[jlit]

I have a MBP and am very concerned about theft. I've downloaded and installed a very cool sounding application called Undercover made by Orbicule that does all sorts of stuff if your computer is reported stolen ( http://www.orbicule.com/undercover ). On the site, they mention using a Firmware Password to prevent a thief from just wiping the hard drive if stolen.

I know that using a firmware password restricts startup options like booting in target mode or off a disk, but I'm interested to see what you guys think.

How about a disguised gps transmitter to fit inside the express slot so I could just track it?

thanks

[goMac]

Originally Posted by jlit 

How about a disguised gps transmitter to fit inside the express slot so I could just track it?

Not possible. Nothing is small enough. We looked into it at work.

[chabig]

I think the firmware password is a good idea. I use it.

[TETENAL]

The Firmware password can be removed by taking out the RAM. And anyway, the hard drive can be accessed by taking it out of the computer. The only thing that will prevent a thief from reading your data is using FileVault (and to be absolutely sure encrypted virtual memory). Nothing can prevent a thief from wiping the hard drive.

[ghporter]

Lo Jack for Laptops is a real option. It's about $50 at the Apple Store. I'd consider it if I were really worried about theft.

By the way, WHY are you extremely concerned about theft of your computer?

[chabig]

Originally Posted by TETENAL 

The Firmware password can be removed by taking out the RAM.

Shhhhh!

[CatOne]

There is NOTHING you can do that will prohibit someone from formatting your drive if they get the machine. It's not possible to do -- if someone has physical access, they can do whatever they want (hell, worst case they can just pull the drive, and then "to heck" with whatever firmware password you have).

The ONLY thing you can do if someone has physical access to the machine is to prevent them from getting at the DATA on the drive -- for example if you have your own financial info, or passwords, or (gasp, it seems so darn common these days with idiot accountant/consultants... 100,000 social security #'s on a laptop that's left in a car as someone has a 3 martini lunch). You can use Filevault to avoid this... but if someone gets your laptop they only have to spend 10 minutes with Google and they can find out how to circumvent an OF password. OF is in fact DESIGNED to be breakable by things like hardware changes (e.g. removing RAM) simply BECAUSE they need a failsafe in the case that someone forgets their OF password. It is assumed and expected that people with physical access with a machine can break into it... the only thing you can protect is the data via encryption.

[olePigeon]

Boing Boing: Stolen laptop recovered thanks to SETI@home software

You can always use SETI@home.

[mitchell_pgh]

New Zealand's Rakon develops world's smallest GPS receiver - Engadget

What about these receivers

Granted, they are brand new.

[jlit]

Originally Posted by ghporter 

Lo Jack for Laptops is a real option. It's about $50 at the Apple Store. I'd consider it if I were really worried about theft.

By the way, WHY are you extremely concerned about theft of your computer?

I'm in school and work at an apple reseller. I have people coming in pretty often wanting to know what they can do for their computer that has been stolen. On the other side, we have people coming in, clearly with a stolen machine in hand. I live on this computer for school & work, so I guess I'm just being a hypochondriac.

Anyone checked out that orbicule software? Orbicule.com. It reads really cool, features like using the isight to get a mugshot, takes screen snapshots every 6 seconds, and also goes to a plan b if the thief never goes online.

What other tricks do you guys like for added security.

[Cold Warrior]

What would be cool is a way to make the web tracking stuff work independent of the OS. It'd be cool if someone sold a standard RAM chip with a small section protected that would load code to phone home even if the thief had formatted the drive.

[Cold Warrior]

Also, maybe another set of embedded code that would leverage bluetooth to extract personal information from connected cell phones and report it. Might not be reliable for one or two reports, but a pattern of continued connections would indicate that the cell phone owner is often in close proximity to the stolen laptop.

[mfbernstein]

As others pointed out earlier, a firmware password can prevent casual snooping (somebody walking by your desk when you're not there and rebooting your machine), but it offers no protection in the case of theft.

Only way to protect the data itself is encryption. Unfortunately, FileVault has questionable reliability. Particularly, if the machine crashes while writing data, there's a chance your entire home directory will be hosed, since it's all part of one big disk image. The best solution I've come up with is creating a small encrypted disk image for truly sensitive data, and backing up regularly.

Dumb thieves (probably most of them), will make mistakes that are easy to catch with apps like Lo Jack or Orbicule. Smart thieves on the other hand will wipe the machine before using it. Embedded GPS isn't ready for prime time (and, when it is, it'll cut both ways: others can attach the same almost invisible transmitter to your machine to track your movements, for instance. Charming thought...). Unfortunately, partial peace of mind is as good as its gonna get.

[dimmer]

Yeah, and you do reach a point where the problems you cause a legitimate user who has forgotten a password outweigh the benefits: imagine calling AppleCare for the equivalent of a lost OF passworfd and being told your SOOL and may as well toss your hardware in the trash? Not a "good user experience". If you don't want to do the whole FileVault deal you can always use an encrypted disk image to store your sensitive stuff (i prefer this as I can move the image easily between computers).