Archive for the ‘mobility’ Category
Keeping Physically Secure
In a previous post I outlined my basic requirements for travelling securely. I’m going to hit the physical security first, as it’s lots simpler and a lot of common sense stuff. Plus, given the big constraint of mobility, there’s not a lot I can do physically anyway.
I’m following some simple ideas in trying to physically secure our stuff.
Keep the Backup Physically Separate
I use a cheap external USB drive for backups (more on this in the next post). When we’re staying someplace I don’t think is 100% secure, particularly a hotel or hostel, I always keep either the backup drive or my notebook with me, but never both. If someone gets into the room and snags one, the other is safe. Or if I get robbed or I accidentally drop my backpack in the ocean, the other back in the room is probably ok.
Because it’s so small, it’s really easy to keep the USB drive safe. So even when I’m going out and trying to stay super light, I’ll still grab it.
Even when I am physically in the hostel room, I’ll still separate the two at night, putting the notebook hidden under clothes and the drive under the bed or whatever. I’ve heard from friends a few stories of people managing to come into their rooms late at night to grab easy pickings. While the occupants were sleeping. Not much point in a backup if both can be grabbed together!
A good friend of mine staying in Costa Rica woke up to find some dude poking around in her kitchen. Past the locked door and the armed security guard. She puts her notebook in the oven to hide it.
So I am pretty careful about keeping these two things physically separate. We went to Cusco for a week, and I brought my notebook so I could work. The backup drive stayed at home (hidden) and I brought along a little 16GB stick to do micro-backups of just what I changed while I was away. It worked well. Luckily I didn’t need to use the backups.
Don’t Be (So) Obvious
Schoolyard psychology. Don’t look like you are a target and they’ll prefer someone who does. In most places I’m always going to look like a tourist no matter what I do, but I can aim away from techy bo-bo video game developer and towards grungy penniless backpacker. Well, somewhat. So…
Don’t use those stupid white earbuds that come with your iPod.
They announce “I have an iPod” around the world. Aside from their poor quality and fit (IMO), white color electronics = iPod = money = easy target. Just toss them and get some ordinary black ones. They sound better anyway.
Don’t pull out your mp3 player and flip through music on the street or bus.
This one is tough because the fancy “look ma no buttons” design that’s popular today prevents operating it in your pocket. I listen to audio books and podcasts all the time, and need to pause/resume a lot as I travel around in the city. A great way to do this surreptitiously is to get a tiny remote and keep the player safely out of sight. Very important: the remote is useful when snowboarding. Double score!
Mess up your junk a bit.
I have these awesome stickers all over my notebook. Part of the machine is even held together with tape. [Well! It’s over 3 years old, visited many places, and has been dropped a lot. Which is why I got a Built NY sleeve to protect it even better inside my backpack. Now I can drop it and not worry! Much!]
Does this really matter? I don’t know. My guess is that it announces “I’m a worn out piece of crap, go steal a pretty Mac instead”.
Anecdote: the first thing I did when I got my car stereo (back when I had a car) was scratch all the writing and logos off it. It was a removable faceplate but I never remembered to take the faceplate with me. The car was broken into twice and they left the stereo both times. The second time they even went away totally empty-handed. Now, the plural of anecdote is not data, but my “dirty stickers method” isn’t a bad idea…
I’d do the same with the bags. If you look like Rick Steves just stepped out of REI with shiny new gear, even the tourists will notice you. Although, if you have travelled much at all, your bags are already very unclean. I’m getting a lot of practice sewing to repair things, too.
Lock Your Backpack
Even if you wear your backpack in front instead of on your back, you can still get ripped off. All it takes is a couple of kids with a thick crowd around, good timing, a bit of misdirection. Even if you think you’re prepared, it could still happen. Just have to get distracted for a few moments.
It happened to me last weekend in fact, in the middle of a dense crowd in Carnaval in Oruro, Bolivia. One kid distracted me while the other mashed in with the crowd and unzipped a side pocket and stole a couple things. I wasn’t paying much attention because I didn’t think I had anything worth more than a few bucks in my outside pockets, and the rest were locked. Turns out I was wrong about what I had in the unlocked pockets. He got something totally worthless to him, but something it cost me a few hundred dollars and a lot of Peruvian import customs pain to replace. Expensive lesson.
I learned a couple things:
- Double check what’s in the vulnerable places and don’t put valuables there. Duh.
- Lock it all. Even if the kid gets away with a deck of cards and some Altoids, you still feel violated and have that momentary freakout when you realize your pocket is open and something (what exactly? what was it?) is now missing.
Can really ruin a good mood.
Detour: I have to rave about my pack for a second. It’s a DaKine Mission snowboarding bag that doubles as a super awesome travel pack. DaKine has a lot of variations on the Mission, but this one is my favorite. Good design, built in straps for attaching a stuff bag or coat or whatever, and takes a beating. Most importantly, it comes in plaid!
Anyway, here’s my current strategy for securing my backpack.
- Wear it on the front when I get near a crowd. All the way on, not just one arm in. Yeah I know, even the locals do this, I should have taken it more seriously.
- Lock the zippers together with a padlock. I have a cheap TSA-compatible combo lock. Doesn’t have to be great quality.
- Note: I don’t like the idea of a padlock hanging off my bag, I feel like it’s an advertisement that I’m keeping something valuable inside and may get more attention. So I usually push the padlock inside the tiny gap between the zipper pulls so it’s inside the bag and not easily visible.
- “Lock” remaining pockets closed using cheap key rings through the zipper pull and a loop that DaKine so nicely left sewed into the start of the zipper.
- These obviously aren’t locks, but they require a lot of dexterity or a wire cutter to open. Unlikely to happen in a milling crowd.
- Don’t stand still for long, keep moving and turning.
|
|
|
|
Padlock for both the large outer pockets, key rings for side pockets. |
Stealth mode! Also, two pockets locked for the price of one. |
What I’m mainly after is to slow someone down by 10 seconds. That ought to be enough to avoid most problems and not get into a confrontation.
This should also work on long bus rides. I keep my bag below my legs or under the seat, and sometimes doze off. If someone’s going to start going through my bag, it’s going to be obvious to the other folks on the bus what’s going on because they’ll have to really work at it to do anything.
It should even help when leaving a bag at a hostel temporarily (like in advance of running off to hike the Inca Trail). The places they keep bags for guests often aren’t very secure. Maybe secure enough to prevent someone grabbing a whole bag that’s not theirs, but perhaps not to prevent them from doing a quick rummage. A lock and a couple key rings will slow down the casual rummager.
What About A Mesh Wrap?
Ok, so what about those fancy wire backpack mesh wraps? I actually file those under “you’re being obvious”. I haven’t seen a whole lot of those on packs when travelling, but every time I do, it really grabs my attention. It seems to me that a wire mesh is a big shiny target and won’t be of much use if it attracts a group of guys who just take the whole backpack and deal with the mesh later. Plus, I’ve read that they’re heavy and hard to store.
One purpose of the mesh is to stop slashers – people who will slash your bag while it’s on your back and just snag what they can, ignoring any locks you may have on there. There are slash-resistant materials that some bags are made out of, but unfortunately they are all butt ugly. Oh well!
I don’t have a good solution for slashers except to (a) assume they are very rare compared to the ordinary pickpockets, and (b) put small but valuable stuff inside of other containers in the backpack, and secure those things to the inside of the backpack so they don’t just fall out the bottom when slashed. Well, that’s more work. So mainly I’m betting on (a).
I would like to see DaKine come out with a line of secure backpacks. Preferably based upon the (previously mentioned super awesome) Mission design. Make the outside material rip-stop or slash-resistant, figure out a way to secure the zippers easier… Sold! Again!
Lock Up At Home?
We never ended up worrying about this. Hostels and hotels in Peru and Bolivia are very safe, at least the places we’ve stayed. As well as our current apartment in Arequipa. They have all gone for perimeter security – big gates and buzzers, good locks, and so on, doesn’t seem to matter how expensive or cheap the place is. They’re all pretty well prepared. So we haven’t needed to worry.
But we did try to come prepared. We just haven’t used any of the stuff we brought:
- Big padlocks for lockers in hostels.
- The idea here was to use lockers in hostels to store our valuables and then we could run off during the day to go do things and not worry.
- Only problem is that we have yet to stay at a hostel in Peru that has lockers.
- A doorstop alarm, to prevent night-time visits like mentioned earlier.
- This is a neat idea, and cheap too. But we just haven’t had a need for this so far.
- Like I mentioned, all the places we’ve stayed have been very safe. Maybe because we’re avoiding party hostels!
- Kensington laptop security cables.
- This won’t stop anybody from stealing a notebook, but it will force them to break it to get it and slow them way down.
- Same deal as the doorstop alarm – very safe. Although I think a lot of it is laziness. I’m going to think on this some more.
So I’ve just been following the “keep the backup drive separate” model of security for at home.
Next Up
Data security! Way more interesting.
Posts in this series:
Travelling Securely
In a previous post I said I wanted to write about travelling securely. I’ve given this a lot of thought, and am interested in what other people think as well. I think I’ve come up with a pretty good setup that is very portable and, once set up, not a lot of work to maintain.
Requirements
So let’s go into what my requirements were. I came up with these a few months before we left for Peru and had lots of time to prepare.
By the way, this isn’t really necessarily specific to Peru. I’ve felt about as safe here as anywhere I’ve travelled. When travelling in general, though, you open yourself up to be a target. You look and talk different from everybody else, and this likely means you have something valuable to snag. So I’ll be doing all this any time I’m on the run.
Data and Hardware Must Both Be Secure
If someone steals my machine, they can’t be able to get at my data. Lots of it isn’t even mine and is protected by NDA’s.
Also, if the hard drive crashes, I have to be able to get my data back quick. I can’t start from scratch reinstalling everything and syncing the whole tree from Perforce through the VPN. I’ll have been down too long and I’ve got to get paid!
And finally, I want a reasonable degree of physical security, to try to avoid the theft happening or being effective in the first place.
Online Personal Data Must Be Secure
This is a hairy one. Lots of times I need to do online bill-pay or check credit card balances or my email, and the only option is at an internet cafe. And I have to assume there are key loggers running. Whether installed by a malicious shop owner, a malicious user, or a virus delivered by USB drive by an unsuspecting user, it doesn’t matter. I don’t trust public internet machines, but I am forced to use them fairly often.
The best option would be to use my notebook and plug in direct (I have a cable just for this purpose), but lots of shops do not permit this or are clueless on where a switch is and don’t want you crawling around under desks looking for it. And forget about Wi-Fi. It’s just not common enough down here to even mention, except in the largest cities, and even then it’s still fairly rare.
Security Can’t Overwhelm Utility
We’re not going to carry around a giant safe with us. Security is a tradeoff. Whatever we do, it must be portable enough to go in a day pack with lots of extra room for other stuff. Water bottles, a book or two, sunscreen, hat and light long sleeve shirt (learned my lesson there), iPod, etc. while still leaving some room for whatever we pick up along the way. So the security has to mostly be visual and then of course, electronic, which doesn’t weigh anything.
And I have to deal with the electronic usability issues. Allison is just not going to memorize more than one password. It really is too much to ask – having to remember which site has which password, and each has to be secure, dealing with each site’s dumb requirements. She’ll end up using allison123 as a password again.
So instead we’ll pick a good solid and long password for her (passphrase, actually) and lock everything with that, using LastPass. More on that in a bit.
Disclaimer
This should be obvious, but I need to point out that I’m not a security professional or a criminal psychologist! I’m just an average scruffy software engineer who listens to the Googles, and reads Bruce Schneier regularly. I’m doing my best to protect what I can. I’m very interested in hearing others’ opinions on what I’ve come up with.
Next Up
In writing this up originally, it got pretty long, so I’m breaking it into three parts. The next part is on physical security of hardware when mobile.
Posts in this series:
Control Your Program Files With Symlinks
Commenter Liam brought up the problem of some primitive installers that don’t let you choose where you want to install your programs. I assume space is the issue. You’ve got two hard drives, your C: is getting full, and the installer won’t let you choose – what then?
Expanding the issue a bit, what happens if you just have too much stuff to keep on your machine? I have a notebook with a 120GB hard drive. These days that’s not a whole lot of space. Games are in the multi-gig range now. But do you really want to uninstall/reinstall a game every time you need space, or every time you want to play? If you have a USB drive, do you want to shuffle files back and forth every time?
Enter the Symlink
The answer to both problems is symbolic links. These are very familiar to unix users of course, and is the reason that Standard C’s “delete a file” function is called unlink(). NTFS has supported this for a long time, but Microsoft hasn’t provided any consumer level tools to use symlinks. I read somewhere that they were concerned about users being confused about drive space. Like if they deleted a symlink with a ton of files “in it” and didn’t see any drive space freed, they would freak out.
In Vista Microsoft has finally started using symlinks in consumer-visible areas. From what I can tell they’re using it for backwards compatibility stuff. If you go to the Win95-ish “c:/users/default/my documents” it will work because there’s a symlink pointing it at the Vista-ish “c:/users/default/documents”.
Sysinternals (now part of MS) provides a tool to create/delete symlinks called junction. Vista comes with “mklink” but the Sysinternals tool works on all NTFS-capable Windows OS’s, like XP.
Fixing Lame Installers
Installer won’t let you choose where to install something? No problem.
Just let it install wherever. Then move the folder to a new drive. Then use junction to create a link in the old folder location to the new one.
For example:
junction "C:\Program Files\Cool Program" "D:\Bin\Cool Program"
The app thinks it’s sitting on your C drive but it’s not!
Managing Limited Space
So what about my notebook with a small 120GB SSD? I use junction points to move lesser-used apps to a USB drive.
I install everything to my C drive. When I’m getting low on space, I’ll pick big apps that I don’t use too often, or only use in certain scenarios. For example FPS games. I don’t play these very often, and when I do I have to be rooted anyway: plugged into AC power and using a corded mouse. That means I won’t mind pulling out a USB drive too. Those games tend to be pretty gigantic so it’s a big win. I’ll move those over to my USB drive and symlink the old folders to the external drive.
As a side benefit, I can share the storage across machines. So if I’m playing games on my home workstation I can just plug the USB drive into that thing instead. Same deal.
If it’s a game I play really rarely, I’ll move it off the external drive to the NAS, and only move it back on the occasion I want to play it. But in Windows I don’t have to worry about uninstalling/reinstalling, finding CD/DVD’s, and so on (I crack every PC game I buy so I don’t have to worry about dealing with discs).
Problem solved.
Incidentally, I don’t know why I’m talking about PC games so much. I almost never play them. The PSP gets all my love: it’s the ultimate hard core gaming device you can play casually! Brilliant design, and it’s been outselling the PS3 nicely (yuk yuk). On my stupid PC’s I spend more time screwing around with video drivers and graphics settings than playing games.
