In recent weeks, the peaceful, holiday or cucumber season was disrupted by the news of a stolen computer. But what was interesting was that the owner did not fold his hands in his lap and did not rely only on the police investigation.
Remotely activated the monitoring of his MacBook. You founded blog and on it he continuously published the location of his computer and photos of people who found themselves in front of the screen. We asked the robbed Lukáš Kuzmiak for an interview.
How did you get into computers with a bitten apple? After all, a person dealing with IT and security is not normally equipped with a Mac OS computer...
It was a simple decision. After spending hours and hours debugging various things, I'm happy to come home/stop work and have a computer that just works. I don't need to focus on it anymore and solve other things on it to do a normal thing. I have VMWare and test machines for that. I like the intuitive controls and simplicity, especially with the new OS X and iOS.
How long have you been using a Mac?
I bought my first Mac about 2 years ago while visiting my friend in the USA. It was the one I lost in the theft. I've pretty much stayed loyal to Apple ever since. I'm using an iPhone that I've traded in a couple of times for a newer model and I can't download.
There are many computer users, but few think to install a tracking software…
It wasn't on purpose, I have LogMeIn on all my computers. If I ever need something, I just connect there and do it/download the data I need. I "smuggled" Hidden into the Macbook only after a few comments from my friends. Too bad you didn't have Hidden there like the Californian designer (http://thisguyhasmymacbook.tumblr.com/)". I thought I'd give it a try and it worked. But personally, I think I was lucky. Someone turned on that computer and left it "unattended", so I had the opportunity to do something unnoticed. But those people didn't even notice LogMeIn running in the bar until they returned the Macbook, so maybe it wasn't so much luck :) But I think that after this experience I'll pay more attention to it. Firmware password, encryption of not only some data but at least the entire home and so on.
Did the inaction of the police lead you to start a blog, and did the movement in your case come about because your story got on the TV news?
I started the blog when I basically discovered by accident that the Macbook kept showing up on LogMeIn. Honestly, I never thought someone wouldn't format that Macbook and use the original OS. When I subsequently gave all the stuff from LogMeIn and Hidden to the police and saw that it wasn't going anywhere, I started posting them one after the other on the blog. Over time, people and the media noticed it, until it got into the news. The laptop was returned after they were aired. I personally don't believe that the police would be able to get him back. My secret tip is that they would have closed the case due to lack of evidence at the home search (at least that's how it seemed at the time).
But according to your blog posts, someone tried to delete your system and upload a new one. When he couldn't, he started his own account…
It all happened a little differently. The person who sold the laptop to a family in Prague removed the password of my user account to get into Mac OS X, created a new one and it was he who deleted all my data. He resold the laptop and the new owner was kind enough to delete my original profile. Since then, I couldn't access the laptop via LogMeIn and the only thing left was Hidden, which sent me the info itself. Subsequently, after the broadcast of the report on TV Nova, someone apparently tried to get rid of Hidden as well, and probably partially succeeded. Hidden stopped sending screenshots and I only got webcam snaps. I will be able to say more about this when the police give me the MacBook back and I will have the opportunity to see what actually happened there and in what state Hidden and OS X in general remained (if there is anything left).
Did the police still have your computer or did they return it to you?
The police still keep the computer with them, because the woman who brought it to the police can appeal against the decision to hand it over to the original owner (me). Although I don't understand why, since the police have evidence that I am the rightful owner of the laptop. And she handed him over to the police herself. But legally it looks OK, so I have no choice but to wait.
So where? did your data and other stolen things run out?
To this day, I don't know where my data ended up. That's what annoys me the most about it, understandably. Even in Pribram, where I had access to the laptop via LogMeIn, I saw that the data was no longer there (at least my home was empty). I have no idea what happened to them.
What do you make of the fact that people who played with your computer and bought it in "good faith" are currently suing you?
I understand those people. I would also be upset if photos of me that I don't know about are circulating on the internet. On the other hand, I never buy second-hand things without finding out how much they cost elsewhere (from the point of view of comparison, is it not more expensive.. or in this case, too cheap). When someone deletes my user account with my name and creates his own on the laptop, I personally don't understand why he didn't find it "strange" that there is a name of someone completely different from the person from whom he bought the computer. Whether people bought the computer in "good faith" will be shown by further investigation. I wouldn't want to go there just yet, so as not to spoil it for the cops. They look at me strangely like this.
What would you advise readers as prevention and what to do if they are robbed?
I thought about it myself. With the arrival of Mac OS X Lion, Apple changed FileValut so that it no longer encrypts only the home directory, but the entire disk. This can be good, but also bad. I told myself that after this experience I would encrypt as much as possible. Anyway, if Mac OS X doesn't even boot without a disk password, it's quite counterproductive from the point of view of finding a laptop, because the original OS will probably never be able to boot to anyone who doesn't know the password.
So I thought to myself that it would probably be best (if you are also concerned with HW and not just data) to set a Firmware Password so that the MacBook cannot be booted from anything else, to have your password account and an enabled guest account there . This will tempt a would-be thief to try to see if the computer is working. And if you connect it to the Internet, Hidden or other monitoring software will work. For this, be sure to have an encrypted home and do not store data outside of it. In short - enable access to the OS so that data cannot be stolen from it.
Instead of a specialized program... why not use Find My iPhone for iOS devices?
There it is definitely the best protection together with the passcode, because the devices have their own GPS module.
Thanks for the interview. And I wish you to get your computer back as soon as possible.
Nice job, I'll probably buy the Hidden too :) I'm just wondering if after installation it is necessary to configure the hidden somehow or it will do everything by itself as it should and in case of theft it will do what it should :)
I recently read a report that the flashlight can be hacked in a macbook. I would like it if ntbk manufacturers put this type of program on the motherboard, so that even reinstalling the system would not destroy it.
Otherwise, with the same functionality, there is the program Prey (Prey Project), which works for free up to five reports, so you can try it as you like.
I would like to know how to set the firmware password so that it cannot be booted from other media, I use Lion :-)
Hello,
as for the firmware password, it can be set with the utility that is part of Mac OS X, or of its installation media:
http://support.apple.com/kb/ht1352
In Lion, you can burn a Lion DVD from the installation you downloaded from the appstore (there is a dmg image with 3.7GB) or I found this somewhere in the discussions (but I haven't tried it yet, so let me know if it worked):
"Boot holding Command+R, once you have chosen your language selection you can use the Utilities menu to access the Firmware Password options."
Otherwise, the article is well done, good job ;)
L.
I use Hidden, it costs 15 USD per year and I am satisfied. Fortunately, I haven't really needed it yet :) Log Me In is also fine, I recommend it
The reason why the Police still hasn't released the laptop is unfortunately lege artis.
It's a well-known trick of fraudsters and a flaw in our system in this case. If the new owner proves that he bought the item by contractual agreement from someone else on the basis of the commercial (and not civil) code (car dealerships usually do this), then the new owner no longer has to return the item even if the item was stolen and this was proven - if the original owner applies for it, so there is no performance by the "new" owner. That goes to whoever resold it to him "in good faith".
To the editors of Jablickare:
Don't you want someone with the guts to write down what can be done to secure the MacBook in the event of theft?
Is there a functional database of stolen macbooks according to serial numbers, where it would be possible to verify at the time of purchase whether the HW is stolen? Is it possible to register there? Or something similar directly at Apple?
Are you planning something like findmyphone for laptops as well? etc.
Stolen macs can be entered, for example, here: http://www.mark-up.com/stolen/