One Locked Down Laptop

I was recently watching a YouTube video, about how a guys computer got stolen (and how he recovered it using SSH, VNC, and hacker skills!) and all the lack of security he put on it and all the potential damages it could have caused. It made me think, on my new laptop, I had absolutely no security, not even an account password (normally I do have one.) With me going more and more places with my laptop, starting college classes again Fall 2011, and going to college full time as a freshmen in 2013, laptop theft is a strong probability. That being so, I spent about a day just locking down my laptop and seeing how much data I could protect, some of those things also protect my desktop now too.

On my new laptop I got a few days ago (Intel Core 2 Duo 2.2 ghz, 3 gb. ram, Latitude D630 w/ docking station, 14.1″), I first started by heeding the advice of my favorite blog, Lifehacker. I love Lifehacker, I have wallpaper for it, get emails daily with posts in it, read it daily on their website, follow it on Twitter, Liked it on Facebook, have it’s RSS on my iPod Touch, simply I like it a lot. Anyways, for a long time they have recommended LastPass as a great way of providing better security for your passwords. For a long time, I didn’t want to do it because I always thought it was important that I knew the passwords to all the places I used, and that if I was using a school computer or something, I wouldn’t be able to get the password. Well, I learned the cool part about LastPass is that it is stored online, making your passwords and other secure data accessible from anywhere, and providing syncing of passwords across browsers and OS’s. When I set it up, it was kinda scary cause it could see the passwords Firefox and Chrome had been storing, and the plain text of the password, which alone made it enough to convert and give up basic password managers. LastPass has some really cool login methods you can use, ranging from a printout grid that you have to input random parts from to having to have a certain USB drive plugged in to log into the website. I just use the simple log in method as I cannot guarantee myself that I will have one of those methods on me at all times. Another cool part about LastPass is its random password generators, I feel safe now knowing that all my online accounts have unique 12 character complex passwords, and the best part, I don’t know them. In short, I am a believer¬† in LastPass now in just about two days.

My second thought was, I still have information I don’t want losing on my PC besides just my laptop and for that I installed another Lifehacker recommendation, TrueCrypt. TrueCrypt has a lot of options for doing whatever you wanted, but what I wanted was a total OS encryption, before Windows can even boot, it must have my passphrase for decrypting the drive. I have not really seen that much of a slow down so far, and from what I read as long as you use AES encryption (DoD standard) you shouldn’t. *Random sidenote: In NCIS the forensics scientist Abby once talked about how to truly delete data you must write over the specific part of the hard drive several times, with TrueCrypt I was able to select that option when it encrypted, it wiped 3x to remove any traces*

And lastly, I added a double backup on my laptop (hadn’t set it up yet, only had it about a week or two), one backup to my local server, and one to my 2 TB. external hard drive.

I now feel fairly confident in the security I have put on my laptop (and desktop as my /home directory has always been LUKS encrypted, backed up, and now LastPass) and that I can deter most thieves from my data and the ones smart enough that get it won’t really be interested in what is on a 16 year olds laptop. If you haven’t taken at least one or two of these security measures, I recommend you do.

  • Fahim Mir Anwar

    Cool, you sound like a really smart guy and I would like to meet you in person.

blog comments powered by Disqus