How do I crash my Macbook Pro digitally?

Question

Yep, you read it correctly. I would like a way to crash my Mac OS x hard drive/hardware so that it cannot boot anymore. Through a software solution. This is because if my Macbook ever gets stolen I'd prefer to crash the damn thing rather than recovering data. (of course I have backups)

Is there any location on the hard drive on which finder or so is located? Is there a possibility to delete any of those files/folders using sudo in bash through some remote shell?

The best thing would probably be if I could delete the part of finder/OSX that browses the hard drive filesystem. Please also post your thoughts on any answers if you know something bad with that solution.

EDIT: thought #2: Corrupting the files in the folders? Is there a way of finding them on the hard drive and overwrite their contents with random data? (Maybe mount it using some non-standard driver through sudo?)

EDIT2: Is it possible to use two passwords when encrypting a hard drive? I.e. one that decrypts and mounts my "safe" part, which would be the OS, programs and so, while not decrypting the sensitive parts, and another password to do the rest of the decryption. I doesn't matter if this would end up as two different encrypted files on the disk as long as they are hidden.

Please note: I do not want an encryption-solution unless it can encrypt the hard drive in two parts; one for the OS and one for my files. Maybe encrypting the hard drive and then encrypting the sensitive once again through a bash command or something equally hidden? (no visible "/encrypted-data" folder which you cannot access)

Also, Would a "sudo rm -rf /sensitive/folders" from SSH do the job? Would it do it silently? (non-discoverable by someone looking at the Mac screen)

Edit 3: since this thread is running out of hand and i have posted small aditions all over the place i made a new thread with alot more clarity to the actual problem. Hope you understand why.

Answer 1

I would like a way to crash my mac os x harddrive/hardware so that it cannot boot anymore.

Doing it remotely? No way. You can't erase all of the data just by a remote login*. Also, if it's stolen, why would it be online and reachable from the outer world through SSH? That would mean that any firewall it's behind has port 22 open. You'd have to be lucky, set up DynDNS, etc.

Also, you make the assumption that the thieves don't just take out the hard drive and copy it before they boot the system, which is exactly what I'd do if I stole a machine**.

Please just use FileVault, it's there for that purpose! And use a strong user password — the encrypted drive is unrecoverable without it.

_{* You can try to run rm -rf or dd but who knows how long it takes and at which point it stops, etc.}

_{** Don't take that threat too seriously.}

Answer 2

The problem with this solution is first, even if you do successfully login and delete finder, all of your files are still there and completely recoverable. Furthermore, you are assuming the stolen computer will ever connect to a network so you can execute this protection strategy. The boot-ability of your computer is irrelevant to the removal of data from it. And in fact, can serve as something of a hindrance. If you want data out of a computer it's usually much faster to remove the hard-drive and salve it to another computer.

You are much better off encrypting the hard-drive en mass ( using something like the built in, FileVault or OpenPGP) with a strong key. That, while not being a guarantee of your data security is the first step to being much safer in the event of computer loss.

Answer 3

As a rule, encrypt your data if it's sensitive.

As to your 'crashing' the HDD, I don't think it's possible. However, there is a solution.

You can set up a reverse ssh session that remains in contact with a secure server of your choosing at all times (i.e., it attempts to connect to your remote server no matter what). Once it's set up and your computer gets stolen, you can ssh into your machine the next time it connects to the internet and then securely remove the

This question details how to set up a reverse ssh connection. You can then set it up as a cron job to check if there's a connection and if there isn't then connect.

Answer 4

To the unsuspecting thief, encrypted data might as well be corrupted data if the computer does not boot. Of course, they might attempt to re-install the OS; however, I suspect those most thieves won't want to invest that much time or effort to get a working system. There are third party remote access services, but unfortunately I'm not sure which ones are available for Macs. You might consider adding some startup apps that send an email with whatever info you collect at startup. I would like that you could get local IP, public IP (by scraping whatismyip.com), and possibly grabbing cam shots when the computer is in use. In short if your computer is unusable at boot time, it won't make it onto a network; however, if it's usable (even in a limited capacity), then you have the opportunity to collect data and possibly retrieve your equipment. Be sure to make backups of your critical data, and don't store them with your computer.

Answer 5

The solution I used was truecrypt with a visible partition containing the school stuff and a hidden partition with my secret files. They've taken the mac once but they didn't even ask me for the password so I'm not sure they even looked at it.

Answer 6

SSH in, then type diskutil list to see which device special files represent your hard drive volume(s):

/dev/disk0
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *251.0 GB   disk0
   1:                        EFI                         209.7 MB   disk0s1
   2:                  Apple_HFS Macintosh HD            250.7 GB   disk0s2

In this case, /dev/disk0 represents the whole boot drive, and /dev/disk0s2 represents the main volume (partition) on that drive.

Then you can probably use something old-school and simple like dd to start reading from /dev/random and writing to whatever /dev/diskX file you determined above, to write random bytes to the first blocks on disk, overwriting first the partition table, then the EFI partition, then the beginning of the HFS+J partition, which probably means you'll first be overwriting some low-level HFS+J data structures that are probably stored there. You'll likely destroy enough of these low-level structures that the disk will become unusable (without a reformat or a heroic work of recovery that most petty thieves won't be interested in doing). After a while the OS will need to read some of those blocks and probably hang or kernel panic.

Try it on a machine without any important data first to make sure it works.

Answer 7

It might be worth watching this presentation and then install the remote tools he has on his Mac. Look at what happens to the guy who stole his computer. http://www.youtube.com/watch?v=U4oB28ksiIo

Edit: It's more a cool video than an answer. Nice to see the bad guys get their comeuppance.

I'd personally recommend Disk Encryption and Physical security to prevent your Laptop being stolen / data being stolen.
Hosing your files afterwards is trying to catch the horse once the stables been left open

Answer 8

You'd better use FileVault instead of trying to delete your data afterwards. It's the best way to be sure that nobody will have access to your data. An operating system can always be reinstalled...

Answer 9

Have you considered FileVault? While it's not the exact solution you're asking for, it's built into MacOS and will prevent someone from accessing your data if your computer is stolen.

Go to System Preferences -> Security & Privacy -> FileVault to enable it. To get the level of security you need, you'll also need to disable the guest account, make sure that your user account has a password, and make sure that your computer prompts you for a password at boot.

Your password will be used to encrypt the FileVault key.

It won't erase your hard drive in the case of theft, but it will prevent someone from accessing your data.

Answer 10

yes hello|dd of=/dev/disk1

This command will do severe damage. It overwrites your hard disk on the sector level with an infinite loop of "hello" strings, what is a practically irrecoverable data destruction. Furthermore, it destructs the partition table and the boot record first, making the recovery very hard even if you stop it on the spot.