Several previous articles on our blog have been devoted to the security of personal information that is sent using instant messengers and social networks. Now it's time to talk about precautions regarding physical access to devices.
How to quickly destroy information on a flash drive, HDD or SSD
Often information is easiest to destroy if it is nearby. We are talking about the destruction of data from drives - USB flash drives, SSD, HDD. You can destroy the drive in a special shredder or just something heavy, but we will talk about more elegant solutions.
Various companies produce storage media that get the self-destruct function right out of the box. There are a huge number of solutions.
One of the simplest and most illustrative examples is the Data Killer USB flash drive and the like. Such a device looks no different from other flash drives, but inside there is a battery. When the button is pressed, the battery destroys the data on the chip by intense heat. After that, the flash drive is not recognized when connected, so the chip itself is destroyed. Unfortunately, detailed studies on whether it can be restored have not been conducted.
Image source:
There are flash drives that do not store any information, but they can destroy a computer or laptop. If you put such a “flash drive” next to your laptop, and Comrade Major someone wants to quickly check what is written on it, then it will destroy both itself and the laptop. Here is one of .
There are interesting systems for reliable destruction of information stored on a hard drive that is inside a PC.
Previously they but it is impossible not to mention them. Such systems are self-powered (i.e. turning off the electricity in the building will not help stop data destruction). There is also a power outage timer, which will help if the computer is seized in the absence of the user. Even radio and GSM channels are available, so that the destruction of information can be started remotely. It is destroyed by generating a magnetic field of 450 kA / m by the device.
This will not work with SSDs, and they were once offered .
The above is a makeshift method that is unreliable and dangerous. For SSD, devices of a different type are used, for example, Impulse-SSD, which destroys a drive with a voltage of 20 V.
Information is erased, microcircuits crack, the drive becomes completely unusable. There are options with remote destruction (via GSM).
Mechanical HDD shredders are also sold. In particular, LG produces such a device - this is CrushBox.
There are many options for gadgets for destroying HDDs and SSDs: they are produced both in Russia and abroad. We suggest discussing such devices in the comments - probably, many readers can give their own example.
How to protect your PC or laptop
As with HDDs and SSDs, there are many varieties of laptop security systems. One of the most reliable is the encryption of everything and everything, and in such a way that after several attempts to get to the information, the data is destroyed.
One of the most famous protection systems for PCs and laptops was developed by Intel. The technology is called Anti-Theft. True, its support was discontinued several years ago, so this solution cannot be called new, but it is suitable as an example of protection. Anti-Theft made it possible to detect a stolen or lost laptop and block it. The Intel website said that the system protects confidential information, blocks access to encrypted data, and prevents the OS from loading in the event of an unauthorized attempt to turn on the device.
This and similar systems check the laptop for signs of third-party interference, such as too many login attempts, failure to log in to a previously set server, blocking the laptop via the Internet.
Anti-Theft blocks access to the Intel chipset, as a result of which it will be impossible to log into laptop services, run software or OS even if the HDD or SDD is replaced or reformatted. It also removes the main cryptographic files that are needed to access the data.
If the laptop is returned to the owner, he can quickly restore its performance.
There is an option using smart cards or hardware tokens - in this case, you cannot enter the system without such devices. But in our case (if there is already a knock on the door), you also need to set a PIN, so that when you connect the key, the PC asks for an additional password. Until this type of blocker is connected to the system, it is almost impossible to start it.
The option that is still working is the USBKill script written in Python. It allows you to render a laptop or PC unusable if some startup parameters suddenly change. It was created by the developer Hephaest0s by publishing the script on GitHub.
The only condition for USBKill to work is that the laptop or PC system drive must be encrypted, including tools such as Windows BitLocker, Apple FileVault, or Linux LUKS. There are several ways to activate USBKill, including connecting or disconnecting a USB flash drive.
Another option is laptops with an integrated self-destruct system. One of these in 2017 Russian military. To destroy the data along with the media, you just need to press the button. In principle, a similar handicraft system can be made by yourself or purchased online - there are many of them.
One example is , which can run on various operating systems and self-destructs when an attack is detected. True, the price tag is inhumane - $ 1699.
Blocking and encrypting data on smartphones
On smartphones running iOS, it is possible to erase data in case of repeated unsuccessful authorization attempts. This feature is standard and is enabled in the settings.
One of our employees discovered an interesting feature of iOS devices: if you need to quickly lock the same iPhone, just press the power button five times in a row. In this case, an emergency call mode is launched, and the user will not be able to access the device using Touch or FaceID - only with a passcode.
Android also has various standard features for protecting personal data (encryption, multi-factor authentication for various services, picture passwords, FRP, and so on).
Of the simple life hacks regarding blocking the phone, you can suggest using a fingerprint, for example, of the ring finger or little finger. In the event that someone forces the user to put his thumb on the sensor, after several attempts, the phone will be locked.
True, for the iPhone and Android there are software and hardware systems that allow you to bypass almost any protection. Apple has provided the ability to turn off the Lightning connector if the user has been inactive for a certain time, but whether this helps against hacking the phone using these complexes is unclear.
Some manufacturers produce phones that are protected from wiretapping and hacking, but they cannot be called 100% reliable. Android creator Andy Rubin released two years ago , which was called by the developers "the most secure". But he never became popular. Plus, it was practically beyond repair: if the phone broke, then you could put an end to it.
Security phones were also produced by Sirin Labs and Silent Circe. The gadgets were called Solarin and Blackphone. Boeing has created the Boeing Black, a device that is recommended to employees of the defense departments. This gadget has a self-destruct mode, which is activated in case of hacking.
Be that as it may, with smartphones in terms of protection against third-party interference, everything is somewhat worse than with storage media or laptops. The only thing that can be recommended is not to use a smartphone to exchange and store sensitive information.
What to do in a public place?
So far, we have talked about how to quickly destroy information if someone knocks on the door and you were not expecting guests. But there are also public places - cafes, fast food restaurants, the street. If someone comes up from the back and takes the laptop, the data destruction systems will not help. And no matter how many secret buttons there are, you won’t be able to press them with your hands tied.
The simplest thing is not to take gadgets with critical information on the street at all. If you take it, then do not unlock the device in a public place unless absolutely necessary. Just at this moment, being in the crowd, the gadget can be easily intercepted.
The more devices, the easier it is to intercept at least something. Therefore, instead of a bunch of “smartphone + laptop + tablet”, you should use only a netbook, for example, with Linux on board. You can call with it, and the information on one gadget is easier to protect than the data on three devices at once.
In a public place like a coffee shop, choose a seat with a wide viewing angle, and it's best to sit with your back against a wall. In this case, it will be possible to see everyone who is approaching. In a suspicious situation, we block a laptop or phone and wait for the development of events.
Locking can be configured for different operating systems, and the easiest way to do this is by pressing a certain key combination (for Windows, this is the system button + L, you can press it in a split second). For MacOS, this is Command + Control + Q. It is also pressed quickly, especially if you practice.
Of course, in unforeseen situations, you can miss, so there is another option - blocking the device when you press any few keys at the same time (hitting the keyboard with your fist as an option). If you know an application that can do this for MacOS, Windows or Linux, please share the link.
The MacBook also has a gyroscope. A scenario can be envisaged when the laptop is locked when the device is lifted or its position suddenly changes rapidly according to the built-in gyro sensor.
We did not find the corresponding utility, but if someone knows about such applications, tell us about them in the comments. If they are not there, then we propose to write a utility, for which we will give the author a long-term to our VPN (depending on its complexity, functionality) and contribute to the distribution of the utility.
Another option is to close your screen (laptop, phone, tablet) from prying eyes. The so-called "privacy filters" are ideal for this - special films that darken the display when the viewing angle is changed. You can only see what the user is doing from behind.
By the way, a simple life hack on the topic of the day: if you are still at home, and they knock or call on the door (the courier brought pizza, for example), then it is better to block gadgets. Just in case.
It is possible, but difficult, to protect yourself from the "comrade major", that is, from a sudden attempt by an external party to gain access to personal data. If you have your own cases that you can share, we look forward to seeing examples in the comments.
Source: habr.com