0

I'm about to do a trip in which the risk of computer being stolen is much higher than usual (train, car, let my bag with computer by friends of friends, and obviously I won't take my computer while I'm swimming in the sea etc.).

What I've done so far:

  • master password at boot (in Lenovo BIOS)

  • backups of my hard drive in different places (even in different cities, by my parent's, etc.)

But even if the master password blocks the computer from booting, the hard drive can be easily removed from a Lenovo, and then all my data could be easily taken.

What other options are there?

  • encryption: I was thinking about this, but would this require to rewrite all the 650GB of data of my 1TB SSD ? This would probably be very long...

  • geolocalization: have a software running in background sending a ping with IP and approximate location to a server?

  • or even a keylogger that sends data to a server, so that if it gets stolen, I can have information? or even a software that would connect to my server once every minute from which I could send a "Wipe everything" signal in case of computer being stolen? (ok this looks crazy, but I have been stolen recently -- not a computer -- that's why I want to prevent it to happen again).

I'm mostly on Windows 7 x64 bit, but I sometimes boot on Linux, and access to the D:\ from Linux.

Note: this question is close, but doesn't exactly address all the concerns here.

Improve this question
8
  • 4
    Use full disk encryption
    – Ramhound
    Commented Aug 6, 2017 at 15:02
  • How on Windows 7 x64 Integral? Will this require to rewrite all the 650 GB of data? If not, how much time does it take? Is it easily possible to disable the encryption later?
    – Basj
    Commented Aug 6, 2017 at 15:07
  • 1
    If you're only worried about a few files, or you don't have bitlocker, you can try enabling EFS on the files you're worried about, though the names would be visible still I think.
    – jiggunjer
    Commented Aug 6, 2017 at 16:49
  • @jiggunjer does EFS also work if we move the hard drive to another computer? does it need to rewrite all the data?
    – Basj
    Commented Aug 6, 2017 at 18:30
  • EFS only rewrites the files you encrypt so it should save time, but it is an NTFS feature so your linux files need another solution. It's unlike bitlocker in that only the Windows user who encrypted the files can access them. There is no password involved.
    – jiggunjer
    Commented Aug 7, 2017 at 2:33

1 Answer 1

Reset to default
2

Use full disk encryption, such as BitLocker (Windows 7 Ultimate) or TrueCrypt/VeraCrypt. Encrypting your existing storage will take a while, but with modern CPUs and SSDs it shouldn't take more than a few hours (limiting factor likely being how fast your SSD can write).

In case your laptop gets lost, your data will be safe assuming your system is in locked state (powered off).

Improve this answer
6
  • So this means it rewrites all the data bytes of the disk? I ask this because after the trip, I'd like to unencrypt, because I don't want to have to write a password each day / or having a 10%-slower I/O system because of encryption.
    – Basj
    Commented Aug 6, 2017 at 15:45
  • If so, isn't there a "lighter encryption"? (I heard the recent ransomware WannaCrypt did use encryption, this was probably a fast unnoticeable encryption, right?)
    – Basj
    Commented Aug 6, 2017 at 15:46
  • 1
    @Basj There will be no performance hit with full disk encryption
    – Ramhound
    Commented Aug 6, 2017 at 15:47
  • Yes, full disk encryption encryption is used to encrypt whole partitions/disks. You can remove encryption later as described in the software documentation. Performance impact is negligible with modern CPUs which have native AES instructions (your bottleneck will still be your disk).
    – sebasth
    Commented Aug 6, 2017 at 15:49
  • 1
    Your encryption software has recommendations on password length/complexity and backup plans (usually a separate recovery key). Using disk on different machine might vary a bit depending on TPM etc, with VeraCrypt you can use the disk on another computer (same password and VeraCrypt installed). SandyBridge era i5 CPUs benchmarks by AnandTech anandtech.com/bench/CPU/335 already exceed 1GB/s throughput, so its unlikely your CPU being the bottleneck.
    – sebasth
    Commented Aug 6, 2017 at 18:50

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .