Laptop Recovery--Preparing for the worst

Discussion in 'Community Discussion' started by j0nheck, Jan 2, 2011.

  1. j0nheck macrumors newbie

    Joined:
    Apr 4, 2010
    #1
    Hey all-

    tl;dr: What's the best way to make a throw-away account on my computer to help aid in theft recovery.

    I've recently been on a paranoid streak and started thinking quite a bit about protecting my data and recovery of my laptop (Macbook Pro i7) should it ever be stolen.

    I took a few basic steps and installed Prey, started using FileVault, changed settings to require passwords to wake my computer, removed/disabled any type of "auto login" features and beefed up my passwords. The basic things we should all be doing anyway....

    I got to thinking about my machine actually getting stolen, and it came to mind that if it is stolen, the chance of an (average) user being able to login was much less likely. I know he/she wouldn't be able to get into my account due to my password strength (unless it was already compromised). This pretty much makes my recovery plan moot, since in order to recover, I'd need the computer to connect to the internet again so I could get a location/IP/photos/ etc. If the thief can't login, how does he/she connect to the network? He/She doesn't I suppose.

    I figure if someone is going to steal the computer, and can't get into my account, they'll probably do a hard reboot, and get to a login screen. What if there were two accounts on my computer--my personal account; and another throw away account just designed to be a honey-pot for would-be thieves to login to? They could login, connect to the network.. and my recovery efforts can start.

    What's the best way to create such account? Obviously it needs to have certain permissions, but not everything (root). Can I lock it down so the user can perform basic tasks (open apps, connect to a network, etc), but not do more advanced tasks (create/delete accounts). What else am I leaving out here?

    Does that sound reasonable...is there any flaw to my logic?
     
  2. Dufus Del Dia macrumors newbie

    Joined:
    Jun 20, 2010
    #2
  3. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #3
    The only advantage FileVault gives you is protecting your data.

    Your laptop if stolen will get reformatted and OSX loaded back on. All the thief needs to do is put the 10.6 install disk in and reinstall.

    Now depending on what type of data you have on your laptop will dictate whether File Vault is a good option. If you don't store your credit card #s, bank info and top secret CIA documents then perhaps an encrypted disk image would be better. Why encrypt your entire home folder, if you don't need too.
     
  4. NickZac macrumors 68000

    NickZac

    Joined:
    Dec 11, 2010
    #4
    The odds are that the computer will be stripped and the HD simply removed. They make chips similar to Low Jack, in which a GPS chip is implanted somewhere in the computer and upon activation will show the location.
     
  5. helptheold macrumors newbie

    Joined:
    Jan 1, 2011
    #5
    Really? Is that something that comes standard on new laptops or do you have to buy/install it yourself?
     
  6. j0nheck thread starter macrumors newbie

    Joined:
    Apr 4, 2010
    #6
    there seems to be a consensus that the computer would be reformatted; when is the last time a laptop thief had OS X disks laying around, and would first reformat before trying to login? Not sure there is any real data out there to support this. no?

    I like the parental controls idea, to be honest, i had never used them. Thanks for the advice.
     
  7. NickZac macrumors 68000

    NickZac

    Joined:
    Dec 11, 2010
    #7
    To be honest I do not know much about the specefics. My buddy is one of the IT administrators for a college around here (Towson U), and they use it in all of their computers and have had great success.

    Also, check out 'hidden app'...you can track and even turn your camera on to watch the ****** who jacked your comp
     
  8. zhenya macrumors 603

    zhenya

    Joined:
    Jan 6, 2005
    #8
    Honestly, the chance of your computer ever being stolen is extremely low, and the chance that if it is stolen, that you'll have any chance of recovering it is almost infinitesimally small. I'd focus on making sure the machine is fully backed up all the time (this means automatically - no manual backups), and any extremely sensitive data is encrypted. Then I'd make sure the machine itself was covered by my home-owner's policy or renter's insurance, and forget about it. The hardware itself is easily replaceable. It's the data you need to secure.
     
  9. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #9
    If the thief doesn't have OSX disks, he walks into best buy, apple store and buys them (or steals them because he's a thief), or downloads them from a torrent.

    A thief takes the laptop either because he wants it, or wants to sell it, as a whole, or in parts. I'm not really seeing the advantage of putting an account with parental controls? In all cases has a very easy work around.
     
  10. wordoflife, Jan 2, 2011
    Last edited: Jan 2, 2011

    wordoflife macrumors 604

    wordoflife

    Joined:
    Jul 6, 2009
    #10
    Can't you put a setting to make a password required right when you press the power button? That way they can't boot into any hard drive (even if they take yours out) or DVD drive (so they can't boot from the OS X disc) unless the password is entered?

    Advantages to this feature?

    blocks the ability to use the "C" key to start up from a CD-ROM disc.
    blocks the ability to use the "N" key to start up from a NetBoot server.
    blocks the ability to use the "T" key to start up in Target Disk Mode (on computers that offer this feature).
    blocks the ability to start up in Verbose mode by pressing the Command-V key combination during startup.
    block the ability to start up a system in Single-user mode by depressing the Command-S key combination during startup.
    blocks a reset of Parameter RAM (PRAM) by pressing the Command-Option-P-R key combination during startup.
    requires the password to use the Startup Manager, accessed by pressing the Option key during startup (Figure 1).
    requires the password to enter commands after starting up in Open Firmware, which is done by depressing the Command-Option-O-F key combination during startup.

    [​IMG]

    Check this out. Its called Open Firmware Password


    http://support.apple.com/kb/ht1352
    http://support.apple.com/kb/DL675
    Read this too : http://discussions.apple.com/thread.jspa?threadID=2703115&tstart=15


    Alternative option: http://preyproject.com/

    Hope this helps to a certain extent.


    As long as you keep an eye on your MBP when you take it out of your house, then you should be fine.
    Don't keep your MBP visible in your house either (ie. in front of a window)
     
  11. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #11
    Do you have any facts to back up this statement? In my experience it wasn't true, nor was it true for the three dozen other thieves arrested as a result of the police arresting the member of the crime ring that stole my machine.

    Thieves want to steal and resell as fast as possible. If they were smart enough to wipe the drive, they wouldn't be relying on petty theft to make a living.
     
  12. Demosthenes X macrumors 68000

    Demosthenes X

    Joined:
    Oct 21, 2008
    #12
    Even an Open Firmware Password can be circumvented by replacing the machine's RAM. Not that I expect most thieves to know that, but the point is, it's not bulletproof by any means. I'm also not sure what the point is: if a thief wants your data, they can get around the OFP or just put the HDD into another machine.

    If they want your machine, an OFP isn't going to help you get it back. Sure, it might prevent the thief from using it (small victory), but you've still lost your machine...

    *shrug*
     
  13. AlphaDogg macrumors 68040

    AlphaDogg

    Joined:
    May 20, 2010
    Location:
    Boulder, CO
    #13
    Not true. I had to send my MBP in for repair, so I took out the RAM and HDD and stuck them in my White Unibody MacBook. I put the 2GB of RAM and 250GB HDD from the MacBook into the MBP. Both machines still had their firmware passwords in place. What aggravated me was I had the genius specifically note in the work order form on my MBP that I had a firmware password, and what it is... I got it back, and lo and behold, the firmware password was gone :eek:. That really pissed me off.
     
  14. lewis82 macrumors 68000

    lewis82

    Joined:
    Aug 26, 2009
    Location:
    Totalitarian Republic of Northlandia
    #14
    Wirelessly posted (iPod touch 2nd gen: Mozilla/5.0 (iPod; U; CPU iPhone OS 4_2_1 like Mac OS X; fr-fr) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5)

    You must boot with one stick removed IIRC. Otherwise the system can't tell something has changed.
     
  15. Demosthenes X macrumors 68000

    Demosthenes X

    Joined:
    Oct 21, 2008
    #15
    It's something to do with the RAM... point is, OFP aren't bullet-proof, either.
     
  16. j0nheck thread starter macrumors newbie

    Joined:
    Apr 4, 2010
    #16

    My thoughts too--that's why I'm thinking a 'honey-pot' account so the thief (or unsuspecting buyer) can login and I'll start receiving my Prey notifications is the best bet. (in addition to my redundant backups)

    Like others have said, the Open Firmware passwords are good, but not bullet proof.

    I liken it to MAC-filtering your wireless home network. Sure it's an additional step, but anyone with enough smarts to break into your network should be easily able to circumvert that security measure...a better bet is to try and contain the threat (honey pot account).
     
  17. NickZac macrumors 68000

    NickZac

    Joined:
    Dec 11, 2010
    #17
    I asked my friend and he says the tracking hardware is actually administered by Lo Jack, the car people.


    i've seen statistics on what happens to stolen laptops but I am not sure where to find them at the moment. I don't know if I can call laptop theft 'petty theft'; they aren't cheap, are small, easy to transport, and can be stripped and parts sold.

    The number of laptops stolen is crazy too; IIRC I think it is like 8-11% per year.
     
  18. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #18
    When you find them, please provide a link to the source. I don't really believe that one out of every ten laptops is irrecoverably stolen annually, but would be open to changing my mind if presented with reputable evidence.

    Laptops are more valuable sold as a working whole. They aren't particularly expensive either, depending on the make and model.
     

Share This Page