The Case of the Stolen Laptop: How to Encrypt, and Why

Your post is useless. You haven’t mention all the details, /like that password cracking tools like this one/ that’s such a BS. Ophcrack doesn’t really work on new operating systems especially if your password contains more that 10 letters. If it contains special characters, it will never be able to break it. So unless you are the old grandma with secret informations on your laptop but you do use 123456 as your password… well.
And everything else you mentioned is just a waste of time. Really, c’mon, I was expecting more from this techland website.

To each his own, alexanderds. Tools to crack logon passwords work with XP and Vista, which is a large installed base. I haven’t tried them with Win7. Based on research about the passwords people select, Ophcrack and similar tools will crack the great majority of passwords in actual use. More importantly, forensic tools don’t care what your logon is — they either remove your hard drive physically or copy its image and then analyze disk contents without having to know the logon password. Bottom line: most people don’t use whole-disk encryption, and a lot of them should.

Get a Mac.

Actually, not a bad article. It’s a basic, basic one, but accurate enough.
Password cracking tools are dime a dozen, but largely not needed when accessing a hard drive.
encase is EXCELLENT for forensics. It’s a standard for the courts and government use and VERY, VERY good at what it does.
It IS a standard method to simply make an image of a hard drive and work from that.
Truecrypt IS a pretty good freeware product. AES is the current encryption standard for the US Government and truecrypt has AES as an option for encryption.
THAT said, new corporate model notebooks come with hardware encrypted hard drives. Commercial products are available as well.
I have USB drives (yep, good old thumb drives) that are encrypted and are COMPLETELY tamperproof. They’re SO tamperproof that again, the US Government has approved them for up to Top Secret data.
Enter an incorrect pass phrase too many times, it bricks (burns out). Try to cut it open to access the chips, same thing. Downside, forget the password and you’re SOL and they ARE expensive. Ironkey should’ve named them goldkey…

No ‘Really, c’mon…’ i don’t value anything a person says who doesn’t know how to write a proper English sentence. not even if it discusses secret informations.

Barton/wzrd1 -

If your system is encrypted with a more than 20 character password (a combination of caps / lowercase, numbers, and characters) is it absolutely necessary to have a burn protocol to prevent government agencies from cracking your drive?

- t3chn0ph0b3

@alexanderds
- boot laptop with a linux liveCD
- mount the laptops hard drive partition
- read/change/delete every file on hard drive.
no passwords required.

but if the hard drive partition is encrypted, then the above would still work except everything on the disk would look like garbled soup.

c’mon, I was expecting more from the users of techland website.

@markntejas who wrote, “No ‘Really, c’mon…’ i don’t value anything a person says who doesn’t know how to write a proper English sentence. not even if it discusses secret informations.”

So applying your standard your comment is worthless given your inability capitalize properly or spell correctly. I don’t think I’ve ever seen anyone add an “s” to the word, “information”.

The article is spot on with these items left out.

- Backup your data often to an outside source and not on your encrypted laptop (you’d be surprised)

- In the event of a corrupted or otherwise unusable system you will not be able to mount the drive in an enclosure and retrieve data.

- Use Win7 ultimate and use BitLocker. It works and is seamlessly with Win7. (I don’t work for Micosoft)

- Did I mention Backup often?

@alexanderds yeah there are number of good password crackers, a free one such as Peter Nordahl’s NT password recovery tool cracks the Windows SAM. You can set the password to blank, you don’t even need to know what the old password is.

As for Trucrypt we tried that where I worked, it had a propensity for causing BSOD’s and the computers performance over time degraded so badly we had to reimage employees machines. You get what pay for, free stuff is usually free for a reason. We sucked it up and got PGP WDE and Universal Server for central control and it has served us well since. Using Guarded Key Mode is the way to go.

I forgot to mention that you can retrieve data from an enclosure as long as you have the encryption key that you setup. Sorry…

The government secures their computers using PKI for log on, it is getting surprisingly more affordable to implement these solutions vs in years past.

Passwords can always be cracked, but you can’t fool a digital certificate.

I recommend PKI to everyone these days. With password protected encrypted hard drives, you risk forgetting your password and never being able to access your now encrypted information again.

Also, if dealing with security, its best to stay away from free products as they are free for a reason.

No time for a long post but I thought I’d address a few points:
1. Some encrypted thumb drives are terrific — Ironkey is something I’ll talk about more soon — and some from major vendors have been exposed as terribly flawed. Will get to that too.
2. Truecrypt and PGP. I actually own a perpetual PGP license and prefer Truecrypt for WDE. Advantages: there’s immense scrutiny of the open-source code by a large community of cryptographers, and the very active support forum is much, much more responsive than PGP’s. I also like the way it handles files as volume containers and that the software can be used in portable mode, which PGP’s can’t. But PGP has the backing of a large company for paid support, and TC can’t touch PGP’s enterprise features. As I wrote, an IT department would not choose TC for central administration.
3. I’m skeptical that TC caused webdr1ft’s BSODs (that’s the Windows blue screen of death, for the less technical reader). There are I think millions of users and the very active support forums haven’t suggested this is a problem for others.
4. Two factor encryption (passphrase plus certificate, or plus something else) is clearly better. I’m not so sure about certificate only. You can lose it and be locked out (for a while at least) or lose it and give someone else access to your machine.
Keep the suggestions coming!

@alexandnerds – Please don’t tell me you think your files are safe because you have a strong password?! You can put a 128 bit password on your laptop, and I won’t even waste my time with any cracking tool, I’ll simply yank the hard drive, connect it to my machine, and access everything I want! Passwords only block access tot he operating system, not to the files. The main message of this article – total hard disk encryption, was spot on.

@txsystems858 – couldn’t disagree more. Similar to my first response, PKI does nothing to protect the files that are stored on that hard drive. If the bad guy physically gets your hard drive, PKI does nothing natively to protect those files. Total hard disk encryption systems can actually work in conjunction with PKI. In the DoD, total hard disk encryption and PKI are both mandated, and both work together to secure the data. I’ll also disagree with you whole-heartedly about Truecrypt. It is a magnificent and robust product. I have been encrypting USB drives and laptops with it for years, with zero issues. Free doesn’t mean garbage, it’s an open-source world now, and you’re selling yourself short if you assume that simply because you paid a hefty license fee, you got a better product.

As simple as this reading may seem to some, I find it really useful to share with non-technical friends who keep using their son’s name as password and keep their banking details in a txt file under My Documents. Great work Barton, I’ll be expecting your future posts

@txsystems858
free for a good reason??? Perhaps with physical goods. Not true when it comes to intellect. If it were, wouldn’t microsofts products be unbreakable/unhackable/most stable?? I mean, look at that price tag. Compare the relatively small intellect pool at a software company compared to the much larger pool of developers internationally with open source software. Also, big software companies cannot release fixes/features/upgrades without first going through the huge beaurocratic process of getting it all blessed by management, law, public relations, etc, etc, first. Very slow and inefficient. The business is changing rapidly. The big businesses are too busy suing each other over x=x+y for billions and billions with their absurd patents on math. Sigh!!

@txsystems858
“but you can’t fool a digital certificate.”

Really?
http://www.tgdaily.com/security-features/40806-14-of-ssl-certificates-on-the-internet-potentially-unsafe

I found the article to be on point as it dealt with total encryption of the hard drive and why. Being a user of open source technology I am more than familiar with “its free for a reason.” Education is a powerful and wonderful tool that brings light to an otherwise dark existence. The lack thereof is self-explanatory. As long as “its free for a reason” is used to justify the wasting of money than the old saying there’s a sucker born everyday continues to ring true. To those readers out there don’t be fooled by remarks like “its free for a reason”, try it out for yourself. There’s no need in spending money unnecessarily. Open source is a way to go. Take it from a person who has used both. Didn’t mean to stray from the topic as the article is on point and should not get discredited by personal biases or performance issues inside Windows. Bill designed Microsoft to be closed and as such there will always be arising problems with software not originating from Microsoft. This review is on an open source program from open source developers not Microsoft. If you want it to perform on Windows as it does on open source platforms then get Bill to release the code. Bottom line if you want the best performance from this product use it in an environment where the code is open, not closed.