This is perhaps obvious - anyone with physical access to your
computer can steal it, data and all. Less trivially, someone with
physical access to the keyboard may be able to easily access data if
the system is not password-protected. Often, a system such as Windows 95
will reboot in an unprotected state even if a password-protected screen saver
was used. Many systems, including Linux, are vulnerable if a floppy
disk may be booted, bypassing login procedures.
On many systems, a boot-time password may be set in the BIOS, or
the floppy disk may be removed from the boot path. Usually, a
jumper on the motherboard bypasses this, but the case must be removed to
change this. The case may be secured with a lock, or an alarm installed.
Some alarm systems will report to a remote monitoring station.
Reportedly, some password-protected BIOS versions have a backdoor
password, which may be known to intruders.
Avoidance
Encrypt all sensitive data
Erase unwanted files by overwriting. Normal delete operations merely
move the file to a discard folder or clear a bit in the directory entry.
Employ memory-wipe techniques for sensitive data.
Ensure that sensitive data cannot be swapped out to disk.
Ensure that sensitive data is not written to temporary files.
Do not allow others access to your files, or to install software
which would be able to access your files. For unsecure systems such
as Windows 95, this means forbidding access to everybody, including friends
and family.