I will be doing some traveling in the summer to places where I have at least a little worry about organizations/people trying to sneak keyloggers/trojans/etc onto my laptop. So I am starting o think about how I would secure it Here are my thoughts so far.
There are several ways you would be vulnerable, and thus probably need a combination of solutions to be as secure as possible. Sources of Vulnerability 1. Inserted CD/DVD/USB/Floppy with executable/autorun 2. Software spyware installed via #2 or after hacking an admin account 3. External penetration over internet/local LAN 4. Hardware keylogger Possible Solutions: 1. Disable autorun and removable drives 2. Encrypt entire hard drive Unlike encrypting just the data, this would prevent installation of any bad software without first encrypting the drive. I have used Truecrypt before to encrypt just data but not sure how to use it or another solution to encrypt an entire drive from boot through shutdown. 3. Good firewall and/or NAT 4. ? So are there any major sources of vulnerability that I am missing? Any idea how to protect against someone sneaking in and installing a hardware keylogger? Would mounting a WinPE or Ubunutu image each time be a better solution? -- Brian
