Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Security - best way to make laptop data unrecoverable?

Posted on 2003-11-29
Medium Priority
Last Modified: 2010-04-03
I'd like to put some security on my laptop.  Specifically I want to detect an attempted login.  After N failed attempts (or even a boot into bios), I want to wipe/overwrite a few sections of the drive where the critical data is stored.  Finally, I'd like to rig some sort of physical failure as well (Ie - flash fire or similar)

In other words, if this laptop gets out of proper hands, I not only want to remove the data but I also want to doubly make sure it is unrecoverable by nuking the drive itself.

Is there anything out there like this?  I've googled and not found anything like this.

Question by:maxout6
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
LVL 18

Accepted Solution

chicagoan earned 160 total points
ID: 9842871
You'd have to get some operating system running to nuke the data, and what's to stop someone from removing the drive? Really nuking the data would take multiple passes and give a determined person time to rip the drive from it's moorings unless you're going to pack the laptop with thermite and a tamper switch... a homemade setup like that could be a problem it it goes off and you're in a window seat next to a pair of sumo wrestlers.

IBM and others have incorporated  security into the hardware

You can also use PGP (or windoze) or other software to create an encrypted volume.

for how well PGP works...

In theory you could boot up to some shell operating system that would give the theif a false sense of accomplishment and be scrubbing the disk in the background, but that's not foresic computers investigators work if they know their stuff.


Expert Comment

ID: 9843158
As seen in Mission Impossible:

This message will self desruct in 10, 9, ....1 boom.

Expert Comment

ID: 9843791

By running Windows 2000 you can set any folder(s) or even entire drives as being encrypted. I don't know how strong this encryption is or how hard it is to get the key to decrypt it, but i know its there...

You can also configure it to "lock out" user accounts after X invalid password attempts, but even the passwords in windows are subject to being discovered fairly easily

There is also a way to add a password to the BIOS at a very low level before it even looks to see if you have an OS installed, however a determined person can remove that password easily, in some cases just by removing the battery from your laptop...

In short, you need to determine exactly how secure you need this data to be--- if you just need to keep honest people honest then any of these will work... for more then that use a combination of these... if you need more then that then i begin to question exactly what it is you need secured here...

Hope this helps,
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.


Author Comment

ID: 9844585
Ok - so what I've gathered is:
- Encrypt it using PGP or whatever
- Use windows standard encryption as well
- Tie in some sort of OS bad login switch to run an eraser program on the specified directories (Apparently 10x overwrite on 1GB takes about 20 seconds, or so they say)
- Thermite for physical descruction.  Yowsa.
- Tin foil hat, a must for the truely paranoid
- EMF shielding so PGP keys can't be sniffed by Tempest tech

Any other good ideas?

Assisted Solution

IrishFBall32 earned 140 total points
ID: 9845400
i suppose depending on the size of the files needing protecting you could store them on a USB keyfob style drive that you keep on your regular keychain, that way if someone does get ahold of your laptop they are much less likely to have your files as well...

mentioning that i am now reminded that there are USB "system keys" that must be inserted into a USB port on power up in order for the OS to even load... that might be a solution as well
LVL 18

Expert Comment

ID: 9845417
>Apparently 10x overwrite on 1GB takes about 20 seconds, or so they say
golly - where can I get one of those?
If you figure a sustained throughput of 10MBs... well.. u do the math
BTW: make sure you use foil labled for OVEN use... as each aluminum atom is only about 1.48 angstroms, standard grade foil may not stand up to close range particle beams.
see for detailed plans


Author Comment

ID: 9850623
Thanks for the good tips.  This was a fun diversion and I'll probably implement many of these - without the exploding laptop!  I like the idea of a USB drive for the most sensitive data.  Now I need to do some research and find out where/what Windows keeps its temp files.  I seem to recall Word keeping a couple of copies in odd directories that'll need to be nuked to remain secure.  

Oh - thanks for the link on the tin foil hats.  I was wondering about proper construction techniques!


Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to update Firmware and Bios in Dell Equalogic PS6000 Arrays and Hard Disks firmware update.
The article will include the best Data Recovery Tools along with their Features, Capabilities, and their Download Links. Hope you’ll enjoy it and will choose the one as required by you.
This video teaches viewers how to encrypt an external drive that requires a password to read and edit the drive. All tasks are done in Disk Utility. Plug in the external drive you wish to encrypt: Make sure all previous data on the drive has been …
This Micro Tutorial will teach you how to reformat your flash drive. Sometimes your flash drive may have issues carrying files so this will completely restore it to manufacturing settings. Make sure to backup all files before reformatting. This w…
Suggested Courses

661 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question