How do I remotely destroy parts of my Macbook hard drive?

1

I would like to connect to my Macbook through a reverse shell to be able to delete data remotely.

It will have an internet connection through WLAN
The hard drive will not be removed from the computer
It has to be done silently (no Windows, no tray icons), preferably while the lid is closed.
I might encrypt the hard drive. Encrypting the data would be useless since the people I'm trying to hide it from can just ask me to enter the password and I would have to do so.

I know it's not an easy task, but please help me with solutions to different parts of the problem. I can program some parts myself if needed. I just don't know where to start.

Filip Haglund

Posted 2011-05-11T16:04:07.677

Reputation: 1 150

If you're contractually obliged to enter the password, I'm surprised you're not contractually obliged to refrain from wiping the hard disk. If you genuinely can be compelled to release the password, consider using deniable encryption, which has a secondary password which will decrypt something other than the files being protected. – Scott – 2011-05-12T08:38:24.360

Answers

3

Check out TrueCrypt, http://www.truecrypt.org/ specifically the section on "plausible deniability" and "Hidden volumes" where a steganographically hidden, encrypted volume is hidden withing another encrypted volume... http://www.truecrypt.org/hiddenvolume sounds similar to the situation you are describing

mvario

Posted 2011-05-11T16:04:07.677

Reputation: 251

1

If the lid is closed and you didn't configure it otherwise the machine is asleep and can not be remotely connected to. If you configured Wake-on-LAN AND you are on the same network you can wake the machine via a "magic packet" even when the lid is closed.

Remote access also needs to be set up ahead of time, so if they already have the device and you haven't set up Remote Login or something similar you are out of luck.

However, if you have SSH access you can delete the files from the command line and then shred the free space on the drive to prevent recovery. SSH access is (more or less) invisible to the person looking at the machine. Search for "secure delete command line mac" for details on performing the data wipe.

If you only have remote desktop access then you can perform the same operations but they will be visible to anyone looking at the screen.

Chris Nava

Posted 2011-05-11T16:04:07.677

Reputation: 7 009

1You can also shred the files directly before shredding free space -- it will take a lot less time to securely delete the particular files than it will to wipe the free space on the entire hard drive, which means a much smaller window in which the data can still be recovered. – Kromey – 2011-05-11T18:48:35.483

Asked: 2011-05-11T16:04:07.677

Viewed: 972 times

Active: 2011-05-11T17:07:50.593