Remote Destruction of Data

kcnychief

??? ??? ?
Political Access
Joined
8 Apr 2005
Messages
16,950
I never have and probably never will use a MAC, but you HAVE to admire the coolness to this article :)

Question:

Can you set up a Mac so that if it is stolen, you can easily erase the contents of its hard drive from a remote location if the stolen Mac is connected to the internet?

Answer:

Absolutely! The trouble isn't so much in the actual erasing of the data as it is in remotely accessing your computer where ever it winds up. There's a couple of remedies to that problem. Some people set up a phone-home, a script on the computer that (in the old days) would dial your home phone number if the computer was attached to a phone line. Recently, this has evolved into an email or other network ping to divulge the computer's IP address. Then, you could try to access the computer remotely to manually delete data. This has one downside - if the computer is behind someone's home firewall, all you'll have is an IP and no way to actually connect.

http://www.macgeekery.com/gspot/2006-02/remote_destruction_of_data
 
You don't really need a Mac to do this, Derek. :)

All it's doing is checking a webserver for the presence of a file, and if the file exists, it erases all the private data on the machine, and once that's done, pops up a warning message informing the user that the laptop is stolen. You can just as easily create a batch file in Windows or a shell script in Linux to do the same thing and run it as a scheduled/cron task.

Besides, there's a big caveat - the machine has to be connected to the internet for this to do anything. If it never gets connected, it'll never check for the presence of the file, and the person who has your laptop will have access to all the "sensitive" information that the script was supposed to delete.
 
There is a radical alternative. You can password protect the computer and files with a strong password.

If someone goes to the trouble of reinstalling windows to create a new account the original encryption key will be destroyed and the files are "forever" inaccessible, even if the original owner gets it back. Not quite doing a DOD 10 pass secure erase but close enough. Unless you are NSA and have the supercomputers handy to brute force the original encryption key.

Note, a remote erase has to run 10 times to make the data truly inaccessible. So remote erase is not entirely secure either.

PS Here's paranoia for you. Since enough compute cycles can break any encryption key how about this. Someone hacks into Folding at Home or Seti and uses them to distribute a brute forcer. You would never know that those millions of computers were being used in parallel to illegally break passwords during their idle time.
 
Last edited:
If I was that concerned about anyone getting data off my PC I'd write an application and register it to start at power up. The app would run a Norton Secure erase if it wasn't reset within 10 minutes of boot.

Set it up so it reads the auto start up list, renames it's executable to something on the list and modifies itself to launch the application it is hiding under or just have it make up random file names for itself to hide from data theives until it can activate.

i.e. Infect your own computer with a data erasing virus you control. You could use that rootkit Sony distributed to everyone for free to develop the virus.
 
Best way to do it is just to have a bomb in the case, with a detonator that will work within 10,000 miles :cool:
 
kcnychief said:
I never have and probably never will use a MAC, but you HAVE to admire the coolness to this article :)
Never say never, you might get a mini for your birthday or holiday just become a mac addict! :)

I run a Windows XP site and half the time I post to it or check up on it I do so on my iBook. Irony. :)
 
That's not irony, that's blaspehmy :p

I have to go to MAC training in a few weeks. I am going to be doing a lot of work for the .COM section, and all of Disney/ESPN websites are designed on the MAC platform. :(
 
Far from blasphemy. ;)

High end production video/graphics done professionally are more often done (yes I'm going to get a lot of flack for this but it's true) on a G5. Sorry, the way of the world. I'd love a G5 with a 30" cinema display to do
video editing on. It's painful running Final Cut express on my iBook but it's still better than anything I can find on the PC.

But at the end of the day, I'm a PC guy.
 
It's Mac not MAC.

BTW, there is in Mac OS X the feature encrypt a users home dir, what that means is that the entire home directory where all files are stored is encrypted using high end NSA approved encryption.

It will not allow access to any and all files unless the user logs on, and there are over a set amount of bad logins it will erase the users data.

The protection is called FileVault. And unless someone knows your password or the master password, there is no way to unlock the data at all. It is supposedly secure enough that it can be used to carry around Level 3 data, anything above that it is still not good enough.

I would use it, but the fact remains that it requires a lot of CPU time decrypting things on the fly, as well as re-encrypting them.
 
You know, at work we are evaulating a program called Lost Data Destruction from Beachhead Solutions. It sets up EFS on an XP laptop (or desktop) and the software has the basic "check-in" function where it checks in to validate that it is still valid. You can mark the laptop as "stolen" so when it checks in, it will automatically start deleting not just the EFS encrypted data but all of the data on the drive.

It goes even further that if the client hasn't checked in to the server after a configurable amoutn of time (say, if the client hasn't connected to the internet) the client will just automatically start deleting data.

It's not perfect because it's an XP kernel shim from what I gather (ie: booting off a Knoppix CD will not trigger the client timer) but it is better than most other solutions out there..
 
kcnychief said:

Yes I have, however to me giving a user a local account is not something I would suggest doing unless one trusts them in the first place. I do hope however that Apple get's on the balls and starts updating all of it's binaries that get used on the command line, as several of them are outdated and could potentially be used. Porting them from FreeBSD, NetBSD or OpenBSD should be relatively simple.
 

Members online

No members online now.

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back