I'm sending my 3-year-old PowerBook off to Apple for repair before AppleCare runs out, and here's my checklist of confidential things to remove (after SuperDuper! finishes backing up) for security reasons. This would also be a good idea whenever a sensitive computer is going beyond personal control for a while. On a machine that travels a lot, most of this data would be on an encrypted filesystem or not present at all, but this PowerBook mostly moves around within our home.

http://www.shirt-pocket.com/SuperDuper/SuperDuperDescription.html

Hopefully this list will help someone else remember what to delete/protect.

  • All personal Keychains (~/Library/Keychains/); if you have multiple accounts, don't forget the others; if your System keychains are sensitive (AirPort password, mostly) don't forget /Library/Keychains
  • All my ssh files, except authorized_keys, in ~/.ssh/
  • Any sensitive email (in my case email is on an iPod, but backed up to the PB)
  • Password wallets (Web Confidential, etc.)

Also, I create an admin user apple, with a one-time password, and set it to enable auto-login (System Preferences:Accounts:Login Options).


When the PB returns, I'll restore the sensitive files and delete the apple account.

What am I forgetting? Leave a comment!


Update: Someone asked about deleting their account and all their files before sending a PowerBook in for service. This is more paranoid than I am, but here's my answer:

First, don't delete the account -- you'll get a different UID when you recreate it after service, and this complicates things. If you are concerned that Apple will somehow snarf your password, change the password temporarily (System Preferences:Accounts); don't forget any other accounts (if you have a root password to protect, "sudo passwd root").

Don't delete any files without having a tested backup first. Disk Utility can handle this nicely -- just make a compressed disk image of your home directory.

To delete your home directory:

  1. Enable root ("sudo passwd root", if you haven't already).
  2. Set System Preferences:Accounts:Login Options to "Display login window as:" "Name and password" (by default, you must pick the name of a non-root account from the login window).
  3. Log out and log back in as root.
  4. Go to /Users, and delete any home directories you want to get rid of (and have already backed up & verified).

When you get the computer back, restore your password(s), delete the apple account, and restore your home directory.