My fiancée’s apartment was burglarized last night. We think the miscreants must have been scared away, because all they took was a handful of music cd's (including a bunch I had burned for her, which I can't imagine are worth much on the hot goods market :confused: ). It appeared they were in the process of stealing her pc, which was pulled out from under her desk & had some of the cables disconnected. This got me wondering if there was any really effective way to render a pc inoperable if it is stolen. My understanding is that a boot password is not exactly impenetrable. Is there a password which can be put on a pc that will truly make it useless and the data contained on the hdd's inaccessible? Maybe a program which, in the event of some number of incorrect password entries, would begin deleting irreversibly data such as one's quicken files, etc?

BA

I can't tell you details about the kind of stuff you are talking about, but I have read about similar options. One of the best I have heard about is a hidden program stored on the hard drive that will alert authorities when they go online with the computer.

As I understand it there is no foolproof method that wouldn't endanger the user. You could probably hook it up to an explosive device, but then one day when you just need to pick up a pen you dropped behind the desk.... BOOOMMM!!!:eek:

I came across this (http://daisyman.arsware.org/dms/) a while back. I thought it looked interesting, but I never dl'd it to give it a try.

Edit: I should also say that I'm sorry to hear what happened to your fiancée. Even when no one is home at the time of the burglary and even if nothing much is taken, it's a very uneasy feeling walking in the door to your home for a while afterwards. I've been there.

There is a company called ZTrace that has a software or a chip that is inserted into a laptop that cannot be detected or errased or uninstalled when someone steals it and tries to use it on line it will be traced and found. But I do not know if this will work for a tower Pc. It's real easy and cheap to change the drive as a laptop is VERY expensive and a rather pain in the butt.

You may want to check out some security sites heres a start.
http://www.computersecurity.com/main/products.htm

Originally posted by pentachris
Edit: I should also say that I'm sorry to hear what happened to your fiancée. Even when no one is home at the time of the burglary and even if nothing much is taken, it's a very uneasy feeling walking in the door to your home for a while afterwards. I've been there.

Thanks Pentachris, she's understandably very shook up about the experience. Fortunately she won't be living there much longer.

I'll check out the suggestions, thanks all.

BA

BTW Pentachris, I just checked out your link. Don't know the merits of their software yet, but with the name "ARSWARE" they must get a few chuckles from the UK visitors. They even have an ARS forum :D

Originally posted by Budfred
I can't tell you details about the kind of stuff you are talking about, but I have read about similar options. One of the best I have heard about is a hidden program stored on the hard drive that will alert authorities when they go online with the computer.

Kinda like a LOJACK system for PC's! Does it also emit RF tracking beeps so the cops can zero in with their helicopter? :D

BA

Boned
There is a program here in the UK called ET Phone home.

Load it into computer set it up and every time the computer is booted it phones home.

You set the time for it to check its self. Any time it phones from/to your number, from girlfriends house it gets engaged signal. when phoned from other number it phones home and you can then check incoming calls. Below is the link for makers site. It is now downloadable form net. Don't know if compatable with USA but should think it would be. Link will at least give you idea of what I am talking about

http://www.kestrelsoftware.co.uk/

Ernie-Thanks for the link. Although it would be great to retrieve a stolen PC, or at least to disable it to make it worthless, my real concern should my own machine get stolen is preventing the thieves from accessing data on the hdd's. Really seems like it would be fairly straightforward to set up a password that, if not entered properly a few times, would begin deleting files of the owner's selection, though I can see that you'd have to be VERY CAREFUL not to LOSE your password.

Now, I hope I stated that both WELL and BRIEFLY enough for those in Ireland & Scotland!!! ;) Hard for me as I tend to be a bit verbose! :D

BA

Don't know the merits of their software yet, but with the name "ARSWARE" they must get a few chuckles from the UK visitors. They even have an ARS forum

It's part of the Ars Technica website.

Ars Technica is Latin for "Art of Technology." Or maybe UK slang for "Geek's Bum." :D

It all depends who you are trying to prevent accessing your private data; i.e. what level of expertise they have and how determined they are to get at it; both at the actual current data and at previously "deleted" data.

If using Windows, then using encrypted data on NTFS with a hard-to-guess and hard-to-force password would be pretty secure against other than the truly determined and knowledgeable.

Any data on a Windows system using FAT would only deter the unknowledgeable from getting at the data; assuming they can't break or hack any passwords.

Protecting access by a BIOS/CMOS password can be reset by clearing the CMOS by simply removing the battery; though this would work against the computer illiterate.

For really sensitive stuff, having encryted data on a removable or external (say firewire) drive that could be put in a secure place would add another layer of protection.

As long as data (including deleted data) remains on a physically intact hdd then this can eventually be accessed by forensic computer scientists with access to mainframe support to break any high-level encryption.

But as already hinted at; the more "secure" you make your data; the more difficult you make it to access it yourself - and you may be in dire trouble if you forget your password(s) or a back-up decryption key.

I have had a couple of friends/clients who were ripped off lately. I say we concentrate on a mechanism that sprays indelible yellow ink into the face of the first creep to use a stolen system. POST BEEP BEEP Spray!!

Originally posted by Paul Komski
It all depends who you are trying to prevent accessing your private data; i.e. what level of expertise they have and how determined they are to get at it

Paul-Thanks for the reply. Yeah, I knew about the cmos battery dodge. Unfortunately, my pc originally came with (woe is)ME, and while both hdd's currently run the NTFS ready win2k, due to the way I boot from the original ME disk switching from FAT to NTFS would likely be a nightmare, I looked into it awhile back. As far as data deletion is concerned, I know that a file which is just "ordinarily" deleted can be retrieved, but my understanding is that if the file is rewritten with random characters (especially repeatedly, as some security software will do) the original data are for all intents & purposes obliterated, no?

BA

If you are dual-booting ME/2K both on FAT it's no great shakes to convert the 2K to NTFS, or to install a second 2K on NTFS as a secure place with a third bootup option. Backup your data before you start changing partition structures though.

Win ME won't be able to "see" the NTFS installation(s) at all.

I have this setup and let casual users play around with ME but keep the 2K installation password protected (and regularly backed up).

Don't bother myself with encryption because I have no real sensitive data and it's a pain if you cant "get in" for any reason. If not encrypted it would only take a conversion back to FAT to lose all the security however.

Writing patterns and zeros and degausing drives are essentially effective methods for all intents and purposes; but it's surprising how the FBI or computer forensics or industrial spies would be able to retrieve information if they were determined enough. Physical destruction is the only totally safe method.

Paul-Actually, both HDD's are now running win2k, I'm blissfully ME FREE! What would be the other advantages of NTFS on both hdd's, if this would be reasonably doable? Any good sites on this, that you know of off the top of your head?

BA

The WinNT-based oses can convert for you but my own preference is to use the PQ utilities Drive Image and Partition Magic for making both backup images and managing partitions.

A lot of my own information came from searching msdn and reading the PQ literature. Searching Google for compare fat ntfs would be bound to give you a few pointers.

Will do, thanks Paul

BA