Help! New Laptop Stolen! How to Prevent next time?

I just bought a VPCF121GX from CostCo a week ago. While on vacation, our room was broken into and it was stolen (along with a laptop bag/accessories, DVD player, etc). They came thru the sliding glass door/balcony. I did file a police report but that's a lost cause. I DO have the serial # and reported that to the Police.

I DID have it locked up to a chair using a Kensington Combination lock. That was still hooked to the chair, with the lock still in the 'locked' position- which tells me they just yanked that out of the laptop- probably breaking it on the side. Yeah, a lot of good that did, huh?

I reported to the trackback software company- who, couldn't even find my registration in their system, even after I sent them the acceptance email from them days prior. They admitted they're a fairly new company, and working out 'kinks in their system'. Oh great- now I have confidence in them- why would I pay them ANY MONEY when they can't even keep the basic information on file? Morons. PLUS- that's only good IF someone happens to report the 'found' laptop to them on THEIR WEBSITE. That'll never happen since it was stolen.

My biggest problem is this- I was logged into Windows at the time- so the theives have access to all my personal data! Yeah- social security #s, credit reports, bank info, the works. It's horrible. I spent the last day changing passwords, trying to put fraud alerts on my credit, etc. No fun. The good news is the battery was fairly low, so it could run down on them shortly, thus, causing the laptop to shut down and need to be rebooted- and triggering the Window's login screen again.

So here's my questions-

1) Does Kensington have any kind of warranty on their products that they guarantee your laptop won't be stolen, etc?

2) I'm SURE there's a way to hack past the Windows login screen and access my files, correct? Is it fairly easy/common knowledge?

3) What other prevention can I do on this next laptop? Obviously, locking it up didn't do any good. I'll also make sure to log out of the system every time I'm done using it. I've briefly read about BIOS passwords- are they effective?

4) Any other thoughts/suggestions to prevent this again? I never thought I'd need LoJack, but dang it- the ONE time this happens, I wish I had it. It's just soo darn expensive, it's hard to justify a $300-400+ expense on a $1000 laptop. Grrr...

Thanks for the help guys!

 

Always set a BIOS/poweron password on a notebook, at the very least you might have a fun loving friend who will set it for you and "forget" to tell you.
I alwys keep sensitive data in an encrypted zip file because even if you have a windows password the drive can be removed and put into an enclosure and the data retrieved.
Also use secure delete when you are done with an unencrypted working copy of your sensitive data. Do not encrypt too much or you will quit using it.

 

Sorry about your misfortune...

Which company is this? I would seriously try to get them to compensate for their ineptitude. I mean, they're effectively just taking money without providing any service. That's like... daylight robbery.

If your drive is not encrypted, they can take out the hard disk and mount it elsewhere. They don't even have to log in.

I doubt it, like you said they could just rip it out.

Full disk encryption helps, in addition to what you said.

Have this in the room when you're not around:


Be sure to put a 'Do Not Disturb' sign on the door, otherwise the hotel staff will be wondering where the housecleaning maid went...


Edit: Actually, I suggest taking your valuables everywhere. That's what I do, saves me a lot of headaches and worries

 

Thanks for the replies guys! What's Secure Delete- how do I do that?

Encrypted Zip- great idea, been meaning to do that- never did. Hindsight SUCKS. I'll definitely set a BIOS password as well.

What is Full Disc Encryption? How does that work?

Yeah- theives came in from the sliding glass door- wife forgot to lock it. Grrr... they have EVERYTHING- bank accounts, ssn, everything you could possible think of. It's HORRIBLE. s- I just wish I was in the room when they came in.

 

An application that does that is the BitLocker that comes with Win 7 Ultimate: BitLocker Drive Encryption - Wikipedia, the free encyclopedia

On a smaller scale, like a folder, I believe the Protector Suite that is available with Sony laptops (it handles fingerprints) can encrypt that.

 

- set the screensaver to lock your computer
- as you said, set a BIOS password for BIOS and boot
- encrypt your disk drive (works with HDD and SSD) TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows 7/Vista/XP, Mac OS X and Linux or CE-Infosys : FREE CompuSec PC Security Suite

 

How do you guys feel about LoJack for Laptops? It seems pretty decent, good reviews... $80 for 3 years isn't bad. I know it won't work if you do a full HD replacement- but- any insights or thoughts?

 

Same questions about the Prey Project (nearly the same thing, but free)

 

Also- do these Drive Encryption things slow the computer down much?

 

drive encryption does not slow down your computer

 

Where do you live, on a college campus?

Your room was broken into... That's not good. I would move to a place where that doesn't happen rather than worrying about securing a laptop.

 

A Kensington lock is not meant to physically prevent people from stealing laptops. It's meant to prevent theft by people who would take the laptop if they could do it without worrying about ripping off anything from the laptop. So of course they don't guarantee perfect anti-theft security. It's like putting a WEP password on a wifi network; it's extremely easy to crack, yet it blocks 90%+ of people from using your network compared to if it had no password.

 

What's your thoughts on installing LoJack? My concerns are that if the thief installs a new hard drive, or, simply formats the drive- it won't work at all. At this time, it's not installed on a chip in any of the Sony Vaios to prevent that. Any thoughts on this?

 

No, I was in a hotel room, and they came in through the back sliding glass door. Wifey left it unlocked ;(

 

1) Not sure about this one.

2) Windows login password are effortless to get by. There are many ways, and if being in a Windows environment isn't a requirement, it could be almost as fast as a reboot (booting to an optical drive or flash drive with another operating system). Even with bios passwords, I believe there are fairly easy ways to reset those (relating to the small battery on the motherboard). It's a good thing you changed all those passwords.

3) Like others have said, encryption is the best idea. TrueCrypt for full drive encryption, AxeCrypt for specific things, and certain Windows versions (namely, Ultimate) have their own encryption options.

4) A few members of my extended family had something very similar happen. A thief managed to get up to a second floor balcony and get into their room (laptops among other things were stolen). Other than having the laptop with you, there isn't a way to prevent every theft. At least having it encrypted (and hopefully an encrypted backup at home as well) will mean that all you lose is the hardware, and that all your information is safe. Even with encryption, you'll still need a strong password for whatever encryption program you use (but the Windows one's may just be the login password, not a separate one, making it easier to keep track of).

 

So Drive Encryption isn't very easy to bypass then? How exactly does it work? Can't they just plug the drive into an external drive and snag the files off it?
Thanks for the help!

 

No because the filesystem is encrypted. With out the password/decryption key the files are just scrambled garbage.

 

huh. But when it's on the host computer, they're not? Do you have to login and decrypt the files each time you need to use the computer? Sorry for the basic q's, just no idea how this works.

 

If you do drive encryption you have to type in a password before the system boots to start/access the system. The encryption itself happens when you install the encryption software and it encrypts the whole drive and later in the background when you add data to drive.

My original statement that drive encryption does not slow down the computer is not correct. You still won't notice any performance loss with the drive encryption for themost part but when you compare disk drive performance tests with and without encryption you'll see big differences.

I'll post some results later today about encryption and performance.

 

You're not alone... I'm interest about this encrypt thing, and curiously follow thread

 

Oh God, the double posting.

 

Who's double posting?

 

I'm using a this for my laptop Prey Project. It is an alternative to LoJack and the best thing that it is:
1) open source (so you can see the code; see that it's not a trojan or other fraud) and
2) completely free.

In fact, after reading all the complaints about LoJack I don't want to use it. I've read that they retrieve only 1 in 10 stolen laptops. Also, their "money back" guarantee in case of un-successful laptop search is also a scam: to get money back they need to "open a case" or something like that and that they simply don't open the case and thus don't give you your money. Finally, this one lady had her laptop stolen from her car. LoJack's final response was that stolen laptop was the fault of that lady because she "didn't ensure safety of the laptop by leaving it in the car" and thus LoJack didn't give money back. What the heck?

So, I decided to give up on LoJack and went with Prey, which provides as almost as much as LoJack for free.

 

Yeah- I was planning on installing Prey Project. HOWEVER- here's my question...

I just installed TrueCrypt on both my laptops. Full Drive Encryption, input long password right at boot up. Won't that defeat the purpose of Prey Project? For Example-

Thief boots laptop- immediately encounters the boot password from TrueCrypt. He can't get past it, so shuts it down and wipes HD, throws it away, etc. Prey Project never even has a chance to boot and/or run to be able to send location info back to you.

OR- Thief yanks HD out, throws it into external drive, boots it up. Dang- all encrypted, again, can't use it and Prey Project never has a chance to give the location of the thief away.

I'm torn. I DEFINITELY do not want them to have access to my files. HOWEVER, I'd LOVE to have the opportunity to catch them/their location upon booting up. Your thoughts on that?

 

that sux, hope the thieve doesnt find where you hide ur Personal stuff

 

Yes, you're absolutely correct about TrueCrypt and Prey. This is the limitation, BUT so is the limitation of LoJack.

For LoJack to work, a thief must also:
- connect to the internet
- continue having laptop connected for 15 minutes, i.e. LoJack calls home every 15 mins. (with Prey you can have it as often as 5 mins checks)


Here's how I deal with this limitation:

1) I have BIOS password. Not the password to start booting, but the password to change BIOS settings. This is done to prevent a (regular, not a pro) thief from changing boot order. Yes, hard drive can still be replaced. Pro thieves are tough!

2) I have 2 accounts on my laptop: 1 is my main, password protected account, and 2nd is a guest account, without a password. This is to "make it easier for a thief" to get his/her dirty hands on my computer and get online with no problems, so I can track him/her. This was suggested by Prey developers and I agree to the logic of this.

3) To keep my data safe I use a separate utility. I have Asus laptop and use Asus' proprietary encryption on my important files/folders. You could use some other program for encryption. There are plenty of free and paid alternatives.


So, here are some conclusions: Preventing a thief from accessing/working on your computer also prevents laptop tracking for any kind of tracking software (Prey, LoJack and others). More sure way would be to have autonomous radio beacon like LoJack for cars, but this would be more expensive and I haven't seen anything like that for laptops. Also, we have to admit that nothing is the problem for a "pro techie thief", neither prey, nor lojack, nor any other software based solution. They would probably replace a hard drive right away. All these software trackers are more for "average" druggie/stupid type of thieves.

Therefore, it seems to me that paying for lojack is not worth it if I can get the same thing (with same limitations) for free.

 

I agree. Maybe I'll do the same setup. Change the encryption to be ONLY on the areas where my personal data is- and then give them a freebie account to bait them in. Hmmm...

 

lol, yes, just like a mouse trap, same principle

 

You've gotten a lot of laptop security tips, but I would recommend some general ownership tips.

First, whether in your house or hotel room, make sure that the doors and windows are locked as much as possible.

Depending on your insurance, you may be able to list your laptop as well. Thus if it is stolen, you can file a claim.

Also check with the hotel you were staying at. They may have some sort of system set up to deal with break ins such as this.

 

Any LoJack, Prey or whatever service is useless unless the thief boots up windows when connected to the Internet before wiping the disk. Sure they work sometimes also with police but when no one checks the serial number (and reports it to the police) of the laptop bought on ebay or somewhere else the device will never be found.
So only when you are lucky and the thief is too stupid you'll get your notebook back. Although I have to say there are some really stupid thiefs out there which do not even wipe the notebook before they sell it on ebay.

Here as promised some performance test with encrypted drives: http://forum.notebookreview.com/windows-os-software/513948-disk-drive-encryption-performance.html .

 

On a regular disk the impact is minimal. SSD however...difference is night and day. Your tests seem to indicate this as well?

 

According to the benchmarks it has an impact but at normal use of OS and Apps you won't really notice the difference. In the company I work for we use disk drive encryption for some time, with HDD and SSD. You can only see the difference when you measure it with tools. But other than that you won't notice if an application takes 1 or 2 seconds longer to start or the OS.
I was very surprised as I ran the tests.

 

How is your battery life with disk encryption? I guess that it shortens noticeably since the CPU has much more work to do all the time de&encrypting the files.

 

Worst case maybe a few minutes. I checked the CPU load during tests with encryption and I had at the random 4KB write test around 10% load at the system process which could be caused by the encryption or something else. At the other tests there was no more than usual CPU load. So I don't think you'll see any difference at the battery runtime.

 

Digging your signature...but did you really not buy anything between the IBM and the Compaq? That'd be quite an upgrade.

 

I just used TrueCrypt on my M11x for full drive encryption (with a 20+ character password, but it's worth knowing that it would take longer than humans can live for to brute force it).

It does seem slightly slower. I really only notice it on while booting and first logging in, and then programs open a bit slower. I'd recommend it if security is really needed. The slightly longer boot time and time spent opening programs is worth it.

Another thing I though about is; would a SSD that is fully encrypted still feel much faster than an unencrypted mechanical hard drive? That would be an interesting benchmark comparison, but I'd imagine the SSD would win anyways.

 

Yes a full encrypted SSD is still faster than HDD except you have some antient/cheap SSD like from Transcend or so.

 

Interesting comments. My take is that I use Truecrypt. I create an encrypted file container of ~4GB and mount that using Truecrypt. It looks like a drive letter. I keep anything that is personal in that container.

The benefit is that I don't have do deal with/worry about full disk encryption. The computer is usable by anyone and my private stuff is still private.

not mentioned here is IronKey ( www.ironkey.com). It is my personal 'bug out' kit. It has every password and url I need to manage my life. I keep all of my family's sensitive data on it.

The IK is a hardware encrypted flash drive that will self destruct after ten successive failed login attempts.

Check it out!

 

I have also an encrypted file container.
Iron Key for me looks more like an overpriced USB stick. You can use Trurecrypt also on the USB Stick and that is free.

 

USB key w/truecrypt won't self destruct. Once bad guy has file, it is vulnerable to brute force attack.

And once IK is unlocked, there is no way for malware to suck down all of your passwords.

IK also includes secure sessions/ip hiding and off-site password storage.

...but to each his own.

 

For password storage you could use KeePass KeePass Password Safe .

 

You could use Keepass, but then that is another password and more hassle. The IK is a much more elegant solution.

 

I always encrypt my drives. There is no lost in battery life since there's not much CPU being used as long as you have an "i" series CPU. The AES-NI instuctions are a godsend.

Security would be much better if Sony supported hardware harddisk passwords. Most people don't know that laptop harddrives support a hardware password. The drive asks the laptop for that password, if it doesn't get it. It'll refuse to work. It's a brick. Of course the electronics can be transplanted from another drive, that's why I also encrypt. It's just another layer of protection. Why Sony has followed Apple's lead in not supporting it is beyond me? They took it another step by denying the US the TPM chip like Apple.