Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

bungiefan89

macrumors 6502a
Original poster
Apr 5, 2011
565
76
A few weeks ago, I noticed some corruption in the screen of my 27" 2011 iMac. I have Apple Care, so I took it to an Apple Store and they took it in for repairs, completely replacing the screen with a new one.

I took the machine in to their store on Monday, and they called me Tuesday morning saying they were done with repairs. I wasn't able to pick it up until Friday, but now my iMac is back with me with a brand new working screen.

After this whole procedure (where I left my entire computer in the hands of other people for about 5 days) I'm a little spooked at the possibility that someone may have tapped my computer or taken some files from it.

I know it sounds a little silly, but I've read news stories about some guy who fixed people's Macbooks and made it so they would constantly spy on the users with the built-in webcam. I'm also a bit concerned about the fact that for all that time they had access to my hard drive, which contains quite a few sensitive files and password information on it.

I guess what I'm asking is... is there anything I can do to make sure nobody took information from my harddrive or in some way or another put at tap on my computer while it was sitting at the Apple Store for 5 days?
 

ratfink

macrumors member
Feb 11, 2012
49
0
Assuming you gave them an administrator account to login, which I think is common practice when getting a repair, there's nothing you can do to be sure they haven't copied files. Checking the console would tell you if they logged in (and didn't delete the logs), but that is to be expected if they want to verify the system works after it was repaired.

As far as picking up on any monitoring software that was installed... sure, there are tools you can use to detect rootkits and keyloggers, but you'll need to learn a lot about computer forensics to make use of them. If you're worried, do a backup and clean install. Then just reinstall whatever apps you use and restore data like bookmarks and address books (not binaries).

It's very common practice, IMHO, for employees at big box retailers to do a search for nude pics on any system that comes in for repairs. It's also possible at an Apple store. But honestly they are the last place I'd expect it to happen.
 

maflynn

macrumors Haswell
May 3, 2009
73,419
43,306
If your that paranoid just reinstall the OS and change all your passwords.

That's the safest and most complete solution to the OPs question. For nothing else it will give him peace of mind. I highly recommend that the OP has a backup of his data though
 

OLDCODGER

macrumors 6502a
Jul 27, 2011
959
399
Lucky Country
This is the very reason why I run my OS and Apps from an external Firewire drive, with my data on yet another ext drive. The relatively slow boot-up is irrelevant, since I rarely reboot/shutdown.
 
Last edited:
Nov 28, 2010
22,670
30
located
This is the very reason why I run my OS and Apps from an external Firewire drive, with my data on yet another ext drive. The relatively slow boot-up is irrelevant, since I rarely reboot/shutdown.

How often do you have to give your Mac away?

I only had to do that once in 8 years with 5 or so Macs.
 
Nov 28, 2010
22,670
30
located
One takes out insurance in the hope that it will never be needed, but is there just in case. I don't know when/if my Mac will fail, but I won't be able to take action after it fails.

I understand, that is why I make backups. And if you have that concern (tapping or snooping while in repair), then that is a valid choice of yours to boot from an external HDD or SSD. I just never came upon someone doing that regularly.
I booted several machines from external drives or my Mac's HDD/SSD for troubleshooting or using that other machines more powerful ingredients.
 

bungiefan89

macrumors 6502a
Original poster
Apr 5, 2011
565
76
It's very common practice, IMHO, for employees at big box retailers to do a search for nude pics on any system that comes in for repairs. It's also possible at an Apple store. But honestly they are the last place I'd expect it to happen.
lol I'm not quite so worried about THAT, but I am worried that someone may have peeked at a particular text document on my HDD that has bank passwords written on it and stuff like that...

And for reference, no, I did NOT give them my administrator password. All they did with my iMac was replace the screen inside the computer, which I don't think they need to access my HDD for anyway.
 

BlazednSleepy

macrumors 6502a
Apr 15, 2012
701
254
If you didn't give them your password then you have nothing to worry about. All they needed to do was replace the screen and turn it on to the log in screen to make sure it's working fine.
 

Chuckstones

macrumors regular
Oct 28, 2012
152
22
Following an advanced replacement. My original imac was picked up by courier yesterday to be returned to apple.
I never did a reinstall as I was assured they would wipe the machine anyway!!

Now I'm crapping myself!
I only spoke to Jimmy Saville briefly in the 70's!!:eek::
 

Intell

macrumors P6
Jan 24, 2010
18,955
509
Inside
I feel like playing devil's advocate here. Even if you didn't give them your password, they could have still viewed all of your data. The only way they couldn't have was be using FileVault.

You can always do what I do when I have to reluctantly send in one of my machines. Put in a drive and zero it out. Send it in like that. It usually comes back with a fresh installation of the current OS.
 

Sky Blue

Guest
Jan 8, 2005
6,856
11
lol I'm not quite so worried about THAT, but I am worried that someone may have peeked at a particular text document on my HDD that has bank passwords written on it and stuff like that...

And for reference, no, I did NOT give them my administrator password. All they did with my iMac was replace the screen inside the computer, which I don't think they need to access my HDD for anyway.

Bank passwords in a text document on your desktop is a horrible idea, even if your Mac never leaves your home. At least throw that into an encrypted disk image.

They wouldn't need your password, they can use Target Disk Mode to get at your files.
 

harcosparky

macrumors 68020
Jan 14, 2008
2,055
2
I keep EVERYTHING external to the iMac except the OS and a few APPS.

Should the unthinkable occur, all that goes in will be the OS and those few APPS.

I do not like depending on the internal drive for anything of significant value.
 

Apple Corps

macrumors 68030
Apr 26, 2003
2,575
542
California
One takes out insurance in the hope that it will never be needed, but is there just in case. I don't know when/if my Mac will fail, but I won't be able to take action after it fails.

I use the same setup as you do - OS & Apps on an external SSD connected via USB 3.0 for my new iMac. No way I'm going to open that one up to pull a drive.

On my MacPro it is a simple matter to pull the drive, and pulling the SSD in my MBP is not that difficult.
 

2012Tony2012

macrumors 6502a
Dec 2, 2012
741
3
It's not silly to be concerned, never trust anyone with your personal information.

Change everything, all passwords etc and then use disk utility and create an encrypted drive.
 

Brian Y

macrumors 68040
Oct 21, 2012
3,776
1,064
They won't have done anything to your computer. A) they don't have time. B) It's more than their jobs are worth to do that (and I imagine they have CCTV on them ;))
 

Arman

macrumors regular
Aug 27, 2008
204
1
SoCal
Zero? I think I am not getting it, but then again, it is not my forte.

lol. yeah, I'm not following either. If you paranoid about people accessing your data like your roomate then just put a password on your screensaver or something. Unless every night you unhook your externals and lock them away in a safe don't see a reason to do this.
 

2012Tony2012

macrumors 6502a
Dec 2, 2012
741
3
They won't have done anything to your computer. A) they don't have time. B) It's more than their jobs are worth to do that (and I imagine they have CCTV on them ;))

Your comments are full of assumptions!!!:mad:
 

shoulin333

macrumors 6502a
Jun 26, 2007
700
21
California
You should check every shiny object in your house i heard there may be cameras in there too. lol

... really you can't worry about stuff like that. If you are really that worried format your machine and re-install OSX
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.