine you could bodge something together with a Bluetooth receiver and a Bluetooth enabled phone like BluePromixity [sourceforge.net] does.
Re:Encryption (Score:5, Interesting)
On N270 Atoms, whole-disk AES encryption works perfectly fine, and the only time I notice a slow-down is when I'm running a benchmark program side-by-side with a model that has an unencrypted drive. For regular browsing and e-mail (which is what the person asking the question listed as a qualification), it's a non-issue.
As some others have posted, and what my local police have told me, the laptop will likely have been sold for cash in less than 24 hours. Unless you are being targeted specifically for something of significant value such as corporate IP, it's unlikely that anyone is going to spend the time to try to unencrypt your drive.
But other threats still loom...
If you plan on connecting to any network, you will expose your machine to any network-based threat, so you ought to harden your machine accordingly.
Make sure you still have a strong password for your account login. If your machine is in hibernate, the crypto authentication prompt will stop them, but if your machine was sleeping, it'll return to the OS prompt.
The one scenario where you're not protected at all is if the machine is powered on, logged in, and someone grabs it by force. I realize there are proximity-based USB dongles that will lock the screen when the remote adapter is beyond range, but this may be far too impractical to use. A USB security dongle sticking out the side is a quick recipe for a broken USB port...
Re:a hack (Score:4, Interesting)
The OP says he's moved "overseas" so presumably some day he'll be travelling back to which ever country he came from, and I would guess that includes flying.
paint a STOLEN FROM ... message on the front (Score:4, Interesting)
THIS COMPUTER WAS STOLEN FROM <your name/phone number>
In large, contrasting letters - for extra points write it in the language(s) of the countries to be visited. Not only will it draw unwanted attention to whoever tries to use it, but it will make the stolen item impossible to sell on errr, auction sites, where most of this stuff ends up.
Re:Encryption (Score:4, Interesting)
Re:Whole Disk Encryption (Score:2, Interesting)
Moot. The word is moot.
That's open to discussion or debate and of little or no practical value or meaning;
Re:Whole Disk Encryption (Score:3, Interesting)
Dependent on the total size of the data you want to store local copies of...
.
Buy a good flash drive and keep it on your key chain. Preferably an Ironkey ( www.ironkey.com ) or something similar that offers some serious hardware encryption along with other anti-theft features.
.
Use something like XMarks for Firefox so you can access all of your bookmarks, and even stored passwords if desired, without storing any of it on the netbook. Now simply treat the netbook as a public access PC. If it gets lost or stolen there isn't anything on it to worry about in the first place.
Bonus for international travel is that you don't have anything on the PC for customs to nose around in, and no software making you look ""Suspicious"" just because you value privacy. Or better yet, you can just leave the netbook at home and use your flash drive on a PC at your destination.
.
Potential deal breakers - 1. If you need to carry around more than 8 or 16GB you'll have trouble finding a really good secure drive. Sure more than one drive would work but at some point multiple drives become silly. 2. If your one of those people who can never find their keys or is constantly losing flash drives this is probably a really bad idea.
Re:Whole Disk Encryption (Score:3, Interesting)
encryption is not the answer (Score:3, Interesting)
But there is a free solution which is more like thermite.
Encryption is wrong for netbooks because the Atom is a slow, single-core chip. It really can't afford the extra overhead.
Encryption also won't do what the submitter asks: bricking the device.
But ATA passwords will do this! Sometimes called "drivelock," these are firmware passwords you type when powering on a disk. If it doesn't get the right password, the disk will refuse to cooperate. Recovering the data from such a disk requires expensive equipment that almost certainly isn't available or worth the effort to the common thief. This solution meets the submitters requirement of bricking the device, and it also keeps his data safe.
Disclaimer: There are many drives out there from major manufactures which have flawed ATA password implementations. Check and see if your HD is among the list of drives which are so flawed.