I was stuck in San Francisco Airport recently when I noticed a young man frantically searching his pockets and backpack. When the last boarding call for his flight was announced, a look of helpless desperation flooded over him. As he boarded the plane, you could see the sad resignation in his slouched shoulders - he had obviously lost something important. About five minutes after his plane left, an announcement over the PA solved the mystery. Someone had left their iPod in one of the airport bars. Having lots of time on my hands and being a Good Samaritan, I went off to find the lost-and-found people so that owner and iPod could be reunited. That was an exercise in futility. There are dozens of organisations that handle lost and found in airports. Each airline has one, the private security organisation has one, all the government security agencies have one, the airport police have one, even the bars have them. In the case of this iPod, I never did discover where it was. But I did find out that lots of people lose them in airports. Reportedly, a dozen or more get left at San Francisco Airport each week. But, even more impressive, the same security official said that twice as many laptops get forgotten. If I was unhappy about leaving an iPod in an airport, I would be devastated at the loss of a laptop. After this experience, I devised a plan that would improve the odds of having my PowerBook returned (with files secure) in the event of absentmindedness or maliciousness. The first thing to do is to put your name on it. Not just on the computer case but directly on the computer. Type it and any pertinent contact information on a label and stick it on the computer, then cover it with clear tape so the print does not wear off. The lost and found personnel will go to the trouble of calling you if your contact info is easy to find. If you have data that is extremely valuable, private or irreplaceable, you should consider not storing it on a portable. If you must store in on your PowerBook, here are the procedures for keeping it from the eyes of others. 1. Set an Open Firmware password. Download the tool from Apple's website ( http://www.apple.com/downloads/macosx/apple/openfirmwarepassword.html ). This prevents your Mac from being started from a drive other than the one assigned by you as the startup disk. It also prevents anyone from erasing your hard drive, which ensures your security cannot be bypassed easily. 2. Set a password for the System Administrator. There is no password for this normally. The procedure is as follows. In the utility folder is an application called NetInfo Manager. With that running, select Authenticate under the Security Menu. Then select Enable Root User under the Security Menu and enter the password for the Root User. Once this is done, select Disable Root User from the Security Menu. This more effectively controls permissions and access to that drive than the default set-up. 3. Use FileVault, Apple's heavy-duty file encryption tool (under Security in the System Preferences Pane). It makes the files in your Home Folder (the folder under Users that has the house icon) undecipherable to anyone without your password. Provided you have used a password that cannot be guessed (not a name, not in the dictionary, six or more characters, numbers and letters, and upper and lowercase) your data will be as safe as it can be in the hands of a bad guy. At this point, you have to make a choice as to what is more important, your computer being recovered or your data being secure. If security is the priority, use two-factor authentication. By this I mean a secure password (something you know) and a mechanical personal ID interface (something you have). There are fingerprint and iris recognition devices for 'something you have' but I prefer a key. I use Griffin Technologies' SecuriKey ( www.securikey.com/pro/index.html ). After watching many James Bond movies, I know the bad guy will cut off my finger or pluck out my eye to see what is hidden on my Mac. The SecuriKey is a USB dongle that fits on my keychain. Without it being plugged into a USB port on my Mac, no one can start my computer beyond the log-in screen. For about US$100, Griffin gives you two keys so you have a backup if one gets lost. If recovering your PowerBook is the priority, you need to check out Secure Notebook X ( www.mkd.cc/products.html US$12). It surreptitiously sends you an e-mail when the thief or anyone else connects your computer to the internet from a location different from the one you normally use. The e-mail will have the name of the thief's ISP and the IP address assigned to him. This is sufficient information for the police to recover your PowerBook. If you go this route, you only need to do items one and three above because you want the thief to be able to use your computer, just not access your private files. These techniques are the best way to ensure that absentmindedness or maliciousness will not leave you devastated over the loss of your laptop or the private data it may contain. E-mail Dave Horrigan at horrigan@electriciti.com with your Mac queries.
