Facebook Linked In Flickr RSS

January 11th, 2011 Computer Security: A Different Perspective

Many of us when considering how to protect ourselves from a physically external threat against our personal computers would usually consider the following steadfast solution:

  • Password everything
    • Use passwords that are difficult to guess (unrelated to our lives, jumbles of letters and numbers, etc)
    • Never use the same password twice
    • Always use mixed case letters, numbers and symbols
    • Ensure the password is at least 8 characters long
    • Never use whole dictionary words anywhere in your password
  • Keep Daily Backups
  • Keep Your Computer in a Safe Place

These rules generally keep us safe in the information age; but I wonder if we didn’t think our clever plan all the way through. What if an unpleasant sort of person might sneak about and steal away our computer? What if they also were to take our backup drive? What then?

Well, here’s what happens.

  • If you’ve passworded and encrypted your operating system…
    • If your data is worth it, they can still get it.
    • They reformat your laptop and re-install a pirated OS on your computer. It’s easy .
    • Your chances of recovering the laptop at this point are slim to nill.

  • If you’ve only passworded your operating system…
    • They can still easily get your data.
    • They reformat your laptop and re-install a pirated copy of OS on your computer.
    • Your chances of recovering the laptop at this point are slim to nill.

  • If your OS doesn’t have so much as a password on it…
    • They get your data with no difficulty whatsoever.
    • They usually sell your laptop as is, sometimes even with your data still intact!
    • Your chances of recovering the laptop at this point are actually pretty good!

So really, the question comes down to this: What’s more important to you? The privacy of your data, or your hardware?


If the privacy of your data is more important, then keep this in mind. Generally speaking, once someone has physical access to your computer, there’s pretty much nothing you can do to prevent them from accessing your data. Encryption slows the process, it might stop a few, but if your data is worth having, nothing can stop someone from pulling it from the physical machine. With that in mind, don’t carry that data on your laptop if it’s so important! Keep it on a flash drive and tuck it away in a safe. Nuke your browser history and cookies after you browse the internet, or use Firefox and plug-ins that help you do that more easily.

If you’re concerned about ensuring you don’t lose your data, you might keep online backups. It’s all the rage, and there are lots of different companies already offering services for around $5.00/month.

Once your mobile system is free from the things you’re terrified of others seeing, your main concern is retrieving the hardware should it be stolen.


In this day and age, one can easily use services to track the location of an individual by IP address. There are many companies that provide this service, and many programs have thus been made to take advantage of these services. If you were to install one of these many, many, many, many products, you could get an exact location of where your laptop is the next time it’s turned on. You could use software to take a picture of the thief in action. These products, however, assume the thief is able to log into and make use of your system. After all, if you can’t get into someone’s laptop, how much fun it is to stare at the lock prompt, asking you for a password you don’t know? At that point, you’d just wipe it and start with a new OS, wiping away all of your security. Useless.

So, am I saying you should leave your computer with no password? No. That’s not a very good idea at all. …but it sure couldn’t hurt to make a guest account with just enough to get your thief to use the computer for a while so those wonderful products tell you what s/he looks like, and where s/he is.

Not convinced of this method yet? Well, this gentleman certainly presented a great case.

1 Comment Written by Soleil Golden at 1:24 pm
  1. Justin Hobley
    March 19th, 2011 5:22 am

    I'm particularly fond of Seagate's Momentus line of hard drive, since they happen to offer an FDE model, one of which is FIPS compliant.
    These particular drives are encrypted at the hardware level, and are designed in such a way that if you feed it the wrong password too many times, it turns the data to slaw and locks the drive. Can't even reformat the drive to reinstall the OS, I've found.
    Those're the fun calls I take when I get these people calling in, and have locked themselves out of the FDE HDD, because they were stupid on setting it up -- I get one a year.
    Those are the ones that Kroll and DriveSavers couldn't do much with, if memory serves me well.

Add Your Thoughts