[thibaut_barrere]

I know that creating a guest account as a honeypot is the recommended technique, but I wonder if there are (Mac OS X) vulnerabilities to get access to your main account from the guest account (in which case full disk encryption would not protect the data).

I guess in the end it boils down to: do you prefer to leak the data, or lose your laptop ? :-)

[dunham]

The built-in guest account runs on a separate copy of the OS, booted from the recovery partition. It is a limited OS image that only runs Safari.

A normal account would require unlocking the disk, which would expose everything.

Last time I looked at Prey (over a year ago) it didn't support installation to the recovery partition. But they may have added support since then.

[paxswill]

If you're already relying on OS X's FDE, it's not a huge step to link your laptop with iCloud. You can then do basically all the things you can do with a lost iOS device: beep, send messages, or wipe it (instantaneously if FDE is on, it just clears the keys).

[CoachRufus87]

Out of curiosity, could you explain why creating a guest account as a honeypot is the recommended technique? My first guess would be to help identify who has the machine.

[bschwarz]

If there's no way to use the computer the thief will instead wipe the disk making it impossible to track.

[baby]

if you don't need a login to use your laptop, then a guest account is not needed.