Safe Travel Practices - Digital Edition
November 12, 2014 12:45 PM Subscribe
I'm taking my laptop on vacation, for the first time. What do I need to do to be sure my info stays safe?
I usually never use my laptop anywhere except in my house, and I never log in to any banking or financial sites on my tablet or phone. But I'm planning an extended trip this winter, and might need to check my banks' sites. And will definitely need to monitor the email address I use only for banking.
I would do this only from the place we're staying, which is a vacation rental, professionally managed (i.e., not a VRBO/AirBNB kind of place), not from places like coffee shops, stores or airports. But it will still be someone else's network. I don't know if I'll have access to the router, but doubt that I will.
I do the basics like never reusing passwords anywhere I care about, and always having Avast, Malware Bytes, and Windows firewall active and up-to-date. I will plan to check for HTTPS when I'm on banking, financial or email sites, though might install HTTPS Everywhere just for extra safety.
I use Chrome for a browser, and Windows 7 for an OS.
I'm wondering whether I should do anything else, and, if so, what. I've tried to read about VPNs, but while most articles recommend them, they aren't very clear about what a VPN will give me that HTTPS won't. So I still can't figure out whether I need one, or if there are other things else I should be using or doing.
Help from people who understand this stuff would be very welcome. Thanks!
I usually never use my laptop anywhere except in my house, and I never log in to any banking or financial sites on my tablet or phone. But I'm planning an extended trip this winter, and might need to check my banks' sites. And will definitely need to monitor the email address I use only for banking.
I would do this only from the place we're staying, which is a vacation rental, professionally managed (i.e., not a VRBO/AirBNB kind of place), not from places like coffee shops, stores or airports. But it will still be someone else's network. I don't know if I'll have access to the router, but doubt that I will.
I do the basics like never reusing passwords anywhere I care about, and always having Avast, Malware Bytes, and Windows firewall active and up-to-date. I will plan to check for HTTPS when I'm on banking, financial or email sites, though might install HTTPS Everywhere just for extra safety.
I use Chrome for a browser, and Windows 7 for an OS.
I'm wondering whether I should do anything else, and, if so, what. I've tried to read about VPNs, but while most articles recommend them, they aren't very clear about what a VPN will give me that HTTPS won't. So I still can't figure out whether I need one, or if there are other things else I should be using or doing.
Help from people who understand this stuff would be very welcome. Thanks!
Are you worried about losing the laptop, leaking passwords over the wifi or worried malware will attack your machine, or what ? Do you use 2-factor auth for your bank accounts ? Do you want to use your computer for regular surfing, work, etc while on vacation ?
A paranoid answer would be to have a live-cd or usb boot to some mini linux distribution, and use that for your banking and secure works. But then, you'll be taking the laptop home afterwards, so ...
posted by k5.user at 1:22 PM on November 12, 2014
A paranoid answer would be to have a live-cd or usb boot to some mini linux distribution, and use that for your banking and secure works. But then, you'll be taking the laptop home afterwards, so ...
posted by k5.user at 1:22 PM on November 12, 2014
Response by poster: Mostly worried about leaking passwords over wifi. I do use my computer for regular surfing on vacation. I don't think my banks offer 2-factor authentication. This trip will be in the U.S., though in future I'm hoping for another long trip to the UK.
posted by still_wears_a_hat at 1:33 PM on November 12, 2014
posted by still_wears_a_hat at 1:33 PM on November 12, 2014
Unless you're travelling in China or Russia, I wouldn' t sweat it too much. Set up 2 factor authentication, only use the laptop from the vacation rental and reset your passwords when you get back.
Honestly you're more likely to run into problems with card-skimmers stealing your ATM info than someone hacking your bank/email account.
posted by empath at 1:33 PM on November 12, 2014
Honestly you're more likely to run into problems with card-skimmers stealing your ATM info than someone hacking your bank/email account.
posted by empath at 1:33 PM on November 12, 2014
You're not going to leak passwords over wifi, because passwords are encrypted before they're sent over the network. And if you're only travelling in the US, I'm not sure you'd have to worry about it at all.
posted by empath at 1:34 PM on November 12, 2014 [1 favorite]
posted by empath at 1:34 PM on November 12, 2014 [1 favorite]
The only added thing I would be worried about is border guards. If you're travelling within the US then you won't even have to worry about that.
posted by any portmanteau in a storm at 1:38 PM on November 12, 2014
posted by any portmanteau in a storm at 1:38 PM on November 12, 2014
Best answer: I travel full-time internationally with my laptop, which I need for my business. Here's what works for me.
- A VPN (I use Strong). HTTPS Everywhere looks like it only works on sites accessed through a browser. If you check email through a desktop app, like I do, it's my (possibly incorrect) belief that a VPN protects that, while HTTPS Everywhere wouldn't. A VPN has the added benefit of making it appear as if I'm logging in from, say, the US when I'm in another country, which can be handy for watching videos.
- A different user name and password for every site, managed through 1Password on my Mac.
- A password required to log into my laptop to see anything.
- A second password required to see an encrypted segment of the drive, where I store client materials, financial docs, and anything else I wouldn't want someone who found my laptop and figured out the first password to see. (I assume that US customs would easily get through both passwords if they wanted to see what I have on my laptop and I "forgot" the password; this is more for protection against casual strangers who pick up my laptop somehow.)
- My distinctive business card is taped with super-strong clear tape to the lid of the laptop. That way, when it goes through airport security while I'm stuck in the strip-scanner with my back turned, another passenger can't pick it up and claim that they thought it was theirs.
- I never leave the laptop out in a hotel room or other rental to which others have keys. It goes in the safe or, if there isn't one, it gets locked to something with a Kensington lock, which isn't anywhere near ideal but would slow down the casual grab-and-run thief. At breaks during conferences, etc. it goes with me in my backpack even if everyone else leaves theirs in the conference room.
- I keep a regularly updated, bootable backup drive with me. Mine is a small, super-sturdy SSD. I keep it in my luggage, while the laptop goes on my back or, on the plane, below the seat in front of me, not in the overhead. If I get separated from one, I still have the other.
I used to back important stuff up to the cloud but I keep ending up in places with wonky internet so I gave up on that idea.
posted by ceiba at 1:43 PM on November 12, 2014 [6 favorites]
- A VPN (I use Strong). HTTPS Everywhere looks like it only works on sites accessed through a browser. If you check email through a desktop app, like I do, it's my (possibly incorrect) belief that a VPN protects that, while HTTPS Everywhere wouldn't. A VPN has the added benefit of making it appear as if I'm logging in from, say, the US when I'm in another country, which can be handy for watching videos.
- A different user name and password for every site, managed through 1Password on my Mac.
- A password required to log into my laptop to see anything.
- A second password required to see an encrypted segment of the drive, where I store client materials, financial docs, and anything else I wouldn't want someone who found my laptop and figured out the first password to see. (I assume that US customs would easily get through both passwords if they wanted to see what I have on my laptop and I "forgot" the password; this is more for protection against casual strangers who pick up my laptop somehow.)
- My distinctive business card is taped with super-strong clear tape to the lid of the laptop. That way, when it goes through airport security while I'm stuck in the strip-scanner with my back turned, another passenger can't pick it up and claim that they thought it was theirs.
- I never leave the laptop out in a hotel room or other rental to which others have keys. It goes in the safe or, if there isn't one, it gets locked to something with a Kensington lock, which isn't anywhere near ideal but would slow down the casual grab-and-run thief. At breaks during conferences, etc. it goes with me in my backpack even if everyone else leaves theirs in the conference room.
- I keep a regularly updated, bootable backup drive with me. Mine is a small, super-sturdy SSD. I keep it in my luggage, while the laptop goes on my back or, on the plane, below the seat in front of me, not in the overhead. If I get separated from one, I still have the other.
I used to back important stuff up to the cloud but I keep ending up in places with wonky internet so I gave up on that idea.
posted by ceiba at 1:43 PM on November 12, 2014 [6 favorites]
Best answer: Both troytroy and ceiba have excellent points, read their answers well.
Seconding drive encryption: everyone should be encrypting the drive(s) on their laptops/notebooks and all portable drives (if a laptop with an unencrypted drive is stolen, it is usually utterly trivial to access all the data therein, regardless of the strength of the password on the laptop). (FYI TrueCrypt (the product mentioned in the Lifehacker article linked by troytroy) is no longer recommended; I assume you're using some version of Windows from your question, but I don't have any practical experience with the full-disk-encryption products currently on offer for that platform, so I defer to others' recommendations.)
I second the 1Password recommendation and re-iterate that re-using passwords across sites is a Bad Idea(TM), as is using some "easy to remember password system" (e.g., using the same password but appending something like the name of the site to make it "unique"). Just get a password manager and use long, strong, unique passwords (like, no joke, "GZXTvnbCtFekvB4k3ZHRnVt7cBryjfM4XpvuDCGDCMioqtZYW2").
posted by snap, crackle and pop at 2:54 PM on November 12, 2014
Seconding drive encryption: everyone should be encrypting the drive(s) on their laptops/notebooks and all portable drives (if a laptop with an unencrypted drive is stolen, it is usually utterly trivial to access all the data therein, regardless of the strength of the password on the laptop). (FYI TrueCrypt (the product mentioned in the Lifehacker article linked by troytroy) is no longer recommended; I assume you're using some version of Windows from your question, but I don't have any practical experience with the full-disk-encryption products currently on offer for that platform, so I defer to others' recommendations.)
I second the 1Password recommendation and re-iterate that re-using passwords across sites is a Bad Idea(TM), as is using some "easy to remember password system" (e.g., using the same password but appending something like the name of the site to make it "unique"). Just get a password manager and use long, strong, unique passwords (like, no joke, "GZXTvnbCtFekvB4k3ZHRnVt7cBryjfM4XpvuDCGDCMioqtZYW2").
posted by snap, crackle and pop at 2:54 PM on November 12, 2014
Best answer: For reasons why WiFi is (even) less secure than you think it is then look at this previous post (not so much the linked article as the comments). It might be a good idea to keep WiFi turned off on your laptop unless you explicitly want it to connect to a known location - a wired connection may be better. Be aware that your VPN connection may not protect you in all instances of an exploited wireless connection.
For reasons why USB is (even) less secure than you think it is then look at this post. Be even more cautious than you though you needed to be about inserting anything - not just a thumb drive - into a USB slot.
Mefi Users samsara and deezil both have profile posts which can help you set up a machine securely and clean it up if you run into problems.
posted by rongorongo at 3:21 AM on November 13, 2014
For reasons why USB is (even) less secure than you think it is then look at this post. Be even more cautious than you though you needed to be about inserting anything - not just a thumb drive - into a USB slot.
Mefi Users samsara and deezil both have profile posts which can help you set up a machine securely and clean it up if you run into problems.
posted by rongorongo at 3:21 AM on November 13, 2014
« Older Should I take hormonal birth control if I am... | Pristiq: side effects, and staying sane whilst... Newer »
This thread is closed to new comments.
For example, I would be wary of taking my laptop to Russia. But to the UK? I am not as worried.
To keep just your data on your computer safe, the answer is easy: encryption. If you have BitLocker, use it.
To keep other data safe, the landscape is a bit more varied. For banking, etc, you can often set up alerts to let you know if your account has been accessed abroad.
VPN is useful as it creates a securer line between you and the VPN exit point. Which makes it harder for people in the middle to see what is going on. Plus, it looks like to the rest of the world like you are coming from the VPN exit point. Depending on what you are accessing, this may be overkill.
Finally, install Prey and test it, in case your computer gets stolen.
posted by troytroy at 1:08 PM on November 12, 2014 [2 favorites]