Which Lost/Stolen Laptop Trackers Do You Like?

saudadelinux writes "I was held up at gunpoint in July, and my laptop was stolen. There are companies out there which, for a fee, install tracker software on your laptop. If it's stolen or lost, they track its whereabouts whenever it gets on the 'Net and work with local law enforcement and ISPs to find the machine. I'm wondering: has anyone used one of these services? Does anyone have a recommendation for which company to go with? My new laptop is a a dual-boot Ubuntu/XP machine, and the couple of companies I've looked at do Windows-only. Are there Linux options?"

Hmmmm... Selfmade solution?

[jawtheshark (198669)]

A pack of semtex in your laptop.... If you fail to write the correct password after three times, it explodes...

I'm kidding... If those programs can track muggers, they can also track you and that's why I wouldn't trust them. The best way to handle this is to encrypt all your data and insure your laptop against theft. Oh, and daily backups of your data on trusted media which you lock away in a safe.

Essentially, only your data is worth something. The hardware can be covered by insurance.

Re:Hmmmm... Selfmade solution?

[glop (181086)]

Actually, there is something to be said for reducing the value of the stolen good. If you make it more dangerous to resell and purchase stolen laptops through identification techniques (engravings, serial ID marked stolen in the laptop vendor's customer service database etc.), you reduce the incentive for stealing them in the first place.
Just buying insurance does nothing to improve the situation, it just mitigates your own risk (which is good). Encryption and backups are good too, of course.

Re:Hmmmm... Selfmade solution?

[Reverend528 (585549)]

One of the best self-made solutions I've heard of is a custom bootloader image (pretty easy to do in grub). It displays a picture of the owner, his or her name, and a phone number to contact if the laptop is found. It'll be the first thing the pawn-shop clerk sees when they turn it on to test it out.

Re:Hmmmm... Selfmade solution?

[sumdumass (711423)]

It would probably mean they would nuke the install and boot loader and reload some other operating system.

I had a note book stolen from my van once. The guy who stole it did exactly this after someone told them I have a script that checks into a website and leaves IP information as well as the location it was accessed the web from. He was having trouble getting rid of it because they didn't know the passwords. Anyways, he had issues getting some drivers installed and took it to my shop to get help with it. This is about 3 months after it was stolen and I guess the ass wipe didn't know he stole it from me. Fortunately, I recognized the product code I had to use to get drivers from dell and after a quick double check, the cops cops agreed. When we called to inform him to pick it up, the cops arrested him.

Of course this was a cluster fuck too, the cops wanted to keep it as evidence, then they wanted me to show my original receipt to prove ownership of it, and then it was lost in their evidence locker for year. I had started to sue the city when they found it and returned it. All in all, I was without it for a little under 2 years (20 months) because of the ordeal. In the end, I wish I just had better insurance and could have just forgot about it.

My advice, don't keep anything personal on it, make sure you have backups of everything, and enough insurance to cover it as a loss no matter how or where it is stolen from. By the time you get it back, you might have already moved on and nothing guarantees they will connect to the internet (and allow you to bust them) before they get anything personal from it. It would be nice if there was something built into the power supply or maybe the Ethernet card so it could be tracked without and OS installed like when charging or when and after reloading the OS. But absent something on a level like that, I don't think anything would be muhc help.

Re:Hmmmm... Selfmade solution?

[sdpuppy (898535)]

engraving won't help and who checks laptop engravings

Now you tell me, after I used my bowie knife to dig my name and contact information into the screen of my laptop... :-)

Agreed

[Valdrax (32670)]

If those programs can track muggers, they can also track you and that's why I wouldn't trust them. The best way to handle this is to encrypt all your data and insure your laptop against theft. Oh, and daily backups of your data on trusted media which you lock away in a safe.

Essentially, only your data is worth something. The hardware can be covered by insurance.

Agreed. Hands down, this is the best solution, and it will save you in many cases other than theft where you lose data. Modern laptops come with s

Re:

[cayenne8 (626475)]

"While it's nice to maybe one day find your thief, it's not worth the security and privacy trade-off in my opinion. Besides, you should be encrypting a laptop anyway just as a matter of policy."

Well, the author of the article mentioned it was a windows/linux laptop, and that he couldn't find a tracker for anything but windows.

I put for that that we've FINALLY found a real use for windows. Create a small partion on it for windows, with the tracker software, and only use it for that.

It is doubtful the cri

Re:

[Applekid (993327)]

It is doubtful the criminals would know what to do a boot into linux...so, encrypt and protect your real work on the Linux side, and leave the windows part for them to log into when they steal it.

IANALT (I am not a laptop thief), but, if I were to steal one, the first thing I'd do is a reformat/install of my favorite OS, after disconnecting the battery for a few days to take care of any CMOS passwords.

Not that the comedy of having a thief get all caught up with Bonzai Buddy is lost on me, though...

Re:Agreed

[Sen.NullProcPntr (855073)]

IANALT but If I were I would try to get the Laptop away from me and turned into Cash as fast as possible. Not wast time Installing an OS, or trying to get pass the password. Also most people who rob others at gunpoint are usually so desperate that they wouldn't think about doing such.... Being that you could do such activities you could at least get a job at CompUSA fixing these things.

The thief may not have time to do this but the fence [wikipedia.org] probably does. After all most car thieves don't strip the car they steal - they take it to a chop shop [wikipedia.org] (is there an equivalent for PC/laptops?).

Your $1k laptop may only get the thief $50 (more than enough for an addict to risk pointing a gun at someone), but the next guy in the chain maybe gets $200-$300 after he reformats the drive and alters the serial numbers, MAC address, etc.

Re:

[jawtheshark (198669)]

I forgot to mention: for encryption you don't need to shell out big bucks like the dolts at the IT department did where I work. Just install Truecrypt [truecrypt.org] and encrypt your data partition. Let that partion map on your My Documents folder and you're done.

I use it on my USB sticks.... Love it

That said, while Truecrypt exists for Linux, I'm sure there is a native way to do encryption without additional software. If anyone has more information about that, I'll be glad to hear of it. (Migrating to Ubuntu full-t

Re:Hmmmm... Selfmade solution?

[Penguinshit (591885)]

A pack of semtex in your laptop....

That would make airline travel more enjoyable...

Re:

[SatanicPuppy (611928)]

Especially because they reformulated semtex to make it more detectable by bomb sniffing dogs [wikipedia.org]. They'll be on you like you're smuggling milkbones.

Smuggling milkbones

[benhocking (724439)]

Remind me to try that (smuggling milkbones, that is) next time I fly somewhere. Boy, would that be a funny misunderstanding. Well, for some definitions of the word "funny".

Re:Hmmmm... Selfmade solution?

[Anonymous Coward]

Laptop trackers are a betrayal of the Free Software philosophy.

The Free Software philosophy employs its own method of laptop theft countermeasures. If you install only linux on the laptop, the thief will be so confused, he'll return you your computer. Now that's what I call sneaky.

Re:Hmmmm... Selfmade solution?

[Provocateur (133110)]

The only solution? Anti-theft stickers!

ANTI THEFT: Runs Slackware Only!

GENTOO: Not For You

DEBIAN: CUTTING EDGE (2 years ago)

NO GUI: RUNS CLI ONLY

and so on

I kid, I kid!

Re:Hmmmm... Selfmade solution?

[ThinkingInBinary (899485)]

Your comment seems to miss the point. First, DRM, like encryption, can be used for good or bad purposes. Properly controlled, you can use it to deny thieves access to your laptop or deny them the ability to remove the DRM, while still allowing you (with cryptographic authentication) to modify it. The point of tracking down the thief is to recover the laptop, since it is worth quite a bit of money. Sure, insurance will cover it, but if you can save the deductible by just finding it, why not? I also disagree that laptop trackers "betray" the free software philosophy by definition. As long as *you* are in control, and could uninstall the software if you wanted, there's no problem.

Second, please don't try to explain how we shouldn't be annoyed when people steal our stuff because they need the money. That's a slippery slope that leads in a bad direction. Besides, like I said, it's about getting the data back.

Re:Hmmmm... Selfmade solution?

[Creedo (548980)]

don't complain when someone needs a few hundred bucks, more than you need a PORTABLE INTERNET COMMUNICATIONS DEVICE!!!!!
He was held up AT GUNPOINT! This wasn't a "broke the car window and swiped a laptop" type of crime, this was someone brandishing an instrument of death. Yes, sir, I want that person locked up until such time(if any) as they can be rehabilitated.

Re:

[jinxidoru (743428)]

Also, the difficulty with trackers is that the require an internet connection. I suspect that most thefts involve stealing the hardware, not the software. Afterall, if you have a password on your machine, they aren't going to easily boot up the computer. So, I doubt those sorts of things will even work all that well. I could be wrong though.

That said, my friend has a little piece of software on her MacBook where if you try to unlock it without the remote, the iSight camera takes a picture of you then em

Re:Hmmmm... Selfmade solution?

[darkonc (47285)]

Then don't complain when someone needs a few hundred bucks, more than you need a PORTABLE INTERNET COMMUNICATIONS DEVICE!!!!!

The guy had a gun. If he really needed the money, he could have sold the gun.

The problem with your risk/return analysis

[benhocking (724439)]

Your car might drive you into the ground first. Please make sure, for your sake and others', that you're at least keeping your car safe.

Re:Hmmmm... Selfmade solution?

[AndersOSU (873247)]

How-To [dell.com]

Active Countermeasures

[Anonymous Coward]

I use a built in grenade on a timer you must reset every 24 hours.

I did forget to reset it once with tragic consequences. I really miss that dog.

Oh well, its the price you have to pay for security.

Don't bother.

[Bartab (233395)]

First thing that happens is the laptop gets wiped.

Re:Don't bother.

[MitchInOmaha (1053116)]

Only if they're reasonably smart. We had a thief call Dell Support after he could not get logged in. Duh. -- Mitch

Re:Don't bother.

[A non-mouse Coward (1103675)]

First thing that happens is the laptop gets wiped.

Exactly. There are only two motivations for theft of a laptop:

1) The hardware. In which case, the data will likely be destroyed immediately. There is no guarantee the machine will be booted with your hoodwinked "locator" software in tow.

2) The data. In which case, the drive will be imaged or some other "offline" method will suck up the data without booting the OS's controls.

The reason why remote wipe/kill functions work on a small device like a blackberry is because the service provider's network is required for the device to be usable. And even then, there's still the option that the theft is hardware-only motivated, and the thing will get wiped anyway. The blackberry wipe wasn't ever really intended on being used for a physical recovery method.

Potentially, a system BIOS would be a good place to run a "phone home" program, except that it would require advanced components, like a TCP/IP stack, etc., to run properly, and it could still be easily wiped by replacing the firmware with boot media. Apple, for that matter, has an upper hand at such a tool since they "own" both the hardware and software. But either way, what you're attempting to do is no more possible than DRM (and Slashdotters know that DRM is nothing short of an attempt at perpetual motion).

So lesson #1 is protect your data and insure your hardware. And please remember, that "protect your data" really could mean not having a copy of your data on the laptop at all. After all, encrypted data in the hands of an adversary is still your data, just with a time-sensitive lock on it (the length of time needed for CPU power to increase where access is trivial, or the length of time a well-resourced adversary will need to destroy today's top crypto).

The actual product tracking companies are selling

[jmorris42 (1458)]

> I'm willing to bet a free program could be almost as useful, with maybe a bit more work if the thing is stolen.

No it couldn't. The software is trivial. A program that sends a web request with the serial number embedded in the url a few seconds after a network interface comes up is all that is needed. But once you know your laptop is at IP x.x.x.x that doesn't do YOU a damned bit of good. No ISP is stupid enough to give you the IP+timestamp to physical connection point mapping for liability reasons. Think it through and imagine the Pandora's Box doing that would open. That is what you are actually buying from the tracking company, their preestablished relationships with law enforcement and the ISP community. Once known and trusted as a laptop tracking company they CAN get that info into the hands of law enforcement. Although I bet for legal reasons the tracking company itself NEVER sees the phone number/node/physical address.

Re:Don't bother.

[QuantumRiff (120817)]

Actually, Some of the newer Dell and HP laptops have the tracking software built into the bios/motherboard. Were looking at using it in combination with the Encrypted laptop hard drives, and fingerprint readers.. For us, its not so much about getting the laptop back, but making sure they can't get at our data. Privacy of our customers is critical. Also, the Computrace stuff built into the Dells can be told to remotely wipe the hard drive.

Re:

[vertinox (846076)]

First thing that happens is the laptop gets wiped.

Most people stealing laptops at gun point aren't that technically inclined or professional. There have been documented instances where the thieves were viewed with the built in laptop camera. Most of the time the they only grabbed the laptop from you because it seemed valuable.

Secondly, if you go to a pawn shop and pickup a laptop you can usually get the last owners personal data.

However, thieves that target laptops professionally will probably wipe your dat

Re:

[p0tat03 (985078)]

You do not understand the vast majority of laptop thefts. Sure, if this was a targeted hit and the perp is after some confidential data on the drive, then yes, they're likely to know every trick in the book. Keep in mind the average laptop thief is not even very technically savvy - they may know enough to wipe your personal settings, or even enough to reinstall the OS, but the VAST VAST majority will never crack the case open.

I've crossed paths with a few people who were selling hot laptops in university,

Re:

[drawfour (791912)]

So who's going to buy a laptop without being shown that it works? A pawn shop certainly isn't going to let you pawn it off to them unless you can show it works, and anybody with a slight amount of sense is going to as well. Maybe they can find someone who's going to buy it without even turning it on, but I doubt that.

Yes, laptops are a crime of convenience. And so is selling them. If it's not convenient for them to sell it, then they're going to toss it. Into the nearest garbage can, maybe just toss

Roll your own or wait...

[Dareth (47614)]

Either roll your own or wait. If you are lucky, someone will rob Linus Torvalds of his laptop, all production on the kernel will stop while Torvalds and friends crank out a "stolen laptop tracking system" that is greatly superiorthan any other.

If you are really proactive, you could go steal his laptop yourself. That way you have another laptop to use, and you will jumpstart this scenario.

Re:Roll your own or wait...

[pugugly (152978)]

BRB - off to mug Linus

Re:

[QuantumRiff (120817)]

Heaven help us Linux users if some commercial company were to get access to the source code for the Kernel!

Linux Monitoring

[Nosklo (815041)]

It seems to me that you can always install some software like that yourself. Once I lost my laptop in my own house. Since I have ipcheck [sourceforge.net] in a cron job, updating my laptop's IP address on DynDns [dyndns.org], I just SSHed into it and made it play loud sounds until I found it under the bed. (I don't answer questions about what it was doing there)

Re:Linux Monitoring

[everphilski (877346)]

kinky.

Cron

[delirium of disorder (701392)]

Just set up a cron job to periodically connect to any server that you have access to. Make it connect to an obscure port or just request a non-public file (not indexed nor linked and with a long obscure name to keep crawlers/bots off it). Check your logs and you have the IP address that your thief is using.

If you want top be super paranoid, install a keylogger and set up a cron job to periodically scp the files to an ssh account you own. You would have every password, url, word processor document, etc typed by your attacker.

remember, people trust the computer

[geekoid (135745)]

and believe what it tells them.

Just periodically have it pop up a dialog that says something like "To begin routine maintenance, please enter the password otherwise click cancel"

The if they fail to enter the password, it shoots you an email the contain a trace from it to google.com, or some other site that is unlikely to move. If it connects through a wireless device, be sure to have it email that info as well. Also turn on a key logger and get that information. It's actually pretty easy to do. Could probab

Dell has this in many of their laptops BIOSs

[Ransak (548582)]

Dell has been embedding Absolute's Computrace [absolute.com] in many of their laptops (I'm typing this on a SuSE 10.2 install [roboguys.com] on a Dell Latitude D820 that has it enabled). Once you enable it in the BIOS, there is no way to disable it without physically removing and replacing the chip.

I have a question for the question...

[lena_10326 (1100441)]

There are companies out there which, for a fee, install tracker software on your laptop. If it's stolen or lost, they track its whereabouts whenever it gets on the 'Net and work with local law enforcement and ISPs to find the machine.

I've been the victim of a stolen vehicle before... and I know police really don't give a diddly squat about stolen vehicles. Sure, paperwork will be filed but that's all they do. When a stolen vehicle is recovered it's almost always recovered due to happenstance. So, my question is.. what makes anyone think police care about your $1000 laptop when they barely care about your $20,000 vehicle as it is?

Even with an IP address, postal address, and mapquest directions to the thief's house, I have a hard time believing an officer will put down his chocolate iced donut to go knock on doors over a laptop.

Re:I have a question for the question...

[bigdavex (155746)]

I've been the victim of a stolen vehicle before... and I know police really don't give a diddly squat about stolen vehicles. Sure, paperwork will be filed but that's all they do. When a stolen vehicle is recovered it's almost always recovered due to happenstance. So, my question is.. what makes anyone think police care about your $1000 laptop when they barely care about your $20,000 vehicle as it is?

The impression we get from TV crime drama is out of touch with reality. For lack of resources or otherwise, even violent crimes don't get the attention CSI portrays. I was shot by a robber at a friend's house, and the detective declined to review the crime scene with me. When the police allowed my friend back into the house after they collected the evidence, he pointed out the shooter's hat was still on the table.

There's nobody with tweezers going through the carpet looking for hairs. Nobody really gives a shit about a laptop or a car except the victim.

Re:I have a question for the question...

[Anonymous Coward]

I was shot by a robber at a friend's house

For the love of... I shoot you just once and you won't shut the hell up about it!

Don't worry about Ubuntu

[gosand (234100)]

If you have Linux on your laptop, they won't be able to figure out how to get on the net anyway, especially via wireless. :)

Why bother at all?

[johnthorensen (539527)]

There are two reasons to care about a lost/stolen laptop: 1) losing the value of the laptop itself, and 2) the value of the data within.

For the value of the laptop itself, I would argue that the cost of any tracking solutions is bound to be more than (the chance of laptop being stolen x value of laptop itself). This comes down to the age-old question of 'whether or not to buy insurance'. In this case, it's just not worth it - especially considering that you're buying insurance that may or may not 'pay' in the event of a loss!

Regarding the value of the data contained in the laptop, my reasoning is that if you are carrying around data that is *truly* valuable, then being able to get the laptop back if stolen is the least of your worries. If you are not responsible enough to keep valuable data either by your side at all times, or in a safe place, then you aren't responsible enough to be working with said data to begin with. Secondly, if people are clever enough to track down a laptop with valuable data in the pursuit of corporate/governmental espionage - they're damn well clever enough not to hook the thing up to the internet. Finally, if by some chance the swipers decide to drop the thing off at the pawn shop in order to make an extra $100 (yeah right), by the time you get the laptop back the real damage has been done anyway.

Summary: tracking services = waste of time. -JT

Nothing is BulletProof, but do it with HARDWARE

[Kyrka (20144)]

I've been down this road several times... and can't say enough good things about CompuTrace. Most of their staff are former law enforcement, and there is an "insurance policy" for lack of a better word that accompanies situations in which they locate the device but it's in, say, the Soviet Union and the like. (For example, if stolen, properly reported, and unrecoverable within 30 days you get $1K the first year, $500.00 the second, and $250.00 the third towards replacement.)

To me, the most vitally important aspect is going for something that is hardware based. With TPM enabled bios and such these days on a modern laptop, the client is embedded and does not rely on your OS whatsoever. This is great considering most of what we seem to be discussing in this thread is Linux.

CompuTrace worked so well that in our tests (and later, based on four thefts out of 300 systems) that we noted the following: - I can wipe the hard drive (even low-level format) and the system will _still_ phone home immediately once on the Internet. - If you take the hard drive out and place it in a different system, _THAT_ system _also_ phoned home, based on the TPM components there.

(This was mostly HP TC4200 and HP TC4400 tablets.)
www.absolute.com

Orbicule's Undercover for OS X (yeah, not Linux..)

[5n3ak3rp1mp (305814)]

http://www.orbicule.com/undercover/ [orbicule.com]

I use that on my mac machines. I know it's not linux specifically but I just thought I'd toss that out there. It uses the built-in cam to take clandestine photos, too...

Re:CompuTrace

[packetmon (977047)]

I suggest you read about Computrace and how they offered me money to hush and go away with their false claims. http://www.infiltrated.net/lojack.pdf [infiltrated.net]

Re:

[ironwill96 (736883)]

The assumption you have here is that some thieves are not complete morons. Some thieves are smart enough to do the easy workarounds like you said, but there are others (many of them) who are not and will easily get caught. I view most of these solutions merely as "deterrence" more than an actual way of recovering the items. We had some computers stolen, we put in cameras and large signs notifying people they were under 24-hour surveillance. I think the signs are probably more effective than the actual c

Re:Held up at gunpoint?

[everphilski (877346)]

I did not steal a notebook, but had I stolen a notebook, here is how I would have done it ...

Re:

[dollar99 (922389)]

I checked out the undercover website and noticed that in one of the perp snapshots the dude is in the bathroom, sitting on the can. I'm not sure if I'd want my Mac back after seeing that pic.

Re:For Linux.....

[Chineseyes (691744)]

4. Locate the IP address via DynDNS. Log into the stolen machine. 5. Stream the audio from mics (pipe it from raw device to mp3 and send compressed). Do the same with webcam if it works with Linux 6. Go then show up and stick that fucker up with a gun. See how he likes it. "I want my laptop back.."

7. Get arrested for assault with a deadly weapon
8. Go to jail

I'm not sure where people on slashdot get some of these retarded ideas from but I know someone personally who was held at gunpoint for his belongings when we were in college. The thief used his cellphone that very night and with the help of the cell company he was able to get all of the numbers the person called. A reverse directory lookup later he had the address of one of the thieves friend/female family member.

After waiting in his car for two days (no shower, no sleep) he finally saw the guy who robbed him walking to his girlfriends house and held him at gunpoint. The guy who had originally robbed him called the cops and told them HE was held at gunpoint and guess where this genius is at now? In a state prison doing his third year for assault with a deadly weapon. When he was sentenced the judge told him that he didn't see any difference between him and the guy who he was robbed by.

Before you start posting on slashdot advocating vigilante justice I suggest you think about the consequences of being a vigilante. You aren't dog the bounty hunter and this isn't A&E.