Hard Drive Security

[Woo Elephant Yeah]

I am currently investigating hard drive/data security products for mobile laptops.

There is sensitive data stored on the laptops, which has the potential to be used by terrorists if stolen, so it needs to be something pretty heavy weight when it comes to security.

Basically the hardware is a Ruggedised Panasonic CF19, and I was wondering if any of you have used hard drive protection tools in the past, and what your experiences were with them.

Users will be made to authenticate against the Active Directory over a mobile data link in their vehicles, however anyone can crack a local admins password nowadays, so I need something that will "only" let the user or administrator such as myself gain access to the data/software on the disk.

[Dr. kitteny berk]

Whatever you do won't help.

They'll leave it logged in and unlocked when they go into starbucks.

I *really* don't understand why any companies let such sensitive data get onto laptops/out of secure areas. (especially given they all get fucking nicked)

Beyond knowing it's a bad idea. no idea

[cheeseandham]

Bitlocker on Fista - http://www.runpcrun.com/node/309

Truecrypt - Free Open-Source Disk Encryption Software - uses well-known encryption algorithms and because it's open-source you know there's no back-doors.

[Woo Elephant Yeah]

The problem is that they need the data locally in order to do mobile working, which is something they cannot do currently.

You're right though, if a terrorist were to get their hands on one, it doesn't matter what we load, they will be able to crack it regardless.

The data is just far too large to be streamed across a mobile network such as 3G, so it "has" to reside on the laptop to be run locally out in the field without any consistent communications.

I know the HP laptops we get in stock nowadays have finger print readers and bios protection tools preloaded, but these are ruggedised laptops that obviously wouldn't suit finger print readers built into the laptop, as they would easily break.

[Woo Elephant Yeah]

Bitlocker on Fista - http://www.runpcrun.com/node/309

Truecrypt - Free Open-Source Disk Encryption Software - uses well-known [http://www.truecrypt.org/docs/?s=encryption-algorithms]encryption algorithms[/url] and because it's open-source you know there's no back-doors.

Thanks, I'll have a look at Truecrypt, the laptop will be running XP Pro/XP Tablet(had a feeling you'd know of something )

[Stoat]

I've heard good things about TrueCrypt for encryption.
http://en.wikipedia.org/wiki/TrueCrypt
edit: bah, too slow trying and ultimately giving up wording something.

[FatherJack]

Better to have a USB "key" rather than a fingerprint scanner. That way terrorists will be less likely to remove the finger of the unfortunate owner.

[cheeseandham]

Truecrypt is the nuts, it's very very strong (especially when using a sentence as a passphrase such as a line from a song), it creates a local disk when mounted (so it's very simple to use and other software just sees it as a normal disk)
It even has "Plausible Deniability" - it may happen that you are forced by somebody to reveal the password to an encrypted volume (e.g. gun to the head). You create a hidden volume inside the real one, and so depending on which password you use to decrypt reveals the two different types of information in there (granny's recipes instead of your plans for your secret underground lair)

I've heard good things about TrueCrypt for encryption.
http://en.wikipedia.org/wiki/TrueCrypt

Damn should have just linked Wikipedia instead of typing all that myself

[Dr. kitteny berk]

Better to have a USB "key" rather than a fingerprint scanner. That way terrorists will be less likely to remove the finger of the unfortunate owner.

Hard.

[Roman Totale]

Better to have a USB "key" rather than a fingerprint scanner. That way terrorists will be less likely to remove the finger of the unfortunate owner.

And those of us that have been watching Bum Notice know how to get past fingerprint scanners.

[Dr. kitteny berk]

or mythbusters (photocopier + marker or gummi bears)

however. lopping a finger off is a *LOT* quicker.

[deject]

or mythbusters (photocopier + marker or gummi bears)

however. lopping a finger off is a *LOT* quicker.

there are some fingerprint scanners that check to make sure that the finger is actually attached to a living body, but I doubt they use those in laptops.

[HereComesPete]

your right there deej, they are generally mounted in doorframes and the like. Using bio-electrical current to detect the amount of actual life in the digit, I'm sure they'll find a way of making portable ones, but until then, if you do find a need to circumvent a finger scanner that uses techniques to detect pulse and lividity, make sure its fresh, and use a battery and some wires to simulate pulses of current. Although you may have a problem with the armed guards, attack dogs and other security measures that generally reside around those types of door.

[Killavodka]

your right there deej, they are generally mounted in doorframes and the like. Using bio-electrical current to detect the amount of actual life in the digit, I'm sure they'll find a way of making portable ones, but until then, if you do find a need to circumvent a finger scanner that uses techniques to detect pulse and lividity, make sure its fresh, and use a battery and some wires to simulate pulses of current. Although you may have a problem with the armed guards, attack dogs and other security measures that generally reside around those types of door.

/tangent

[HereComesPete]

Oh I'm sorry that my post on fingerprint scanner's offends you KV. You did however take the time to read and respond. And you brought what to this thread? Lets see, I'll answer that myself- a quotation of my post, a line, a word and a 'mote? Well done you, you've now descended to close to youtube levels of commenting.

[spoodie]

[HereComesPete]

[FatherJack]