The college dorm might not be the safest place for your gear, but there are several precautions and tricks that can protect your stuff and minimize your exposure to hacks and data loss. Most of them take less time than hanging up a poster, ordering delivery, or deeply regretting how quickly Monday morning is approaching.
Step one is to not let your stuff get stolen. The best way to do this is to have it in your sight at all times, know who is coming and going from your room, and not get so … tired that you’re out cold. Failing that, you can either lock stuff up, or hide it.
If you lock anything up, remember that the lock won’t actually stop anyone stealing your stuff. Unless you have a safe bolted to your dorm-room floor, locks are just a deterrent. You can buy something called a Kensington lock, which locks into a special oval slot built into many laptops and other devices. They’re fine as a deterrent for light-fingered passersby, but their thin cables are easy to snip open with tools one could pretty easily conceal.
Don’t take this as advice to get a beefier lock, either. Even the best bike locks only buy you a bit more time before the thief’s angle-grinder cuts through. If something is locked, you should also make sure it’s in a space where a bad actor will be spotted trying to break it, and therefore discouraged from trying. This goes for laptops, bikes, backpacks, the lot.
The other option is to hide stuff. And not in the freezer, or under the mattress, or in the closet. I once got a call from a roommate to tell me our place had been burgled. My laptop computer was inside a book slip-cover on the bookshelf, and was untouched. Earlier still, when I was a student living in the worst part of town, my house got burglarized twice in a few months. After that I kept the TV in the cellar whenever I went out, and modified a credenza to have a hinged top, under which I’d hide my Amiga computer. Yes, an Amiga. I told you it was a long time ago.
The point is that, like most locks, hiding stuff is not total security, but it’s better than leaving it all on the desk for anyone to take. A thief will want to grab something and get out as soon as possible. One trick, that may or may not work, is leaving some cash or other sacrifice in the first drawer a burglar is likely to check. That way, they leave before digging on to the more important stuff.
You already know how to protect yourself against phishing scams and the like. But you should also never install pirated software, because it’s a major vector for both malware and ransomware. It’s tempting: you’re not flush with cash for software, your internet is probably scary fast, and you might have friends or hallmates offer to help you out. But you’re much, much better off looking up student discounts for software than just opening the doors to exploits, ransom, and theft.
You should also protect yourself from human hackers in your college. Don’t wander off in the library and leave your computer screen unlocked. Whenever I visit a university library, I see this all the time. People gone for long stretches, browsing the stacks, with a laptop left open and unlocked on a table. You should really take the computer with you. Failing that, at least lock the screen.
It used to be that once a hacker had physical access to your device, it was game over. But, thanks to the T2 chip inside, and Apple’s iPhone-inspired obsession with physical security, MacBooks are pretty good at resisting attack. The T2 enables Activation Lock, which renders a MacBook as useful as a brick to any thief (and, sadly, to some legitimate refurbishers). Windows 10 has Bitlocker encryption, which keeps the data on your internal and external drives safe.
In either case, use a good, long passphrase, set the computer to lock as soon as the screen sleeps in a minute or two, and enable FileVault or Bitlocker disk encryption, if it’s not on already.
While we’re on the subject of software safety, use a password manager like 1Password or Dashlane. These will auto-generate long, secure passcodes, and remember and fill them in for you. You only have to remember the master code. If you’re not using a password manager, you probably have terrible passwords.
At the least, if you use the same password for multiple logins, stop. Websites are breached by hackers all the time, and they steal the database of user logins. These logins are then tried, automatically, on other websites and services. Not a week goes by without some big company getting hacked. So, if you use the same password for your food or clothes orders as you do for your Gmail, your Gmail won’t stay secure for long.
You might not be using QWERTY1234, or the name of your dog,, but even if you vary passwords, they’re still probably not as good as you think they are. If you’ve thought of a clever naming scheme, then the hackers and their hardened algorithms have, too. Better to let the professionals deal with the method for generating secure passwords.
Don’t plug in ‘dirty’ USB chargers or thumb drives
It can be tempting to juice your phone with chargers set out in public spaces, but these can be vectors for attack. Recent iDevices are quite resistant to this, but some Android phones, and many laptop computers, aren’t so picky about what USB devices can do to them without asking first. And now that many notebooks charge via USB-C, instead of using a dedicated power port, the risk is greater— any power cable can also carry data.
One solution is to make a USB condom, which is simply a USB cable or adapter with the data pins pulled out. A USB-A plug has four pins inside. The inner pins carry data, and the outer two carry power. Just yank out those inner pins with a pair of needle-nosed pliers, and you have a safe, power-only USB cable. I wrote a guide about it here. Probably the most practical application of this trick is to modify a short male-to-female USB-A extension cable, so you can use it as an in-between barrier for powering cables or ports you find around campus.
With USB-C, the problem is trickier. USB-C plugs have 24 pins, arrayed inside a tiny slit. Yanking out the data connectors is all but impossible. You can buy data blocker cables, but then you have to trust the maker of those cables. Probably the safest way to charge your USB-C device, then, is to only charge it with a trusted power brick, and never plug any unknown USB devices into the holes.
Beware public Wi-Fi
You should probably never, ever connect any of your devices to public Wi-Fi. If you doubt this as scaremongering, read this excellent Medium article from 2014, which is still relevant in most parts. It’s also quite entertaining. The gist is that once you connect to a network, whoever owns (or pwns) that network has complete control over your connection. They can steal data, or even impersonate websites, like Gmail, to steal your login details. So anytime you’re off-campus, avoid public Wi-Fi.
However, on campus, you probably have no choice. You’ll need to join the college Wi-Fi not just for internet access, but to get access to the school’s internal network. In this case, you should focus on protecting yourself as best you can. You can use a VPN, or virtual private network, which will encrypt your connection. The downside is that you have to trust the company that provides the VPN because it will have access to everything you do on that connection. Wired has a great 2018 article which offers some sound advice.
The good news is, your college network is managed, and is almost certainly a lot safer than coffee-shop Wi-Fi. But don’t forget, practical safety also applies to your phone or tablet. In those cases, consider installing a VPN/firewall app like Guardian Firewall, or Lockdown. These both offer a paid VPN, and will also block trackers hidden within apps on your device.
Finally, let’s talk about backups. If you have good, up-to-date backups, then your data is safe. Even if you lose your computer, or lose access to it thanks to drops, spills, or pirating apps, a backup will save you. But you need more than one backup, and they should be in different places.
Your iPhone and iPad are already backed up to iCloud, your Android device is backed up to Google, and Chromebooks mostly live in the cloud already. For cloud backups on regular Windows/Mac computers, try something like Backblaze. You should also keep a local backup, preferably something automatic. The Mac has Time Machine backups built in, and Windows has File History. These back up all your user files, but they don’t bother within the system files that comprise the macOS and Windows operating systems. I prefer something that will make an exact clone of your entire drive, so you can boot directly from the backup if something goes wrong. I use Carbon Copy Cloner on the Mac. I hesitate to recommend Windows software I haven’t used, but here’s a good overview of cloning a Windows drive.
Ideally, you’d also have a second physical backup at a separate location, just in case yours is lost or damaged. For instance, you could take a full backup drive home every time you visit your parents, swapping between two drives to you keep things fairly up to date. Just take your latest cloned drive with you, and bring the old one back. You could also keep a copy at the home of a trusted friend. Don’t forget to encrypt that backup, just in case it falls into the wrong hands.
Two more backup tips. One, you should test the backups periodically, to see that they actually work. Second, you should keep backup drives disconnected or unmounted when not in use, in case of ransomware attacks. These attacks usually encrypt the computer, and any connected drives, rendering a connected backup useless. Carbon Copy Cloner lets you mount and unmount disks automatically before and after backup
Other than that, follow the usual college advice: Don’t fall asleep with your shoes on, and never, ever follow a hippie to a second location.