Hunter Biden’s Laptop: A tech lesson

5/26/21 Edit by Patriotman – We had someone from CyberNews reach out and let us know the data leak checker referenced below is outdated. They suggested using https://cybernews.com/personal-data-leak-check to see if data has been compromised.


Another great piece from SiliconVallyTech! JMc

There is a lot to discuss about Hunter Biden’s laptop. It exposes some serious graft, implicating the Democratic presidential contender in foreign attempts to directly influence US government action. Unwinding that one is above my pay grade. But the laptop bungle is a great example of what happens when you ignore basic computer security. Hopefully, no one is trying to cover up foreign bribes, but there are plenty of good reasons why you don’t want all of your personal photos, messages or documents exposed. The Biden’s could have avoided a lot of scrutiny with basic encryption. The idea is to scramble your data so no one can see it without a password. I’ll cover encrypting data “at rest”, since that’s exactly where the Biden’s messed up.

Password protecting your computer with a login does not mean your data is encrypted. Login screens can be bypassed, so you need to make sure your data is not stored “in the clear”. Whole disk encryption is the way to go. Macs, Windows, and Linux are each a bit different in how to do it, but the idea is the same. All the data on your hard drive is secure until you decrypt it with a password. You might want to start by just encrypting a folder or thumb drive. VeraCrypt is a solid choice, and here’s a link to a great walk through.

Passwords are literally the key to encryption, but they have a few weaknesses. An obvious bad one is that you can forget your password. Hundreds of millions in cryptocurrency have been lost due to lost passwords. It is a big problem. Another weakness is that someone can beat it out of you. But hopefully neither of those happen. It is more likely that you have weak passwords, or you re-use passwords.

Weak passwords can be defeated via “brute force” attack, where hackers try every word in the dictionary… for starters. You need a strong password. But it is hard to remember a complex password, so use an easy to remember “passphrase” instead. We could easily use this sentence to make a strong password. Take the first character of each word in the previous sentence, (ie. We = W, could = c, easily = e), salt it with some special characters and you have a decent password: WceutS2m@sP.

Next check out https://haveibeenpwned.com/. Enter your email to see if any of your accounts have been compromised. The password you used on those accounts is also compromised. Hackers will check to see if you re-used the password elsewhere, so don’t re-use passwords. It gets hard to remember a unique, complex password for every account, so get a password manager to generate and store passwords for you. KeePassXC is a good free one. If you forget the master password or lose the file you are screwed. So, make copies, keep them safe and let your loved ones know how to find them if that is important to you.

A few more things to know… after you enter your password, your data is decrypted and vulnerable. The founder of Silk Road had excellent encryption but was brought down when his laptop was snatched out of his hands after he entered his password. Loggers and other malware can also be used to capture your keystrokes… it gets complicated the further down the road you go. But it is not so hard to encrypt your data with a strong password. Once it is set up, you just have to worry about remembering your master password. You could literally give all your data to a crackhead and not have to worry about it.

 

Spread the love
                

Share This Story, Choose Your Platform!

About the Author: johnyMac

9 Comments

  1. boss21 October 31, 2020 at 14:31

    Thanks for that and the links.

    • Fire November 11, 2020 at 07:53

      What is the best way to completley destroy your online identity/profile (Facebook for example). Any ideas?

      • NC Scout November 11, 2020 at 08:01

        Just lose interest. Create a random character password for the maximum value allowed and lock the account.

        Deleting it outright creates a change in the pattern of life, which is what an analyst is actually looking for.

        • Fire November 12, 2020 at 07:55

          Thanks for the advice.

  2. Anonymous October 31, 2020 at 18:53

    5

  3. Matt October 31, 2020 at 18:59

    For a while I had the hard drive on my Mac encrypted, and backed it up regularly.

    But I was told by a guy at the Apple Store that since the backup was encrypted as well the result being that if my current laptop had been stolen or destroyed that the backup couldn’t be used by a new computer due to it’s encrypted nature. So basically if anything happened everything I had would be gone.

    That seemed kinda pointless so I decrypted the drive. Don’t know if that’s still the way it works or not.

    Matt

    • SVS November 2, 2020 at 08:40

      Hey Matt, good instincts on holding back when you’re not confident in how it will work. Also awesome to hear you have a backup, and you want it encrypted.

      I think the guy at the Apple store missed the part where you can decrypt your backup with your password and complete the restore. As soon as you decrypt with your password, the data is ‘in the clear’ and will work as if you never encrypted it. See https://support.apple.com/en-us/HT203981 But if you can’t remember your password, then indeed the data would be lost. The best way to be confident in your setup is to do a test run to make sure everything is working correctly.

      There are scenarios where encryption is tied to hardware, typically with two-factor authentication. I use a YubiKey, where I have to insert a USB stick into the laptop in addition to my password. In this scenario, if you lose the YubiKey then you’ll lose your data. I have a backup YubiKey for this reason.

  4. Johnny Paratrooper October 31, 2020 at 21:23

    Well, I have been pwned…
    Apparently 6 times…
    But that’s my throw away account I hand out for spam and other stuff.

  5. James October 31, 2020 at 22:46

    Bidens Laptop Matters.

Comments are closed.

GUNS N GEAR

Categories

Archives

Spread the love