Encrypting the Disk
654
discs, and external drives. See Figure 1-3. The LE version creates multi-
ple 25MB encrypted containers on your hard disk that you can load and
unload as needed. You can view, modify, and hide all types of files with
a single password. The product works with all current versions of
Windows (including 95 and 98 as well as XP and Vista). Consult www.
cypherix.com/cryptainerle for more information about the free version.
Hardware-based disk encryption
Most laptops include in their setup BIOS a means to set a password before
you can access an installed hard drive; however, a number of hacker tools
allow someone to determine this password and once someone has bypassed
it, she can read everything on the drive.
Full disk encryption
Seagate’s Full Disk Encryption (FDE) system (introduced to consumers with
its Momentus line of hard disks) and similar concepts are different in that
the encryption key (the code that decrypts the data) isn’t stored on the drive
or in the BIOS. No amount of physical attack on the machine by a hacker is
going to locate a decryption key because it isn’t on the laptop.
Figure 1-3:
The
Cryptainer
control
window
allows
creation of
hidden
volumes
with
complex
passwords.

46 140925-bk09ch01.qxp 4/8/08 12:53 PM Page 654
Book IX
Chapter 1
Traveling with
a Laptop
Encrypting the Disk
655
Under FDE, you’ve no need to initialize a new disk or to encrypt the full con-
tents of a large drive when the software is added to an existing disk. All data
is encrypted as it records, and according to Seagate the process occurs at
full interface speed. In other words, no overhead is involved.
Under software encryption schemes, if the key to the encryption software is
compromised, you must change it. This usually involves completely decrypt-
ing and re-encrypting the entire drive. Since the key to an FDE drive is locked
into the hardware, it can’t be corrupted.
Removable flash memory key
Another option is to use a removable flash memory key that holds the
decoding key for an encrypted disk. One such product is the PCKey from
Kensington. The system combines an access key that plugs into the laptop’s
USB port and holds the complex decoding key; you must enter a password
into an onscreen form. Both are required before any user is permitted to use
the machine and any network to which it connects.
All data on the hard drive is encrypted by the PCKey system; when an appli-
cation requests it, the encoded data passes through the PCKey filter and is
decrypted for storage in the computer’s system memory for the applica-
tion’s use. It’s re-encrypted when written back to the hard drive.
The encryption algorithm for PCKey is quite strong and difficult to break; the
loophole with this system appears if the laptop is up and running with the
key in place and the password entered. In that situation, a thief could access
all the data on the machine until turning it off. The solution: Remove the key

and take it with you any time you walk away from your laptop.
If you forget your password or lose the key, contact Kensington and answer a
set of questions to obtain a replacement code.
Adding the Sys Key utility
You can add yet another layer of Microsoft-brand protection to your pass-
words by adding the Sys Key utility to your Windows XP or Windows Vista
laptop. Sys Key encrypts copies of user passwords stored on your hard
drive and adds a more complex encryption scheme to basic passwords. See
Figure 1-4.
46 140925-bk09ch01.qxp 4/8/08 12:53 PM Page 655
Encrypting the Disk
656
To Configure Windows System Key Protection, do the following:
1. Click Start ➪ Run.
Run is a way to issue a command directly from a program that exists out-
side the operating system.
2. Type syskey in the Run text box.
3. Press Enter.
4. Select the Encryption Enabled check box.
The check box is in the Securing the Windows Account Database sec-
tion. Enabling this option encrypts the password database and is the
recommended setting.
5. Click Update.
6. Click Password Startup.
This requires that a strong password start Windows.
7. Enter a complex password.
The password should include a combination of upper- and lowercase let-
ters, numbers, and symbols; the code should be at least 12 characters
long, with a maximum of 128 characters.
Figure 1-4:

The Sys Key
utility of
Windows XP
or Windows
Vista adds
extra layers
of security
to encrypted
files and
settings.
46 140925-bk09ch01.qxp 4/8/08 12:53 PM Page 656
Book IX
Chapter 1
Traveling with
a Laptop
Keeping Panic in Check(list)
657
Keeping Panic in Check(list)
What to do if, despite all your best efforts, your laptop really goes missing
or your software becomes corrupted? Don’t spend too much time cursing,
screaming, or crying; as good as it might feel, that won’t help, and time is
a-wasting.
Follow these steps:
✦ Call the boss. If the machine or software is owned by or related to a
business, government agency, or any other organization, immediately
notify your employer or legal department. They should have a plan to
deal with the loss of confidential or other important information.
✦ List your data. Make notes about any data files you know are on your
machine’s hard disk. Don’t forget:
• Files you may have deleted but are still in the recycle bin

• Backup copies of earlier editions of your documents (Many applica-
tions, such as word processors, make these copies)
• The contents of your e-mail folder
✦ Get the cops. Contact the local police or other law enforcement agency
where the laptop was stolen or lost. File a complete report as soon as
possible. Include a description of the brand and model as well as its
serial number and other information.
✦ Jog your memory. Get your most recent set of backup files for the
machine. (You’ve been making backups on a regular basis, right?) Use a
borrowed or rented machine — if you’re sure that machine is secure —
and refresh your memory about any confidential data that may have
been on your laptop’s hard drive.
✦ Call all accounts. Contact your bank, credit card companies, and any
other institution with which you have financial or personal accounts.
They may put a notation on your account to be on the watch for fraud;
they may close existing accounts; or they may disable your current user
ID and password and ask that you create new ones.
✦ Write to your dear diary. Maintain a journal with model numbers, serial
numbers, and an inventory of components and add-ons that you travel
with. I have one copy of this list in my wallet and another copy with
important papers in my office. Don’t bother to keep the list in the
laptop’s carrying case; that probably won’t help at all.
✦ Admit to the admin. If you use your laptop with any networks that use
password protection, notify the administrator; you may have to change
user IDs and passwords. If you run your own wireless network in your
home or office, make the changes yourself.
46 140925-bk09ch01.qxp 4/8/08 12:53 PM Page 657
Keeping Panic in Check(list)
658
✦ Be fickle. Again. Change any user ID and passwords for e-mail and other

applications that are automatically filled in by Windows or a built-in util-
ity on your laptop; if you manually enter user IDs and passwords you
can decide for yourself whether or not to make changes.
✦ Stake your claim. Notify your insurance company (or the administrator
of your company or organization’s insurance) to file a claim for the loss
of the laptop. Some policies include coverage for software application
loss; most policies, though, don’t cover data loss.
Have you taken out the recycling?
One way to slightly reduce the risk of damage
caused by a lost laptop: Get in the habit of
clearing out the Recycle Bin each time you shut
down the machine. That setting is available in
the operating system. You can also use an
IMAP mail server instead of a POP3 mail server
so your e-mails aren’t stored locally on your
laptop (but are instead kept on a central
server). And you can also have applications like
word processors not automatically create
backups of files in progress. Each of these poli-
cies has disadvantages, but they’re the safest
way to treat data stored in a moveable (and los-
able) laptop.
46 140925-bk09ch01.qxp 4/8/08 12:53 PM Page 658
Chapter 2: Guarding
Against Intruders
In This Chapter
ߜ Locking the doors against electronic burglars
ߜ Setting up and using a firewall
ߜ Going with antivirus, antispam, and antispyware
ߜ Getting a security suite

ߜ Cleaning up after yourself
H
ere at the Department of Laptop Security, we’re very concerned that
all road warriors understand and follow all our rules, regulations, sug-
gestions, pleas, wishes, and hopes regarding one very important little detail:
keeping the front and back doors closed and locked.
That’s really what it comes down to. Although it seems so silly to some
people, the fact is that an entire subspecies of humans devotes its every
waking hour to (electronically) turning the door knobs and rattling the
screen doors of laptop and desktop computers all over the world. Some do
it for the sport, the computer equivalent of graffiti artists who get their jol-
lies by defacing other people’s property. Some of them are in it for the
money, looking to steal your bank account information and whatever other
personal data you may have stored within your machine.
In the previous chapter I discuss ways to hold onto your machine and pro-
tect the contents of your hard drive in case the laptop is stolen or lost at sea
(or from a car, or a plane, or a train, or otherwise misplaced). In this chapter,
you explore ways to keep people from breaking into your machine from afar.
Breaking and Entry, Laptop-Style
Let me get one thing out of the way right at the start: If you bought a new
laptop from a major manufacturer and ran it, unaltered, right out of the box,
without ever connecting to the Internet, you’d have a very good — but not
perfect — chance of never having to worry about computer viruses. And
you’d have no reason to fear spam, malware, adware, spyware, or phishing.
(I define each of these terms in a moment.)
47 140925-bk09ch02.qxp 4/8/08 12:53 PM Page 659
Breaking and Entry, Laptop-Style
660
In theory, a brand-new laptop from the factory comes equipped with
Windows or another operating system and a basic set of applications that

have been verified, scanned, checked, and otherwise given a close look-see
by the manufacturer. It’s highly unlikely that the machine will arrive infected.
As long as you use your machine in its unaltered state and completely avoid
connecting to another computer, the Internet, or e-mail, your laptop is like
the boy in the bubble: safe from infection . . . but also unable to fully experi-
ence life.
Table 2-1 reveals the ways a virgin machine can become sullied by disease
and distress. I ranked threats in relative order of likelihood from very rare to
very common. I awarded one star to the least likely culprits and as many as
five to the biggest threats.
Table 2-1 Threats to a New Machine
Your Action How Likely It Is to Happen
*
Through the installation of an infected program supplied ૽
on a CD, DVD, or other media. As noted (see sidebar),
this is rather unlikely; software makers are under orders
from their lawyers and marketing departments to double-
and triple-check for rogue code.
A virus or other form of malware on a bootable disk ૽
installed in a floppy disk drive or other device. Relatively
few current laptops have a floppy disk drive, and your
system BIOS has to be set to boot from the drive to load
the nasty code.
Whoops
Back in the early days of personal computing . . .
and the early days of computer viruses . . . I
received a new version of a personal finance
program from a major software vendor, sent to
me for review in
PC Magazine,

where I was
executive editor. I installed the program on a
machine and all of a sudden the machine
began behaving strangely. I assumed it was a
flaw with the new program itself until I
rebooted the machine and an early antivirus
program flashed a warning on my screen: My
PC was infected. To make a long, sad story
short: The financial software company had
hired a service bureau to duplicate its product
onto floppy disks (the medium of the time) and
unbeknownst to all, their computers were
infected. Today that’s pretty unlikely to
reoccur . . . but not impossible.
47 140925-bk09ch02.qxp 4/8/08 12:53 PM Page 660
Book IX
Chapter 2
Guarding Against
Intruders
Being Neighborly with a Firewall
661
Your Action How Likely It Is to Happen
*
Accepting a bootleg copy of a program or a shareware ૽૽
utility given you on a floppy disk, flash memory key,
CD, or DVD.
Installing onto your machine a data file that includes ૽૽૽
macros (like those available in word processors and
spreadsheets) that include malware.
By connecting to the Internet by a wired or wireless ૽૽૽

connection and downloading drivers, utilities, icons,
and programs from sources you don’t know and trust.
Downloading any active content (programs, utilities, ૽૽૽
animated icons, music, and more) through an instant
messenger (IM) program.
Accepting an offer from a pop-up screen on the Internet ૽૽૽૽
that offers a free program or utility that you didn’t request.
Opening and running an attachment on an e-mail that you ૽૽૽૽
didn’t request or that comes from an unknown source.
Clicking a link in an unsolicited e-mail. ૽૽૽૽
Opening your folders and files to others on a local area ૽૽૽૽
network or on a public network (like you might find at
an Internet café).
Not installing and enabling a capable firewall utility (or ૽૽૽૽
using the one built into current versions of Windows)
and going online or onto a network.
Though it isn’t a
cause
of infection, I reserve a special ૽૽૽૽૽
set of stars for anyone who operates a laptop without
a capable and fully updated antivirus program in place.
If you had a proper antivirus in place, chances are very
good that it would prevent all the preceding infections.
*One star is the least likely to happen; five stars means it’s one of the biggest threats.
Being Neighborly with a Firewall
Good fences, as Robert Frost observed, make good neighbors. In the case of
computers, good fences help you distinguish between good neighbors and
nasty intruders.
The Internet is a fast-moving stream of billions of snippets of information
called packets. The situation is made better (or much worse, depending on

how you look at it) by bringing high-speed broadband connections to homes
and offices on cable, DSL, and fiber-optic systems. In addition to the danger
posed by the huge volume of data that moves on a broadband circuit, there’s
also the fact that these connections are always on: Your machine is hooked
47 140925-bk09ch02.qxp 4/8/08 12:53 PM Page 661
Being Neighborly with a Firewall
662
up to the Internet all the time. A connected PC sticks an electronic toe into
the stream looking for packets addressed to your address. And when you
click an Internet link or send an e-mail, your machine is creating a packet
with your return address.
Hackers create viruses and other malware that fly around on the Internet, jig-
gling the doors of tens of millions of PCs until they find one they can open.
The odds of breaking in are low, but even a tiny percentage of success can
make these miserable louts very happy.
One of your laptop’s most important security program components is the
enabling and use of a good firewall.
The original term comes out of construction and automobile manufacturing:
a solid physical barrier intended to stop the spread of a fire. In the world of
computing, a firewall is a piece of hardware or software that stands guard
between your laptop and the outside world. Its role is to inspect all network
traffic that passes through it and decide whether to
✦ Block the data
✦ Allow it through based on a set of rules
✦ Halt data and display a message asking you to decide whether to
proceed
A firewall erects a defensive ring for your computer. It stands physically or
logically at the point where data comes into an individual machine or an
entire network; its primary purpose is to prevent unauthorized access to
your machine. It can’t, however, protect against an assault that doesn’t go

through the firewall. For example, if you load software from a CD or DVD,
you’re inside the hardware fence.
Several kinds of firewalls exist:
✦ Application gateway firewall (also known as a proxy), are the most
common type of device. You can have the firewall check packets against
a particular list of addresses or limit the actions of particular applica-
tions. For example, the proxy could block downloads or prevent a
packet from initiating a file deletion or change.
✦ Packet filters allow entrance only to packets from specified addresses.
✦ Circuit-level firewalls only permit communication with specific comput-
ers and Internet service providers.
✦ Stateful inspection firewalls are the newest and most advanced design.
These devices actually read the contents of packets and block those that
are determined to be harmful or an unauthorized threat to privacy.
47 140925-bk09ch02.qxp 4/8/08 12:53 PM Page 662
Book IX
Chapter 2
Guarding Against
Intruders
Being Neighborly with a Firewall
663
Why do you need both a firewall and an antivirus program? If you want to
think in law enforcement terms, the firewall keeps any potential evildoers
away from a place where they might try to commit a crime. An antivirus
system stops a criminal act by someone who’s gotten past the wall with a
weapon.
Hardware firewalls
Hardware firewalls are very effective because they literally are separated
from the computer or network they protect. The incoming signals from a
broadband modem connected to the Internet or from a local area network

have to be approved by the firewall “appliance” before they get to a com-
puter. You find hardware firewalls in many large companies and organiza-
tions that can afford the cost of the device (from several hundred to several
thousand dollars for a basic unit, rising from there based on the amount of
traffic and number of machines protected) as well as the cost in payroll for a
trained professional to manage the network.
One intermediate step is to use a wired router that includes a basic firewall.
These systems, though not quite as full-featured as a dedicated hardware
firewall, add another fence where a network of computers link to each other
and to a broadband modem.
Router firewalls only provide protection from computers on the Internet, not
from computers on the other side of the router: your local network. If a
machine on the network becomes infected, it can easily spread a worm (a
self-replicating piece of unwanted code that sends copies of itself to as many
places as it can before it’s squashed) to other machines on the network. For
that reason, you should also enable a software firewall on each machine.
Software firewalls
As a laptop user, a hardware firewall may protect you when you connect your
portable computer (either by wire to an office network or wirelessly to a WiFi
system). But most of the time you won’t have the hardware between you and
the wild, wild Internet; instead you’ll use a piece of software intended to
stand between your computer’s essential files and the outside world.
Software firewalls (also called personal firewalls) can
✦ Be written as utilities within the operating system
✦ Be a package that sits in front of or behind the operating system to pro-
tect the data on the machine
✦ Block incoming traffic based on a set of rules and exceptions you
establish
47 140925-bk09ch02.qxp 4/8/08 12:53 PM Page 663