A month ago, developer Nikhil Kodilkar’s laptop was stolen. He had a few security measures in place, but he also learned a lot from the experience. Here are a few of the more important lessons he learned.
Image by Florian
Let’s go over a “What if” condition. Right now, what if some stranger had access to your personal laptop and they are going over everything you have on the hard drive?
The thought alone is enough to send chills through my spine. Now replace laptop with “Backup storage” or “Desktop”—whatever it is you use regularly—to get the desired effect.
Recently my house was broken into, and along with other valuables, they took my beloved ThinkPad. (Yes, I love those plain black no-nonsense machines.)
My laptop was full of personal & important information. It’s been almost a month since it was stolen, and it still drives me crazy thinking about it. But enough rambling; let me get you to the meat of the story:
As most of you, my laptop didn’t have any hard drive encryption. The only safety it had was my password and luckily fingerprint scanner. This is one reason I like ThinkPads. You can have a pretty long and complicated password, but at the same time have fingerprint authentication. Hence when you want to login to your computer, you just swipe your finger and you are in. Anyone who wants to breakin to the computer has an uphill battle.
Coming back to encryption, I should have had at least rudimentary encryption enabled, so that even if someone gets in, they have to have basic skills to get to your data.
You have a number of options which you can employ to keep your data safer, and I want to get this out, so all my friends can implement them. Here are a few:
1. Hide your personal folders
I know, this sounds extremely lame, especially for all who have grown up with computers, but you will be surprised with how many people don’t know how to “unhide” a folder. I’m talking about PCs here. The person who stole your computer may not even be skilled enough to find your hidden folders. It’s not fool-proof but it is the minimum! I’m kicking myself for not doing even this.
Did you know that there is a free encryption program available on the internet, which you can use to encrypt a part or whole of your hard drive or your backup USB drive ?
Well neither did I.
For geeks like me who want to get into the details of everything, there is this nice comparison of features.
Ed. note: Check out our guide to encrypting your entire operating system for seriously heavy-duty encryption.
If you are going to buy a new laptop, you have two more options: Hardware encryption and Bitlocker. Bitlocker only comes with Windows 7 Ultimate.
3. Use an encrypted hard drive
There is a saying: “Once your tongue is burnt by hot milk, you will make sure that butter milk is cold”. (Sorry for the ghastly translation, but I guess you get the gist—butter milk is never served hot.)
The point is, I wasn’t satisfied with software encryption, and wanted to get something:
a.) More robust
b.) More unobtrusive
c.) Better performance
Since I was buying a new laptop, I wanted to see if I could fine one that would include hardware encryption, something built into the system. Self encrypting drives (SED), a.k.a. Full Encrypted Disks (FED—Seagate) were my answer.
In FEDs, the encryption key exists within the hard drive controller itself and is not exposed to your computer, operating system, or even you. The key is stored by the controller on the hard drive at a secret location. Also, encryption cannot be disabled from them. The next logical question is: How in the world do I access my own files if I don’t have the encryption key? You have to enable a hard drive password, one that is stored in the BIOS.
FEDs solved an important concern of mine. A lot of HDDs have passwords so you can’t boot from them. However, stick the HDD as a secondary on a separate computer, and boom, you have access to all its data. In the case of FED, if you stick the drive as secondary, all you see is 256 AES encrypted data which you cannot read. And if you try to boot from it, you need a hard drive password. Or, in the ThinkPad’s case, you need to swipe your finger.
This is good enough for the average, non-CIA, non-FBI, non-SPY kind of people, just like you and me.
4. Which laptops have FEDs?
I was trying to find laptops with FEDs and again the ThinkPad came to the rescue. Although I love HP laptops, none of them come with FEDs. Dell has an Inspiron with encryption drives, but ThinkPad has a lot more value for your money.
You also have the option to buy a FED from Seagate and put it into your laptop. The issue with that (or what I’ve learned from the Seagate forums) is that if you buy and configure a FED by yourself, the hard drive is married to your motherboard. This means you cannot take that drive and stick it into another laptop. With a Thinkpad, you can.
5. Let’s catch a thief
Think like a thief to catch a thief, right? That may be easier said than done, which is why I bought Lojack. Lojack is software that can help track track a lost or stolen computer.
Ed. note: For a free alternative, you may also want to look into how to track your stolen laptop with Prey.
Take a lesson from me, my friends: If you have your laptop with you, use at least Truecrypt and something like Lojack.
Lessons I Learned When my Laptop was Stolen [Planet Unknown]
Nikhil Kodilkar is a dJango/python enthusiast and part-time web developer who enjoys writing about things that make life faster, productive, more organized, and geekier.