Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to make my stolen Win 10 unusable?


  • Please log in to reply
16 replies to this topic

#1 Elvis Maphoka

Elvis Maphoka

  • Members
  • 38 posts
  • OFFLINE
  •  

Posted 01 September 2017 - 08:54 AM

Hello everybody, I lost my Windows 10 Acer laptop on the train. The "find my device" setting was on off!Is there some way to make my laptop unusable(or difficult to use) by the thief. The laptop was registered with Microsoft, and it had no login password. Thank you

BC AdBot (Login to Remove)

 


#2 dhagerjohns

dhagerjohns

  • Members
  • 145 posts
  • OFFLINE
  •  

Posted 01 September 2017 - 08:57 AM

Time to buy another laptop, and take better precautions.



#3 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 8,628 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:12:47 AM

Posted 01 September 2017 - 09:10 AM

The simple answer to your question is, "no."

 

Any of us could accidentally lose something like a laptop, and physical possession is the first line of security.  The second includes things like logins and passwords.  Your choice not to use a password or pin makes this device, once out of your possession, an "open book."

 

Even if it were secured with a password, the person who has it could wipe the hard drive and reinstall Windows 10 from scratch.

 

Unless I'm unaware of it, Microsoft does not supply a "Wipe my device" feature like Android does, at least not on Win10 Home or Pro.  Your question does make me wonder if such a feature exists for the centrally administered versions of Windows - Education and Enterprise.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#4 Elvis Maphoka

Elvis Maphoka
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  

Posted 01 September 2017 - 09:18 AM

Thank you guys! Windows 10 does offer the facility to lock your laptop if stolen, but you have to put it on "on" in advance because it is on "off" by default.

#5 Just_One_Question

Just_One_Question

  • Members
  • 1,400 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:07:47 AM

Posted 01 September 2017 - 09:38 AM

One would think that with all that increased digital surveillance going on these last couple of years, you'd be able to somehow track your laptop, or Microsoft track your laptop, if you had its ID (or whatever the product number is called).



#6 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 8,628 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:12:47 AM

Posted 01 September 2017 - 11:36 AM

One would think that with all that increased digital surveillance going on these last couple of years, you'd be able to somehow track your laptop, or Microsoft track your laptop, if you had its ID (or whatever the product number is called).

 

That's the "Find my device" pane under "Update & Security".  It's off by default because it consumes resources that you don't need to have consumed unless you have a laptop, and possibly not even then.  I would imagine it relies on Location being enabled, so if it's not enabled you're out of luck, too.

 

I just turned that feature on for my laptop just in case it should ever somehow be lost.

 

I can't find anything under Win10 Home, 64-bit, Version 1703, Build 15063.540 that allows full device locking either remotely or when you're sitting in front of it beyond what can provided by the lock screen if one were already logged on and the lock screen comes up.  Even then you'd need to have a password for that to work.   Under Windows 10 it takes some interesting gyrations to create a situation where it appears (and I note, appears) that a userid does not have a password.  You can make the system supply your password automatically so that you don't even see it, and I have done this for some of my blind clients, but I have not found any way to set up a user account that has, literally, no password like you could in earlier versions of Windows.


Edited by britechguy, 01 September 2017 - 11:40 AM.

Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#7 Just_One_Question

Just_One_Question

  • Members
  • 1,400 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:07:47 AM

Posted 01 September 2017 - 02:05 PM

If the 'Find my device' feature is enabled, does the computer have to be on for you to remotely locate it? If not, does it have to have the battery plugged in or would the CMOS battery do just fine, I am just curious?:)



#8 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 8,628 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:12:47 AM

Posted 01 September 2017 - 02:09 PM

My understanding is that the computer is instructed to send its location to Microsoft for inclusion on your account at standard intervals.   So, while it need not be on at the moment you're looking for it if it has not yet been turned on in its latest location it will not be shown as being there until it is.  Since laptops aren't like cell phones in terms of how they connect to networks I'd also imagine that the location information would be a bit more coarse grained than it is for device location for a smartphone.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#9 Kilroy

Kilroy

  • BC Advisor
  • 3,408 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:11:47 PM

Posted 01 September 2017 - 02:20 PM

As britechguy said, you're out of luck as the machine wasn't secured prior to being lost.  This is a "teachable moment".  A password is sufficient to keep the average person out of your computer, but will not protect your data from someone with basic computer skills.  To completely protect your data you need a password and the data must be encrypted.  However, if your data is encrypted you can easily lose access to it, so backups are mandatory if your data is important to you.

 

Convenience is the enemy of security.  The easier it is to use, the less secure it is.


Edited by Kilroy, 01 September 2017 - 03:16 PM.


#10 Just_One_Question

Just_One_Question

  • Members
  • 1,400 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:07:47 AM

Posted 01 September 2017 - 02:21 PM

I understand. Well, I guess that was it for OP's laptop.:(



#11 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 8,628 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:12:47 AM

Posted 01 September 2017 - 02:33 PM

This is a "teachable moment".  A password is sufficient to keep the average person out of your computer, but will not protect your data from someone with basic computer skills.  To completely protect your data you need a password and the data must be encrypted.  However, if your data is encrypted you can easily lose access to it, so backups are mandatory if your data is important to you.

 

Conv[en]i[e]nce is the enemy of security.  The easier it is to use, the less secure it is.

 

Kilroy, I do believe you meant "convenience," and while I get your basic point, and it is valid, it's not 100% valid.

 

The first, and foremost measure of security anyone can take for anything is physical control, and that includes for a computer connected to cyberspace.  If you can keep unwanted others from physically accessing the device you are already hugely ahead in the security realm.

 

The need for encryption should be thought about very, very carefully.  As you've noted it is far easier for the person who has encrypted data to also lose access to it so one should think long and hard about whether the information in question really requires that level of privacy protection.   Password safes do, your average collection of work-related or personal word processing documents don't unless your work requires something like HIPAA compliance, in which case you are probably using cloud-based HIPAA-compliant storage to limit your exposure were your machine to be lost, or you're working on some high-value trade secret.   That doesn't match "most of us" and, contrary to the amount of paranoia being stoked by some, the government and the rest of the world is really, really unlikely to care one whit about what you (for some random you that isn't a "person of interest" for good reason) is doing.

 

People need to think about what their actual needs are, and that includes an accurate risk assessment of the result if your data were to fall into someone else's hands.  I'd be really upset if mine were to do so, but I don't think that my entire world could or would be brought crashing to its proverbial knees were some random person to have it.  The vast majority of it means little to nothing to anyone other than myself.  I can see no reason to increase my personal risk of loss by using encryption if something goes wrong as I keep pretty tight reins on who has physical access to my computer.  I also practice safe surfing, which makes a huge difference as well.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#12 JohnC_21

JohnC_21

  • Members
  • 24,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:47 AM

Posted 01 September 2017 - 02:44 PM

Does Windows 10 encrypt the computer when a Microsoft Account Password is used vs a local account password? If it isn't then anybody could access the data by detaching it and connecting to another computer or via a boot disk like linux or even the Windows install disk.

 

If I was traveling with a laptop I would use a HDD password login before Windows even boots and turn the computer off if it ever left my sight. 



#13 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 8,628 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:12:47 AM

Posted 01 September 2017 - 02:54 PM

John,

 

        See:  https://www.howtogeek.com/234826/how-to-enable-full-disk-encryption-on-windows-10/

                 and https://venturebeat.com/2015/07/02/microsoft-compares-features-across-windows-10-home-pro-enterprise-and-education/  for starters.

 

Since I have Win10 Home, not Pro, there are no Device Encryption settings in the System, About pane but there is a link for Bitlocker Settings, which takes you to the Microsoft Store if you do not already have Bitlocker on your machine, and I don't.  There you are offered an upgrade to Windows 10 Pro if you want device encryption capabilities.

 

Even though the second article is from 2015 I don't think the information presented has changed much in regard to encryption.


Edited by britechguy, 01 September 2017 - 02:56 PM.

Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#14 r.a.d.

r.a.d.

  • Members
  • 665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:47 PM

Posted 01 September 2017 - 02:58 PM

Also, if you used it for financial (or other important)  reasons and also utilized auto fill for username/password convenience (as I do on the iPad) to relevant sites which your browser history or bookmarks may show, access would be available to whoever has your laptop. Posting simply as a caution. 
Bleepin' desert rat retiree in climes yet to fry brains (knock on cactus).

Past climes/best friend:  photo-91.gif

#15 JohnC_21

JohnC_21

  • Members
  • 24,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:47 AM

Posted 01 September 2017 - 03:11 PM

From the below links it's my understanding one does not necessarily need Pro for Device Encryption.

 

http://www.thewindowsclub.com/microsoft-windows-10-device-encryption-key

Windows 10 Device Encryption Key

If you bought a new Windows 10 computer and signed in using your  Microsoft account, your device will be encrypted by Windows and the encryption key will be stored automatically on OneDrive. This is nothing new actually and has been aroud since Windows 8, but certain questions relating to its security have been raised recently.

For this feature to be available, your hardware must support connected standby that meets with the Windows Hardware Certification Kit (HCK) requirements for TPM and SecureBoot on ConnectedStandby systems. If your device supports this feature, you will see the setting under Settings > System > About. Here you can turn off or turn on Device Encryption.

http://windowsitpro.com/windows-81/device-encryption-windows-81-and-bitlocker-drive-encryption

Device Encryption is available in every Windows 8.1 edition - not just the enterprise editions, but also the consumer ones – and can be used on both x86 and x-64 platforms. To support Device Encryption, your Windows 8.1 platform must have a version 2.0 (v2.0) Trusted Platform Module - as specified in the Windows Hardware Certification Kit (HCK) requirements for TPM and SecureBoot on ConnectedStandby systems (see https://msdn.microsoft.com/en-us/library/windows/hardware/hh833788.aspx for more information on this). Your system must also support connected standby - a new power state that with very low power consumption that also maintains Internet connectivity.


Edited by JohnC_21, 01 September 2017 - 03:11 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users