0
I'm about to do a trip in which the risk of computer being stolen is much higher than usual (train, car, let my bag with computer by friends of friends, and obviously I won't take my computer while I'm swimming in the sea etc.).
What I've done so far:
master password at boot (in Lenovo BIOS)
backups of my hard drive in different places (even in different cities, by my parent's, etc.)
But even if the master password blocks the computer from booting, the hard drive can be easily removed from a Lenovo, and then all my data could be easily taken.
What other options are there?
encryption: I was thinking about this, but would this require to rewrite all the 650GB of data of my 1TB SSD ? This would probably be very long...
geolocalization: have a software running in background sending a ping with IP and approximate location to a server?
or even a keylogger that sends data to a server, so that if it gets stolen, I can have information? or even a software that would connect to my server once every minute from which I could send a "Wipe everything" signal in case of computer being stolen? (ok this looks crazy, but I have been stolen recently -- not a computer -- that's why I want to prevent it to happen again).
I'm mostly on Windows 7 x64 bit, but I sometimes boot on Linux, and access to the D:\ from Linux.
Note: this question is close, but doesn't exactly address all the concerns here.
4Use full disk encryption – Ramhound – 2017-08-06T15:02:53.707
How on Windows 7 x64 Integral? Will this require to rewrite all the 650 GB of data? If not, how much time does it take? Is it easily possible to disable the encryption later? – Basj – 2017-08-06T15:07:52.583
1If you're only worried about a few files, or you don't have bitlocker, you can try enabling EFS on the files you're worried about, though the names would be visible still I think. – jiggunjer – 2017-08-06T16:49:21.070
@jiggunjer does EFS also work if we move the hard drive to another computer? does it need to rewrite all the data? – Basj – 2017-08-06T18:30:34.360
EFS only rewrites the files you encrypt so it should save time, but it is an NTFS feature so your linux files need another solution. It's unlike bitlocker in that only the Windows user who encrypted the files can access them. There is no password involved. – jiggunjer – 2017-08-07T02:33:44.423
@jiggunjer oops so it means if the computer crashes, I cannot move the hard drive to another computer if EFS doesn't use a password to re-identify myself on another computer? – Basj – 2017-08-07T08:11:04.567
Probably, but you might be able to export a separate recovery key (store it on a usb at home), I'm not sure what the options are. – jiggunjer – 2017-08-07T08:18:21.373
When EFS is used to encrypt an already-existing file, a new encrypted file is created. The unencrypted version is "deleted", which means recovery software can potentially recover it. On magnetic medium disks this can be resolved by wiping free space after enabling EFS, but on SSD disks this becomes more complicated since SSDs don't expose all disk sectors to the host. Bottom line: Use FDE if you want to ensure your data is protected. – I say Reinstate Monica – 2017-08-07T23:57:41.563