# Laptop repair and security/privacy



## STEINER (20 Jan 2014)

Hi,

I have 2 USB ports on my laptop, both of which are now broken and I have been told its easy enough to replace these.  I need at least one to print.

I have a lot of financial and personal stuff on MSWord, Excel etc and family photos etc on the laptop.

Can the repair guy see all that stuff and do I have to give him the Windows password?


----------



## PaddyBloggit (20 Jan 2014)

Simple answer .... yes

Why not store them on the 'cloud'? ... email to a gmail account etc.

And then zip up all your sensitive files. Make the zip file password protected.

You can use 7 zip to do this (it's free).

http://www.7-zip.org/


----------



## potnoodler (20 Jan 2014)

Could always ask for the hard drive if really concerned tell him u need to access the data  but doubt 
He's going to be interested in looking through your photos or files if he's reputable


----------



## STEINER (20 Jan 2014)

Thanks for the replies.  I am not the best with IT matters.


----------



## dub_nerd (21 Jan 2014)

It depends on how sensitive the data is to you. I had a similar situation. The hardware guy wants to be able to boot up the machine to test that the repair has worked. He doesn't want to do a solder job and then have to wait for you to check if it's ok. You have three options -- 
a) tell him you can't give him access to the drive (he'll probably either tell you he won't do the repair, or he'll secretly be able to access your machine anyway).
b) temporarily replace the hard drive with a different bootable disk or USB key, without your data on it. This is incredibly messy.
c) Just let him at it.

In my case I let him at it because I am careful to have no passwords stored in plain text anywhere on the machine (which is a security risk in all sorts of ways anyway -- what if your machine is stolen?). Make sure you have a backup before giving your machine away for repair.


----------



## tallpaul (21 Jan 2014)

Another option is to password protect the sensitive individual files in Word, Excel etc. You should probably be doing this anyway. In MS Office, you have the option to password protect a file when saving it. 

Depending on your version of Office, when you go to save a document:

click Office Button > Save As.. (in Word 2010 onwards) or 
File> Save As... (in earler versions).

In the bottom left-hand corner of the resulting dialogue box is a _Tools_ button.

Click this and choose _General Options..._ and this will allow you to insert a password to open the file and, if you want an additional (or the same password) to modify it.

Click OK.

Next time you open the file, you will be prompted for a password. The same process can be used for MS Excel files. 

Be warned, there is no way of recovering the password so be sure to use one that is memorable!! Do this with all you sensitive files and they will be reaonably secure to all but the extremely determined.


----------



## STEINER (21 Jan 2014)

Thanks guys.

I will just let him( her)  at it with a few key files password protected.


----------



## DrMoriarty (21 Jan 2014)

Alternatively, download and install TrueCrypt, which allows you to create a hidden partition which is securely encrypted. For example, if you have a 250GB hard drive, you could create a Truecrypt partition of, say, 50Gb or 100GB and leave the rest unencrypted. These will appear in Windows Explorer as two separate drives. Whatever you put in the encrypted partition will become invisible and inaccessible to anyone who doesn't have the password, but the rest of the files will be unaffected and you can allow people to log in either to your own user account or to the guest account without worrying about password-protecting individual files and folders. It's also a lot more  secure than the protection afforded by MS Office.


----------



## Leo (21 Jan 2014)

potnoodler said:


> He's going to be interested in looking through your photos or files if he's reputable



Gary Glitter probably thought the same thing!


----------



## AlbacoreA (21 Jan 2014)

What would you do if the laptop gets stolen. You need to put something in place like truecrypt and keep a copy of your data somewhere else as a backup. 

Many laptops have an expansion slot like express card, that you can add extra USB slots into. Thats another option.


----------



## michaelm (21 Jan 2014)

Unless your files are encrypted he would be able to access them whether of not you give him your Windows password, if he's any use.  TrueCrypt is a great tool although it's probably simpler to use an encrypted file container rather than a hidden partition to protect your important files.  

In theory he shouldn't need your hard disk and he should be able to use a bootable USB key to test the repair, so removing it might be an option.  I would be less worried about snooping and be more concerned that he'd delete my files by accident. As AlbacoreA says, you should always ensure that you have a back-up copy of all important files held elsewhere.


----------



## AlbacoreA (21 Jan 2014)

I think the truecrypt file is handier than a partition for the less technical. 

The partition is more secure though. Protects more. 

Of course if you lose the password and you've no backup somewhere else. You're stuffed.


----------



## STEINER (21 Jan 2014)

Thanks again everyone.  I downloaded Truecrypt and did the encrypted file part rather than the partition.  I then bunged everything into it so everything is protected and only I and wife know the password.


----------



## AlbacoreA (21 Jan 2014)

Make sure you have a non encrypted back up hidden somewhere. On a DVDRW in the attic or something. You could also upload your truecrypt file to a online service.


----------



## STEINER (22 Jan 2014)

AlbacoreA said:


> Make sure you have a non encrypted back up hidden somewhere. On a DVDRW in the attic or something. You could also upload your truecrypt file to a online service.



Ok, thanks.

I used Mozy online.

Just in relation to the online back-up Mozy, does the encrypted TrueCrypt file have to be unencrypted/opened/unhidden for the automatic back-ups to work?


----------



## AlbacoreA (22 Jan 2014)

I assume it should be closed.


----------



## roker (22 Jan 2014)

Maybe I have a simplistic view here, but why can you not transfer all sensitive files to  USB or disk, and re install them when it is fixed, all my sensitive files are in one folder.


----------



## dub_nerd (23 Jan 2014)

roker said:


> Maybe I have a simplistic view here, but why can you not transfer all sensitive files to USB or disk, and re install them when it is fixed, all my sensitive files are in one folder.


 
Unless you use a special tool to erase deleted files from your hard disk, they may still be recoverable fairly easily by a hacker. Especially if you have just recently deleted a bunch of files (e.g. before handing it over for repair) those files are not physically gone from your disk and can be recovered.


----------



## Bronte (23 Jan 2014)

STEINER said:


> Thanks again everyone. I downloaded Truecrypt and did the encrypted file part rather than the partition. I then bunged everything into it so everything is protected and only I and wife know the password.


 
I'm not by any means a computer expert but surely the repair guy is an expert and can get into any system so I'd say all that encryption is a waste of time.  

In any case what is in your photos that you don't want anybody to see.  I'm sure the repair guys has no interest, nor time to be looking at people photos or files.  What could he possible do with them.  

I'd be more concerned that you'd lose the stuff if the repair guy makes a mistake.


----------



## Leo (23 Jan 2014)

Bronte said:


> I'm not by any means a computer expert but surely the repair guy is an expert and can get into any system so I'd say all that encryption is a waste of time.



Totally incorrect. 



Bronte said:


> In any case what is in your photos that you don't want anybody to see.  I'm sure the repair guys has no interest, nor time to be looking at people photos or files.  What could he possible do with them.



If you've ever used the computer for online banking or other sensitive sites, use the same or similar passwords across multiple sites, or any of your files contain personal information, then this could be gathered and exploited by them or sold online. There's a significant market for information like this.


----------



## AlbacoreA (23 Jan 2014)

I would be more worried they'd be careless with the laptop or hard drive and it would get stolen, or lost then they would be in the business of selling personal data. But its common sense to take precautions.


----------



## STEINER (23 Jan 2014)

Bronte said:


> In any case what is in your photos that you don't want anybody to see.  I'm sure the repair guys has no interest, nor time to be looking at people photos or files.  What could he possible do with them.



I share photos with family and friends, not with complete strangers.  

I have a lot of files, mainly Excel & Word which relate to both my wife's and my own professional careers, health matters and finances/legalities.

I think that most reasonable people would want to retain privacy in these matters.

I have never had to get a laptop repaired, and the repair person is personally unknown to me.  He has repaired it ok now, so I am thankfully not having to buy a new one.  I am happy now.


----------



## roker (23 Mar 2014)

Passwords can be use for individual files which I have used, and folders (I think)


----------



## RainyDay (23 Mar 2014)

roker said:


> Passwords can be use for individual files which I have used, and folders (I think)



Unless you choose very strong passwords, these can be hacked fairly easily - have a quick search for MS Word password cracking tools.


----------



## STEINER (26 Feb 2015)

STEINER said:


> Thanks again everyone.  I downloaded Truecrypt and did the encrypted file part rather than the partition.  I then bunged everything into it so everything is protected and only I and wife know the password.



What are the alternatives to Truecrypt?


----------



## AlbacoreA (27 Feb 2015)

http://lifehacker.com/five-best-file-encryption-tools-5677725

Or something commercial you buy.  

I still prefer the old versions of Truecrypt. Though. Despite it being discontinued.

http://truecrypt.sourceforge.net/


----------

