In article <[EMAIL PROTECTED]>,
Rick Kossoris <[EMAIL PROTECTED]> wrote:
>A BIOS password is only a minor obstacle. All
>motherboards have a jumper on them to reset the bios
>password. The bottom line is: the only way to prevent
>your notebook from being stolen is to leave it at
>home.
>
>If you are woried about your data, most theives will
>not bother with data. They wipe the hard drive clean
>and sell it. If they want your data, a password is
>also only a minor obstacle. If they slave your drive,
>password protection will not help. Passwords are only
>useful if they are trying to break in over a network.
Uhhhh...some agreements and some disagreements.
- The #1 reason for stealing a laptop is that the laptop's hardware
can be quickly and easily exchanged for a lot of cash. Data be
damned: a smart thief should be wiping the disk clean anyway
to ensure no incriminating names, addresses, etc. can be found.
- Some laptop hard disks do have some form of hardware password
protection. I'm not sure if they do encryption or if it's just a
firmware thing; however (assuming you can't disassemble the drive
itself to bypass its firmware) without the password you can't read _or_
write to the drive.
- If by "password" they meant "software encryption passphrase" then
they have reasonable protection against read access to data on the
hard disk as long as the passphrase is not accessible in RAM, on the
hard disk (beware "hibernation" modes on newer laptops which copy RAM
onto the hard disk), or guessable (i.e. it's typed in at each boot
or mount).
- If theives really want your data, and they get your laptop in suspend
mode with your passphrases etc. enabled, then they can get your data.
Imagine what happens if they insert a custom bus-mastering PCMCIA device
into the laptop and start poking around with kernel memory, or just DMA
the entire RAM onto another machine for analysis.
- If your thief wants access to your data and gets a few minutes alone
with your laptop, they can insert a trojan onto an unencrypted filesystem
and get your passphrases (along with everything else) that way. This is
of course true of desktops as well, but due to laptops' greater mobility
it's a bit more of a concern.
