Laptops forum

General discussion

Buying laptop - is fingerprint security worth it?

by thinkofaname / October 25, 2006 4:55 PM PDT

I have some issues. I'm buying a lap top and don't know which model or make to purchase.

However, my greatest concern is security. I have a boss who has a tendency to break in to our personal laptops (not company property) as he feels like it. He's a computer nutter and has degrees in computing, seems to know how to do more things than our IT people. Anyway, no one really trusts that they can leave their lap top overnight and it won't be accessed. Somehow he manages to bypass passwords for starting up the system. How? I have no idea. But we've ascertained that it has happened. This is a pretty serious issue as our privacy is breached.

I am looking at buying a new lap top now and am considering the fingerprint technology option as a means of preventing anyone from accessing my lap top anywhere. However, I understand it behaves in the same way as a password protected system and, if that's the case, and people can already get in to the system bypassing the password, what's the point?

Is there anyway of PREVENTING access, boot up itself, with fingerprint technology or anythign else for that matter? If so, what IS it?

I'm clueless for the most part so any help is very appreciated.

Aside from that, I travel regularly so portability is a priority. I'm not in to gaming nor do I create graphics. I will use it to watch the occasional DVD and listen to music. The most important thing is that I can write, edit work on the run, and use it for presentations. I have a budget up to $US2000 - does anyone have any ideas?

I'm looking at Sony and Toshiba products.

Thank you very much!

Post a reply
Discussion is locked
You are posting a reply to: Buying laptop - is fingerprint security worth it?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Buying laptop - is fingerprint security worth it?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Good stuff but not good enough in my book.
by R. Proffitt Forum moderator / October 25, 2006 10:09 PM PDT
Collapse -
Lap top with removable hard drive
by thinkofaname / October 26, 2006 12:39 PM PDT

Is it possible to buy one from which you can easily remove the hard drive on a daily basis without damaging it too much? If so, is it best to get a cheaper one?

Thanks again.
So much to learn...:)

Collapse -
That feature was sacrificed on the altar of low prices.
by R. Proffitt Forum moderator / October 26, 2006 12:47 PM PDT

I wonder why not an USB pocket hard disk for "your stuff"?

I saw the 100GB pocket unit for not a lot today.

Bob

Collapse -
What is a good brand of pocket hard drive?
by Apt411 / October 26, 2006 8:57 PM PDT

Bob et al:

Thanks for the answers to the original question. It has helped me immensely.


I want to ask what a good brand of pocket hard drive is. I think I am going for that option you suggest. I live in Chile, so we have major brands only.

K S Katz

Collapse -
Get the 1.8'' pocket drive
by mark960 / October 26, 2006 9:11 PM PDT

The brand of the external drive doesn't really matter all that much. The actual drive inside will come from one of the major brands. I have seen little difference between brands. Some brands offer a 3 year warranty so you may want to look for that.

Just make sure the drive is a 1.8'' format, not the 2.5'' format. The 2.5'' drives are NOT pocket sized by the time they add the case and electronics.

Collapse -
2.5" drives are fine
by johncosgrave / October 26, 2006 10:08 PM PDT

I regularly use 2.5" USB drives for external backup with my laptop. My eMagic drive enclosure is only 138mm x 78mm by 12mm thick - so it is definitely pocket sized. I have had the best experience with USB 2 as the drive will run off the bus power. Most laptops ony have a 4-pin firewire connection which does not have any power on it.

So buy any major drive designed for a laptop (I have had good service from different versions of the the Hitachi Travelstar) and a small external drive.

However, my understanding is that you cannot boot windows from an external USB drive, but you can use an external USB drive for all you data.

Collapse -
Thanks
by Apt411 / October 28, 2006 4:05 AM PDT

Thanks for the in-depth answers, gentlemen.

The staff at the stores here normally cannot give me this kind of information.

K Katz

Collapse -
USB 2.0 portable HDD
by dlsears / November 1, 2006 10:21 PM PST

I use a 2.5'' 80-GB USB 2.0 portable HDD as my work disk. It's no problem at all to mount and only occasionally a problem to unmount. I have to use two USB ports -- one for the USB transfer and one for the additional electricity needed for an 80-GB drive (I'm told that a 60-GB drive needs only a single USB connection). This is the best solution I've been able to find for backing up my data (one copy on my desktop at home and one on my laptop and one on my desktop at work) with Allway Sync (there are both free and not free versions. I have both) and for making sure I always have it where I need it. No damage at all to my portable HDD or to my laptop or desktops.

You would have to do something about the Application Data folder and its contents on your laptop's C: drive, though, because that's where your browser and email program store lots of sensitive and what should be private files. I don't know whether you can move those files so that they're all on your portable work disk as well, but one of these days, I'll find out.

Collapse -
In a word... Yes
by Screwdriver Monkey / October 26, 2006 8:07 PM PDT

I work with laptops on a daily basis. I have had all kinds of requests for data recovery or file access e.g. I lost my BIOS password can you remove it? or I can't get into Joe Blow's profile to see what he's been hiding can you remove his passwords? etc. These things are easy to get around, even when users set Biometric passwords to stop people booting up their machine, easy to get around. And when they set Windows biometrics passwords for log-ins, also easy to remove.

The only thing that has stopped me so far is the Biometric "Safe" folder. Basically comes standard on Toshiba machines with Biometrics and uses your fingerprint as an encryption key for every file that you enter into that folder, and if you really want to get technical and remove the drive to try accessing that data, guess what, you can't. You are supposed to set a password as a backup to your fingerprint but really don't need to and it just weakens the folders security. You can even put your mail store files in there to prevent people opening your archive mail, just make sure you unlock your "Safe" before opening applications that references files you are keeping in it.

Having said that, life is a case of balance, you make a stronger lock and they make a stronger crook.

When you do get your machine set a BIOS password, a HDD password, a Windows Password and a register a fingerprint for your "Safe" folder then you can rest assured that your files are for your eyes only.

Collapse -
Are you sure?
by R. Proffitt Forum moderator / October 26, 2006 10:22 PM PDT
In reply to: In a word... Yes

Did you read the link I provided?

It appears such is not as bulletproof as we first thought.

Bob

Collapse -
simple fix
by chrisr67 / October 27, 2006 12:21 AM PDT
In reply to: Are you sure?

An extremely simple fix to this is "TAKE YOUR LAPTOP HOME AT NIGHT!" Why even risk a security breach, when you could just bring your laptop home each night and save yourself from all the multiple passwords for bios, hd, etc.

Collapse -
Bingo. Access control is number 1 on...
by R. Proffitt Forum moderator / October 27, 2006 1:28 AM PDT
In reply to: simple fix

All security protocols I've read.

Thanks!

Bob

Collapse -
Looking for simplicity
by ilearnit / October 27, 2006 1:21 AM PDT

I like to look for simplicity.

To me, carrying the laptop home every night has its own pitfalls. So does having a removable drive (unless you need to carry your data between computers).

I take a simpler route.

Create a new, encrypted, virtual drive to hold all your data. You can move all your data there, such as your emails, word documents, and so on.

There are several such programs available (try sourceforge.net and download.com). Some are freeware, some are free for smaller-scale use, and some are high-end programs (such as pgp.com).

I use Cryptainer, and have been happy with it. Enter a password to load the drive. Close the program (or turn off the computer) to protect.

Choose the right program, and you have high-end cryptography that (supposedly) even the government can't break.

Collapse -
Security is great, but be cautious of hardware failures ...
by cymshot / October 27, 2006 5:02 AM PDT
In reply to: Looking for simplicity

I am in agreement with most about creating secure drives/folders, but you MUST be sure there is a ''backdoor'' into your secure system in case of a hardware &/or system failure so that you can retrieve your protected data. In the past I have seen people lose their secured data when part of the overall secure system failed. This is one area where you don't want to be a casualty.

Also, whether one uses a third party application for file/folder/drive security, or one uses Window's encrypted file/folder system, be CERTAIN that you possess the security keys to unlock a failed system so that you can get your data back safely. Even better, do a practice run of getting your data off such a system before fully relying on the system.

You might also like to consider the usage of steganographic tools to conceal passwords and such within documents. (see http://en.wikipedia.org/wiki/Steganography for more info.)

Collapse -
(NT) (NT) Yes.
by Ryo Hazuki / October 27, 2006 8:42 PM PDT
Collapse -
Thank you!!
by thinkofaname / October 28, 2006 2:58 PM PDT
In reply to: (NT) Yes.

You guys are legends. I am going to follow that advice which I might need to clarify when I put it into action (v soon), but I appreciate it very much. There is no way I could have worked that out by myself.

I am living in a developing country and it's not always easy to just pick up your lap top and run with it, and sometimes it's better to leave it in the office than take it home - it depends. And I can never leave it at home on its own, another problem. So this is great stuff.

Thank you thank you thank you!!! Happy

Collapse -
Fingerprint security
by opacjkt / October 30, 2006 8:40 PM PST
In reply to: Thank you!!

Well, you are optimistic. I have registered all my right hand fingerprints on my brand new Toshiba Tecra. Logging on using fingerprints is accepted about one time in five (counting 3 successive failures in one logon as one attempt). And I can just log on in the normal way and bypass the fingerprinting in any case.

Now it may be quite possible (I've not investigated it) to turn off the regular logon, but why should I - I'd be stranded most of the time? And it is very possible I'm doing something else wrong. But the first 2/3 times it worked. Maybe something got corrupted, but this is NOT a letter in support.

Meanwhile your boss is clearly someone to be avoided socially. I also live in a developing country and happen to be the boss. Such behaviour is unacceptable, and if it causes you to leave, he's lost a good worker. You want me to have a word with this idiot?

Collapse -
Don't trust him, it may be your real boss.
by frankofthenorth / November 2, 2006 6:24 AM PST
In reply to: Fingerprint security

You can only trust your boss to a certain limit, and then that's it. They may pretend to be a hippy and all fun and lenient about such things as telecommuting, but if they have a boss, when it comes time for the report they were supposed to be working on, then the finger points right at your empty chair.

Collapse -
Document Passwords...
by jamez292 / September 10, 2008 2:00 AM PDT

What type of files are you wanting to protect?

If you are wanting to place security over simple files created by a Microsoft Office programme such as "Word" then you can add a password to the file that will prevent the file from being opened. As far as I am aware, this sort of password doesnt have a "backdoor" in, but it is wise to bare in mind that this password cannot be reset or recovered if forgotten. It can be found by either going to "Save As..." and clicking the tools option within the box that opens and selecting "security" from the list of options. Not all of the Office programmes can have passwords added in this manner though, some you have to go to the "tools" menu, from there select "options" and then head to the "security" tab and apply passwords from there. You can add a password to either open a file, to edit a file or even both. If you apply one to both, then I would use 2 different passwords, this means that on the slim chance that your boss even manages to get through the first password, at least he cannot edit it without the second.
For other file types such as images and music, then im not so sure that passwords may be added in this manner, unless somebody else can rectify me otherwise...

Hope that helps

James. Happy

Collapse -
Security
by Renegade Knight / September 15, 2008 4:32 AM PDT

I've been pondering security since BitLocker. I don't like the BitLocker solution though it's ok if I remember to take home the USB Key wiht the boot up password.

Iv'e been reading about Full Disk Encrypted Hard drives. Set up a boot password (boot finger print would be better) and the drive can not be accessed at all without the password.

I tried out a figerprint utility that sets up a file vault that's only accessable via a fingerprint verification on a Toshiba. Worked great for about 2 days then it corrupted itself and I lost the data. Good thing I was experimenting.

Bitlocker is fairly bullet proof. If you use a USB key and forget the key (leave it in the laptop) you just lost the security.

What I like is a 3 pronged approach.

Full Disk Encription. Bitlocker, and a file vault (TrueCrypt or the fingerprint version). If one is compromised you have the others backing you up.

A bios password can be worked around. The Full Disk Encryption is a bit different than a standard bios password. You can't take the drive out and put it on another compute for example. You won't be able to read the disk.

Collapse -
My Security Setup
by ashma1 / September 16, 2008 7:59 AM PDT
In reply to: Security

My system: Sony Vaio AR790U/B Notebook PC Vista Ultimate.

After doing a lot of research I found what I believe to be one of the best security setups for my laptop.

First I replaced the Vaio?s 2 Seagate RAID hard drives my laptop came with for 2 Hitachi TravelStar 160GB hard drives that have hardware encryption built-in (Hitachi Bulk Encryption). The Bulk Encryption is activated by simply creating a password on boot in the BIOS. Once you create a password in BIOS, the entire hard drive is encrypted.

The encryption key is linked to the BIOS and cannot be removed or stored anywhere else. If the hard drives are removed from my notebook, they will not be readable by any other windows, Linux or any system. So in other words, the BIOS of my VAIO, holds the encryption key and if the VAIO and hard drive are separated from one another, then the data can?t be accessed even with my password. What?s amazing about the Hitachi TravelStar drive is that the Bilk Encryption does NOT slow down my system at all in performance. Furthermore it?s actually faster because it?s running at 7200rpm rather than 5400rpms as the stock hard drives were rated at. Also the Hitachi 7200rpm drives use less power than a comparable 5400rpm drive from Seagate. I?ve had the Hitachi drives installed for a few months now and all is perfect.

Now on top of the Hardware based encryption I went one step further and installed TrueCrypt 6.0a and did a full system encryption. I?ve been told that my system should be just a bit slower but I honestly have not noticed. The TrueCrypt full system encryption has worked very well as in no issues or crashes of any kind. TrueCrypt requires you make a boot up CD, in case of corruption of the software. So Should TrueCrypt fail to work on boot up, you can use the CD, but you?ll still need to enter your password. I also do a weekly backup of all my data (using the AMAZING SyncBackSE), to an external USB 2.0 drive (which is entirely encrypted by TrueCrypt as well and stored in a small fireproof safe).
This security setup means that each time I start my Laptop, first the BIOS password entry field pops up 5sec after pressing the power button. Immediately after pressing that password, TrueCrypt?s password entry field comes up; I enter that password (same long password as the one for BIOS but with a small modification). And then windows loads up and everything remains decrypted until I simply shut down windows and everything becomes encrypted again and it?s all very quick as if nothing is going on.

Now my only complaint is that even though my long passwords are easy for me to remember and input; I would very much like it if I could have a USB biometric fingerprint reader that I could just insert and have it enter the BIOS and TrueCrypt passwords for me. Sadly, it seems that there is no correct technology that would allow this because Windows needs to boot before you can use a Biometric USB reader. If I?m wrong about this, I would love to hear of a possible solution to this?

Ashton

Collapse -
forgotten password for Hitachi HTS542516K9SA00 "Travelstar"
by 5had0 / November 8, 2008 4:49 AM PST
In reply to: My Security Setup

Hey!

I just read this post with great interest. I have the same Travelstar HDD on an Acer Aspire 2920Z under Vista. I have forgotten the password I assigned to the HDD under the BIOS. Could anyone please help me regain access? Am thinking after reading the last interesting post that it must be stored in the Bios, although I don't know how to take a look under the hood of the Bios plus I guess its encrypted?

Many thanks.

Collapse -
bios pswd
by toenail78 / April 14, 2011 7:56 AM PDT

id say just use your bios password instead of the windows password.. thats the better way to go imo

Collapse -
Well Dell even has
by orlbuckeye / April 14, 2011 7:54 PM PDT
recognition now on some of their new laptops. I believe it's a an extra charge for that type security.
Popular Forums
icon
Computer Help 49,613 discussions
icon
Computer Newbies 10,349 discussions
icon
Laptops 19,436 discussions
icon
Security 30,426 discussions
icon
TVs & Home Theaters 20,308 discussions
icon
Windows 10 360 discussions
icon
Phones 15,802 discussions
icon
Windows 7 7,351 discussions
icon
Networking & Wireless 14,641 discussions

CNET's Tech Minute

Top 3 news reading apps

With the latest tech, getting news delivered to your phone is easier than ever. Here's a roundup of apps that are customizable and useful for getting the news.