homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam

The Geek Culture Forums


Post New Topic  New Poll  Post A Reply
my profile | directory login | | search | faq | forum home
  next oldest topic   next newest topic
» The Geek Culture Forums   » News, Reviews, Views!   » Our stupid lives   » Karma is a beyotch!!!

 - UBBFriend: Email this page to someone!    
Author Topic: Karma is a beyotch!!!
geekygoddess
Highlie
Member # 15702

Member Rated:
5
Icon 1 posted February 26, 2010 14:53      Profile for geekygoddess     Send New Private Message       Edit/Delete Post   Reply With Quote 
So, the other day I came home to busted down front door and my house was completely ransacked. They took my Mac and all my goodies that go with it, my jewerly, an Xbox and about 50 games, and oddly enough a whole deepfreezer full of meat. I hope whoever took it chokes on a porkchop bone! My question is this...how screwed am I in terms of them accessing all my personal info from my Mac...ughghghg! I did back-up, so my pics and important stuff are safe, but I am concerned about all the other stuff...Thanks:)

--------------------
"It is better to press ones shirt, than ones luck"- Confucius

Posts: 661 | From: Edinburgh, United Kingdom | Registered: Mar 2008  |  IP: Logged
Snaggy

Sir Snaggalot!
Member # 123

Member Rated:
5
Icon 1 posted February 26, 2010 16:05      Profile for Snaggy   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
OH NO! that's horrible! [Frown]

Well, chances are they will just wipe your drive and resell it, but you will want to change every password you have on every website and email account asap.

Posts: 8111 | From: Canada | Registered: Jan 2000  |  IP: Logged
MacManKrisK

Gold Hearted SuperFan!
Member # 955

Member Rated:
5
Icon 1 posted February 26, 2010 16:58      Profile for MacManKrisK     Send New Private Message       Edit/Delete Post   Reply With Quote 
There isn't a simple way to answer this, but there's a few things to think about.

1) If you had a login password, that'll keep most people out as they'll have to go to decent measure to brute force your password. MacOS X doesn't require you to set one (a *grave* security hole, IMHO), but I hope you did.

2) A password isn't everything. Was your home folder encrypted with "FileVault?" If so, then if they hack into your machine (that is, they *don't* brute-force the password but crack it by other means [i.e. some sort of password resetting tool]) then your data will be unaccessable to them.

3) Don't forget that this all depends on the tech-savvy of the crooks. If they know how to get your Mac into Single-User-Boot mode, and know how to use it then they can do pretty much whatever they want.

4) Snaggy makes a very valid point... the most likely thing is that they'll format it and sell it for cash. Most crooks aren't all that smart... and the kind of crooks that'd steal a freezer full of meat.... I'm not going to continue that sentence.

Sorry to hear this happened to you. I hope you're able to recover everything.

--------------------
"Buy low, sell high
get rich and you still die"


Posts: 2331 | From: Southwest Michigan, USA | Registered: Oct 2001  |  IP: Logged
Grummash

Gold Hearted SuperFan!
Member # 4289

Icon 1 posted February 26, 2010 17:13      Profile for Grummash     Send New Private Message       Edit/Delete Post   Reply With Quote 
gg - what a horrible experience! I'm vegetarian, but if the low-lifes do happen to choke on that porkchop bone I'll be happy that the piggy's life was not wasted.

But to answer your question - I think that if the scum have a boot CD/DVD for the same version of the Mac OS as on your stolen machine, you may have a problem. Change every single password - now!

On the other hand, any crims who might wish to steal a person's identity are unlikely to spend any time trying to crack your HDD - not when identity details can be bought in bulk on teh interwebs for peanuts.

My suggestion would be to change every password you can think of...cancel bank cards and request re-issues if you stored details on the Mac. It might also be a good time to subscribe to an on-line credit reference agency service, to get alerts of any new financial products taken out in your name.

So, in a nutshell - plan for the worst case scenario but take comfort in the notion that the worst case scenario is really, really, really unlikely to happen.

--------------------
...and yet, across the gulf of space, minds immeasurably superior to ours regarded this earth with envious eyes...

Posts: 2335 | From: Lancashire,UK | Registered: Aug 2005  |  IP: Logged
geekygoddess
Highlie
Member # 15702

Member Rated:
5
Icon 1 posted February 26, 2010 17:31      Profile for geekygoddess     Send New Private Message       Edit/Delete Post   Reply With Quote 
Thanks guys for the help! I just changed all the passwords I can think of...and changed the bank info yesterday. A friend of mine gave me his laptop to use until I get my new machine, I am experiencing with Linux, the thought of going back to Winblows unsettles my tummy:)
Posts: 661 | From: Edinburgh, United Kingdom | Registered: Mar 2008  |  IP: Logged
TheMoMan
BlabberMouth, a Blabber Odyssey
Member # 1659

Member Rated:
4
Icon 1 posted February 26, 2010 17:40      Profile for TheMoMan         Edit/Delete Post   Reply With Quote 
.


_______________ POOP

--------------------
Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety.


Benjamin Franklin,

Posts: 5848 | From: Just South of the Huron National Forest, in the water shed of the Rifle River | Registered: Sep 2002  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted February 26, 2010 18:43      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Silly question, but from whence does this 'Change every password immediately' bit come from?

Practically speaking, unless you use a password saving feature that doesn't have a master password, it shouldn't be the end of the world. Cookie-based auth. that doesn't routinely expire, like GC, could be an issue, but no banking system I've ever used has such a weakness. Gmail has a neat link at the bottom that lets you log out all sessions that aren't the one you're using...though I'm not sure that anyone else is quite so nice. Also, some sites log out other sessions once you log in from another location - I believe Facebook works this way.

I'm not saying this isn't a bad situation, and geekygoddess, I'm very sorry for this mess that's happened to you...but I don't believe it's an utter calamity, either. I think by far, the greatest loss is that of the property, and any data that hasn't been backed up. The rest of the stuff is nearly extraneous.

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
The Famous Druid

Gold Hearted SuperFan!
Member # 1769

Member Rated:
4
Icon 1 posted February 26, 2010 21:51      Profile for The Famous Druid     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by MacManKrisK:
2) A password isn't everything. Was your home folder encrypted with "FileVault?" If so, then if they hack into your machine (that is, they *don't* brute-force the password but crack it by other means [i.e. some sort of password resetting tool]) then your data will be unaccessable to them.

You beat me to it MMKK, this is really good advice.
Everything even halfway confidential on my computers is kept in encrypted volumes, so if the computer is stolen, the bad guys only get the hardware.

--------------------
If you watch 'The History Of NASA' backwards, it's about a space agency that has no manned spaceflight capability, then does low-orbit flights, then lands on the Moon.

Posts: 10680 | From: Melbourne, Australia | Registered: Oct 2002  |  IP: Logged
macmcseboy

Solid Nitrozanium SuperFan!
Member # 1232

Member Rated:
4
Icon 1 posted February 27, 2010 01:22      Profile for macmcseboy     Send New Private Message       Edit/Delete Post   Reply With Quote 
geekygoddess

That really sucks. I hope they catch those bastages and hang them up by their buster browns in the town square, flogg, tar and feather them.

FileVault... EVIL... You can't brute force that and if you change the password with a reset utility they STILL need the original password to decrypt and decompress the sparseimage. My advice for FileVault... Do NOT use it unless you are a doctor, lawyer, judge, or other person with EXTREMELY SENSITIVE INFO, make very regular backups and are not prone to filing your drive...

the constant decrypt/decompress, compress/encrypt is MURDER on the file system and the user. This has been my experience... I have had to save more than a few users from their error in its use.

If you DO use FileVault. Set a MASTER PASSWORD in addition to you user password.... Make regular backups... make sure you have more than adequate space (manage your pictures, videos and other downloads carefully and leave at least 15% of the drive free, never exceed that, consumption-wise) and of course don't forget you MASTER PASSWORD

--------------------
Live long and prosper.

Posts: 1139 | From: Victoria BC... | Registered: Mar 2002  |  IP: Logged
quantumfluff
BlabberMouth, a Blabber Odyssey
Member # 450

Member Rated:
5
Icon 1 posted February 27, 2010 11:28      Profile for quantumfluff     Send New Private Message       Edit/Delete Post   Reply With Quote 
I just switched my work MacBook from FileVault to PGP full disk encryption. You have to enter a passphrase during the boot sequence, but after that it is transparent.

Unfortunately, the rest of my family let's the browser cache their gmail password and never shuts down their machines. Sigh. At least I convinced them that they should use distinct passwords for any sort of account tied to a bank or credit card.

Posts: 2902 | From: 5 to 15 meters above sea level | Registered: Jun 2000  |  IP: Logged
TheMoMan
BlabberMouth, a Blabber Odyssey
Member # 1659

Member Rated:
4
Icon 1 posted February 27, 2010 14:14      Profile for TheMoMan         Edit/Delete Post   Reply With Quote 
____ Since the topic of PassWords came up is one like this hardened enough. A1s9t9r8o This is not what I use but it is simular. we have a 1998 Astro van.

____ Just asking??

--------------------
Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety.


Benjamin Franklin,

Posts: 5848 | From: Just South of the Huron National Forest, in the water shed of the Rifle River | Registered: Sep 2002  |  IP: Logged
The Famous Druid

Gold Hearted SuperFan!
Member # 1769

Member Rated:
4
Icon 1 posted February 27, 2010 14:45      Profile for The Famous Druid     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by TheMoMan:
____ Since the topic of PassWords came up is one like this hardened enough. A1s9t9r8o This is not what I use but it is simular. we have a 1998 Astro van.

Conventional wisdom is that passwords based on details of your life, eg birthdays, kids/pets names, phone numbers and car details are 'weak' - i.e. easily guessed by hackers who have done a little research.

But they're easy to type and remember, so they're what I use for most stuff.

For stuff that really matters (eg online banking) I use long, difficult to guess passwords, usually based on some distortion of an easily remembered quote, for example

"Four score and seven years ago"

delete the spaces, then replace all the vowels with the letter to the right of it on your keyboard

"Fpirscprrsndsrvrnyrsrssgp""

--------------------
If you watch 'The History Of NASA' backwards, it's about a space agency that has no manned spaceflight capability, then does low-orbit flights, then lands on the Moon.

Posts: 10680 | From: Melbourne, Australia | Registered: Oct 2002  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted February 27, 2010 15:29      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Isn't that a Welsh town? [Wink]

I second mmb's protest against FileVault. As I see it, it's overkill, and potentially quite dangerous if either: a) You forget the password; or b) It gets corrupted somehow. I know someone who had (b) happen to him, and he was /not/ happy.

Instead, I recommend making an encrypted DMG or using a TrueCrypt volume (or something similar and provably strong) to store things that you wouldn't want someone getting their hands on.

qf's approach to full disk encryption is very smart for a work laptop...but I'm not quite certain that everyone else has the same needs. Mind you, I'd put more confidence in PGP than FileVault, as Apple tends to be smarter about making things pretty than making things work in an extremely reliable fashion. In any event, if you choose to take a heavy encryption route, I strongly recommend making routine backups of your data, which unless they're in a very secure location, also should be encrypted.

Regardless of the encryption strategy that you take:
Assuming you have a safe deposit box, with good access controls, I would also recommend having a copy of your password/passphrase there, lest some ill befall you, and someone else needs to legitimately get a hold of your data. (Or, you bump your head and forget your password and are really quite sunk!)

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9332 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
Mr. Geek 2U
Alpha Geek
Member # 28663

Member Rated:
5
Icon 1 posted March 04, 2010 10:11      Profile for Mr. Geek 2U     Send New Private Message       Edit/Delete Post   Reply With Quote 
OMG!

That is so very bad, Mz. GeekyGoddess!

No offence, but my first question is if they have your computer, then how do we know this is YOU????

What if this is the thief trying to get geek information to unlock deep, dark secrets on your computer?

Like a chocolate chip cookie recipe! Or something!

Do you know the secret Geek handshake?

If this is the real GeekyGoddess, well I say I am sorry to hear that the smartest person in Tennessee history is a crime victim.

I would say Have a Great day. But that doesn't work for this!

Chin up. You have Geek friends.

Mr. Geek 2U!

--------------------
My friends call me Skippy

Posts: 260 | From: Kalamazoo | Registered: Aug 2009  |  IP: Logged


All times are Eastern Time  
Post New Topic  New Poll  Post A Reply Close Topic    Move Topic    Delete Topic next oldest topic   next newest topic
 - Printer-friendly view of this topic
Hop To:

Contact Us | Geek Culture Home Page

2015 Geek Culture

Powered by Infopop Corporation
UBB.classicTM 6.4.0



homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam