homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam

Forum Home Post A Reply

my profile | directory login | | search | faq | forum home


» The Geek Culture Forums! » News, Reviews, Views! » Our stupid lives » Karma is a beyotch!!! » Post A Reply


Post A Reply
Login Name:
Password (max 13 characters):
Message Icon: Icon 1     Icon 2     Icon 3     Icon 4     Icon 5     Icon 6     Icon 7    
Icon 8     Icon 9     Icon 10     Icon 11     Icon 12     Icon 13     Icon 14    
Message:

HTML is not enabled.
UBB Code™ is enabled.

 

Instant Graemlins Instant UBB Code™
Smile   Frown   Embarrassed   Big Grin   Wink   Razz  
Cool   Roll Eyes   Mad   Eek!   Confused   Happytears  
blush   Beard of Peter Gabriel!   crazy   tired   ohwell   evil  
shake head   cry baby   hearts   weep   devil wand   thumbsup  
thumbsdown   Geek   Applause   Angel   Envy    
Insert URL Hyperlink - UBB Code™   Insert Email Address - UBB Code™
Bold - UBB Code™   Italics - UBB Code™
Quote - UBB Code™   Code Tag - UBB Code™
List Start - UBB Code™   List Item - UBB Code™
List End - UBB Code™   Image - UBB Code™

What is UBB Code™?
Options


Disable Graemlins in this post.


 


T O P I C     R E V I E W
geekygoddess
Member # 15702
 - posted February 26, 2010 14:53
So, the other day I came home to busted down front door and my house was completely ransacked. They took my Mac and all my goodies that go with it, my jewerly, an Xbox and about 50 games, and oddly enough a whole deepfreezer full of meat. I hope whoever took it chokes on a porkchop bone! My question is this...how screwed am I in terms of them accessing all my personal info from my Mac...ughghghg! I did back-up, so my pics and important stuff are safe, but I am concerned about all the other stuff...Thanks:)
 
Snaggy
Member # 123
 - posted February 26, 2010 16:05
OH NO! that's horrible! [Frown]

Well, chances are they will just wipe your drive and resell it, but you will want to change every password you have on every website and email account asap.
 
MacManKrisK
Member # 955
 - posted February 26, 2010 16:58
There isn't a simple way to answer this, but there's a few things to think about.

1) If you had a login password, that'll keep most people out as they'll have to go to decent measure to brute force your password. MacOS X doesn't require you to set one (a *grave* security hole, IMHO), but I hope you did.

2) A password isn't everything. Was your home folder encrypted with "FileVault?" If so, then if they hack into your machine (that is, they *don't* brute-force the password but crack it by other means [i.e. some sort of password resetting tool]) then your data will be unaccessable to them.

3) Don't forget that this all depends on the tech-savvy of the crooks. If they know how to get your Mac into Single-User-Boot mode, and know how to use it then they can do pretty much whatever they want.

4) Snaggy makes a very valid point... the most likely thing is that they'll format it and sell it for cash. Most crooks aren't all that smart... and the kind of crooks that'd steal a freezer full of meat.... I'm not going to continue that sentence.

Sorry to hear this happened to you. I hope you're able to recover everything.
 
Grummash
Member # 4289
 - posted February 26, 2010 17:13
gg - what a horrible experience! I'm vegetarian, but if the low-lifes do happen to choke on that porkchop bone I'll be happy that the piggy's life was not wasted.

But to answer your question - I think that if the scum have a boot CD/DVD for the same version of the Mac OS as on your stolen machine, you may have a problem. Change every single password - now!

On the other hand, any crims who might wish to steal a person's identity are unlikely to spend any time trying to crack your HDD - not when identity details can be bought in bulk on teh interwebs for peanuts.

My suggestion would be to change every password you can think of...cancel bank cards and request re-issues if you stored details on the Mac. It might also be a good time to subscribe to an on-line credit reference agency service, to get alerts of any new financial products taken out in your name.

So, in a nutshell - plan for the worst case scenario but take comfort in the notion that the worst case scenario is really, really, really unlikely to happen.
 
geekygoddess
Member # 15702
 - posted February 26, 2010 17:31
Thanks guys for the help! I just changed all the passwords I can think of...and changed the bank info yesterday. A friend of mine gave me his laptop to use until I get my new machine, I am experiencing with Linux, the thought of going back to Winblows unsettles my tummy:)
 
TheMoMan
Member # 1659
 - posted February 26, 2010 17:40
.


_______________ POOP
 
dragonman97
Member # 780
 - posted February 26, 2010 18:43
Silly question, but from whence does this 'Change every password immediately' bit come from?

Practically speaking, unless you use a password saving feature that doesn't have a master password, it shouldn't be the end of the world. Cookie-based auth. that doesn't routinely expire, like GC, could be an issue, but no banking system I've ever used has such a weakness. Gmail has a neat link at the bottom that lets you log out all sessions that aren't the one you're using...though I'm not sure that anyone else is quite so nice. Also, some sites log out other sessions once you log in from another location - I believe Facebook works this way.

I'm not saying this isn't a bad situation, and geekygoddess, I'm very sorry for this mess that's happened to you...but I don't believe it's an utter calamity, either. I think by far, the greatest loss is that of the property, and any data that hasn't been backed up. The rest of the stuff is nearly extraneous.
 
The Famous Druid
Member # 1769
 - posted February 26, 2010 21:51
quote:
Originally posted by MacManKrisK:
2) A password isn't everything. Was your home folder encrypted with "FileVault?" If so, then if they hack into your machine (that is, they *don't* brute-force the password but crack it by other means [i.e. some sort of password resetting tool]) then your data will be unaccessable to them.

You beat me to it MMKK, this is really good advice.
Everything even halfway confidential on my computers is kept in encrypted volumes, so if the computer is stolen, the bad guys only get the hardware.
 
macmcseboy
Member # 1232
 - posted February 27, 2010 01:22
geekygoddess

That really sucks. I hope they catch those bastages and hang them up by their buster browns in the town square, flogg, tar and feather them.

FileVault... EVIL... You can't brute force that and if you change the password with a reset utility they STILL need the original password to decrypt and decompress the sparseimage. My advice for FileVault... Do NOT use it unless you are a doctor, lawyer, judge, or other person with EXTREMELY SENSITIVE INFO, make very regular backups and are not prone to filing your drive...

the constant decrypt/decompress, compress/encrypt is MURDER on the file system and the user. This has been my experience... I have had to save more than a few users from their error in its use.

If you DO use FileVault. Set a MASTER PASSWORD in addition to you user password.... Make regular backups... make sure you have more than adequate space (manage your pictures, videos and other downloads carefully and leave at least 15% of the drive free, never exceed that, consumption-wise) and of course don't forget you MASTER PASSWORD
 
quantumfluff
Member # 450
 - posted February 27, 2010 11:28
I just switched my work MacBook from FileVault to PGP full disk encryption. You have to enter a passphrase during the boot sequence, but after that it is transparent.

Unfortunately, the rest of my family let's the browser cache their gmail password and never shuts down their machines. Sigh. At least I convinced them that they should use distinct passwords for any sort of account tied to a bank or credit card.
 
TheMoMan
Member # 1659
 - posted February 27, 2010 14:14
____ Since the topic of PassWords came up is one like this hardened enough. A1s9t9r8o This is not what I use but it is simular. we have a 1998 Astro van.

____ Just asking??
 
The Famous Druid
Member # 1769
 - posted February 27, 2010 14:45
quote:
Originally posted by TheMoMan:
____ Since the topic of PassWords came up is one like this hardened enough. A1s9t9r8o This is not what I use but it is simular. we have a 1998 Astro van.

Conventional wisdom is that passwords based on details of your life, eg birthdays, kids/pets names, phone numbers and car details are 'weak' - i.e. easily guessed by hackers who have done a little research.

But they're easy to type and remember, so they're what I use for most stuff.

For stuff that really matters (eg online banking) I use long, difficult to guess passwords, usually based on some distortion of an easily remembered quote, for example

"Four score and seven years ago"

delete the spaces, then replace all the vowels with the letter to the right of it on your keyboard

"Fpirscprrsndsrvrnyrsrssgp""
 
dragonman97
Member # 780
 - posted February 27, 2010 15:29
Isn't that a Welsh town? [Wink]

I second mmb's protest against FileVault. As I see it, it's overkill, and potentially quite dangerous if either: a) You forget the password; or b) It gets corrupted somehow. I know someone who had (b) happen to him, and he was /not/ happy.

Instead, I recommend making an encrypted DMG or using a TrueCrypt volume (or something similar and provably strong) to store things that you wouldn't want someone getting their hands on.

qf's approach to full disk encryption is very smart for a work laptop...but I'm not quite certain that everyone else has the same needs. Mind you, I'd put more confidence in PGP than FileVault, as Apple tends to be smarter about making things pretty than making things work in an extremely reliable fashion. In any event, if you choose to take a heavy encryption route, I strongly recommend making routine backups of your data, which unless they're in a very secure location, also should be encrypted.

Regardless of the encryption strategy that you take:
Assuming you have a safe deposit box, with good access controls, I would also recommend having a copy of your password/passphrase there, lest some ill befall you, and someone else needs to legitimately get a hold of your data. (Or, you bump your head and forget your password and are really quite sunk!)
 
Mr. Geek 2U
Member # 28663
 - posted March 04, 2010 10:11
OMG!

That is so very bad, Mz. GeekyGoddess!

No offence, but my first question is if they have your computer, then how do we know this is YOU????

What if this is the thief trying to get geek information to unlock deep, dark secrets on your computer?

Like a chocolate chip cookie recipe! Or something!

Do you know the secret Geek handshake?

If this is the real GeekyGoddess, well I say I am sorry to hear that the smartest person in Tennessee history is a crime victim.

I would say Have a Great day. But that doesn't work for this!

Chin up. You have Geek friends.

Mr. Geek 2U!
 




Contact Us | Geek Culture Home Page

© 2018 Geek Culture

Powered by Infopop Corporation
UBB.classicTM 6.4.0



homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam