In case of theft

21 September, 2010

In the last few months, several of my friends have had either their laptops or phones stolen.

It’s only after I really thought what that would mean to me that I realised how serious this would be.

It used to be that if my phone got stolen then I would lose my address book and my text messages; if it gets stolen now then I lose a device which has full access to my Google account, is signed into more than a dozen other web services and has “remember my password” for the others.

If my laptop was stolen it would be a similar effect.

I am a very very happy user of Dropbox and use it to store my documents, photos, and so on. The Dropbox website allows me to remotely remove computers from the list of machines that sync, which is useful, but there’s still no way of then pulling all those files off of that machine.

There are quite a few apps in the Android Market that allow you to back up and then remotely wipe your phone (as well as do other things like lock the install/uninstall process, report GPS position etc.), but I haven’t been able to find something similar for laptops – I could encrypt my hard drive, but would the hit to performance be worth it? I’ve tried setting up Prey, but although it installs on my phone, it chokes on my laptop!

See other posts tagged with general mobile privacy security and all posts made in September 2010.


22 September, 2010 at 08:46

I started encrypting the hard drives on my computers for the reasons you describe. I use dm-crypt at the LVM level, I don’t notice it slowing down boot times. Of course that should also stop Prey from being any use at all, so it depends whether you care more about the data or the hardware 😉


22 September, 2010 at 11:21

Thanks Craig, that’s really interesting. I’ve used TrueCrypt before but only to encrypt groups of files and folders. I hadn’t realised that it also supports boot-level encryption, which, as you say, might have a smaller performance overhead. Hmmm!!

22 September, 2010 at 12:39

Yes, encrypt the hard drive, or at least your home directory (in Ubuntu and OS X the latter is built-in and simple; not sure about Windows).

24 September, 2010 at 21:55

It’s a myth that hard drive encryption has any noticeable impact on performance. It’s a few additional cycles for your bored-to-death CPU, during a completely IO-bound operation. Products like Truecrypt or dm-crypt make it so simple to switch on crypto, there’s really no reason to not encrypt everything.

I wouldn’t recommend just encrpyting super-secret folders though, because data encrypted that way will find its way to unencrypted partitions, e.g. by being swapped to disk. Also its usually easier to encrypt everything than just a single folder or partition.

24 September, 2010 at 21:56

Yes, if I was going to revisit encryption, it would be whole-disk. The performance issues are anecdotal, but first-hand from otherwise very reliable sources, which seems to give them more credibility. Some research on the subject appears to suggest a potential 5-15% performance hit, depending on hardware and exact encryption application.

A.M. Doherty
15 October, 2010 at 11:02

I keep essential data, and run a few essential portable apps and a xampp server from a Truecrypt container. All on a pen drive and without any noticeable loss of performance.

I’ve recently started to use Dropbox for moving non-sensitive information around, but I’m still reticent to share my most important information with other companies networks – a legacy of studying computer security & forensics.

Keeping things portable ensures that the loss of a laptop wouldn’t give me the same nightmares it would’ve done previously, and loss of the pen drive would only set me back as far as my last backup. I’d not lose alot of sleep over my pen drive and encrypted container falling into the wrong hands.

15 October, 2010 at 11:02

That’s a nice way of working. Presumably you could backup your truecrypt container to dropbox so that if it did go missing it wouldn’t matter where you were either.