Password Recovery from stolen hard drive

J dreadpiratejeff at
Tue Apr 13 18:26:51 UTC 2010

On Tue, Apr 13, 2010 at 14:10,  <p.echols at> wrote:

> Police say it was probably sold within the hour.  If it gets wiped, then I don't care any more.  It's done and gone.
> The concern is if it was sold to identity thieves.  Can they get access to my passwords and then access my accounts.

Yes... physical access is the easiest way to get stuff like that.
Chances are it WAS probably sold and was wiped and had windows on it,
but you never know.

I bought a system off craigslist that still had hard disks in it.  The
disks still had personal data, completely open.  I even had student
projects and such...

>> He can reset your password if he is able to reset the root password,
>> which require some grub knowledge or if  he's patient enough to read
>> some documentation on how to do it
> Yah, I better change all my passwords.  Bleah!

Yes... and I would also advise, for the future, encrypting the hard
disk, or at least /home, and use a password that's different from
everything else to decrypt!!

I would also suggest using any Boot or Hard disk passwords that you
can set through BIOS.  ON my laptops, you can't even boot or access
BIOS without a password.

Of course, nothing is ever 100% secure, but it's as close as I can
get, I suppose.

>> If I can suggest..  Make a script that sends its ip adress   (i.e: at
>> the last line of the networking script)to your email account (gmail,
>> hotmail,etc..) at boot time.. That way you might be able to do what
>> you
>> want with your pc as soon as it hits the net. :)
> How would you script that?  9 times out of 10 I expect that the laptop would report a private address like  Useless information unless I had a way to log back into the
> laptop from where ever I was.  A pipe dream I think.

Nonsense.  There are plenty of apps that do just that sort of thing
for MacBooks, iPhones, Blackberries, etc.  Police can even trace
stolen xBox and PS3 systems so long as you have the serial number.

Granted, the example you were given is rather simplistic, and most
likely would only give you an internal IP, BUT if it e-mailed you it's
system info (like DNS server addresses it gets at boot time, route
info, etc) you'd have a place to start.  Plus, an e-mail send should
have traceable headers that will at least get you to the router it's
sitting behind.

More information about the ubuntu-users mailing list