What do I have to
think about for laptop security?
Laptops are becoming the primary mode of computing
used on campus. Case has a special environment with the
significant coverage of the CaseGuest
network, which is being extended by the Cleveland
Wi-Fi MESH project. This means you need to address two main
- Loss or theft of your laptop and the data
- Wireless eavesdropping and attacks on the wireless
Loss and Theft
Case Protective Services maintains a Daily
Crime Log with monthly reports. These logs show that for the
time frame between September 2005 and September 2006,
were reported stolen from various buildings on campus (and two
computers were stolen from buildings- not so portable!). All of
these cases are open, meaning the none have been returned. The
majority of these stolen laptops were left unattended, but some were in
locked rooms. The following
map shows the locations of the thefts. Some of the thefts
were Case property, some were personal property of students. The
impact of these losses have not been determined, but the users
definitely had to bear the costs of:
There have been no reports of sensitive University data being stored on
these laptops, which is a major concern for the University community
since data breaches constitute a large number of the reported data
losses that affect individuals. If you view this report of data
you will agree that very many of them are from lost or stolen laptops
that were being used to manage sensitive or private data (note the
number of universities). Case is obligated to report any losses
of data under Ohio
- Loss of email and electronic communication capability
- Loss of of your work, papers, research, dissertation,
could represent hundreds of hours of work
- Potential disclosure of your Case ID, account
credentials, financial aid applications, other personal information
that could lead to identity theft.
- Cost of replacement of the system.
Effective countermeasures to prevent laptop loss or
To protect data in case of loss or theft:
- Never leave your laptop unattended in a public area,
such as one of the libraries, etc.
- Buy a locking cable for your laptop, and secure it to
your furniture in your room, office, or laboratory. Case
Protective Services (368-6811) can sell you a cable from any of their
offices. They are also available in the Case Bookstore, or online.
- Mark your laptop like other personal
belongings. Case Protective Services will loan an engraver
to people to add permanent identifiers to your
laptop. Case is also distributing labels (Tag It!) for
laptops- 'powerful pink' for faculty/staff, 'yowza yellow' for student
laptops. You can get the labels at any PercptIS Walk In Center.
- Purchase tracking software to track your laptop in
case it gets lost or stolen. Some vendors include CompuTrace, SecurIT, and ZTrace.
- Make sure you have a screen-saver password, and never
have any autologin feature disabled. This keeps the novice thief
out of your computer.
- Use the encryption built in to Windows
XP and MacOS.
if you lose your passphrase, you could also lose access to your own
- Purchase PGP, or
use GPG freeware to encrypt your
- Make sure you do not keep sensitive data on your
laptop. Keep it on a central or department file server, and wipe
your disk free space after you delete working copies from your hard
- Back up your hard work and data to a CD or DVD, and
keep it apart from your laptop (not in the laptop bag!) so you can
avoid starting from the beginning on that semester-long project.
Wireless countermeasures to prevent eavesdropping
The CaseGuest network is designed to be an easy access,
high availability network for the benefit of both the Case and
University Circle communities. It does not use encrypted
communications between the the laptop and the access points.
Anybody within range of your computer can eavesdrop or 'sniff' your
connection and data. Wireless sniffing can result in the
disclosure of your Case ID and password if your email client connects
the mail server in clear text and your are on the wireless network. The
CaseGuest network also terminates outside the Case network (no internal
network connections), so you cannot reach some Case only network
resources, such as some parts of the Kelvin Smith Library site.
The solution for this is to use encrypted
communications. Many Case IT systems (e.g: my.case.edu,
mail.case.edu, calendar.case.edu, blackboard.case.edu) use SSL (secure
sockets layer) encryption to protect the communications between your
browser and the web site. Look for the 'https://' in the URL and
the lock icon in your browser. The CaseVPN client can also
be used to encrypt your connection between your laptop and the Case
internal network. This also give you an internal network
connection, permitting you to reach Case only systems from the
Wireless configurations to prevent attacks
The CaseGuest network is for everybody, and not all of
the users are nice. Of particular interest are AP Phishing and EvilTwin AP
attacks. AP Phishing is where a client in the wireless network
pretends to be an Access Point (AP), a phony portal, or web server to
gather user ID/passwords and credit card numbers. EvilTwin AP
attack is the same scenario where a client will broadcast the SSID of
the CaseGuest network, and try to get you to connect your SSL traffic
through them, and they can perform a 'man in the middle' attack on your
SSL connections. In these events your browser will identify an
'invalid certificate' that you had better read and not click 'OK' if it
is not the correct credential. The EvilTwin is complicated by the
Wireless Zero Configuration (WZC) service, which automatically
selects the AP with the strongest wireless signal.
The solution is to review your wireless connection settings, which have
been updated to reduce the probability of a successful attack of this
type by making sure you avoid 'ad hoc' networks:
Another solution is to use a firewall utility with an
integrated connection manager. These can be setup to prevent
connections to anything other than preferred networks
(CaseGuest). Examples are:
Software Updates for Wireless
vulnerabilities in services and drivers appear, particularly for
wireless, vendors deploy updates. Recently Apple released an AirPort
Security Update addressing issues with the third-party wireless
drivers. Unfortunately, Microsoft will not address the WZC issue
until the OS formerly known as Longhorn, Windows Vista.
Case Paranoid Geek Tip: Make security a habit!
If you care about your laptop and your data, some
healthy paranoia is just the ticket. Get in the habit of using the
whenever you leave it unattended anywhere. Use common sense when you
have it in a backpack, and try to stay in physical contact with it at