[LRUG] [OT?] Security advice, Prey and catching burglars... 'The Ruby Way'
Kevin Monk
kevin at mangoswiss.com
Fri Mar 30 03:54:41 PDT 2012
Thanks to all those who responded to my job advert last week;
including those who emailed just to say they enjoyed the success
story. I shall be in touch shortly.
The reason why I've been a little slow to respond is that I had my
office broken into last friday and two computers were stolen.
Unfortunately for them, we'd done quite a bit of preparation for such
an event and installed the open source anti-theft system, Prey...
http://preyproject.com/
And it works!
I have my two computers back and the priceless picture of a man in
handcuffs looking forlorn in front of my computer.
So firstly, from someone who's been there, this is just some advice to
our LRUG community on preparing for and getting your stuff back...
Install Prey (It's free)
Lock the BIOS with a firmware password.
Use FileVault 2 if you're on Lion.
Allow 'Guest' access as bait (Amazing how many people will start
accessing Skype and Facebook on a stolen computer)
If stolen, get yourself a directional WiFi antenna and some form of
connectible portable analyzer to pinpoint the house.
Don't stop hassling the police until they break the door down.
Secondly, how do LRUGers secure their code?
One of the iMacs didn't have a firmware password and was running Snow
Leopard so they booted it up in single user mode as described here...
http://www.hackmac.org/hacks/how-to-create-a-new-administrator-account/
... and created a new admin account. Had they wanted to, (fortunately
the were too busy watching terrible Slovakian rap music) they could
have reset the password on the other admin account(?) and would then
have access to the Keychain, docs and other areas I wouldn't want them
looking. As luck would have it, I'd just moved all my passwords to https://agilebits.com/onepassword
and so I didn't have to worry about that. We'd also just put all our
very sensitive data in https://agilebits.com/knox and stored the Knox
vault on dropbox. This got me wondering, if I want to keep our code
really secure, should we be putting the git repo and code base in a
Knox vault on dropbox whilst working?
Thirdly, anyone got a knowledge of computer forensics and/or a Radeon
GPU rig they'd like to put to pro-social use?
I shall be attending the LRUG event on tuesday if anyone would like to
discuss this or the job opportunity. I'll be the one in a red t-shirt
with a picture of a teddybear with a pin through it.
Cheers,
Kevin.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lrug.org/pipermail/chat-lrug.org/attachments/20120330/b482f1ad/attachment-0003.html>
More information about the Chat
mailing list