They need literally all the time in the universe to crack something like a symmetric 128-bit AES cipher
I said "figure out how to decrypt its contents". There are other ways to get the password that don't involve dividing by 0 or pulling a computer out of Star Trek to bruteforce it.
If you fail one of these, you have lost your 2 TB of porn.
-installing a hardware keylogger (IF the machine has a slot for it or a way to connect it and they have one compatible with modern hardware, anyway, worse case they'll have to custom-make it for you and fit it between the ribbon cable that runs from the keyboard to the motherboard)
-installing a software keylogger (this is if they have geeks far better than you OR you do massively stupid things like leaving the machine unattended for a few minutes while logged as admin)
-placing spy cameras (they are pretty cheap these days and have ludicrous quality)
-sending guy to look at what you do (with or without binoculars)
Hardware keyloggers are pretty easy to find if you know where to look, but taking apart the whole machine every fucking time you turn it on is a pain. Placing a stealthy way to detect tampering on the machine is the best choice imho.
Software keyloggers that install without your direct consent (or by tricking you) are basically virus. You don't need me to tell you how to avoid computer virus.
For the record, there are ways to hamper both, but most I've seen work at OS level, so won't be really useful to keep OS password, HDD passwords and machine passowrd secure.
The way for software keyloggers is using programs called keyboard scramblers. They work in different ways, and not all work for 100% of the programs you may need to use, so choose well.
Hardware keyloggers can be hampered by using Keyboard remappers
that alter the keyboard output at a OS level. Since the hardware kinds are passive devices they record what is physically pressed on the keyboard, but won't know what is actually received by the OS.
Next! The cameras work well if you have any kind of habit. Especially in places where you feel safe. They don't have to be necessarily wireless kinds (or may store the movie and transmit only when receiving a "all clear" signal from their base) so don't waste time hunting them down with those funny detectors like in movies.
The guy with binoculars is a pain in the ass since he follows you (ideally unseen, not always the case), but his viewing angles are kinda obvious to defend against even when you don't know where he is. Just be wary of reflections.
elucidating the key remotely by spyware on the computer before (in which case, they probably already have the data they're looking for)
Uhm well, spyware and any computer virus is usually installed remotely by using baits for the target. Convincing a target to install something cool (or piggybacking the installation of stuff he needs to install by tampering with his CDs or doing some network magic) is doable if they have resources since the keylogger needs to send home only tiny quantities of data (KBs at most), while a virus that searches for and uploads the sensitive info or the whole HDD contents (how do you know how the file with the data you need is called? this isn't a movie) is going to be much more obvious.
icing the RAM immediately after the user has shutdown the computer.
RAM was volatile last time I looked at it. That's an option if it's in sleep or hybernation maybe (one of these leaves active the banks of RAM). I have no idea on how they are supposed to extract data from the RAM without extracting them and thus cutting power, though.
Some OS level drive encryption schemes can be bypassed if the computer is asleep.
OS-based encryption does allow any enemy to clone the disk, or common thieves to DBAN
it with impunity.
Passwording the HDD itself should protect you more. In theory anyway, since removing the passowrd isn't that hard
, but reading it without leaving traces is a bit more involved
(it's in italian, google translated here
Anyway, it's years I keep hearing about Self-Encrypting Drives
, but never had one in my hands. They seem awesome in theory but are they a good choice, if you find someone selling them?
I hope they don't feature dumb bypass systems like all BIOS I had to reset (and most HDD passords). I mean hell, most motherborads even have dedicated jumpers
to reset the BIOS to factory default and thus clear passwords.
Hell, if you are too idiot to remeber a fucking password (or to not have written a good but safe hint to help you remeber them in a safe place) you deserve to lose the hardware.