I’m going to go on a trip soon for about two weeks. I would like to set-up
my computer so if some dirtball breaks into my house, he won’t be able to use
it (well, if he steals it, I’m just out of luck). Is there some method to
“lock” the computer so no one will be able to access it in my absence? Of even
greater concern is will I be able to access it when I get back. I need
something simple (I was thinking of just unplugging the damned thing and hiding
the cord somewhere, but I’m really trying to learn all this techno-stuff).
Unfortunately, there’s scale. Complete protection isn’t really simple, and
simple protection isn’t really complete.
Ultimately, you kinda need to decide how sophisticated your thief will
In my opinion, the ultimate security for the scenario you outline is full-disk encryption. (My favorite security tool, TrueCrypt will do this.)
By encrypting the entire hard disk of your computer, and using a sufficiently complex password or pass-phrase, the computer is pretty much useless to anyone but you.
As long as you remember the password, of course.
In fact, even if the thief places it into another machine, something he may try when he sees that a password is required, the data is still encrypted and password protected.
In other words, the thief may have stolen your hardware, but not your data.
And it’s your data that’s probably the most valuable part.
Unfortunately, whole-disk encryption can be somewhat tricky to set up. To be honest – it kinda scares me. I’d be nervous that it might be too easy to lose access. That’s probably just me, though, as I’m sure there are many people using whole-disk encryption daily and without concern.
The approach I take is to segment my data, and use TrueCrypt containers instead of encrypting the entire disk. I place my sensitive data into such a container that, once again, can only be accessed by my having provided the correct password. Containers can be safely copied and backed up, and seem like a good compromise.
I recently created a 250 gigabyte container to hold sensitive data on my primary desktop machine, and have used (and recommended) TrueCrypt on my laptop where loss or theft is a more practical concern when traveling.
So one way or another, encryption is really the only way to really protect your data from loss if your machine gets stolen, be it a desktop at home or laptop while traveling.
Just make sure that the data you care about is, in fact, encrypted.
Another approach that I know many people use is to put a boot password on the machine’s BIOS. This requires that at boot time the password be provided in order to continue. It’s actually a fairly reasonable approach to protecting the computer from casual theft and thieves that are more interested in the hardware than your data.
A BIOS password does not protect your data. Even if the machine is completely unbootable due to not knowing the password, a thief could simply remove the hard drive and gain access to everything on it.
That’s, in part, why I say you need to decide just how sophisticated a thief you think you’re going to get.
In all honesty – I’d look at physical security first. (And, sorry, removing the power cable doesn’t quite cut it.) Many computers have tabs to which you can attach a cable, and lock the computer to a desk much like you might lock a bicycle to a lamp post. Laptops have special slots specifically designed to attach such cables. That won’t prevent a determined thief from perhaps opening up the case (though many of the locking tabs make that extra-difficult as well), but it’ll probably cause the more casual burglar to move on to easier to grab items.
Or you might just unplug it and hide it in the back of a closet.
As I said, simple solutions aren’t complete, and complete solutions aren’t really simple.
I land somewhere in the middle, and use encryption.