Ex-boyfriend accessing my computer remotely...

[hayne]

burned:
I merged your new thread into this existing one - let's keep it all here where people have the background available.

[hayne]

I'm not sure, but I think the wtmp log records all logins - i.e. it will have a record of your normal logins via the loginwindow GUI.

Note too that you seem to be ignoring my previous point about the fact that you can't trust anything that the computer tells you (logs etc) if someone sufficiently knowledgeable has had access to that computer with an eye to deceive you.

[tlarkin]

Quote: Originally Posted by hayne If someone who you don't trust has had "full access" to your computer, then the only way to get back to a state where you can be sure that person will no longer have access is to erase the disk and reinstall OS X from the original OS X Install CD/DVD.

Can't agree more. This is truly the best way if your machine has been rooted. I assume he had an admin log in, which can be hidden. back up important data and then wipe and reload with the OS cd/dvd like suggested above

[kel101]

wow this dude sounds really creapy, and its starting to sound like he wont stop at hacking your mac, so I'd say call the cops because your ex sounds like an expert at unix who knows all the tricks so he cant loose access to your passwords etc

[MacUser92]

This guy does sound like a creep, I can't believe you dated him, definately call the cops on this guy.

[kel101]

lol you could "set up" one of your friends with him and they could accidently spill a drink on his computer

[tw]

Quote: Originally Posted by burned Because he told me. Because he knows everything I have done. Passwords, text edits, google searches...accessing and deleting my email.

Stalking is a felony offense in the US, with punishments of up to $1000 and a year in jail possible for first offenders (with state-specific options, such as being registered as a sex offender). see this site for details. if illicit activities or sensitive financial or personal information are also involved, fraud charges might apply as well, and then he might face prison time. My advice to you is to immediately report the problem to your local police, give them your laptop, and let their computer experts check it over. they'll let you know if he's done anything, throw him in jail if he has, and you can leave it to the lawyers to haggle over the details of his punishment (most likely he'll walk, after paying some hefty fees and fines; with luck his fingers will get burned badly enough to keep him away from bad uses of the keyboard in the future).

believe me, if you don't smack him now, he'll just do worse later. the hacker power-trip is totally addictive, and the more he gets away with it, the more he'll crave it. sad really...

[Cowicide]

Quote: Originally Posted by burned He removed Tiger from my system (said too many bugs were causing my problems) and I now have 10.3.9 which was his. So do I reinstall Tiger?

I didn't see this mentioned anywhere, so I figured I'd add this... I'm pretty sure the only reason he wanted you to use Panther 10.3.9 is because Tiger 10.4.x is more difficult to use keyloggers with because of upgrades in security to Tiger.

There are still keyloggers that will work with Tiger obviously, but there's keyloggers that could work remotely with Panther that stopped working in Tiger.

This is just a theory and I'm sure there were other specifics, but I'm pretty sure he was trying to keep you using Panther because Tiger's increased security killed whatever he was doing remotely, etc.

I hope you did call the police, but I doubt they did much about it. It's very difficult to get cops to care about cybercrime, I've found. But, depending on where you live, etc. YMMV, of course.

[agentx]

Just do a clean install yourself after a full backup.

There is no chance that "he" can circumnavigate a clean version of OS that he has not had access to. Make sure SSH and remote desktop are turned off.
When you create the first user make sure you use a seure password that you have never used before.

Change your email passwords !

Also check your router/modem for open ports mapped to your machine.
You more than likely do not need any open incoming ports.

If you are really worried then get a Mac expert to look at your machine. It would take about 1-2 hours to check the system,library and user folders for any files that should not be there.