What is the best setup to cope with a potential laptop theft when syncing via DropBox?
I was just reading the blog post about two factor authentication with DropBox and it made me stop and think about what might actually happen if my laptop was stolen by a particularly malicious individual (particularly in the light of what happened to Matt Honan).
Currently I don't use FileVault encryption on my laptop (which I might change, but I'll come back to that in a minute). So I have to assume that a moderately tech-savvy thief can be logged into my account pretty quickly once he has the machine. Now, I can see how to use encryption to make convenience/security tradeoffs here to lock down what data the thief can now get hold of - that part of it doesn't worry me.
What does worry me is that there's not a lot that can be done about the fact that DropBox starts syncing with my account as soon as I log on/open my computer back up from suspend. A thief that gets into my laptop account immediately has access to my DropBox. Sure, everything that matters is separately encrypted in some fashion, but that doesn't stop him just deleting the whole damned lot, or, perhaps more scarily, just my keychain. If I'm unlucky, a few seconds later, the file will be gone from all my devices. He could then unlink all my devices just to make things extra awkward.
At some point soon, I'm going to realise that I've had my laptop stolen, and start trying to lock things down. Then I'm going to see that I no longer have a keychain anywhere, so I can't find any of my logins to start the process. And then I'm going to realise that my only route out of this is to login to the DropBox website, using a password that is only in my keychain, to which I no longer have access! Aaaaargh.
I assume that the AgileBits guys have thought about this scenario. What's the recommended recovery/prevention strategy here? I can see a few possible options:
- Perhaps 1Password stores some local backups of the keychain on each device?
- I could just write down my DropBox password, but I can't say I'm hugely keen on that
- I could turn on FileVault 2. I'm a bit reluctant to do that, however, as it significantly constrains my options when it comes to things like Prey/LowJack/etc that might enable me to actually recover the machine
- Is there something I'm missing about how DropBox works that makes it actually a bit more secure than this? Does it at least make use of the login keychain so just resetting my login password as root won't allow an attacker to start controlling my DropBox?
- Do people perhaps use alternative encryption approaches that work a bit more like old FileVault, locking down enough of my user files to stop DropBox from functioning, but not so much of the system that it's basically unbootable without a valid login (like FileVault 2)?
Any ideas gratefully appreciated,
Lucian
Best Answers
-
Hi Lucian,
I'm glad the blog post made you think more about your data.
- 1Password does store backups locally on each Mac. We do not recommend moving your Backups into the Dropbox folder as each Mac should have its own redudent copies of your backups. Imagine if the backup was damaged, you wouldn't want to sync it to the other Macs as well.
- Do you have 1Password on a mobile device or you don't have any mobile devices at all? A sudden removal of the data file via Dropbox shouldn't remove the database on the iOS devices. We do recommend storing a copy of your data file on your USB drive and keep it in a safe place.
- Don't use Filevault if you're worried about that. Instead, use Disk Utility's Encrypted Images or our product, Knox, to create virtual volumes that mounts after you enter your passwords for them. That way, you may still use your recovery tools along with localized encryptions. You may also use something like BoxCryptor which works to encrypt your Dropbox folder. We're not yet familiar with their app but we've heard of it many times.
- No, you're not missing anything. Once somebody has access to your hardware and manage to reset your account password, he can get into your Dropbox folder. Your files are copied locally when you sync it, so once you unlink the account or remove all access to it, it doesn't change the fact that the files are still left behind. The thief simply won't get updates made to it once you unlink the computer.
- If you're careful about which data you want encrypted, people usually use encryption tools or images to store the data within. If the passwords aren't given, the images won't mount. It also won't matter if the OS X account or keychain was broken into as the passwords aren't stored anywhere for those images.
Flag 0 -
Hey, Lucian,
I've spent a lot of time thinking about this too. I don't have answers, but do have a couple of things to mention.
Memorize your Dropbox password! I found this hard, because I never have to type it, but I eventually got it memorized.
Don't rule out FileVault today just because you might want to use Prey/LowJack in the future. You can always turn off FileVault later if you decide to use one of those services.
With FileVault2 + FindMyMac, you can configure a "guest" account that will enable the thief to log into the stolen MAC and be tracked.
Create an Apple ID that is for FindMyMac and nothing else. Share the email with no one. Make sure it has a strong password and memorize it. This will reduce the chance that a hacker compromises the AppleID and uses it to remote wipe your machines.
TimeMachine, Carbonite, and other backup solutions should get a copy of your dropbox including your keychain
If you use 2-factor authentication with Dropbox, be sure you ALWAYS have the reset code with you. (In case you lose your phone)
Hats off to you for contemplating all this stuff.
Flag 0
Answers
-
Hey guys, thanks for the additional information/ideas. Over the last few days I've also made a certain amount of progress with getting a setup I'm more comfortable with. See: http://apple.stackexchange.com/questions/81159/how-can-i-use-filevault-encryption-and-still-track-my-laptop-if-stolen for where I've got to....
FWIW I'm using both TimeMachine and CrashPlan, so I do have quite a lot of options for recovering data. My main concern was that in the heat of the moment it would be extremely frustrating to find that all my devices were without a keychain until I went through some sort of recovery process. I think my mind is slightly more at easy now because:
- MikeT says my iPhone won't automatically bin my keychain if it disappears from dropbox
- I've now found a way to use FileVault2 that doesn't preclude having a reasonable stab at catching a crook with tracking software.
I did think about the Find My Mac option, but frankly I think the Safari-only Guest login thing is pretty far-fetched, and it's a great deal more limited in it's functionality than some of the dedicated bits of software out there (I've plumped for Undercover in the end)
I think I'll still be looking at storing some emergency DropBox credentials somewhere non-digital to be on the safe side...
Cheers,
Lucian
Flag 0