defragging security mac
November 28, 2009 8:45 AM   Subscribe

Recently had my mac (V 10.4.11) defragged; by another person. Question- I am (too late) concerned about security. What steps can I now take to go thru and secure everything? Change all passwords, ok. Anything else? Where are the weak points?
posted by ebesan to Computers & Internet (7 answers total)
 
"Defragmentation on HFS+ volumes should not be necessary at all, or worthwhile, in most cases, because the system seems to do a very good job of avoiding/countering fragmentation."
- Amit Singh (one of the most knowledgeable people about OS X internals not working for Apple)

That said, did they have access to your user account? That will probably change the answer to your question.
posted by ripley_ at 8:58 AM on November 28, 2009 [2 favorites]


Defragging can help though sometimes, especially if you play around with large files and small hard drives. Sorry off topic.

How was it defragmented, using defragmenting software or was the data just cloned back and forth using an external HDD? If the latter then you probably have nothing to worry about.
posted by deticxe at 9:41 AM on November 28, 2009


How much do you distrust the person who had access to your machine? Like most security questions, answering your question really depends on what your threat model is: how motivated and resourceful the other person is and what their goals might be.

I'd assume the main risk would just be that they snooped through your files while they had your machine. It's too late to do anything about that, of course.

If they didn't have access to your user account (they didn't have your password and it wasn't set to auto-log-in) then your passwords for other services should generally be safe— most applications store them in a way that's encrypted and only accessible by someone who has your keychain password (typically the same as your login password).

The next thing I'd think of would be that they could have installed a backdoor or keylogger. You could check for files with suspicious names or timestamps, but that'd only catch the most casual attempts. If you think they might have done something like this, I think the best you can do is copy your files off, wipe the machine completely, and reinstall the OS and any applications from trusted sources— a huge hassle.
posted by hattifattener at 1:10 PM on November 28, 2009


Software, I don't know what, w/ a backup.
I did not ask enough questions; now am alarmed at giving away my computer for a day.
posted by ebesan at 4:07 PM on November 28, 2009


yes, he had the password
posted by ebesan at 5:48 PM on November 28, 2009


I just changed it, and others
posted by ebesan at 5:49 PM on November 28, 2009


If he wanted your data, he has it.
posted by fourcheesemac at 12:11 AM on November 29, 2009 [1 favorite]


« Older Choo choo?   |   Best meat thermometer Newer »
This thread is closed to new comments.