MacBook Air Was Stolen - What Steps Should I Take?

Discussion in 'MacBook Air' started by VTHockey11, Jun 4, 2012.

  1. VTHockey11 macrumors newbie

    Joined:
    Feb 24, 2011
    Location:
    Washington, DC
    #1
    My mother just called to tell me her house was broken into and her couple-month old MacBook Air was stolen. She's extremely worried because she has personal documents on the computer etc.

    She has it locked with a password.

    The questions I have are:

    She's speaking to police now about the incident and will give them the serial number, but is there anyone else she can give it to? Will Apple alert authorities if someone, for instance, tries to use iTunes on a reportedly stolen computer?

    I'm assuming the thieves are just looking to resell the computer as they also stole her sterling silver and nothing else - just looking for quick money. Since it's pass locked and they don't have the install key, can they somehow reset the computer and reinstall? I've done many resets myself on my own MacBook Air, but of course, I have admin access. They wouldn't.

    What other steps should she take? I told her to watch Craigslist and eBay for resellers in her area. Anything else that anyone can speak of from experience?

    I know I'll be telling her to put Prey on her computer whenever she gets a new one so that she can really nab the criminals. Just wondering if anyone else has experiences they can provide. Thanks!
     
  2. metier macrumors member

    Joined:
    Feb 20, 2012
    Location:
    Texas
    #2
    remote wipe

    Is it setup with iCloud so you can do a remote wipe of the MBA.
     
  3. VTHockey11 thread starter macrumors newbie

    Joined:
    Feb 24, 2011
    Location:
    Washington, DC
    #3
    Unfortunately she hadn't set it up. It's locked via password but I'm sure they could work their way around that, especially as they appeared to have done this before.
     
  4. oneMadRssn macrumors 68040

    oneMadRssn

    Joined:
    Sep 8, 2011
    Location:
    Boston, MA
    #4
    Sorry to hear. I had my car stolen a few years back (and had only the minimum compulsive insurance). That sucked!

    Unfortunately there is very little she can do. Unless it's an EFI password (probably not), they can very easily reinstall the OS without admin privileges.

    The good news is that chances are they don't care about her personal documents, and just want to make quick buck. 75% chance it ends up on craigslist. Did they take the charger too? Even if she does find it on craigslist, confronting the seller would be dangerous and police usually don't bother with this type of crime unless they have all their ducks in a row and all procedures of evidence have been followed (meaning: even if you think you have proof, it might not be "good enough".)

    I don't mean to be snarky or mean, but this situation is the perfect example of why everyone needs insurance. You might already have it:
    - If it was a home break-in, the home-owners or renters insurance policy should cover it, but probably with a hefty deductible.
    - If it was new, sometimes credit cards cover items purchased using that credit card for a period of time (I think AmEx and Discover cover items for 90 days on their higher-end cards).

    In the future, I would recommend everyone buys personal property insurance to cover their possessions against damage and theft. For $5,000 of annual coverage, replacement cost, and sub-$100 deductible, you might pay a $150-$300 premium per year if you shop around. For a $2500 computer, $1000 tv, and probably another $1000 in other gizmos, it's pennies on the dollar and worth it.
     
  5. snberk103 macrumors 603

    Joined:
    Oct 22, 2007
    Location:
    An Island in the Salish Sea
    #5
    Sorry to hear about your mom's situation. I wouldn't assume that the laptop was just going to be "repurposed". To be prudent I think you need to assume that whatever is on the Air is going to be read.... so if there is anything there that concerns credit cards, ID, etc ... you'd better start the process of changing them.

    As well, are there any relatives who are at risk of being scammed? There is a common scheme now where a fraudster calls an elderly person and pretends to be relative (grand-child usually) and who is in trouble and needs money. If their mental faculties are impaired, even slightly, this scheme works more often than you'd think. With the information the lap-top (letters, birthday notes, etc) a fraudster would have more than enough information to be convincing to someone whose faculties are not what they used to be.

    Don't want to freak you out. My motto is 'Hope for the best, but plan for the worst.' Think like a pessimist for a day, and figure out the ways that this info can be used for nefarious purposes - then warn the appropriate relatives, change the numbers, whatever is appropriate. After that you can be an optimist and get on with your life knowing that in the remote chance a smarter than average thief (or fence) got hold of the laptop the damage they could do has been mitigated.

    Good Luck.
     
  6. katewes macrumors 6502

    Joined:
    Jun 7, 2007
    #6
    You will not like what I have to say.

    Before I wrote this reply, I tested it on my Lion 10.7.4 MacBook Pro running without FileVault, but with normal password lock. Using a FireWire cable, I was able to use an iMac, acting as a host computer, and access everything on the MacBook Pro running in Target Disk Mode. It did not even require a password.

    It sickens me that Apple could have allowed Snow Leopard and earlier OS's be so wide open. The password is nothing at all.

    What this means is that if the thief knows about Macs, and knows about Target Disk mode, the thief has total unfettered access to literally everything on the stolen Mac. Even if the Mac had a password, it is wide open when connected via a FireWire cable.

    Hence, if I were in your parents' position, I would go into emergency mode, and take steps if there were banking details etc. and anything confidential. Change bank passwords, website passwords -- anything that the thief could access using information on the Mac.

    It is the single reason why I upgraded to Lion so that I could encrypt the MBP using FileVault 2. But if you did not turn on FileVault, then the information on your mum's Mac is totally accessible.
     
  7. ritmomundo macrumors 68000

    ritmomundo

    Joined:
    Jan 12, 2011
    Location:
    Los Angeles, CA
    #7
    Sorry to hear about that, hopefully the laptop somehow finds its way back to your mom, even though the chances are pretty slim... :(
    All I have is a password lock on my Macs as well. What do you recommend for good security measures? Is turning on FileVault in the Security/Privacy panel enough?
     
  8. bogatyr macrumors 65816

    Joined:
    Mar 13, 2012
    #8
    Just using FV2 is not enough:
    http://www.frameloss.org/2011/09/18/firewire-attacks-against-mac-os-lion-filevault-2-encryption/

    Using Thunderbolt or FW with a Linux box can net you access to a FV2 system if you don't follow a few extra steps listed in the blog post above.

    More details on the FV2 attack vector:
    http://www.breaknenter.org/projects/inception/

    These are the steps I would take:
    Encrypt with FV2
    If using a MBA, turn on UEFI password (MBP isn't as important as you can reset it with removable memory)
    Follow article info from frameloss.org to avoid attacks on FV2
    Buy insurance to cover the cost of the laptop if lost or stolen (rider on homeowners, or direct insurance on the laptop)

    I would not worry about iCloud or using some other method to track the laptop once stolen. Some police departments will help you, some won't, there is no guarantee. If you have insurance and protect your data, finding the laptop isn't important anymore - and if you go to find it alone, you could end up biting off more than you can chew depending on the thief.
     
  9. Neverbepeace macrumors 6502a

    Neverbepeace

    Joined:
    Jan 14, 2009
    Location:
    New York
    #9
    Make a craigslist post in your area and surrounding areas and explain what happened........worth a shot......chances are that is where hes heading if he doesn't decide to keep it.
     
  10. Alameda macrumors 6502a

    Alameda

    Joined:
    Jun 22, 2012
    #10
    The passwords do not provide physical security. All operating systems are like this. FileVault exists for this reason. Without encryption, a hard disk from any OS is wide open, especially if you simply remove it and install it into another computer. That's how they all work.
     
  11. mattopotamus macrumors G5

    mattopotamus

    Joined:
    Jun 12, 2012
    #11
    Renters/home owners insurance also covers these things.
     

Share This Page