Comments on: A Question for You Techies Out There

By: Mark in Boston

Mark in Boston — Fri, 01 Jan 2010 17:01:55 +0000

Powers, programs like GoToMyPC immediately connect to a central server as soon as the computer starts up. The program says to the server “I’m Mark in Boston’s computer and here’s my IP address and here’s my MAC address.”

You’d be amazed at how many different servers your computer calls as soon as you start it up.

By: Scott

Scott — Fri, 01 Jan 2010 01:42:45 +0000

I’d also be a mite bit worried about someone breaking into the laptop remotely and erasing it. If you can do it going out, someone can do it going in.

By: fh

fh — Thu, 31 Dec 2009 18:44:18 +0000

Securely erasing a harddrive is a process that takes hours — or even days, depending on how much data, and on how secure you want the erasure. Since the process requires power, it could be interrupted or prevented. Simply reformatting the disk could be done in seconds, but the data would be recoverable by a sophisticated thief/user.

By: Powers

Powers — Thu, 31 Dec 2009 13:52:24 +0000

The problem with just broadcasting a kill signal and waiting for the laptop to enter a WiFi hotspot is that the Internet, unlike the cellular network, is not designed for finding a particular machine at an arbitrary location. Machines on the Internet are identified by IP address, which will change depending on how and where the machine is connecting.

Plus the machine would have to actually connect to any hotspots it finds as well. The camera example is a little different because the camera was specifically set to seek out hotspots and use them.

By: David N

David N — Thu, 31 Dec 2009 05:29:14 +0000

My company encrypts laptop hard drives, all 3000 or so of them. Encryption is not perfect but it is far better than hoping your workforce won’t lose or forget one somewhere. Oh, and sensitive data winds up on laptops for several reasons, the main one being that most users aren’t as smart as they think they are. Just be there when a laptop hard drive dies and has to be replaced, and you’ll hear the wailing. As Agent Smith once said, it’s inevitable.

Blackberry smart phones have long had the ability to remote detonate if lost. One of the reasons that corporate security folks like them so much.

By: Usual John

Usual John — Thu, 31 Dec 2009 05:22:13 +0000

It may surprise you to learn that one court has actually held that federal customer information safeguard requirements are not violated when unencrypted information is stored on a laptop. There is a discussion of the case at http://groups.yahoo.com/group/FundLaw/message/1064. The case is probably an outlier.

By: Cidu Bill

Cidu Bill — Thu, 31 Dec 2009 04:38:41 +0000

The thing is, Craig, in the great majority of these cases, the laptop is merely misplaced, not stolen by people who would think to immediately shut off connectivity or remove the hard drive. If the wipe took place immediately, the information would be gone before the laptop fell into nefarious hands.

I never suggested that this would be the total solution for all scenarios, only that it seems like a damn good option to have out there: If the technology exists for Bob to protect his contacts list, it’s worth using to try to protect the bank manager’s list of customer account numbers and PINs.

By: Karen

Karen — Thu, 31 Dec 2009 04:29:12 +0000

Without giving away too many details…

DH works in IT for a large property/casualty insurance company. Claims specialists have to take laptops into the field for prompt processing of claims. These laptops must contain data that needs to be secured.

The insurance company routinely runs practice disaster scenarios (aren’t you glad to know that?) and one they ran a few years ago is exactly what you describe, CIDU Bill.

One of the solutions they implemented at the time was a remote wipe. Essentially the laptops had a cellphone built in that auto connected. It could not be disabled. As soon as the laptop was misplaced, IT remote-wiped it.

You are ABSOLUTELY correct about the liability issues. Any major financial services company that overlooks this scenario has any business being in business.

By: Craig

Craig — Thu, 31 Dec 2009 00:23:59 +0000

Bill the problem with your idea of the computer receiving the code to self destruct if in range of a wifi signal is two fold. One, you can boot the laptop without wifi activated by switching off the wifi card, removing the wifi card or booting where there is no signal.

Two: You can remove the hard drive and connect it to another PC as an external drive. Then pull the data from it at your leisure without ever activating a network self destruct signal.

By: Mark in Boston

Mark in Boston — Wed, 30 Dec 2009 22:46:00 +0000

There was a news story about a woman whose Apple MacBook was stolen. She had a program installed on it named “GoToMyMac” or something like that which allowed her to run it remotely from another computer. She set up the connection from her other computer and it wasn’t long before the thieves connected the Mac to the network and turned it on. She remotely turned on the camera and there were the thieves looking at the screen. She printed the picture and one of her friends recognized the thieves.

I think most laptop thieves would steal it just to use it or to sell it to someone who would use it. Most often someone will plug it in and turn it on.

You have a choice: encrypt the disk and set a password so nobody can use it or get the data at all, and you’ll never find it again, or leave it so that anyone can turn it on and your “phone home” app runs, and you can get it back after the thief has cleaned out your bank accounts.

Or I suppose you could set up the “guest” account with no password, deny “guest” access to your good stuff, and have it automatically take a picture and send it to you.