Re: laptop security
From: KBob (KBob_at_nowhere.net)
Date: Mon, 19 Jul 2004 19:56:47 GMT
On Fri, 18 Jun 2004 10:00:00 +0200, Jim Watt <email@example.com_way>
>On Fri, 18 Jun 2004 00:20:51 -0600, Allen Anderson
>>I want to put sensitive files on my laptop that I need to have while I
>>travel. However, I want to do my due dilligence to make sure I do
>>whatever I can to make sure that the laptop and all the files on it
>>are innaccessable if the laptop gets stolen or lost. What are my
>>options for encyprtion? I would prefer whole OS encryption instead of
>>just specific files as I don't want to 'forget' to encrypt a file and
>>have it accessable for some reason.
>If its an IBM laptop all you need do is set a hard disk password
>if its not, leave it in a public place, wait for it to be stolen,
>claim on the insurance and buy an IBM next time.
>You could also look at this group on Google as the subject
>of disk encryption is a frequent one discussed in detail.
A lot depends on the level of security you desire. Hard disk
passwords are fine for keeping casual snoops out, but will fail to
provide sufficient protection from someone who is determined.
Simply pop the drive out of the laptop (IBM or not), put it in a USB2
case, run EnCase on the drive and it's all there for the world to see,
since the drive's content is not encrypted. On my IBM I prefer to use
a separate 60G drive (in the Ultrabay) that is encrypted and can be
removed. For any laptop you might consider putting the sensitive
material on an encrypted partition using TrueCrypt (free) or
SecurStor's DriveCrypt which is also available in a full-drive
boot-protected version. I tend to shy away from the latest versions
of the latter, since even changing the system date can mess things up.
In the best of worlds, I'd like to have something similar to DCPP with
boot protection, but without the unneccessary tattle features (earlier
vers?). After playing around with DCPP for a while, I've decided it's
not for me, and am much more comfortable with TrueCrypt for now, and
sometimes use SecureFile.