Help

Remote Wipe Stolen Laptop

cwaldrip
Valued Contributor

Posted on ‎03-19-2015 07:26 AM

So I know I can use APN to push a remote wipe to a machine, but that will only wipe the boot drive, and only after someone has entered the magic code (not sure what happens after failed attempts and 15 min time out...).

Regardless. I've a script that reformats the additional partitions our machines usually have. But then I get to the boot drive.

Is there something better than just running rm -r / as the last item in my reformat script?

0 Kudos
Reply
2 REPLIES 2

davidacland
Honored Contributor II

Posted on ‎03-19-2015 07:47 AM

Are you using FileVault? If you are the data on the boot drive will be pretty safe anyway. For some of our clients laptops I use a script to encrypt other partitions as well.

Regarding deleting the boot drive, I would probably do /Users first, then a second run to do the rest of /.

I've tried rm-rf / in the past, just to see the real world effect (not on a user's Mac!) and it just worked through as much as it could in alphabetical order. As most of the sensitive data is likely to be in the user's home folder, it might not get that far as it will be one of the last folders it gets to, i.e. it will delete the /System folder before it gets to /Users. In fact, rm is in /bin so it will probably eat itself before getting to the user data.

0 Kudos
Reply

cwaldrip
Valued Contributor

Posted on ‎03-19-2015 08:31 AM

Ah, yeah. That would be better I guess. Blow away Users and Applications and a few more things. Good idea.

The machines do have Filevault. so there's that too.

0 Kudos
Reply