Keepers of laptops.
Keepers of Notes
V. Zakurdaev
Mobile News # 37, 2003
In recent years, the term «mobility» has come into fashion, and with it the rhythm of life has changed. The concept of working hours has changed. If until recently a diligent employee who worked a full working day believed that he had honestly earned his salary, then in the modern way of life of a good IT company this seems almost a dismissive attitude to his duties. More and more employees of companies keeping up with progress are equipped with a mobile computer, and most often it is a laptop.
It is quite rightly believed that a thinking person, when solving a work problem, cannot help but think about it outside of work hours. And if the answer is found, then it is in the interests of the company to provide the employee with a tool for implementing, checking or simply recording the results. One of such tools in the modern world is a laptop. And we are not even mentioning the case when the owner of a business of any size is simply obliged to always be aware of events and have a loyal and reliable friend and assistant at hand — a mobile computer. Therefore, it is not surprising that sales of computers of this type are growing by leaps and bounds. And now it is rare to meet a business person who would not be the owner of a laptop. The trend itself is, of course, good, but the described situation creates its own problems. From all that has been said, it is easy to conclude that in all the situations considered, a portable computer is a repository of useful information. Often, some not entirely decent citizens are ready to pay considerable sums for access to it, and, as you know, demand creates supply. The already lucrative criminal business of reselling stolen laptops as simply expensive items has been supplemented by theft for the purpose of gaining access to important information. Thus, it is not surprising that laptops have been stolen, are being stolen, and will be stolen.
Currently, the problem of data protection and restricting access to information stored on the hard drive of a mobile computer is quite serious. Laptop manufacturers quickly realized the demand for protected machines and did not fail to take advantage of this. Today, models with various built-in systems for restricting access to stored information coexist on the market. In addition, there are software products designed to solve the same problem. And if it seems to you that there is nothing for intruders to profit from on your «laptop», then remember that, at a minimum, you can get access to various types of registration information, authentication data for accessing the Internet, a corporate network, etc.
The easiest way to protect data in a laptop is to set a password in the BIOS settings. Before the system boots, a window will pop up asking you to enter the «magic» word, and until the computer receives the correct answer, the system will not boot. However, you should not seriously consider such protection, since to access the data you only need to reset the BIOS settings. The easiest way to do this is to disassemble the laptop and temporarily remove the battery that powers the BIOS chip.
Another password can be set in the Windows operating environment. Here you can restrict access to data if someone else uses the computer besides you. However, this protection is only for limiting access by law-abiding citizens who, through ignorance or accident, can read your personal records. For a serious intruder, such a «barrier» is not an obstacle — there are many ways to get data with such protection.
Naturally, this situation did not suit users, and, following the lead of the heated masses, manufacturers began to supply mobile computers with various protective devices that are not so easy to hack. One of these methods of protecting the contents of a laptop is a device for reading so-called smart cards, that is, «smart» cards.
What is it? A smart card is hard to distinguish from regular bank magnetic cards. The same dimensions also make it impossible to notice the difference. However, it does exist. Smart cards are equipped with a built-in chip, i.e. a microprocessor. A modern representative of this type of card is the MGTS payphone card. The security of the card varies depending on the manufacturer. Various sensors can be built into a small piece of plastic with a chip to notify the “smart insides” about an attempt to somehow “disassemble” the plastic and get to the electronic contents. These can be temperature sensors or sensors sensitive to mechanical impacts—for example, to cutting off plastic packaging for direct access to electronics. All information contained in the chip is encrypted so that anyone who somehow finds a loophole to the contents of the microcircuit cannot read the stored information, at least immediately. There is also protection against password guessing, including the destruction of all stored data.
Smart cards are designed to store personal information, access passwords and authentication data. They are good because, being quite compact, they have such qualities as durability and a large volume of stored data. In order for the card to recognize the owner, it is necessary to remember a small PIN code and enter it on first request.
However, smart cards have a small drawback. The fact is that to read data from the card, you need a device — a reader. And if it is not difficult to install additional equipment on desktop computers, then for laptops this is already a rather serious problem. But, in principle, there is a way out, and more than one. So, there is a reader on sale, made in the form factor of a floppy disk and communicating with the laptop through the disk drive interface. And recently, laptop developers have begun to build in devices for reading smart cards into new models. Naturally, the cards themselves are included in the kit. A striking example is a laptop from Acer — Travel Mate 800, the test of which was published in the last issue of our magazine.
Smart cards compete with so-called USB keys. They look like flash drives, and their sizes are similar. Their main advantage over smart cards is that they only require a USB port to connect to a laptop, which is not uncommon today. In this case, there is no need for additional built-in reading devices, which reduces the cost of the laptop itself. A USB key is as easy to use as a smart card.
Moreover, it is not inferior to them in terms of security. The technological feature of the USB key is that the information is stored not in rigidly fixed memory cells, as is done in the case of smart cards, but in the file system, which allows using the same key to solve a whole range of problems. In this case, you only need to remember one code — the PIN code for accessing the key.
Biometric access control, such as fingerprint identification, should not be discounted either. Recently, mobile computer developers have begun to equip their brainchildren with such scanners. Experts say that such control is not reliable enough, but it does not require any additional investment, and on top of that, you don’t have to carry anything with you — no keychains or cards. You must admit, your fingers are always with you — where would we be without them? In addition, if you do not keep any particularly secret information on your laptop’s hard drive, but are only concerned about information related to your business, then biometrics will suit you just fine. The system is configured for the owner’s fingerprint and, upon subsequent access, compares the scanned image with the stored original. Moreover, it is not necessary for it to exactly match the one taken as a basis. Thus, having slightly damaged your finger, you retain the ability to use your own laptop — the system will recognize you. Of course, you are unlikely to learn how to use a scanner right away — you need to practice taking fingerprints. But then there should be no problems — swipe your finger and get access. Computers with fingerprint scanners have already been released by such well-known companies as Hewlett-Packard, Acer and Samsung. In addition to built-in systems, there are also plug-in devices for computers without protection.
In addition to fingerprints, there are other biometric systems. Today, a device for scanning the iris of the eye is available, and it is quite compact. It is worth noting that the iris of the eye has a high level of individuality, which means that it is impossible to meet a person with the same pattern. Therefore, this method has a very high level of protection, much higher than when scanning a fingerprint. But the rather high price — several hundred dollars — does not yet allow developers to build such scanners into laptops — which are not the cheapest devices in the world.
In addition to «hardware» methods of protection, there are also software ones. We are talking about encrypting information on the disk. With the help of special programs, you can hide the entire disk from the eyes of an intruder, or just individual, especially valuable files. There are many ways to do this. There are applications that «embed» secret information in a completely ordinary file, and it will not even occur to a curious thief that the harmless image of the owner's favorite dog contains the information that led him to commit the crime. In this case, to access the data, you need to not only pick up or break the password, but also find where this data is located, and with the current volume of hard drives, such a problem is akin to picking up a 10-digit meaningless password (for reference: picking up such a long «cherished» word will take 20 — 25 years with the current development of technology).
Well, we have considered the main methods of protecting information on a laptop. Now it is time to look into the near future and see what awaits us. Most likely, cameras that take pictures of the iris of the eye will become much cheaper, which will allow integrating such systems into mobile computers, such as laptops and PDAs. In addition, technologies for scanning faces and identifying them by this parameter have already been developed. It is quite possible that the voice recognition system will also be improved. Today, this technology has a rather low recognition reliability, which does not allow it to become widespread.
In addition to biometrics, electronic keys will also develop. For example, in the USA, a data protection system has been developed where all information on a laptop is automatically encrypted, and an electronic key that allows access to it is attached to the user's clothing and communicates with the laptop via a radio channel. As soon as the user leaves the computer, access to the hard drive will become impossible. At the same time, there is no need to constantly activate protection, since everything happens automatically. In the near future, we should expect the appearance of devices that support encryption at the processor level. Such IT industry giants as Intel and Transmeta have already announced the integration of such technologies into their future products.
Thus, today you can choose a secure laptop without any problems, and in the near future, security tools built into mobile computers will no longer surprise anyone.