Anti-Theft Powerbook
April 5, 2006 5:47 PM Subscribe
How hard is it to defeat an Open Firmware password on a PowerBook?
I'm going to be traveling in the next day or so, and it's the first time my wife and I are going to take our new baby (read: New-to-us 12" PBook) out into the big, scary world.
We've done backups, we're insured for full loss on the thing - but honestly, the idea of someone getting our lappy and selling it for some quick crack rock just completely cheezes me off.
I am currently considering purchasing Undercover, and I'm quite impressed by the program, in theory. However, there are two things that keep me from buying it right now for our trip on Friday:
1) It's fairly new and untested. That, I know, cannot be answered by anything but time. I'm willing to give it the doubt, though, if it works as the company says it does.
2) The only way to keep someone from stripping it out with a new install is to place an Open Firmware password - and that's something that I think is fairly secure, but the grey hat hacker in me knows that NOTHING is truely secure in the digital world.
So, I ask you, fair readers and fellow hackers - what the hell would a person have to do to defeat an OF password on one of these suckers? I'm not trying to keep the thing out of the hands of a laptop theft ring with l33r hax0rs that are brilliant fences, but I am wanting to either completely scare the crap out of a bumbling crackhead (and/or lead the police to them) and potentially get this laptop back if it ever gets taken.
P.S. - I'm also scared someone will just smash it to be an ass if it starts yelling at them. Am I being paranoid?
I'm going to be traveling in the next day or so, and it's the first time my wife and I are going to take our new baby (read: New-to-us 12" PBook) out into the big, scary world.
We've done backups, we're insured for full loss on the thing - but honestly, the idea of someone getting our lappy and selling it for some quick crack rock just completely cheezes me off.
I am currently considering purchasing Undercover, and I'm quite impressed by the program, in theory. However, there are two things that keep me from buying it right now for our trip on Friday:
1) It's fairly new and untested. That, I know, cannot be answered by anything but time. I'm willing to give it the doubt, though, if it works as the company says it does.
2) The only way to keep someone from stripping it out with a new install is to place an Open Firmware password - and that's something that I think is fairly secure, but the grey hat hacker in me knows that NOTHING is truely secure in the digital world.
So, I ask you, fair readers and fellow hackers - what the hell would a person have to do to defeat an OF password on one of these suckers? I'm not trying to keep the thing out of the hands of a laptop theft ring with l33r hax0rs that are brilliant fences, but I am wanting to either completely scare the crap out of a bumbling crackhead (and/or lead the police to them) and potentially get this laptop back if it ever gets taken.
P.S. - I'm also scared someone will just smash it to be an ass if it starts yelling at them. Am I being paranoid?
Best answer: The Open Firmware password gets reset if you change the amount of total memory in the machine. It's not secure at all.
If someone physically steals your laptop, there's nothing you can realistically do to make it unsaleable (short of deliberately damaging it).
One thing you can do is enable FileVault, which will protect your personal data.
posted by cillit bang at 6:16 PM on April 5, 2006
If someone physically steals your laptop, there's nothing you can realistically do to make it unsaleable (short of deliberately damaging it).
One thing you can do is enable FileVault, which will protect your personal data.
posted by cillit bang at 6:16 PM on April 5, 2006
I'm not sure the chances of this software ever catching anyone are very high -- wouldn't a thief first wipe the disks just in case? I dunno. But I use the following script in a cron job to transmit the IP address of my laptop to another machine, every 15 minutes. So if it gets stolen and then connected to the internet, I'll be able to trace it. Perhaps. It's an awful lot cheaper than Undercover.
posted by beniamino at 6:31 PM on April 5, 2006
#!/bin/sh myip=`curl http://whatismyip.com 2>/dev/null | grep displaycopy | sed -e "s/.*\' \([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*\)\'.*/\1/g"` echo $myip `date` > ~/.myip scp ~/.myip user@anothermachine.com:~/.myip &>/dev/null
posted by beniamino at 6:31 PM on April 5, 2006
Response by poster: Benimino, that's an awesome script. God, I need to learn to code.
posted by plaidrabbit at 6:38 PM on April 5, 2006
posted by plaidrabbit at 6:38 PM on April 5, 2006
As someone who's broken a half-dozen laptops over the years, I say just assume your laptop will eventually get accosted (either by yourself or a miscreant), usually to the point of total loss. Keep any really sensitive info encrypted or off the computer, and regular back-ups of stuff that would be annoying to lose. A random thief would be more interested in the street value of the physical thing, not the data contained within.
Laptops are just things and will break or get broke given enough time. The data is usually more important. And you can copy that. :)
posted by todbot at 6:58 PM on April 5, 2006
Laptops are just things and will break or get broke given enough time. The data is usually more important. And you can copy that. :)
posted by todbot at 6:58 PM on April 5, 2006
Best answer: To answer the question precisely, as cillit bang said, you can reset the password as follows:
1) Add or remove DIMMs to change the total amount of RAM in the computer.
2) Then, the PRAM must be reset 3 times. (Command + Option + P + R).
according to: http://www.securemac.com/openfirmwarepasswordprotection.php
So the password is pretty much useless unless you can prevent the computer from being opened.
posted by beniamino at 7:15 PM on April 5, 2006
1) Add or remove DIMMs to change the total amount of RAM in the computer.
2) Then, the PRAM must be reset 3 times. (Command + Option + P + R).
according to: http://www.securemac.com/openfirmwarepasswordprotection.php
So the password is pretty much useless unless you can prevent the computer from being opened.
posted by beniamino at 7:15 PM on April 5, 2006
I also have loss protection tags on my laptop just in case it gets *misplaced* and some decent soul wants to return it but doesnt know how.
posted by special-k at 8:07 PM on April 5, 2006
posted by special-k at 8:07 PM on April 5, 2006
Even if the password was rock solid all the thief would have to do would be to remove the hard drive and stick it in an external firewire enclosure, and bam -- they have access to the entire drive. So yeah, unless you plan to actually encrypt the entire contents of the drive with a password that is entered every time the laptop is turned on, assume the data is not safe. And even then the thief can just wipe the drive and sell the hardware, which is all he was probably going to do anyway.
posted by Rhomboid at 8:21 PM on April 5, 2006
posted by Rhomboid at 8:21 PM on April 5, 2006
Even if the password was rock solid all the thief would have to do would be to remove the hard drive and stick it in an external firewire enclosure, and bam -- they have access to the entire drive
I think he's more worried about the machine itself then the data. In fact a boot password wouldn't be needed to protect the data if it was all encrypted.
If you wanted too, you could max out the RAM, and then glue it in place with a non-conductive adhesive. Then glue the RAM access port shut.
That should pretty much keep anyone from resetting the password.
At that point, though, they'll of course just junk it.
posted by delmoi at 10:17 PM on April 5, 2006
I think he's more worried about the machine itself then the data. In fact a boot password wouldn't be needed to protect the data if it was all encrypted.
If you wanted too, you could max out the RAM, and then glue it in place with a non-conductive adhesive. Then glue the RAM access port shut.
That should pretty much keep anyone from resetting the password.
At that point, though, they'll of course just junk it.
posted by delmoi at 10:17 PM on April 5, 2006
In any case, Undercover, tracking scripts, and OF passwords don't do anything to prevent your laptop from being stolen; the thief won't know that the laptop he stole is slightly inconvenient to him until he's already got it and you don't.
posted by mendel at 4:55 AM on April 6, 2006
posted by mendel at 4:55 AM on April 6, 2006
curl http://whatismyip.com
You need to check your script. That site has been an adfarm for at least a couple of months.
posted by cillit bang at 5:56 AM on April 6, 2006
You need to check your script. That site has been an adfarm for at least a couple of months.
posted by cillit bang at 5:56 AM on April 6, 2006
cilit bang: An ad farm that reliably reports my IP. Which is fine for me :-)
posted by beniamino at 8:56 AM on April 6, 2006
posted by beniamino at 8:56 AM on April 6, 2006
This is probably the least amount you can do, but I used the app Onyx to include a message in my laptop's login window.
(Onyx app>Onyx's Appearance button>Appearance section's Login button>"Show message in the login window")
The message reads :
"This computer is the property of Me J. Me-filstein - andheresmyemailaddress@youbetcha.com"
Since I require a password to login if the laptop should end up in an honest persons hands they only need to open it up to see who it belongs to. Again, more a way to help a good samaritan find you then preventing/punishing theft...
posted by blueberry at 6:10 PM on April 6, 2006
(Onyx app>Onyx's Appearance button>Appearance section's Login button>"Show message in the login window")
The message reads :
"This computer is the property of Me J. Me-filstein - andheresmyemailaddress@youbetcha.com"
Since I require a password to login if the laptop should end up in an honest persons hands they only need to open it up to see who it belongs to. Again, more a way to help a good samaritan find you then preventing/punishing theft...
posted by blueberry at 6:10 PM on April 6, 2006
« Older Flash player with slow motion, frame advance and... | where do i get alpha testers for my site Newer »
This thread is closed to new comments.
In particular, I would commend your attention to the following statement: In other words, once the machine is physically in an intruder's hands, they can own the data on it.
You might wish to look into FileVault, which is part of Mac OS X. Nothing is completely safe. However, data in folders encrypted with FileVault, using a properly formed and never-written-down password, will be prohibitively difficult for most thieves to recover even with physical ownership of the entire computer.
If you are extremely paranoid, you should assume that large government agencies have the resources to decrypt even FileVault; however, simply torturing you until you gave up your password would be quicker and cheaper.
posted by ikkyu2 at 6:05 PM on April 5, 2006