Travel Technology - Left Laptop In Taxi - How Secure is Data?

I did just about the single most stupid thing I've ever done today :mad: I left my laptop on the back seat of a taxi. All attempts to trace it throuhout the day have failed completely so I've pretty much lost all hope of getting it back unless the taxi driver is a decent fellow and either traces me or leaves the laptop at a police station.

Anyway, making the prudent assumption that my laptop is making its way to the black market, I need to know how secure my personal data is. This is a laptop provided by my employer and runs XP, both partitions formatted using NTFS. It is not possible for me to use the laptop without first entering my corporate user name and password (on or off the network). Can I assume that my data (both personal and employer stuff) is reasonably safe?

Yes, it's safe.

In theory they could brute force the machine, but most of the time the nr.1 priority they have will be to "clean" it, which will probably mean formatting the device.

In the future remember to make a note of the cab number whenever you get in....

Yes, it's safe.

In theory they could brute force the machine, but most of the time the nr.1 priority they have will be to "clean" it, which will probably mean formatting the device.

In the future remember to make a note of the cab number whenever you get in....

Thanks for confirming that.

One of the first tenents of security is physical security.

What's to stop someone from installing another copy of XP (in a different directory) on the same partition? Or from running a program like CIA Commander (http://www.matcode.com/ciacmd.htm) or l0phtcrack (http://www.atstake.com/products/lc/) to recover the local administrator's password?

Chances are that the recipient is only interested in the value of the hardware, but if you get someone with some time on their hands, its a different story.

I'd say you have quite a bit to be worried about.

One of the first tenents of security is physical security.

What's to stop someone from installing another copy of XP (in a different directory) on the same partition? Or from running a program like CIA Commander (http://www.matcode.com/ciacmd.htm) or l0phtcrack (http://www.atstake.com/products/lc/) to recover the local administrator's password?

Chances are that the recipient is only interested in the value of the hardware, but if you get someone with some time on their hands, its a different story.

I'd say you have quite a bit to be worried about.

He asked if it would be "reasonably safe?", to that I still answer "yes".

ANYTHING can be hacked, but the amount of effort someone has to put into a machine like this simply isn't worth it.

Even with the stuff I use (Ethentica biometrics and SecureSuite encryption) I'm sure they could get to my stuff if they really wanted to.

Unless the files themselves were encrypted, what would prevent someone from taking out the hard drive and slaving it to another XP machine to read the data?

But, yes, the thief (and new buyer) very likely is uninterested in the data, just the laptop.

One reason why I have a sticker in my machine when opened that has my office address & cell number along with a note saying "Reward paid if found, please call" Not sure if anyone would keep the machine if they knew they could get cold hard cash for it anyway by calling me - at least that's my theory that I hope never to test

Be thankful you are not in California! There are some very strict privacy laws here - a contractor working for Wells Fargo lost a laptop and the results were wide ranging.

http://www.securityfocus.com/columnists/201

One reason why I have a sticker in my machine when opened that has my office address & cell number along with a note saying "Reward paid if found, please call"

On my Fujitsu, there is a spot in the startup BIOS to put a message that displays on startup just before the System BIOS asks for a password (I don't use Windows password). That's what I've loaded in there. "Reward If Found" and my cell number.

Is there any extra security advantage to also turning on Windows asking for another password or will that BIOS one pretty much cover me for all reasonable average basic security needs?

BIOS password bypass is easy... disconnect the system and BIOS data battery... Give it 30 mins and viola, BIOS defaults...

If someone did steal it, it's been fenced likely to someone who's an idiot anyway. NTFS is fairly secure, however there are still legit ways to access an NTFS partition read only under Linux. I normally encrypt all my documents folders under NTFS.. I would suggest others do the same.

www.stuffback.com

For future reference, a recent thread on this very forum on Encrypting personal files on your work laptop (http://www.flyertalk.com/forum/showthread.php?t=325599).

There's a lot of scary stuff going on out there, it's convenient to ignore it all. If you want to see a real eye-opener, take a look at this: http://forum.carderplanet.cc/index.php?showforum=44, ... translate the russian pages, it's even scarier.

Once again, thanks for all the constructive replies. To say yesterday was stressful would be a bit of an understatement. Telling my employer what I had done was distinctly not very nice. I some ways I would have preferred it had I been mugged as I would have felt far less stupid about that.

Fortunately for me the only things that I lost were a digital camera with pictures from my Gran's 90th (the whole family was snapping like mad there so they are no great lost) and pictures of a part of the world I'll be going back to in a few weeks time. Also fortunately, I had a very recent backup of my memory stick on CD (just been to Selfridges to buy a new stick).

The comments about leaving on a reward sticker, encrypting confidential data and of course taking a mental note of the taxi number have all been taken on board. More questions will follow.

I usually travel with 3 items. 3. I count to 3 all the time. Ask any mother, she counts her children all the time also. On the odd situation when I have less than 3, I still find myself counting. Where I've nearly lost something is when I have more than 3 items. Even jetlagged and worn out, I'm so used to counting to 3. When we are tired, changing an old habit is very difficult. Sometimes my 3 items are purse, umbrella and coat. Sometimes purse, suitcase and umbrella. So far in a couple million travel miles, all has been OK.