Can anyone access my hard drive if they put it in their computer?

Discussion in 'macOS' started by MythicFrost, May 6, 2009.

  1. MythicFrost macrumors 68040

    MythicFrost

    Joined:
    Mar 11, 2009
    Location:
    Australia
    #1
    I have important and private information on my mac pro, could someone simply remove the hard drive, and put it into there Mac Pro, and have access to all my files?!

    Kind Regards
    Me
     
  2. emt1 macrumors 65816

    Joined:
    Jan 30, 2008
    Location:
    Wisconsin
  3. MythicFrost thread starter macrumors 68040

    MythicFrost

    Joined:
    Mar 11, 2009
    Location:
    Australia
    #3
    How would I go about stopping this, would FileVault stop anyone from accessing the files on my computer?

    Kind Regards
    Me
     
  4. emt1 macrumors 65816

    Joined:
    Jan 30, 2008
    Location:
    Wisconsin
    #4
    FileVault would prevent them from accessing the files in your home folder, if your password is secure.
     
  5. TuffLuffJimmy macrumors G3

    TuffLuffJimmy

    Joined:
    Apr 6, 2007
    Location:
    Portland, OR
    #5
    I *think* putting a firmware password on your computer might stop this.

    The best thing to do is create an encrypted disk image for your sensitive material.
     
  6. MythicFrost thread starter macrumors 68040

    MythicFrost

    Joined:
    Mar 11, 2009
    Location:
    Australia
    #6
    I don't know what a firmware password is, and all my information is sensitive, I just want my information protected, and what is my home folder?

    Kind Regards
    Me
     
  7. TuffLuffJimmy macrumors G3

    TuffLuffJimmy

    Joined:
    Apr 6, 2007
    Location:
    Portland, OR
    #7
    Your home folder is located at /Users/yourusername this folder is also called ~/

    PS: if anyone wants to tell him how to set a firmware password that'd be great. I'd also like to know since I don't remember how I did it...
     
  8. emt1 macrumors 65816

    Joined:
    Jan 30, 2008
    Location:
    Wisconsin
    #8
    Firmware password is useless in this situation. Use FileVault.
     
  9. TuffLuffJimmy macrumors G3

    TuffLuffJimmy

    Joined:
    Apr 6, 2007
    Location:
    Portland, OR
    #9
    Yes, but can't you set it up so you need a password to boot? or is that computer specific?


    Also: I did a little research and apparently you have to set it up from the boot disk. Gross!
     
  10. MythicFrost thread starter macrumors 68040

    MythicFrost

    Joined:
    Mar 11, 2009
    Location:
    Australia
    #10
    Oh so it's my account folder, that has my desktop folder etc.. on it?

    Anyway to secure an external hard drive used for backup? or any other reason.

    Kind Regards
    Me
     
  11. emt1 macrumors 65816

    Joined:
    Jan 30, 2008
    Location:
    Wisconsin
    #11
    You could store sensitive files in a secure disk image on the external hard drive. Use Disk Utility to create the secure disk image.
     
  12. MythicFrost thread starter macrumors 68040

    MythicFrost

    Joined:
    Mar 11, 2009
    Location:
    Australia
    #12
    Thanks, that would work for some of it, but it's backed up with time machine software, so.. that might not work with that part of it:/

    Kind Regards
    Me
     
  13. Duff-Man macrumors 68030

    Duff-Man

    Joined:
    Dec 26, 2002
    Location:
    Albuquerque, NM
    #13
    Duff-Man says....if you do even a simple search at Macupdate you'll see that there are several options out there in addition to the built-in tools of Mac OS X - whether the tool(s) you have are sufficient or you want something more is your decision. You can use something like TrueCrypt (to use as an example) where you can encrypt the entire disk and have hidden partitions etc. How far you feel you need to go is up to you to decide, but you just want to make certain that you know what you are doing as in the wrong hands encryption tools can make your data a little too safe - meaning you can't get at it either.....oh yeah!
     
  14. Signal-11 macrumors 65816

    Signal-11

    Joined:
    Mar 23, 2008
    Location:
    2nd Star to the Right
    #14
    A firmware password or a machine lockout would do nothing to address TS's question, which is, what if someone removes the hard drive? The only feasible answer to his question is to encrypt the drive's contents. Period.
     
  15. MythicFrost thread starter macrumors 68040

    MythicFrost

    Joined:
    Mar 11, 2009
    Location:
    Australia
  16. ppc750fx macrumors 65816

    Joined:
    Aug 20, 2008
    #16
    Also, it's worth noting that FileVault has a couple known vulnerabilities, one of which is its use of a "master password". If you're going to use it, I'd recommend at least removing the master password keychain, as leaving it in place reduces your effective key strength to (IIRC) that of a 768-bit RSA key. (I don't remember the vilefault presentation all that well -- it's been a couple years -- it may have been 1024... still, in either case it's a security risk.)

    Edit: If you've got sensitive information on your machine, what you really need is a form of FDE like dm-crypt or loopback AES -- but unfortunately, Mac OS X is somewhat behind Linux in this regard; there are (to my knowledge) no good solutions for FDE w/ Mac OS X.
     
  17. Mal macrumors 603

    Mal

    Joined:
    Jan 6, 2002
    Location:
    Orlando
    #17
    Wow, is this really an issue? (Not saying it isn't, just really seems odd.) I think the best thing is this case is to make sure no one else is able to physically access the computer. Once someone gets physical access, chances are they'll be able to get at something (though some of the solution here might help). Seems investing in better security would be better than encrypting the drive though, perhaps something as simple as putting a lock on the computer itself to prevent the side door from being opened (also prevents the drives from being removed, IIRC).

    jW
     
  18. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #18
    Filevault is decent. I'm also a fan of TrueCrypt as it works on Mac, Windows, and Linux so you can transport encrypted files to other machines. A note on the firmware password, don't bother. It's rather easy to get around, even Apple provides documentation on their site to get around it.

    If you're worried about thievery then check out Undercover. It won't necessarily help if they only steal the hard drive, but is a decent product.

    There's not many options for full disk encryption (FDE) of the system hard drive. Here's one, but it's not free. TrueCrypt can do FDE of external drives (but not of the system HD), but I had trouble with it so just use individual encrypted storage spaces.

    I work with the government sometimes so have to deal with all of the encryption stuff and security. If you're really needing to improve your security on your Mac check of the documents the NSA has (which also points to Apple's security configuration document) for securing your Mac. It has decent suggestions, though some I feel are unnecessary.
     
  19. Jethryn Freyman macrumors 68020

    Jethryn Freyman

    Joined:
    Aug 9, 2007
    Location:
    Australia
    #19
    If they put your disk in another computer, they can access all your files. A firmware password will not do a thing once the drive is removed from the computer.

    Filevault will keep everything in your HOME FOLDER secure. You will need to pick a strong, long, password (~15 characters. Every character added after that will make it take an extra 100x as long to brute force.)

    Delete the master password keychain, and make sure you securely erase it with at least a 7 pass overwrite. You don't want it being recovered.

    Filevault does not protect anything outside your home folder. Some applications store temporary files outside, your sleep image is stored there unencrypted, and so are some caches and logs.

    Full disk encryption protects against this. PGP Whole Disk Encryption is the best for OS X at the moment. Truecrypt can encrypt entire disks, but not the system partition at the moment.

    You can back up to encrypted disk images created by either Disk Utility or Truecrypt.

    Don't store disk image password in the keychain. Encrypted disk images can also be used to store files. With Disk Utility, make sure you use 256 bit AES, with Truecrypt, you can use even stronger encryption if you wish.
     
  20. ppc750fx macrumors 65816

    Joined:
    Aug 20, 2008
    #20
    Several things come to mind:

    1) Use the NSA guides. They go a long way towards hardening OS X.

    2) Nuke the master password (see above).

    3) Disable safe sleep.

    4) Enable encrypted swap.

    5) Add a LaunchAgent to relocate /tmp, /var/tmp, etc. to somehwere inside your home directory upon log-in. (Note: this is not for the faint-of-heart, and it will only work reliably if there is only ever one user logged in at a time.)

    6) If you're serious about security, give up on OS X. SELinux, loopback-aes, etc. can provide a much, much stronger configuration than the current version of OS X. Also, I don't like to trust closed-source crypto if I can help it...

    3 & 4 are especially important. Safe sleep and unencrypted swap will completely remove any and all security afforded you by FileVault.
     
  21. Signal-11 macrumors 65816

    Signal-11

    Joined:
    Mar 23, 2008
    Location:
    2nd Star to the Right
    #21
    Let's get real.

    The TS's question was probably answered.

    If he were SERIOUS about security, he wouldn't be asking a relatively naive (no offense) question about how to secure a hard drive.

    Every other dude reading thread knows what 90% of these types of questions are all about - guys who don't want their wives finding their porn collection. If you were really engaging in sensitive work, you'd already know and have measures in place to secure your info.
     
  22. madog macrumors 65816

    madog

    Joined:
    Nov 25, 2004
    Location:
    Korova Milkbar
    #22
    The downside is that the Master Password is essentially a backup password to access the information if the user/administrators password is lost/forgotten. If that happens and there is no master password as a backup, then you information is essentially lost.
     
  23. ppc750fx macrumors 65816

    Joined:
    Aug 20, 2008
    #23
    Yes, but I have a hard time believing that a home user would forget his account password (which he uses every day) but not his master password (which he doesn't.)

    I dunno -- that just struck me as odd, at least for home users.
     
  24. portent macrumors 6502a

    Joined:
    Feb 17, 2004
    #24
    And while you're at it, go buy a good padlock and lock your Mac Pro's case shut. There's a slot for that purpose.

    Also prevents people from stealing memory modules.
     
  25. madog macrumors 65816

    madog

    Joined:
    Nov 25, 2004
    Location:
    Korova Milkbar
    #25
    You'd be very surprised. At my old job it would be at least 1-2 people every week someone would come in asking if we could change their password. Typically old people, but otherwise would be the people who don't really use their computer that much outside of the applications that came preinstalled on it. The people who set up a password on their machine the very first day for "security" purposes, yet don't install anything for 10 months and then have absolutely no idea what their password is.

    Not after too long though, we did make it a policy to not change someone's password unless they had their system disks with them in case they had stolen the machine ("You guys buy computers or iPods? I got three iPod Videos in sealed condition and these computers that I forgot the passswords to".... and a huge puffy winter jacket in the middle of 100 degree summer and smell like I just smoked thirteen blunts...)

    Not often did we get someone who forgot everything, and happened to have FileVault turned on, but that did happen at least twice (over a long period of time, but it did happen).
     

Share This Page