Only $499 and available in bulk from Subrosasoft, The MacLockPick is a handy little device for computer-illiterate trusted civil servants to plug into sleeping MacBooks and collect data from all those computers left lying around at crime scenes – just like on TV. Via Digital Trends Magazine:
Friday, April 27th 2007 @ 6:50 AM PDT
By Nick Mokey
Staff Writer, Digital Trends News
Uncle Sam has a new way to pry into your data, and it’s as simple as popping in a thumb drive.
Lock up your MacBooks, Apple fans: SubRosaSoft announced Friday that they are shipping a USB thumb drive, dubbed MacLockPick, that can extract passwords, Internet history, and system settings from an OS X user just by slipping it into a USB drive.
Of course, the drive is only available to law enforcement, but we have to wonder if the same technology that powers it will ever become available to less scrupulous individuals. […]
Anyone wonder just what security measures are in place to ensure that only law enforcement can purchase this. Better yet, what security is in place to ensure that law enforcement doesn’t lose, misplace, or steal the device? Not that it does anything that a power user couldn’t do given a little private time with the computer, but it does make it seamless, simple, silent, and quick – just the thing for the sort of abuse-prone neanderthals that seem to make up far too much of the law enforcement population.
The following is a list of file items that can be extracted using SubRosaSoft’s MacLockPick:
Apple Keychain Passwords
- System – The user password of the logged in user. Often this is shared for root access and FileVault encryption.
- General – Includes (but is not limited to) passwords for encrypted disk images, wifi base stations, iTunes music store, iChat login, Apple Remote Desktop.
- Internet – Includes (but is not limited to) login and password details for web sites, email accounts, some peer to peer networks, online services and stores, auction sites, and .mac accounts.
- AppleShare – A list of login and password details for appleshare servers this mac has connected to.
Files and Folder details
- Folder Dates – A list of all the key user folders along with their creation date, date of last modification, date of first access, and date of the most recent access.
- Disk Images – Paths to the most recent disk images that have been mounted on this mac.
- Preview – Full paths to recent files that have been viewed in the preview program.
- QuickTime – File names for recently viewed movies fro the QuickTime player applications
- Recent Applications, Documents, and Servers – Program names for the most recently used items on this Macintosh computer.
- Default Login – for iChat instant messenger system.
- Complete buddy list – including buddies who have since been deleted.
- Account Details – login names and server addresses used.
- Address Book – Address details for entries in the address book including contacts that have been deleted. This address book is used by most communication programs on the Mac and is used to synchronize with the iPod and other portable devices.
- Opened Attachments – Paths to files that have been received as an attachment then saved or opened including the date and time of opening.
Web History and Preferences
- Search Strings – The most recent items that the user has searched for using the google toolbar in safari.
- Cached Bookmarks – Sites that have been bookmarked in Safari including items that have been deleted.
- Current Bookmarks – Sites that are currently bookmarked in Safari.
- Cookies – A full list of cookies include the server address the cookie value and the date and time of assignment.
- History – Complete details of browsing history including the number of times visited and the date and time of the most recent visit.
- iPod – Serial numbers of any iPod that have been connected to this Mac along with the date and time it was first used.
- Bluetooth Devices – hardware address of any bluetooth devices that have been paired with this mac along with the most recent time these devices have been paired.
- Wifi Connections – Listings for wifi base stations that have been used on this computer including the base address and the date and time of the first connection.
- Network Interfaces – MAC address for each integrated network interface on the suspect’s machine.
No doubt there will be, if there isn’t already, an open source version of this or a free set of instructions to DIY for anyone with the time and inclination to do so.