Solved

I have some who is being asked to turn over his laptop as part of a divorce discovery.  He has  no issue with giving up the laptop but is concerned with passwords/logins etc being discovered.

Posted on 2014-10-01
21
226 Views
Last Modified: 2014-10-05
I have some who is being asked to turn over his laptop as part of a divorce discovery.  He has  no issue with giving up the laptop but is concerned with passwords/logins etc being discovered.  is there a program or a way to insure that this information can be protected prior to turning  over the laptop?
0
Comment
Question by:funkyone60
  • 5
  • 4
  • 4
  • +4
21 Comments
 
LVL 4

Expert Comment

by:Saschao
ID: 40355235
Overwrite all data! Nothing else. He or she should start from beginning, i would never give it away even if you have deleted some files or you firefox/IE cache/passwords/chronic. Thats not safe.
0
 

Author Comment

by:funkyone60
ID: 40355244
I am not sure how this works within the bounds of discovery or if he has the option of doing that so I am trying to find ways to protect if we actually have to turn over the laptop
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 40355260
Clear all saved logins in the browser cache.

Change all laptop/application passwords to something difficult to guess but easy enough to remember.
0
 
LVL 87

Expert Comment

by:rindi
ID: 40355300
Use dban to clean the disk, then use the recovery media you made when you got the laptop to restore it to the factory state. Dban is included on the UBCD, and reliably deletes any data that was on the so it can't be recovered anymore:

http://ultimatebootcd.com
0
 
LVL 4

Expert Comment

by:Saschao
ID: 40355381
Hi,

rindi is right, use dban and than install it the operating system from scratch completely new. Everything else is weak and recoverable. The windows password isnt something to be scared about, but if you just do what jesper suggests

"Clear all saved logins in the browser cache."

could be restored/recovered. What type of is installed?
0
 

Author Comment

by:funkyone60
ID: 40355394
Windows 7
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 40355405
if the laptop is wiped instead of making the data more difficult to reach (i.e., putting the data into an encrypted container or offloading to a usb), the individual could be in violation of the court.
0
 
LVL 87

Expert Comment

by:rindi
ID: 40355435
What does the court have to do with this?
0
 

Author Comment

by:funkyone60
ID: 40355449
Divorce
0
 
LVL 4

Expert Comment

by:Saschao
ID: 40355454
sorry i am no native english speaker and not from US so maybe i misunderstood. I understand that it should be give away from one ex married partner to another. If its something with law or court i am maybe not the right person to answer. If you go to jail if you wipe your own harddrive (own property) which is ridiculous imho then you should delete all browser data, cache, passwords, history and all private things like pictures&videos and afterwards i would copy some useless data on all partitions/harddrive until its completely full to ensure that all harddrive sectors were overwritten once, after this you delete all this data again.

But be aware if this is not in conjuction with the law on your location, you do it on your own risk. Maybe you should ask a lawyer before or try get professional help onsite.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 28

Expert Comment

by:Jan Springer
ID: 40355460
exactly my point.

cleanup.  make passwords and data more secure.

the client needs to consult with an attorney.
0
 
LVL 46

Expert Comment

by:noxcho
ID: 40355468
Take out the drive. Buy similar one and put in the new drive. If you want to be kind then install the Windows and thats it. 100% sure.
0
 
LVL 87

Expert Comment

by:rindi
ID: 40355487
If it were to be used in court as a proof for something, I doubt you'd be asked to turn it over, and given the time to manipulate any data on it, but rather they would just confiscate it without asking.
0
 
LVL 4

Expert Comment

by:Saschao
ID: 40355514
@Rindi: same here, so i called it ridicolous but you never know ;-)

Option 1: Overwrite it with dban. Install it from scratch or not. Takes time - no money - safe.

Option 2: With the added tipps/points/hints from me added to what jesper said. Takes less time - no money - not really safe, but a little bit
 
Option 3: Do what jesper said. Takes minimum time - no money - not safe, really not.

Option 4: Do what noxcho said. Some time to get the drive - costs something - really safe - maybe the safest of all options
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 40355523
Read the post again, "He has  no issue with giving up the laptop but is concerned with passwords/logins etc being discovered"

Why format or replace the drive?  Just remove all automatic logins and set secure passwords.

If necessary encrypt any sensitive data.
0
 
LVL 4

Expert Comment

by:Saschao
ID: 40355557
but which type of data is sensitive? Can an unexperienced user, otherwise he would not ask someone elso to do that, decide that (does he knows where its located in file system)? No he cant. Just deleting data within an application which you did not programmed, checked or someone else did is not safe. If the browsers just delete it, its recoverable. Maybe it overwrites maybe not.

If you want to be sure. Buy a new drive or overwrite all data or encrypt all data and dont give the key away (but use a strong pass sentence or longlonglonglong password. So thats all from me to this theme. Good night.
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 500 total points
ID: 40355581
I'm sorry but most of the above answers do not pertain to a discovery situation.  I work with law firms and have done discovery on law firm computer systems, and discovery can be a dicey situation.  The most common computer data that is required for discovery is email, so that may be all he needs to provide.

First thing I would do is tell him to consult with a lawyer (his lawyer presumably) to determine whether it is really necessary to turn over the entire laptop as part of the discovery, or if there is only certain data that has to be made available.  Once that's established and the lawyer has determined what is required, then you deal with protecting any data on the laptop that is NOT part of the discovery.  The standard way of doing this would be to export and provide copies of the information that is required (i.e., his email PST, copies of documents, etc.), not to turn over the entire piece of equipment.  

But if in fact he is required to turn over the laptop, then at that point, I would remove any data from the laptop that's not part of the discovery.  Then remove password protection (or reveal the passwords) for anything that is left.  Again, it's just a matter of finding out what exactly the discovery motion requires and then protecting his private information by removing it.
0
 

Author Comment

by:funkyone60
ID: 40356285
Hypercat- I think you are on the right track.  The issue at hand is that he is not trying to hide anything.  They can see emails- pst files- documents whatever.  So wiping and giving them "new" "fresh" laptop would seems as if he is trying to hide.  His only concern was having them have any ability to perhaps get passwords to anything.  I suggested this would be a good time to change all his passwords anyway and he agreed but he is concerned about anything that could slip through the cracks.  He only asked me is there were programs or any kind of software that could be installed to protect just those things.  I was not aware and it would seem from this post- no one else is aware either.  

I know how to effectively wipe a computer.  That is not our goal.
0
 
LVL 9

Expert Comment

by:nattygreg
ID: 40356354
if they run forensic on it and found it was tampered with you could be in big trouble.
0
 
LVL 46

Expert Comment

by:noxcho
ID: 40356464
Passwords are not saved on the computer usually, otherwise the software which saves the password the way someone can get it - is bad programmed. As you said - change the passwords on everything and give the laptop away. You cannot do more in this situation.
0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 500 total points
ID: 40356993
I don't know of any software except encryption software (which in itself requires a password) that might be used to protect certain information on a computer, but that's really meant to protect data not the passwords themselves.

Assuming that both parties are doing this in good faith, not trying to hide anything or discover anything they're not entitled to see, I don't think it's a problem.  Passwords that might be cached would include program-level passwords, passwords for secure websites that the user has allowed to be saved, and possibly a domain password if the laptop is a member of a domain and has a VPN or remote desktop connection configured.  

What I would recommend is removing any cached passwords that you can remove. The latter two are easy to remove by deleting IE cached passwords, and also deleting any saved passwords for VPN or remote desktop connections. (Of course, he needs to make sure that he knows what those passwords are before deleting them!) For program-level passwords, the same might be true, depending on the programs that he has installed.  If he has password-protected programs installed with data attached that should not be made available (i.e., belongs to his employer and not himself), that would be something he should probably know and make sure that the passwords are very secure, not saved and complex enough to be not easily hackable (i.e., 12 or more characters, randomly generated and including numbers and caps and lower-case letters). And I suppose he would have to reveal that to the opposing lawyer so that they don't become suspicious that he's trying to hide something.

If there's password-protected information that he wants to make available to them (i.e., if his email is password-protected), then he'd have to remove those passwords or give them the password and then change it when he gets the laptop back.

I can't think of anything else, but maybe someone else will chime in with anything I've missed.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now