This article originally appeared in TidBITS on 1998-08-10 at 12:00 p.m.
The permanent URL for this article is: http://tidbits.com/article/5033
Include images: Off

Ripped Off!

by Adam C. Engst

Let me tell you a story that highlights the importance of some of the issues surrounding backups and information security that I've been harping on in TidBITS lately.

A Weekend Away -- Two weekends ago, on Saturday morning, Tonya and I were getting ready to visit friends for the weekend. I was finishing an Indian dish for dinner and checking the weather forecast on our "kitchen Mac" - a PowerBook 5300 connected via Ethernet to the rest of our network and to the Internet. Suddenly, the PowerBook beeped and displayed a dialog from Retrospect Client telling me that it hadn't backed up for a while. I tried to use Timbuktu to connect to our backup Mac, a Centris 660AV, realized that the machine had crashed, and went downstairs to restart it. A while later I remembered to check on it again. Curses! The crash had messed up Retrospect's catalog file, and Retrospect wanted me to verify it before proceeding. I started the verification, but Retrospect's log claimed the tape drive needed its heads cleaned. Muttering about the universe being after me, I popped in the cleaning tape, then replaced the backup tape and started the verify process again. About this time, Tonya was giving me those "We should have left ten minutes ago and you're messing around with the computer" looks, so I decided the verify process could work on its own, closed the PowerBook, locked the door, and left.

The weekend was marked primarily by aquatic sports and sunburns courtesy of defective sunscreen. Our time was relatively Macintosh-free, aside from maintenance on a PowerBook 165 used by our friends's son to communicate via voice synthesis and typing with head switches (he has cerebral palsy and is confined to a wheelchair). Sunday evening on the way home, we had dinner with Geoff Duncan, who mentioned our 56K frame relay connection was down. I checked from his place, and while the router responded to pings no other machine on our network responded. Weird.

Arriving Home -- When we returned home, the mystery resolved itself in an ugly fashion. The door was unlocked, and on the kitchen floor were the boxes that the PowerBook 5300 had sat on, with the 10-Base2 Ethernet cable pulled out of the wall. The PowerBook was gone. I checked the rest of the computers, but nothing else had been touched, aside from a broken window pane at the back of the house.

Slowly, we pieced together what must have happened. The thief probably rang the doorbell, noticed that no lights came on (our other car was there, so we could have been home), and decided to case the joint. Looking in the kitchen window, the thief saw the PowerBook and our alarm system sticker, and decided on a fast job. Slinking around back, the thief picked a window without an alarm sticker, broke it in, and immediately went to the kitchen (passing by Tonya's Mac). Once there, the thief grabbed the PowerBook and all the cables attached to it, and then took a wooden stamp box Tonya gave me years ago from a drawer beneath the PowerBook (though not the stamps - go figure). That done, the thief unlocked the door and fled.

The burglary took place about 1:45 AM Sunday morning, since the thief's clumsy efforts to disconnect the PowerBook caused our Ethernet network to go down at exactly 1:48 AM. That explained why the router answered pings, but all other machines were dead to the world. Later, the police came, took down the details, and said they'd keep an eye out for the PowerBook at pawn shops. The next day, I started the claim process with the insurance company, which has been reasonable so far. Although we have a $1,000 deductible, I should be able to get a PowerBook G3 to replace the 5300.

Backup Lessons Hammered Home -- After I picked up the pieces and restored the network, I went to check on the backup. Retrospect's verification had finished but had prevented backups from running Saturday night. When I dismissed the verify completion dialog and started the backup server, Retrospect started reporting errors with the current tape. In short, although I might be able to recover some data from that tape, there's no telling.

Remember all those articles I wrote about backup? Here are some real-world examples of what did and could have gone wrong.

<http://db.tidbits.com/series/1041>

Security Musings -- In situations like this, you immediately start obsessing about security and what you could have done. Here are a few of my more realistic thoughts (i.e., those that don't involve automated gun turrets on the roof).

<http://db.tidbits.com/article/05020>

<http://www.bytebros.com/macsecu.htm>
<http://www2.security-solutions.com/security/ ssproducttdcmac-1.html>
<http://www.usecure.com/mackits.html>
<http://www.kensington.com/products/>

<http://www.measure.com/>

This isn't a topic I've thought much about before, so I'd like to open it up to discussion on TidBITS Talk. If you've set up a security system involving Macs (perhaps via a Connectix QuickCam and DigitalRadar) send your story to <tidbits-talk@tidbits.com> and I'll post the best ones. To subscribe to TidBITS Talk, visit the second URL below.

<http://www.connectix.com/html/digitalradar.html>
<http://www.tidbits.com/about/tidbits-talk.html>

Stolen PowerBook Registry -- I found a new service offered by the good folks at O'Grady's PowerPage. O'Grady's Stolen PowerBook Registry is a Web database with which you can register stolen PowerBooks by serial number and check to see if a PowerBook you're thinking of buying was stolen. I've already registered my PowerBook, and I encourage other victims of PowerBook theft to do so as well.

<http://celebs.ogrady.com/larceny/>

Laptops are an increasingly common target, since they're expensive and small. I've seen numbers claiming as many as 1 in 14 laptops are stolen, and Safeware Insurance said recently that companies it insures filed $1 billion worth of claims for almost 310,000 stolen laptops in 1997, up 28 percent from 1996. Laptops are simply too attractive as theft targets, as evidenced by the fact that our thief stole little else. Ironically, the claims coordinator I've been working with said that Macs are far more commonly stolen than PCs - perhaps we aren't giving thieves sufficient credit. In the end, the moral of the story would seem to be that you should do as much as is reasonable without succumbing to paranoia that would have you afraid to leave your possessions for even a few moments.