Sent Mac for repair- will my data be breached?

Discussion in 'MacBook Pro' started by uptempos, Jul 24, 2015.

  1. uptempos macrumors member

    Joined:
    Jan 25, 2015
    #1
    The genius said I didnt need to reformat or erase my hard drive...I only worry about my dropbox stuff....nothing else..he needed the password login too...how worried should I be that the repair person will mess with my data in general? He said not to worry they reformat it anyways...
     
  2. Mcmeowmers macrumors 6502

    Joined:
    Jun 1, 2015
    #2
    I would operate under the assumption that any repair person is going to look at your photos/videos that are easily accessible. Especially if you happen to be female.

    Install a key logger if you want to know what this particular person does?

    I would also assume they wouldn't "mess" with your data if by that you mean deleting/rename/moving/copying. That is malicious and doesn't really serve a purpose.

    You could also unlink your DropBox from your mac.
     
  3. uptempos thread starter macrumors member

    Joined:
    Jan 25, 2015
    #3
    Yeah I changed my password on my dropbox...I know I shouldve been more careful...its mainly dropbox I am worried about..addresses and whatnot..the dropbox was already linked into the macbook and downloaded into the ssd...isn't already too late even if the password to dropbox was changed?
     
  4. brand macrumors 601

    brand

    Joined:
    Oct 3, 2006
    Location:
    127.0.0.1
    #4
    I am not saying they will or will not peruse through your data but every time I hear something like think I can't help but imagine that they also said "trust us, we're honest".
     
  5. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #5
    If you can, wipe the drive (backing it up beforehand of course), that's the safest approach. If you're only worried about dropbox, remove that from the computer.
     
  6. gmanist1000 macrumors 68030

    gmanist1000

    Joined:
    Sep 22, 2009
    #6
    Encrypt your hard drive with Firevault 2, then create a guest user that he can use. He won't have access to anything else on the drive expect Safari.
     
  7. Cuniac macrumors 6502a

    Joined:
    Jan 23, 2013
    Location:
    Phoenix
    #7
    Not to worry you but you have to remember. what their policy is Vs. what some one will do on their own are two very different things. Does Apple look through your data? No. Could a "bad apple" take it on their own to look at your data? Maybe..
     
  8. Emathieu macrumors regular

    Joined:
    Feb 9, 2011
    #8
    I always erase my devices if they go in for a hardware repair and then just restore from a backup when I get them back. Seems to be the safest way.
     
  9. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #9
    I've only needed to send my laptop in once, maybe twice since owning Apple laptops (I started with PowerMacs), and when I did, I erased them just to be safe.
     
  10. snaky69 macrumors 603

    Joined:
    Mar 14, 2008
    #10
    Unless you're a celebrity, very rich, or a politician, you're neither interesting nor important enough for anyone (not even Apple geniuses) to snoop through your stuff.

    No offense.
     
  11. meson macrumors regular

    Joined:
    Apr 29, 2014
    #11
    In grad school, while working with a large scientific collaboration, I would regularly get emails from our software liaison regarding security. One night while working a shift at the experiment our shift leader asks who has screen sharing, file sharing, and printer sharing enabled, all things I turned on to work with the machines on my home network? It was then I realized how easy it was for people to see what ports a machine has open to begin looking for ways to access the machine, and that I should probably start taking security a little more seriously. When it comes to data, it's generally best to prepare for the worst and hope for the best. Once you give someone physical access to your machine, assume it is game over, and that your deepest darkest secrets or most sensitive data have been compromised. If they want it, they can most likely get it at that point. If you have sensitive data stored in cloud storage, be it Drop Box, iCloud, Google Drive, etc., assume it is accessible by someone, whether it's the data on the physical drive or data en route from one place to another.

    Practice safe computing practices, use password protected screen savers and sleep modes and encrypt your drive. This will go a long way to keeping the honest people honest. If you need to grant physical access to the machine, remove any sensitive data, especially if they need admin access to the machine. Depending on the sensitivity of the data, it may be worth swapping the drive entirely.

    As mentioned, if you are interesting enough for someone to dig through your sensitive data, then you probably know it, and should do your best to lock things down. If you are not, assume that the tech may snoop around anyway just for kicks and giggles.
     
  12. mlts22 macrumors 6502a

    Joined:
    Oct 28, 2008
    #12
    I remember hearing stories from more than one "PC repair" place which didn't just look at pictures and documents, but actively saved them off, saying they have to do that by state law to check for child pornography.

    Best thing to do is save pictures and documents in an encrypted container that you mount when using the machine, with the PW not stored in your KeyChain. Disk Utility images are useful for local documents. For cloud storage, I use BoxCryptor which works as a transparent, encrypted pass-through for those.

    I wish FileVault (the original which allows you to have your homedir as a sparse bundle) were still around. This would allow one to give a service tech a user to get past disk encryption, but wouldn't allow them into your home directory.
     

Share This Page