Re: [liberationtech] suggestions for a remote wipe software for Windows?
On Wed, Apr 03, 2013 at 11:51:11AM -0700, Katy P wrote: What is easier for a lay person and least susceptible to a smart thief? You didn't mention your operating system, but in terms of least pain I would go with http://www.truecrypt.org/downloads and encrypt the whole drive. Make sure your password has enough length and entropy so that it can't be brute-forced. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] suggestions for a remote wipe software for Windows?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 (Apologies if I am making an assumption on people's knowledge) Entropy in disk encryption is the random information collected by an computers OS or encryption application for use in encrypting a hard disk. Those with more knowledge in encryption: could you please give an explanation of how a large amount of entropy can be generated during disk encryption? I've only ever used/seen keyboard/mouse input as a way to generate it in encryption tools. I would guess for the average smart thief (What is an average smart thief?) that is sufficient? Something I've also looked for an answer for is: Using those mouse/keyboard inputs as entropy generators, whats the best approach to use? Is there one? thanks, Bernard On 4 Apr 2013, at 07:58, Eugen Leitl wrote: You didn't mention your operating system, but in terms of least pain I would go with http://www.truecrypt.org/downloads and encrypt the whole drive. Make sure your password has enough length and entropy so that it can't be brute-forced. - -- Bernard / bluboxthief / ei8fdb IO91XM / www.ei8fdb.org -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJRXSx4AAoJENsz1IO7MIrrT2AH+wVA0ItLXrWRHZRDNm8DQkO9 OCZKcx7422SHrWqY1U9fA+fXlAOcOK94F1zxcS6/zM5KZy8i7zYLuVJQb5LJ7MMe 4OmEz5Y6Jq4kCAye7DSZsjiOWBSOV8TaLWXBaNFFw8xKogRQk51zwB3IfvoHji5F pqvS8G18gfJwLvennKUEVWOtkIxz8VFs/O2IQ/S0nazcWgtvZ6Si+auKtXF8oQok XJ4q7LVkv+K4KkLoiK6N2y3WPS7y1SGzWn1Msx9GH1bl6EljtIlUlg3F/kLyvXVV 5wijtmPZe0rIzDs49kz2CTZWaWyr2dHWJVat5MjRse4LFd8JLSMYqo/kSlcOB2I= =6jBg -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] suggestions for a remote wipe software for Windows?
I think remote wipe software is a scam. There is no way to know that the system will ever be remotely accessible[1]; there is no way to know that it will be booted into the operating system that was installed; there is no way to know that the storage media will even be in the same system when it's accessed; there is no way to know that the wiping software will run before storage media are accessed; there is no way to know that the wiping software will finish running; there is no way (in general) to know that the wiping software will do a thorough enough job. Yes, you might accidentally defend against a common thief who doesn't know any of this and boots your laptop into your OS on their network without a sensibly-configured firewall in the data path. But most of them will learn, soon enough, not to do that -- it'll probably just take a few high-profile cases that attract enough media attention. Use encryption -- so that your storage media are functionally pre-wiped, so to speak, all the time. ---rsk [1] A Faraday cage should suffice to prevent wireless communication. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] suggestions for a remote wipe software for Windows?
Thanks! -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] suggestions for a remote wipe software for Windows?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Would you like to give some more context on what it is you are trying to do? remote wipe software for windows. On 3 Apr 2013, at 18:08, Katy P wrote: Thanks! -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech - -- Bernard / bluboxthief / ei8fdb IO91XM / www.ei8fdb.org -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJRXGQaAAoJENsz1IO7MIrrLBIH/2bsK9wu0gH5Qu7RtOQJO4P+ ++VE+zAlgI7e62I3Dtypp2MI7P+m+CrHkKU6JJEvXNC2QTPGcEZjpQeLc89ulZ6B ud8IfMPCnL2gOk65K/VFNv86c9F1K2F1JyGuMUt4iCpC6FaRqMT492uEzg/J5PyO oI+fiLQonQMaHgJccXltxz9+xMWnaMMjFOXMQR0blhknzBBOzgzmZqHhkE1OFZ/2 sq9oj6YbTwZ+fsBfx9TIi7FruRT8Qy1vj1RlmTr8EKkFkijTF9D3344gZFvmOSXS Nuu6QESNDBC3IFfAR78A41gwAHm6xd0oyAe+BATvD4tarkPK0Bb/sjZ5XsKoXSM= =b7AH -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] suggestions for a remote wipe software for Windows?
If my laptop was stolen, for example, some website or something that I (or someone else) could log into and delete the contents of the laptop's hard drive. On Wed, Apr 3, 2013 at 10:17 AM, Bernard Tyers - ei8fdb ei8...@ei8fdb.orgwrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Would you like to give some more context on what it is you are trying to do? remote wipe software for windows. On 3 Apr 2013, at 18:08, Katy P wrote: Thanks! -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech - -- Bernard / bluboxthief / ei8fdb IO91XM / www.ei8fdb.org -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJRXGQaAAoJENsz1IO7MIrrLBIH/2bsK9wu0gH5Qu7RtOQJO4P+ ++VE+zAlgI7e62I3Dtypp2MI7P+m+CrHkKU6JJEvXNC2QTPGcEZjpQeLc89ulZ6B ud8IfMPCnL2gOk65K/VFNv86c9F1K2F1JyGuMUt4iCpC6FaRqMT492uEzg/J5PyO oI+fiLQonQMaHgJccXltxz9+xMWnaMMjFOXMQR0blhknzBBOzgzmZqHhkE1OFZ/2 sq9oj6YbTwZ+fsBfx9TIi7FruRT8Qy1vj1RlmTr8EKkFkijTF9D3344gZFvmOSXS Nuu6QESNDBC3IFfAR78A41gwAHm6xd0oyAe+BATvD4tarkPK0Bb/sjZ5XsKoXSM= =b7AH -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] suggestions for a remote wipe software for Windows?
On Wed, Apr 03, 2013 at 11:16:08AM -0700, Katy P wrote: If my laptop was stolen, for example, some website or something that I (or someone else) could log into and delete the contents of the laptop's hard drive. Or you could use an encrypting filesystem, which requires a password on boot, and whenever the notebook wakes up. That way, the thief would only be able to steal your hardware, not your data. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] suggestions for a remote wipe software for Windows?
What is easier for a lay person and least susceptible to a smart thief? On Wed, Apr 3, 2013 at 11:43 AM, Eugen Leitl eu...@leitl.org wrote: On Wed, Apr 03, 2013 at 11:16:08AM -0700, Katy P wrote: If my laptop was stolen, for example, some website or something that I (or someone else) could log into and delete the contents of the laptop's hard drive. Or you could use an encrypting filesystem, which requires a password on boot, and whenever the notebook wakes up. That way, the thief would only be able to steal your hardware, not your data. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] suggestions for a remote wipe software for Windows?
Well, http://preyproject.com/ would be better for a layperson who doesn't have the time/interest to encrypt. But it's not impossible to disable or anything. And in the meantime the thief would have access to your data. Depends on whether you are more looking to get it back (no guarantees), or protect your info (all but guaranteed if encrypted). ~Griffin On Wed, Apr 3, 2013 at 2:51 PM, Katy P katyca...@gmail.com wrote: What is easier for a lay person and least susceptible to a smart thief? On Wed, Apr 3, 2013 at 11:43 AM, Eugen Leitl eu...@leitl.org wrote: On Wed, Apr 03, 2013 at 11:16:08AM -0700, Katy P wrote: If my laptop was stolen, for example, some website or something that I (or someone else) could log into and delete the contents of the laptop's hard drive. Or you could use an encrypting filesystem, which requires a password on boot, and whenever the notebook wakes up. That way, the thief would only be able to steal your hardware, not your data. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Please note that I do not have PGP access at this time. OTR: sa...@jabber.ccc.de / fonta...@jabber.ccc.de -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] suggestions for a remote wipe software for Windows?
On Wed, Apr 3, 2013 at 2:51 PM, Katy P katyca...@gmail.com wrote: What is easier for a lay person and least susceptible to a smart thief? Despite what it says in my signature, I'm no thief. That said, were I to steal laptop, the first action I'd take is to remove the drive before powering it up and connecting it to any network - especially the internet: If I'm after the data, I'd want the drive sandboxed to prevent the original owner from doing exactly what you're looking to do. If I'm after the hardware, I don't care about the data and would format the drive on another machine to avoid the hassles of trying to crack my way in to do the same thing (format the drive). +1 for encryption from me. -- Scott Elcomb @psema4 on Twitter / Identi.ca / Github more Atomic OS: Self Contained Microsystems http://code.google.com/p/atomos/ Member of the Pirate Party of Canada http://www.pirateparty.ca/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] suggestions for a remote wipe software for Windows?
Griffin Boyce writes: Well, http://preyproject.com/ would be better for a layperson who doesn't have the time/interest to encrypt. But it's not impossible to disable or anything. And in the meantime the thief would have access to your data. Depends on whether you are more looking to get it back (no guarantees), or protect your info (all but guaranteed if encrypted). I think Prey is a pretty compelling choice for a lot of cases, but looking briefly at the documentation it seems that their remote wipe functionality for laptops is currently quite limited. And that's confirmed by looking at the secure module in the Prey source code. https://github.com/prey/prey-bash-client-modules https://github.com/prey/prey-bash-client-modules/blob/master/secure/platform/windows/functions https://github.com/prey/prey-bash-client-modules/blob/master/secure/core/functions https://github.com/prey/prey-bash-client-modules/blob/master/secure/core/run I've suggested Prey to people before for tracking stolen devices in order to recover them, but I don't think I could recommend it for remote wipe. It seems to mainly use plain rm to delete the contents of a small number of directories, and to call an API to clear MSIE browser history data. For many users, this is a pretty incomplete notion of wipe, and most of the content deleted this way will be recoverable by forensics. A further problem that comes to mind is that sending a signal to a phone (that uses 3G networks) to wipe itself is going to be easier in a lot of cases than to a laptop (that uses mainly wifi, and maybe not opportunistically). The laptop will likely be offline by default if someone removes it from its normal environment, so it won't hear the wipe signal. Solutions like Prey for laptops mainly work because thieves or downstream purchasers may voluntarily connect stolen laptops to networks to use them without reinstalling them (at least if the laptops don't require, or seem not to require, a login password!). Mike Cardwell actually uses a decoy operating system (with Prey) on his laptop in order to tempt thieves to use it: https://grepular.com/Protecting_a_Laptop_from_Simple_and_Sophisticated_Attacks I'm quite impressed with his setup, which took him a great deal of time and thought. He relies entirely on encryption to get the equivalent of remote wiping; his Prey install is there just to increase his chances of finding the laptop if it's taken by common thieves. This is some ways away from the original poster's question about remote wiping a Windows installation. I guess I want to agree with Eugen Leitl (and Mike Cardwell) that disk encryption ultimately does that job better, mainly since a sophisticated or targeted attacker wouldn't connect the laptop to a network before making a copy of the hard drive. For Windows users who've been denied BitLocker by Microsoft's price discrimination, there's TrueCrypt. -- Seth Schoen sch...@eff.org Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] suggestions for a remote wipe software for Windows?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 So the objective Kathy has mentioned is to: log into and delete the contents of the laptop's hard drive It would seem the contents of the hard disk is more important than the actual hardware. In that case I would go for the encryption option. Yes it is some configuration, and time to wait until the disk is fully encrypted, but last time I did this for a work computer it took all of 4-5 hours to encrypt and was very reliable - the machine was dropped, put to sleep, woken up multiple times, and used very heavily. I would prefer relying on that rather than some OS level tool. You have no guarantee any of these track your device tools will be successful, especially if they rely on the machine being powered up and connected to a network. Griffin, thanks for the link to Prey, it looks interesting. Bernard On 3 Apr 2013, at 20:08, Scott Elcomb wrote: On Wed, Apr 3, 2013 at 2:51 PM, Katy P katyca...@gmail.com wrote: What is easier for a lay person and least susceptible to a smart thief? Despite what it says in my signature, I'm no thief. That said, were I to steal laptop, the first action I'd take is to remove the drive before powering it up and connecting it to any network - especially the internet: If I'm after the data, I'd want the drive sandboxed to prevent the original owner from doing exactly what you're looking to do. If I'm after the hardware, I don't care about the data and would format the drive on another machine to avoid the hassles of trying to crack my way in to do the same thing (format the drive). +1 for encryption from me. -- Scott Elcomb @psema4 on Twitter / Identi.ca / Github more Atomic OS: Self Contained Microsystems http://code.google.com/p/atomos/ Member of the Pirate Party of Canada http://www.pirateparty.ca/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech - -- Bernard / bluboxthief / ei8fdb IO91XM / www.ei8fdb.org -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJRXKnbAAoJENsz1IO7MIrrus4H/AzT4Pue4r+XHBNj/LeJMAsz yWpdqHqKfuBXADaAW5Wyjhif3IpbxH6GzU1YG9vP9M6zDwucqBArJcOJ2xBmHZV7 yl/tdJs3ODw9ftHNums4CI8KOKnNl8Uqs53SpXWAhr7CNIOeJGgpLiKTwDu6tAZi ADH50yLHMY94KT0BV549Yo+yo+MIcwxomj7fI8TTS8VQA9kzkR4WcpiMGU7sRqOL FQtYL2Ap1vjJoI1+Ap/3I06fIqb3IubEelxO1gO3ix+R9fFhp2M5oIYouQXfUKnd 6mUVP3miAq4Yi7Gk3E3F0tSjlbALlSC52Otr9FRr0L2RPuif+BM55VKJB3938AA= =ujXj -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] suggestions for a remote wipe software for Windows?
On Wed, Apr 3, 2013 at 2:51 PM, Katy P katyca...@gmail.com wrote: What is easier for a lay person and least susceptible to a smart thief? Remote wipe schemes are easy for dumb thieves to circumvent because they just have to not hook up the stolen hardware to the Internet to avoid them. Encryption, when done well (meaning strong pass phrases on top of strong encryption), requires a whole different level of smart thief. After setup the only inconvenience is entering the pass phrase. But since doing that reminds you that you are protecting your data, it should not become a major inconvenience. (Small price to pay.) -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech