Encryption / destroy software

[Vanraw]

I am looking for a HD disk encryption software (easy enough to find) that will destroy the contents of the HD after x number of failed login attempts.

Anyone know of a solution?

[Diggles]

Feds getting close to your kiddie porn collection?

[Vanraw]

Actually my daughter is heading to England for a year, and I am concerned about her getting her laptop stolen and identity theft. Since she will be using the laptop for banking and such, which she does not now.

Any idea's?

[Thudz]

Actually my daughter is heading to England for a year, and I am concerned about her getting her laptop stolen and identity theft. Since she will be using the laptop for banking and such, which she does not now.

Any idea's?

Not that this can help but my wife's laptop has the biometric thumb scanner built into it. She has setup all her personal applications and websites to require her thumbprint scan before gaining access to them. Pretty nifty.

[Ulfen]

Actually my daughter is heading to England for a year, and I am concerned about her getting her laptop stolen and identity theft. Since she will be using the laptop for banking and such, which she does not now.

Any idea's?

You could set up remote desktop connection so that she is logging into your pc when banking. That way none of the information is stored on her computer unless someone slips in a keylogger. If she is using Money or Quicken I would think bitlocker that comes with vista ultimate would be sufficient to protect that information. Alternately, you could set up a 2nd browser on her pc, ie. Google Chrome, just for banking. Set it to privacy mode where it does not save cookies, passwords, forms, etc. Advise her to not ever save login info in the browsers save menu when prompted.

You could also check out <!-- m --><a class="postlink" href="http://www.absolute.com/">http://www.absolute.com/</a><!-- m -->

I have no experience with the product, but its description is:
Computrace LoJack for Laptops can remotely delete data and recover stolen computers, so you can protect your personal information from identity theft. The easy solution for protecting your digital life.

[Fretty]

Remote desktop is really the best solution as Ulfen mentioned, and the concern about a keystroke logger is pretty miniscule too.

The only thing you'll need is to be running a business/professional or ultimate version of Windows on your computer, to allow it to be accessed via remote desktop. Your daughter's computer won't need anything more than any version of Windows.

Also, if going this route, ensure she does not save the login info for your computer in her remote desktop tool, otherwise whoever (if anyone) steals the computer will have access to your computer. =P

[Vanraw]

I'm not interested in the remote desktop option. Really just looking at a HD encryption that cant be brute force hacked. I was really looking at something on the level of by blackberry, where after the 10th incorrect login attempt, it destroys all the data.

I just found a interesting concept that the encryption softwaer we use at work does. Its a pre-boot up full disk encryption. Everytime you log in with bad credentials, it doubles the time of the next login prompt.

So. 500 msecs, becomes 1 sec, 2, 4, 8, 16, 32, 64, 128, 256 etc. After 10 trys your waiting 4 minutes, and it keeps doubleing.

Seems like a good solution.

[Ulfen]

What does that software do if you remove the hdd and try to access the data from another pc? If it doesn't encrypt individual files often times data recovery software can access files on drives that are "locked" on the mbr or file system level.

[Dustie]

What does that software do if you remove the hdd and try to access the data from another pc? If it doesn't encrypt individual files often times data recovery software can access files on drives that are "locked" on the mbr or file system level.

Exactly.


You might want to focus more on the encryption side then on the "login" side. You're more likely to be hacked while running an app (or web app) under your own credentials on your own real login session then to be hacked via remote login. As above, the obvious exception to that is key loggers. For protection against that, I recommend verifying your bank supports things like picture confirmation, unique PC registration, and graphic pin entry (demanding HTTPS for all sensitive data is obviously a must too).

Again though, like Ulfen says, all the login protection in the world is gone once they actually take the laptop, rip the HD out, and place it in another PC. Your only protection there is hardware level access restrictions, and encryption.

[Slamz]

I think there are USB drives like this, aren't there? The drive has encryption built in. Store any sensitive information on there and if someone steals your laptop, well, you still have the USB drive on your keychain. If someone steals the USB drive, it's useless because the encryption is in the hardware.

I'd have to go shopping but I'm sure I remember seeing things like this.

[Slamz]

<!-- m --><a class="postlink" href="http://www.thinkgeek.com/gadgets/security/99f1/">http://www.thinkgeek.com/gadgets/security/99f1/</a><!-- m -->

Passwords can be hacked, but not the IronKey.
It's built to withstand attacks both virtual and physical. 10
incorrect password attempts, and the encryption chip
self-destructs, making the contents of the flash drive totally
unreadable. The contents of the drive are filled with epoxy, so if
a hacker tries to physically access the chips, he'd more likely
damage them instead. Even if he did get access to the memory chips,
they'd be worthless without the encryption chip.

It also has Firefox built in and configured in such a way that it encrypts your web browsing too.

[Vanraw]

What does that software do if you remove the hdd and try to access the data from another pc? If it doesn't encrypt individual files often times data recovery software can access files on drives that are "locked" on the mbr or file system level.

It is 100% encrypted as its writen to the disk and has pre-boot loging. So Windows actually writes and reads through it. It works very well. No performance hits that I can tell. The program is called Safeguard.

<!-- m --><a class="postlink" href="http://www.sophos.com/products/enterprise/encryption/safeguard-easy/">http://www.sophos.com/products/enterpri ... uard-easy/</a><!-- m -->

The reason we have it is because some HR rep had a HD stolen with thousands of people private information. So the corprate reaction was 100% of all PC's have encrypted disk.

Of course $240 seems a bit steep.