MacBook Air Was Stolen - What Steps Should I Take?

VTHockey11

macrumors newbie
Original poster
Feb 24, 2011
9
1
Washington, DC
My mother just called to tell me her house was broken into and her couple-month old MacBook Air was stolen. She's extremely worried because she has personal documents on the computer etc.

She has it locked with a password.

The questions I have are:

She's speaking to police now about the incident and will give them the serial number, but is there anyone else she can give it to? Will Apple alert authorities if someone, for instance, tries to use iTunes on a reportedly stolen computer?

I'm assuming the thieves are just looking to resell the computer as they also stole her sterling silver and nothing else - just looking for quick money. Since it's pass locked and they don't have the install key, can they somehow reset the computer and reinstall? I've done many resets myself on my own MacBook Air, but of course, I have admin access. They wouldn't.

What other steps should she take? I told her to watch Craigslist and eBay for resellers in her area. Anything else that anyone can speak of from experience?

I know I'll be telling her to put Prey on her computer whenever she gets a new one so that she can really nab the criminals. Just wondering if anyone else has experiences they can provide. Thanks!
 

oneMadRssn

macrumors 601
Sep 8, 2011
4,989
11,687
Europe
Sorry to hear. I had my car stolen a few years back (and had only the minimum compulsive insurance). That sucked!

Unfortunately there is very little she can do. Unless it's an EFI password (probably not), they can very easily reinstall the OS without admin privileges.

The good news is that chances are they don't care about her personal documents, and just want to make quick buck. 75% chance it ends up on craigslist. Did they take the charger too? Even if she does find it on craigslist, confronting the seller would be dangerous and police usually don't bother with this type of crime unless they have all their ducks in a row and all procedures of evidence have been followed (meaning: even if you think you have proof, it might not be "good enough".)

I don't mean to be snarky or mean, but this situation is the perfect example of why everyone needs insurance. You might already have it:
- If it was a home break-in, the home-owners or renters insurance policy should cover it, but probably with a hefty deductible.
- If it was new, sometimes credit cards cover items purchased using that credit card for a period of time (I think AmEx and Discover cover items for 90 days on their higher-end cards).

In the future, I would recommend everyone buys personal property insurance to cover their possessions against damage and theft. For $5,000 of annual coverage, replacement cost, and sub-$100 deductible, you might pay a $150-$300 premium per year if you shop around. For a $2500 computer, $1000 tv, and probably another $1000 in other gizmos, it's pennies on the dollar and worth it.
 
Comment

snberk103

macrumors 603
Oct 22, 2007
5,503
87
An Island in the Salish Sea
Sorry to hear about your mom's situation. I wouldn't assume that the laptop was just going to be "repurposed". To be prudent I think you need to assume that whatever is on the Air is going to be read.... so if there is anything there that concerns credit cards, ID, etc ... you'd better start the process of changing them.

As well, are there any relatives who are at risk of being scammed? There is a common scheme now where a fraudster calls an elderly person and pretends to be relative (grand-child usually) and who is in trouble and needs money. If their mental faculties are impaired, even slightly, this scheme works more often than you'd think. With the information the lap-top (letters, birthday notes, etc) a fraudster would have more than enough information to be convincing to someone whose faculties are not what they used to be.

Don't want to freak you out. My motto is 'Hope for the best, but plan for the worst.' Think like a pessimist for a day, and figure out the ways that this info can be used for nefarious purposes - then warn the appropriate relatives, change the numbers, whatever is appropriate. After that you can be an optimist and get on with your life knowing that in the remote chance a smarter than average thief (or fence) got hold of the laptop the damage they could do has been mitigated.

Good Luck.
 
Comment

katewes

macrumors 6502
Jun 7, 2007
428
99
You will not like what I have to say.

Before I wrote this reply, I tested it on my Lion 10.7.4 MacBook Pro running without FileVault, but with normal password lock. Using a FireWire cable, I was able to use an iMac, acting as a host computer, and access everything on the MacBook Pro running in Target Disk Mode. It did not even require a password.

It sickens me that Apple could have allowed Snow Leopard and earlier OS's be so wide open. The password is nothing at all.

What this means is that if the thief knows about Macs, and knows about Target Disk mode, the thief has total unfettered access to literally everything on the stolen Mac. Even if the Mac had a password, it is wide open when connected via a FireWire cable.

Hence, if I were in your parents' position, I would go into emergency mode, and take steps if there were banking details etc. and anything confidential. Change bank passwords, website passwords -- anything that the thief could access using information on the Mac.

It is the single reason why I upgraded to Lion so that I could encrypt the MBP using FileVault 2. But if you did not turn on FileVault, then the information on your mum's Mac is totally accessible.
 
Comment

ritmomundo

macrumors 68000
Jan 12, 2011
1,849
244
Los Angeles, CA
Sorry to hear about that, hopefully the laptop somehow finds its way back to your mom, even though the chances are pretty slim... :(
It is the single reason why I upgraded to Lion so that I could encrypt the MBP using FileVault 2. But if you did not turn on FileVault, then the information on your mum's Mac is totally accessible.
All I have is a password lock on my Macs as well. What do you recommend for good security measures? Is turning on FileVault in the Security/Privacy panel enough?
 
Comment

bogatyr

macrumors 65816
Mar 13, 2012
1,127
1
It is the single reason why I upgraded to Lion so that I could encrypt the MBP using FileVault 2. But if you did not turn on FileVault, then the information on your mum's Mac is totally accessible.
Just using FV2 is not enough:
http://www.frameloss.org/2011/09/18/firewire-attacks-against-mac-os-lion-filevault-2-encryption/

Using Thunderbolt or FW with a Linux box can net you access to a FV2 system if you don't follow a few extra steps listed in the blog post above.

More details on the FV2 attack vector:
http://www.breaknenter.org/projects/inception/

These are the steps I would take:
Encrypt with FV2
If using a MBA, turn on UEFI password (MBP isn't as important as you can reset it with removable memory)
Follow article info from frameloss.org to avoid attacks on FV2
Buy insurance to cover the cost of the laptop if lost or stolen (rider on homeowners, or direct insurance on the laptop)

I would not worry about iCloud or using some other method to track the laptop once stolen. Some police departments will help you, some won't, there is no guarantee. If you have insurance and protect your data, finding the laptop isn't important anymore - and if you go to find it alone, you could end up biting off more than you can chew depending on the thief.
 
Comment

Neverbepeace

macrumors 6502a
Jan 14, 2009
768
226
New York
Make a craigslist post in your area and surrounding areas and explain what happened........worth a shot......chances are that is where hes heading if he doesn't decide to keep it.
 
Comment

Alameda

macrumors 6502a
Jun 22, 2012
623
110
It sickens me that Apple could have allowed Snow Leopard and earlier OS's be so wide open. The password is nothing at all.
The passwords do not provide physical security. All operating systems are like this. FileVault exists for this reason. Without encryption, a hard disk from any OS is wide open, especially if you simply remove it and install it into another computer. That's how they all work.
 
Comment

mattopotamus

macrumors G5
Jun 12, 2012
13,364
3,576
Sorry to hear. I had my car stolen a few years back (and had only the minimum compulsive insurance). That sucked!

Unfortunately there is very little she can do. Unless it's an EFI password (probably not), they can very easily reinstall the OS without admin privileges.

The good news is that chances are they don't care about her personal documents, and just want to make quick buck. 75% chance it ends up on craigslist. Did they take the charger too? Even if she does find it on craigslist, confronting the seller would be dangerous and police usually don't bother with this type of crime unless they have all their ducks in a row and all procedures of evidence have been followed (meaning: even if you think you have proof, it might not be "good enough".)

I don't mean to be snarky or mean, but this situation is the perfect example of why everyone needs insurance. You might already have it:
- If it was a home break-in, the home-owners or renters insurance policy should cover it, but probably with a hefty deductible.
- If it was new, sometimes credit cards cover items purchased using that credit card for a period of time (I think AmEx and Discover cover items for 90 days on their higher-end cards).

In the future, I would recommend everyone buys personal property insurance to cover their possessions against damage and theft. For $5,000 of annual coverage, replacement cost, and sub-$100 deductible, you might pay a $150-$300 premium per year if you shop around. For a $2500 computer, $1000 tv, and probably another $1000 in other gizmos, it's pennies on the dollar and worth it.
Renters/home owners insurance also covers these things.
 
Comment

Similar threads

  • tommyparadise
2
Replies
2
Views
278
  • supernet33
22
Replies
22
Views
1K
Replies
1
Views
312
  • iandk
8
Replies
8
Views
989
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.