Hey everybody, I was recently looking into improving the security of my laptop, and by security I mean more than just a Kensington laptop lock. So I thought, why not ask one of our elite cyber spec ops warriors! I reached out to a friend who knows th3j35t3r and asked if he could make any recommendations. He came back with a nice overview of his rig:

  • Laptop, business class
  • TPM chip – allows him to lock hardware to the device. For example, if you pull the hd and put it in another machine, it will not work.
  • Biometric login
  • BIOS/boot password
  • Full disk encryption across the board
  • Won’t boot without a secure token (usb)
  • 2 wireless cards – one normal, one transmitting decoy access point ssids
  • Two factor authentication on all accounts using Google authenticator w/ mobile device
  • Laptop pings cellphone over Bluetooth every few seconds. If cellphone goes out of range, laptop locks and requires fingerprint and phone to re-login.

After looking this over I sent a note back asking if I could use it here in Team Room. I was surprised and very happy to get a note back that The Jester was writing a full post on this topic, and I’d be able to publish it here for you guys.

This is way above and beyond where most people need to be with their laptops, but it’s still fun to know how the-best-of-the-best hackers treat their tools of the trade.

So, without further ado…