I knew that without a firmware password anyone can boot up from the Mac install CD, but does that give access to password-protected user accounts? I thought that a thief’s usual course of action at that point would be to erase the entire disk and then either use or re-sell the laptop. Am I mistaken?

So I’m a bit confused: is it that easy to hack a good-quality user account login password? How many thieves have such expertise? Do we really need to be so worried?

Eric

Wuala is a java desktop client (no installation required) which encrypts files on your computer employing the 128 bit AES algorithm upon insertion. The files will then be sliced into fragments and distributed around the P2P network. Since privacy was a major concern when designing Wuala, neither the password nor the encryption key ever leave the computer. Only an encrypted encryption key will be stored in the network to enable global file access. This gives the advantage of good privacy while it also means that the only key to your data is your password, which we will never be able to recover in case of loss. I believe that we are the only one or at least among the very vew personal online storage providers who grant this level of privacy (who can’t access your personal data), hence providing a unique level of data security.

Before working at Wuala, I liked Dominik Grolimund’s (CEO and Co-Founder of Wuala) speech at the Google Tech Talks to get a basic understanding of the technology, which I recommend to the interested parties, too. Then there are also some scientific publications further explaining our security and encryption mechanisms.

Disclaimer: I work at Wuala.

I’m also trying to setup an off site backup between me and my friend. Between the both of us we have plenty of computers to spare, we just need to figure out the easiest way to implement it. (I also don’t like to pay for services).

A bios password will stop almost everyone from getting in to a laptop. But that scares me. It would make you laptop worthless to thieves though.

I tried encrypting my data partition, but forgot to write down the password. I finally remembered it, but no longer encrypt anything. I leave the bulk of my files on my home PC (ubuntu) and put what I need on a 16g flash drive (have lost those as well). I am moving and syncing personal stuff to the cloud. When out and about I usually have a old laptop with a 12″ screen for work.

I never use remember me or my password on any computer. Never type in passwords in a public wireless network ( such a hassle).

My best security technique is that I live 15 miles from the nearest stoplight and it is 80 miles to the next one after that. No one locks their car, keys are often in the ignition or on the floor. I have to convince customers to encrypt there wireless networks as they feel it would be ok if someone used their network.

Another option is to get a large enough USB flash drive, and either keep it in your shirt pocket, or hook it to your key chain or phone, maybe store it in your wallet, if it doesn’t have a hole for a key chain, open up the device if possible, make a note on the outside where the internal components end, put it back together, and drill a hole. Then store all the information you want to keep save on that drive alone (I again suggest getting portable applications, but I’m not sure how a mac would deal with these) then if you want you can encrypt that with your favorite encryption software.

The last option I’ll suggest is to write your own operating system and then write all the programs for it, then only you would know how to get to your files! (I kid I kid)

So, you either have a big encrypted volume OR you have easy backups. I restrain my paranoia and run an unencrypted file system with certain sensitive things encrypted on an as-needed basis. This allows for easy incremental backups to disk with Super Duper, and to the cloud as well.

I use Zenfolio and Amazon S3 to backup all of my photos