Laptop & Encryption: is this safe?
September 8, 2006 5:08 PM Subscribe
I'm hoping to keep client data on my laptop safe from bad people. By encrypting the info, I think I'm most of the way there. What am I missing?
ASSUMPTIONS: 1. I ONLY want to protect 1 folder on my Windows XP Pro machine.
2. Not worried about network security for now -- I'm more concerned about laptop theft. Of course network security matters, but 1 thing at a time.
3. It's only client data that I want to protect -- if the bad guys want to sort through the rest of my computer they're welcome to it.
4. If the laptop ever gets stolen, it would be while it's turned off or in hibernate (so you'd have to use a password to get in... or do some other hi-tech trick to get at the info).
5. I encrypt the folder with sensitive info using AES encryption (TrueCrypt if you care. I might have TrueCrypt auto-mount drives if I'm lazy -- does that change things?).
If this laptop is stolen by a band of sophisticated thieves, is there any way they can get at my clients' data?
I keep seeing that you can get into a laptop even if it's asking for a password (or you boot with linux or something). Will the steps above prevent the thieves from getting at encrypted data without the encryption key? Thank you!
ASSUMPTIONS: 1. I ONLY want to protect 1 folder on my Windows XP Pro machine.
2. Not worried about network security for now -- I'm more concerned about laptop theft. Of course network security matters, but 1 thing at a time.
3. It's only client data that I want to protect -- if the bad guys want to sort through the rest of my computer they're welcome to it.
4. If the laptop ever gets stolen, it would be while it's turned off or in hibernate (so you'd have to use a password to get in... or do some other hi-tech trick to get at the info).
5. I encrypt the folder with sensitive info using AES encryption (TrueCrypt if you care. I might have TrueCrypt auto-mount drives if I'm lazy -- does that change things?).
If this laptop is stolen by a band of sophisticated thieves, is there any way they can get at my clients' data?
I keep seeing that you can get into a laptop even if it's asking for a password (or you boot with linux or something). Will the steps above prevent the thieves from getting at encrypted data without the encryption key? Thank you!
If the data is encrypted with a reliable program (and I believe TrueCrypt is well-regarded), you need the key to extract the data. If the thieves don't have the key, then they won't have the data.
However, if someone had access to your laptop before they stole it, they could possibly install a key-logging program to record you entering the password. This would record your password the next time you accessed the TrueCrypt volume. They could then steal your laptop and access the data. This would be more of an inside-job situation however.
posted by reverendX at 5:22 PM on September 8, 2006
However, if someone had access to your laptop before they stole it, they could possibly install a key-logging program to record you entering the password. This would record your password the next time you accessed the TrueCrypt volume. They could then steal your laptop and access the data. This would be more of an inside-job situation however.
posted by reverendX at 5:22 PM on September 8, 2006
If you auto mount the drives it's worthless.
posted by crypticgeek at 5:52 PM on September 8, 2006
posted by crypticgeek at 5:52 PM on September 8, 2006
What cryptic geek said. If you can get at your client's data with only your system password, it's a waste of time.
To pull this off you need to disable automatic mounting, and get into the habit of closing your application and unmounting the volume before you leave your laptop unattended. TrueCrypt might have some features to help you do this (I have no idea).
posted by cillit bang at 5:58 PM on September 8, 2006
To pull this off you need to disable automatic mounting, and get into the habit of closing your application and unmounting the volume before you leave your laptop unattended. TrueCrypt might have some features to help you do this (I have no idea).
posted by cillit bang at 5:58 PM on September 8, 2006
You can set truecrypt to automount but prompt for the password. As long as you have a decent password you will be ok.
posted by Mitheral at 6:25 PM on September 8, 2006
posted by Mitheral at 6:25 PM on September 8, 2006
I think it's a mistake to keep your client's data on your laptop. Encryption isn't the answer, physical security is the answer.
posted by Steven C. Den Beste at 7:15 PM on September 8, 2006
posted by Steven C. Den Beste at 7:15 PM on September 8, 2006
Best answer: TrueCrypt also has some options for auto-unmounting drives after a certain amount of inactivity, which can protect you if you're inattentive.
posted by smackfu at 7:32 PM on September 8, 2006
posted by smackfu at 7:32 PM on September 8, 2006
I'm not sure if/how truecrypt deals with plaintext files, and if/how it wipes the hard drive when deleting plaintext, but a very dedicated thief who knew what to look for (probably including the folder name, and possibly file names) could use some forensic tools to retrieve the deleted plaintext files.
[There was a short article comparing the effectiveness of various disk wiping utilties in a recent Communications of the ACM, where they found most lacking to some extent -- particularly involving data left in the FAT table. And of course the FBI and others can do some amazing data reconstruction by analyzing the physical media, but we'll assume that you and your clients are not in that type of business.]
But a casual thief who has enough technical savvy to look for the files, but not a dedicated team focused on stealing laptops strictly for finding this type of data, will probably be deterred by the level of security TrueCrypt offers.
posted by i love cheese at 7:53 PM on September 8, 2006
[There was a short article comparing the effectiveness of various disk wiping utilties in a recent Communications of the ACM, where they found most lacking to some extent -- particularly involving data left in the FAT table. And of course the FBI and others can do some amazing data reconstruction by analyzing the physical media, but we'll assume that you and your clients are not in that type of business.]
But a casual thief who has enough technical savvy to look for the files, but not a dedicated team focused on stealing laptops strictly for finding this type of data, will probably be deterred by the level of security TrueCrypt offers.
posted by i love cheese at 7:53 PM on September 8, 2006
Best answer: Ok, Truecrypt is going to be fine to deter most anyone who would just steal your laptop, to steal your laptop. On the other hand, if they're trying to get info off of it, there are several tools at their disposal.
Putting the system password as the main password by means of having the drives automount in truecrypt is pointless because Window's SAM is already broken. You can crack any Windows password under 16 characters in under 5 minutes with a simple download burned to CD.
If you use the same password for the Windows system and for the Truecrypt volume, you're hosed.
That also assumes that a thief would know that C:\SWAPFILE is a encrypted volume, rather than just a system file. You have history disabled, now don't you?
In all reality there are several things that you can do to reduce the odds that someone would be able to access your info, but if someone knows what to look for, and has access to your computer for a time and you don't know about it, there's always a possibility it could be accessed.
posted by gregschoen at 8:24 PM on September 8, 2006
Putting the system password as the main password by means of having the drives automount in truecrypt is pointless because Window's SAM is already broken. You can crack any Windows password under 16 characters in under 5 minutes with a simple download burned to CD.
If you use the same password for the Windows system and for the Truecrypt volume, you're hosed.
That also assumes that a thief would know that C:\SWAPFILE is a encrypted volume, rather than just a system file. You have history disabled, now don't you?
In all reality there are several things that you can do to reduce the odds that someone would be able to access your info, but if someone knows what to look for, and has access to your computer for a time and you don't know about it, there's always a possibility it could be accessed.
posted by gregschoen at 8:24 PM on September 8, 2006
Best answer: Be sure that encrypted volume is not mounted when the thief gets the laptop (possibly because the laptop is turned off), and that the volume can't be mounted without entering its password (auto-mount implies that the password is stored somewhere for automatic use).
I'd be worried about the windows swap file and about any temporary files created in (non-encrypted) temporary directories by the applications that you use to edit these confidential files. The temporary files are not likely to be deleted in a particularly thorough way, and ditto with swapfile info. If the thief has a general idea of what they're looking for, they could grep through the disk and possibly find fragments of your documents.
Also, you might need to worry about exposure of things like filenames, via any "recently opened documents" menus or dropboxes. Maybe the thief can't get to the file, but if they know you've been editing "FooCorp New Widget Proposal.ppt" then maybe that's enough.
posted by hattifattener at 8:33 PM on September 8, 2006
I'd be worried about the windows swap file and about any temporary files created in (non-encrypted) temporary directories by the applications that you use to edit these confidential files. The temporary files are not likely to be deleted in a particularly thorough way, and ditto with swapfile info. If the thief has a general idea of what they're looking for, they could grep through the disk and possibly find fragments of your documents.
Also, you might need to worry about exposure of things like filenames, via any "recently opened documents" menus or dropboxes. Maybe the thief can't get to the file, but if they know you've been editing "FooCorp New Widget Proposal.ppt" then maybe that's enough.
posted by hattifattener at 8:33 PM on September 8, 2006
Response by poster: Thanks all. I'm mostly concerned about the standard low-IQ thief who might have access to a more sophisticated network (or sell it to one). I can accept defeat it's the FBI or some super-genius who wants to know what I've got.
Looks like I'll just keep auto-mount off and set TC up to dismount after some time period. I think this drastically lowers the probability of a problem.
The sensitive info is in a Contact Manager database (ACT!). I believe all info would only be in that application's folders(?), and it's the personal info (SSN's, B-days, and such) that I want to protect.
posted by powpow at 1:02 PM on September 9, 2006
Looks like I'll just keep auto-mount off and set TC up to dismount after some time period. I think this drastically lowers the probability of a problem.
The sensitive info is in a Contact Manager database (ACT!). I believe all info would only be in that application's folders(?), and it's the personal info (SSN's, B-days, and such) that I want to protect.
posted by powpow at 1:02 PM on September 9, 2006
This thread is closed to new comments.
posted by jessamyn (staff) at 5:16 PM on September 8, 2006