Share via

New column -- The case of the stolen laptop

  • Article

Seems like once a week I hear from someone worried about stolen laptops -- or, worse, just joined the ranks of laptop theft victimhood. The best way to stay out of that club is to keep the thing with you at all times, or leave it in your hotel room when you don’t want to carry it around. Yes, everyone has heard the warnings about hotel room theft, but I’ve never had something stolen from a hotel room and I spend well over 200 nights a year in hotels. You’re far more likely to leave your laptop or PDA or smart phone or USB drive lying on the seat in the taxi or on the counter at the bar as you and your new friend depart for the evening.

 

So how do you protect your data if the unfortunate should ever befall you? Three features of Windows 2000 and Windows XP can help you keep your information out of the hands of a thief who somehow manages to get hold of your laptop: passwords, encrypting file system, and SysKey. Do realize that if you use these features, you will most likely frustrate the thief so much that he or she will destroy your laptop in anger and disgust, but this is far preferable to seeing the development plans and source code of your next killer product posted on Slashdot.

 

https://www.microsoft.com/technet/community/columns/secmgmt/sm0205.mspx

Comments

  • Anonymous
    February 10, 2005
    I've received emails from some readers asking about and recommending products that will destroy data on stolen computers. Usually a product like this performs its destruction when one of three things happens: it gets a signal from a destruction server, failed logons exceed a certain threshhold, or a defined time period elapses between successful logons.

    Interesting idea, but I'm not sure these products are all that effective. The first event requires that the thief connect the computer to the Internet, which to me seems rather unlikely. The second and third events provide wonderful opportunities for legitimate users to conduct personal denial-of-service attacks against their own data! Say the logon time period is one month, or the failed logon threshhold is 10 attempts. What happens if you're away from your computer for 32 days? Or you fat-finger your password 11 times? Bye-bye data!

    I'm not fond of technologies that enable for users to inadvertently attack themselves. Account lockouts fall in this same category, and most of you probably already know how I feel about those.

    --Steve
  • Anonymous
    March 04, 2005
    I found the article "Case of the Stolen Laptop" interesting and informative - thanks! For those of us who are far from expert-level, there is so much to learn. Articles such as many of yours are a great resource.

    In case you (or your readers) might be interested, Targus offers some cool and affordable security devices, including fingerprint reader and motion sensors:
    http://www.targus.com/us/accessories_security.asp

    Keep up the excellent work; it helps many of us out here.
    Steve