[spot]

If you've ever put any personal or commercially sensitive information on your computer then you need to think through the consequences of a data thief knowing what you typed. Maybe it's not much of a hardship and you can ignore the risk. Maybe it's a huge problem for you. Deciding is step one, anyway. Assume the worst possible case, that the one person on the planet you don't want to know something you've typed is actively looking for it. Is their finding that information tolerable or do you need to try to stop it from happening?

Right, those of you with clean hands and a contrite heart can skip to the next thread. The rest of us will try to mitigate our problem.

I'll start by painting worst case pictures and then gradually taking on lighter threats. Let's start with how bad it can get if you really annoy the wrong person. Can someone skilled and malign spend two minutes with your computer without you being aware of it? If the answer's yes then that's how long it takes to slip in a keystroke logger for a day or a week or a month and discover your passwords. It's a fingernail-sized insert that fits inside your desktop keyboard or under your laptop keyboard where you can't see it. It takes two minutes and a small screwdriver to insert it or remove it. So, if someone can physically touch your computer to that extent then your passwords are compromised. Coming back to remove the keystroke logger and copy your hard drive at the same time on their own computer leaves you with no secrets at all. The copying, admittedly, might take an hour instead of two minutes.

That's so cheap and so trivially easy that I'm tempted to just say stop there. Now you know you can't keep anything private on a computer so why try, why not just never type or store anything sensitive on it? I've never seen a computer in my life that wasn't secretly accessible for those durations, and a keystroke logger costs less than a good night out for two.

Okay, let's pretend you can keep your passwords safe even though in these days of keystroke loggers you know perfectly well that you can't. Either your data's encrypted or it isn't. If it's not then that hard drive copy is still going to show all your plain text secrets, and no administrator account password is going to keep your data safe. Mounting that hard drive copy under an operating system that doesn't care a bit about your administrator rights is simple. Your computer's still just as it was when you had your afternoon out so you don't even know your data's missing. The fact that you put hardware biometric detectors on your computer that only let you log in once you've confirmed your identity by, for example, fingerprint or retina matching or chip and pin verification, all that's bypassed by the copying.

You need to know that your password can't be stolen and you need it to be a password that will unlock hard drive encryption. Both parts are essential. Most Microsoft Vista levels have hard drive encryption. Every laptop Linux and desktop Linux has it. If you want your data to be private you either have to isolate it in a genuinely locked room or you have to scramble your entire hard drive with encryption. Scrambling on a file by file basis is fine for transmitting files but a hard drive has too many temporary corners where the plain text might lodge to allow any plain text storage on it at all. (There are drives with built in encryption unlocked through the BIOS at power-up, that's functionally identical to the software versions I've described - they seem rather obsolete at this point.)

Where does this leave us? You keep the computer isolated so there's no password theft. You keep the hard drive encrypted in case you forget the computer and leave it on a train, or you claim to have a computer which is impossible for the bad guy to physically get at. The only way I know of getting information from it under those conditions is for the bad guy to fool you into giving him the contents.

Maybe he can do this over the internet connection. If you connect directly to the internet without a hardware firewall router or a software firewall in the way then he can touch your internet ports. Are you up to date with operating system security patches? No? Then he's reading your data, you cooperated without even being asked. If you're up to date then it's unlikely he's one of the few people to know an exploit that's not been patched.

Otherwise at this stage he has to trick you into actively cooperating with him. If you run an up to date virus checker, that will be less easy. If you run an up to date virus checker then anything he offers you will be stopped by the virus checker. If you don't run an up to date virus checker then he'll offer you waves from your friends on MSN or AOL or Yahoo, emails from the same, screensavers, smiley central heaven, online greetings cards, the latest gossip about unpopular celebrities, and if you say Yes to even one of his offers then his trojan horse has permission from you to pump all your secrets to his computer and he's won. If he's written the trojan software himself especially to get your data, rather than just used a kit off the web, then you really are in way over your head because obviously no virus detector on earth can recognize it, it's hand-crafted just for the one job and the virus software company's never seen it to list it. If you grant something like that permission to run then regardless of your virus checker it will not be stopped from running.

Still, let's not get paranoid. Assuming your virus checker stopped that attack then the bad guy has to reduce himself to pleading with you. He can claim to be a home for orphaned puppies, a really cheap source of Vitamin B12, your bank, that auction house you used last year, maybe he claims he's Harrods or Tesco having a half price sale: click here and shop / donate / update your details. Are you really that stupid? You are? The bad guy's got your personal details then and he's selling it to the next crook up the line. At least he's not managed to read through your hard drive files though.

Did you survive all those tests? Well done. Your personal information is safe. Most people can't tick even one paragraph much less all of them.

[spot]

More, I hear you cry. Okay.

You have a physically isolated computer that nobody can get near. You have an impenetrable firewall between you and the Internet. You have an up to date resident virus checker and an outgoing software firewall so you can stop programs communicating off-site without permission. Your operating system security patches are up to date. You don't fill in strange forms when invited to.

Can anyone get at your data? Well, yes they can but it's not so simple as it was before you put those blocks in place.

This post is about your prying neighbour. There's a brick wall between him and you. Data travels through it.

Let's start with the obvious. If you have wifi it's in one of three states. It's unencrypted, it's wep-encrypted or it's wap-encrypted.

If your neighbour has a packet-sniffer he can stream all your incoming and outgoing wifi traffic to his hard drive and then spend time interpreting it. If it's unencrypted he just has to isolate the text from the unreadable bits and he's there. If it's wep-encrypted he has a harder time of it but there are packages which can crack wep on a good day and they can talk undetected to your router. If it's wap-encrypted he's not, as far as I know, going to succeed so long as you didn't use a simple pass-phrase to generate your WAP key. Pass-phrases are subject to dictionary attack just like ordinary passwords. The best WAP keys are pseudo-random, not created from pass-phrases. "fvilo9568u89klhjif" is a good pass-phrase, "cherry Nixon viola" is borderline at best.

Let's assume your neighbour has a bit of a budget and he really has a passion for prying.

Your hard drive read heads have wires on them. Data flies past at a constant speed whether they're told to read or not. The wires act as aerials. The neighbour, with a bit of kit, can stream that broadcast to his hard drive. As long as your heads don't move it's a repetition of a single cylinder. If your computer seeks to a new cylinder then within one disk revolution your neighbour has that cylinder captured as well (and confirmed on subsequent revolutions). Whatever you're working on will be under the heads during your work session. Your neighbour will build up an image of those areas of your hard drive. Was your hard drive encrypted? No? He's reading your text then, isn't he. Next time encrypt your hard drive.

Your VGA/DMI cable leaks sufficiently well for your neighbour to put onto his monitor an approximation of what you're looking at. Each refresh lets him capture a better approximation. There are two approaches you can take to making it more difficult for him to see a good enough image to read your text. You can buy better-shielded hardware (it's called Tempest-hardened). You can also include software which slightly varies the colour of each pixel on each refresh so that your neighbour's bit-summing approximations get screwed without your ability to read the screen being compromised. There are also colour combinations which act as high-contrast to the bit-summing approximator which you can avoid in favour of low-contrast, though those combinations have nothing to do with visual contrast.

There's software which can listen to your typing over a microphone and match your ability to type with dictionary lookup optimizing. It takes of the order of ten minutes capture before it has enough knowledge to show on your neighbour's screen the text you've been entering on your keyboard. It's not good on layout but it's capable of reproducing your unformatted text. The more it hears the more it goes back and corrects its previous best guesses. Your "neighbour" can be a mile away and listen well enough with a laser microphone (it reflects off your window glass and sees the vibration). The best defence is to listen to a Soundz Ibiza CD played high on loudspeakers but that could mess up your train of thought as you type.

So, you've got all that? WAP wifi with a good pseudo-random key, an encrypted hard drive, counter-bit-summing-approximator software to a Tempest-hardened monitor and (let's compromise security slightly for good taste) Deep Purple's Live In Japan played at 95dB, you'll at least make it harder for the neighbour to win. Good luck.