Securing a Mac OS laptop, post-FBI

A few months ago, a girlfriend saved some rather nasty files on my computer when I was at college; then she called the FBI and reported me for having the aforementioned files. It took quite a while to clear up the mess that she had created. I wasn't charged, but the FBI did conduct an investigation. Although all signs indicate that my computer was never removed from my house, the FBI did enter my house while I wasn't there. (My girlfriend let them in.) Needless to say, the woman and I are no longer an item. She is now suing me for half my estate because we had been planning on getting married and thus she feels entitled to half of everything.

Until recently, I didn't even bother with a password on my screensaver. Now, I'm more circumspect. The last time the FBI spoke to any of my friends, the message went more-or-less like this: "There is no case, but we have to follow up on every lead, no matter how ludicrous."

I want to adjust my behaviors and systems to make sure that I can't let anyone pull that kind of stunt again. I am soliciting advice on how to protect myself in future.

The steps I have taken so far:-
1. Replace the computer. No data has been transferred from the old to the new. The old has been given away.
2. Encrypt the (solid state) drive with FileVault 2.
3. Use an IronKey for storing sensitive info.
4. Use Little Snitch Network Monitor to watch for odd network activity.
5. Run Sophos Antivirus and MacScan nightly.
6. Use a VPN for all Internet access.
7. Use GPGTools to encrypt important e-mail correspondence.
8. Use Rohos LogonKey and 1Password to replace password entry (for most things). Unfortunately, LogonKey is not Mavericks-compatible, so I've had to go back to entering my login password. *shrug*
9. Turn the firewall on... and password-lock my screensaver.
10. I never let anyone use my computer.

That's about it. I'm not worried about any three-letter agencies; partly because I've done nothing wrong, but mostly because I'm quite, quite dull. Still, I'm considering a monthly reformat and and reinstall of the OS, followed by the restoration of apps and data from a Time Capsule backup.

I'm mildly concerned about a boot-time password grabber, but (a) there "is no case" and (b) I'm too low-priority for any agency to risk exposing such an important tool; I'm simply not worth it. Still, I refuse to be caught napping a second time.

Comments?

Maccabee said:

Comments?

Click to expand...

A pretty heavy, serious, dramatic story for a members 1st post on Mac-Forums. Would have been nice to "break the ice" on a more positive note!

In any case welcome...and great that things got straightened out with the FBI.

- Nick

In all seriousness, what you have done there is more than enough to keep anybody out. I'd almost say overboard, but then I didn't have to go though what you had to.

I have never heard of a boot-time password grabber, and even if one existed Filevault works by not decrypting the HDD until your correct password is entered. Thus, even if someone went to the the trouble of putting something on the HDD it will not be able to run until after you enter your password.

And then there's always this
xkcd: Security

Yea i agree with Nick on the dramatic entry to the world that is Mac Forums, but in anyways Welcome

By the looks of it, i think you have every inch of your machine covered, but i would remove the AV Software you have on there, as its not needed because there isn't any virus out in the wild to affect your Mac. There are 1 or 2 bits of Malware/Crapware but unless you are downloading the naughty stuff your are safe.
As with emails, just don't open anything you don't know the sender from and GPG will take care of the rest.
One thing i have to offer is in Safari (if you use this browser) go into Preferences>General and right down the bottom, make sure you have "Open Safe Files after Downloading" unchecked, and this will then give you the option to open it or not.
One more thing, is DONT EVER put in your ADMIN password to ANYTHING unless you are 100% sure you know why the system is asking for it. If you are not 110% sure click cancel on the window and do your homework. This usually pops up when install a App form somewhere and it needs to changes System Files for it to be able to run, but if you are sure of the App and know its safe then sure, go ahead, but don't put it in, if you don't know why its asking.

Apart from that, be safe, don't get paranoid, and don't seek revenge, as its never pretty for either party, trust me on this one ;P

Good luck and Welcome, stay a while and learn or give some input.

PS : Would love to know what your ex put on your Mac that made it a National Security problem lol jk