Let me tell you a story that highlights the importance of some of the issues surrounding backups and information security that I've been harping on in TidBITS lately.
A Weekend Away -- Two weekends ago, on Saturday morning, Tonya and I were getting ready to visit friends for the weekend. I was finishing an Indian dish for dinner and checking the weather forecast on our "kitchen Mac" - a PowerBook 5300 connected via Ethernet to the rest of our network and to the Internet. Suddenly, the PowerBook beeped and displayed a dialog from Retrospect Client telling me that it hadn't backed up for a while. I tried to use Timbuktu to connect to our backup Mac, a Centris 660AV, realized that the machine had crashed, and went downstairs to restart it. A while later I remembered to check on it again. Curses! The crash had messed up Retrospect's catalog file, and Retrospect wanted me to verify it before proceeding. I started the verification, but Retrospect's log claimed the tape drive needed its heads cleaned. Muttering about the universe being after me, I popped in the cleaning tape, then replaced the backup tape and started the verify process again. About this time, Tonya was giving me those "We should have left ten minutes ago and you're messing around with the computer" looks, so I decided the verify process could work on its own, closed the PowerBook, locked the door, and left.
The weekend was marked primarily by aquatic sports and sunburns courtesy of defective sunscreen. Our time was relatively Macintosh-free, aside from maintenance on a PowerBook 165 used by our friends's son to communicate via voice synthesis and typing with head switches (he has cerebral palsy and is confined to a wheelchair). Sunday evening on the way home, we had dinner with Geoff Duncan, who mentioned our 56K frame relay connection was down. I checked from his place, and while the router responded to pings no other machine on our network responded. Weird.
Arriving Home -- When we returned home, the mystery resolved itself in an ugly fashion. The door was unlocked, and on the kitchen floor were the boxes that the PowerBook 5300 had sat on, with the 10-Base2 Ethernet cable pulled out of the wall. The PowerBook was gone. I checked the rest of the computers, but nothing else had been touched, aside from a broken window pane at the back of the house.
Slowly, we pieced together what must have happened. The thief probably rang the doorbell, noticed that no lights came on (our other car was there, so we could have been home), and decided to case the joint. Looking in the kitchen window, the thief saw the PowerBook and our alarm system sticker, and decided on a fast job. Slinking around back, the thief picked a window without an alarm sticker, broke it in, and immediately went to the kitchen (passing by Tonya's Mac). Once there, the thief grabbed the PowerBook and all the cables attached to it, and then took a wooden stamp box Tonya gave me years ago from a drawer beneath the PowerBook (though not the stamps - go figure). That done, the thief unlocked the door and fled.
The burglary took place about 1:45 AM Sunday morning, since the thief's clumsy efforts to disconnect the PowerBook caused our Ethernet network to go down at exactly 1:48 AM. That explained why the router answered pings, but all other machines were dead to the world. Later, the police came, took down the details, and said they'd keep an eye out for the PowerBook at pawn shops. The next day, I started the claim process with the insurance company, which has been reasonable so far. Although we have a $1,000 deductible, I should be able to get a PowerBook G3 to replace the 5300.
Backup Lessons Hammered Home -- After I picked up the pieces and restored the network, I went to check on the backup. Retrospect's verification had finished but had prevented backups from running Saturday night. When I dismissed the verify completion dialog and started the backup server, Retrospect started reporting errors with the current tape. In short, although I might be able to recover some data from that tape, there's no telling.
Remember all those articles I wrote about backup? Here are some real-world examples of what did and could have gone wrong.
Always make multiple backup sets. Thanks to the dubious tape I was fighting with on Saturday, I'll probably have to return to the previous week's set to recover the PowerBook's files.
Off-site backups are essential. I've recently made a point of rotating a backup set to an off-site location each week. Although the backup tapes weren't stolen, they could have been.
Fight backup complacency. The universe has a twisted sense of humor and an unknown agenda, which means that something will go wrong just when you least expect it. We seldom go away for the weekend, the backup Mac seldom crashes, tapes seldom develop errors, and we've never been burglarized before. The entire point of a backup strategy is to prevent unhappy coincidences from mutating into catastrophes.
Security Musings -- In situations like this, you immediately start obsessing about security and what you could have done. Here are a few of my more realistic thoughts (i.e., those that don't involve automated gun turrets on the roof).
I'm planning to enable password protection in Retrospect for my backup sets. It's unlikely a thief would steal the backup tapes and know what to do with them, but if the backup Mac was also stolen, there's no telling what could happen. We don't have much sensitive information, but we still don't want miscreants poking through personal email and financial records.
Situations like this are a great example of why Web Confidential (see TidBITS-441) can be useful. I didn't keep confidential data on that PowerBook, but many people do, especially heavy travellers. And, even if you kept that information on paper in a safe deposit box, it's still vulnerable en route to the bank, and even safe deposit boxes aren't completely safe.
On the back of many of Apple's hardware devices, there's a security slot (sometimes two, in different sizes). Metal clips plug into that slot and provide an anchor point for lockable cables. The larger slot seems to be older, and folks on TidBITS Talk report that Apple used to sell security kits. Nowadays you get them from Byte Brothers, Security Solutions, or University Accessories. The smaller slot is the Kensington Security Standard, and Kensington and other companies offer security products to fit. TidBITS sponsor Cyberian Outpost sells the Kensington MicroSaver products; check the sponsorship area above for details. I'm contemplating investing in one of these solutions for all my Macs.
I keep thinking there should be a way to have our computers watch the house more carefully. I have an analog-to-digital converter (the EnviroMac from Remote Measurement Systems, which I plan to write more about soon). I could check light level changes and play sounds or control lights, for instance. Email or telephone alerts are also possible, but false alarms are too likely, so I'd settle for scaring away robbers.
This isn't a topic I've thought much about before, so I'd like to open it up to discussion on TidBITS Talk. If you've set up a security system involving Macs (perhaps via a Connectix QuickCam and DigitalRadar) send your story to <email@example.com> and I'll post the best ones. To subscribe to TidBITS Talk, visit the second URL below.
Stolen PowerBook Registry -- I found a new service offered by the good folks at O'Grady's PowerPage. O'Grady's Stolen PowerBook Registry is a Web database with which you can register stolen PowerBooks by serial number and check to see if a PowerBook you're thinking of buying was stolen. I've already registered my PowerBook, and I encourage other victims of PowerBook theft to do so as well.
Laptops are an increasingly common target, since they're expensive and small. I've seen numbers claiming as many as 1 in 14 laptops are stolen, and Safeware Insurance said recently that companies it insures filed $1 billion worth of claims for almost 310,000 stolen laptops in 1997, up 28 percent from 1996. Laptops are simply too attractive as theft targets, as evidenced by the fact that our thief stole little else. Ironically, the claims coordinator I've been working with said that Macs are far more commonly stolen than PCs - perhaps we aren't giving thieves sufficient credit. In the end, the moral of the story would seem to be that you should do as much as is reasonable without succumbing to paranoia that would have you afraid to leave your possessions for even a few moments.