I recently bought a used laptop for travel (called TRV), hardware redundancy, and use as an additional screen. Since I only paid $150 for it ($250 after a display upgrade), I can afford the dollar loss if the laptop is stolen and because it is redundant, it would not be a crimp in my ongoing operation.
However, during travel, I want access to what I need for customer support (ecommerce, past email correspondence, etc.). I also want access to my telephone book and website passwords. For about a month or so, I have been running my TRV computer with these kinds of app running on it. However, I was at great risk if the computer itself got stolen because of the data on it.
A second issue has come up this month, with the release of the FireSheep program. This is a password sniffer which can pull passwords from an unsecured wifi access point. Even more, it can hijack most sessions in an unsecured wifi access point because only the logon session is secured and not the entire session. These are not new vulnerabilities but the ease with which this can be done is alarming.
Websites and wifi access points can resolve the FireSheep vulnerabilities. Open relays used to be widespread but now secured access to SMTP is the norm. So too, secured wifi will likely become the norm as well. In the meantime (i.e. now), there is a risk using any public wifi using protocols that pass information in the clear.
I have now resolved both issues quite simply. Now, all of my apps run on my main computer. This computer never leaves my office. I then use remote desktop (RDP) to connect and have access to *all* my programs. There are no programs a thief can use to compromise me.
I have deleted my previous programs on TRV and then copied over a movie file to overwrite the sectors holding previous data.
To run RDP, the target computer must have Remote Desktop enabled (Computer Properties >> Remote Settings >> Remote >> Remote Desktop. I have to allow the less secure version because I am connecting XP to Windows 7. Even so, I have used a network sniffer to verify that the login is secure. I have not yet locked it down and will use
To run RDP, enter “mstsc” in a Run command from the Start Menu. You may also find it in the Acce4ssorries folder in the Start Menu Programs folder.
I have a static IP address for my home system and have given it a domain name. Rhino Software used to offer a great, free service called DNS4me to ASP members but has decided to stop offering it. They are advising people at http://www.dns4me.com/ to consider http://www.dyndns.com/index1.html or http://www.no-ip.com/.
A downside of the RDP approach is that my laptop has essentially nothing useful on it unless it is connected to the internet. In particular, I cannot work on anything in an airline seat unless the airline provides wifi. I don’t expect this downtime to be a problem as having people in front of you recline their seats makes airline seat computing a dicey proposition anyway.
Annother issue with RDP approach is if you are using sound. For example, you want to use Skype. With RDP, the sound will go to main computer and then to the remote desktop, introducing delays and consuming bandwidth.