By Nerino Petro at 12 May, 2008, 3:50 pm
Here’s a link to a story about a MacBook user using the Apple Back to My Mac feature to capture an image of the thief who stole her MacBook. The thief used the MacBok to do a little online shopping when an acquaintance of the victim called her to report she was being shown as online. Kait Duplaga logged into the Apple Back to My Mac service and captured a picture of the thief in the act. The victim’s friend recognized the thief and the victim turned over the picture and other information to the local police who arrested the perp. While this story has a happy ending, it also points out that Miss Duplaga had not password protected her system allowing anyone who had her MacBook to access its contents. Think about the potential damage that could have been done if this was a lawyer’s computer and contained confidential information – can you say put your malpractice carrier on notice?
If you are carrying sensitive information on your computer, albeit even if it’s just your own account information that you’ve saved in your browser, you need to take steps to protect yourself and your data from harm. Find an encryption program and use it. You can encrypt files, folders or disk partitions with Truecrypt (free) or use SecureDoc Personal (fee) to encrypt your entire hard drive. CMS Products has recently made their CE Secure Vault Edition encryption program available for here on Tucows to create encrypted vaults to hold data. I like Truecrupt as it allows for hidden volumes which is an encrypted volume hidden inside another encrypted volume. According to the Truecrypt site:
It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume.
The principle is that a TrueCrypt volume is created within another TrueCrypt volume (within the free space on the volume). Even when the outer volume is mounted, it is impossible to prove whether there is a hidden volume within it or not, because free space on any TrueCrypt volume is always filled with random data when the volume is created* and no part of the (dismounted) hidden volume can be distinguished from random data. Note that TrueCrypt does not modify the file system (information about free space, etc.) within the outer volume in any way.
What’s even nicer is that TrueCrypt works on both Windows and Mac systems. You can also use programs such as LoJack for Laptops from Absolute Software to help you locate and recover your computer if it is stolen.
The moral of this story is that there are steps you can take to protect yourself and you have an obligation to yourself and your clients (think Rules of Professional Conduct and safeguarding client information) to do so.