Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security Software

Free Software Tracking a Stolen Computer? 137

Posted by Cliff from the locating-errant-hardware dept.
JeffTL asks: "By necessity, I carry around an Apple iBook running OS X Panther. In the event of its theft, I would like to have the thing send me its IP address, not only for the benefit of law enforcement but also so I could SSH in and trash my personal data with srm, while doing an SFTP backup of anything I forgot to back up. I am not really wanting a subscription, so I am looking for a free-as-in-beer (and if anything beyond a shell script is involved, free-as-in-speech would be much preferred to make sure that no one else is getting anything). Currently, I have a bash script that can create a report, and I am thinking about sending it using either e-mail or FTP. I am considering setting it up to where it only starts barraging me if a specific code is posted to an HTML document of my choice. Is there already something like this in existence somewhere for free? If not, does anyone have any pointers on how this can be done?"
This discussion has been archived. No new comments can be posted.

Free Software Tracking a Stolen Computer? More

Free Software Tracking a Stolen Computer?

Comments Filter:

  • www.no-ip.com (Score:3, Interesting)

    by itsme1234 ( 199680 ) on Saturday May 08, 2004 @02:38AM (#9091952)
    ... is just what you're looking for. I strongly recommend encryption and backups though.

  • A few suggestions... (Score:5, Insightful)

    by eyeball ( 17206 ) on Saturday May 08, 2004 @02:41AM (#9091959) Journal
    If you are going to roll your own, I would suggest setting up a script on the laptop so that if it detects it has been stolen (i.e.: by checking if a website has a special message from you), and if so, connect to a secure ssh server as a client (using public key authentication so it can connect without a password), making sure you use the options to set a TCP tunnel going back to your laptop (to port 22, or perhaps VNC port, or multiple ones). In other words, have the laptop automatically ssh to a stationary server, and establish a tunnel back the other way that you can then use to get in. This way if someone runs it behind a nat device, or even installs a firewall, you can still get in.

    Another thing you might want to look at is using an IM protocol with the language of your choice, and allowing remote command execution (with certain precautions such as command signing with a private key). For example, grab the Perl AIM module, create a server, add some way to sign commands (i.e.: if ( md5($msg . 'someprivate') eq $msg_key ) { shell($msg); } or something like that -- that's just off the top of my head so it may not be perfect).

    • Nice idea! And if OSX has ifup/ifdown scripts for the network interfaces (like in e.g. Debian) it's easy to get you laptop to automatically set up a tunnel whenever the network interface is brought up :-)
    • connect to a secure ssh server as a client (using public key authentication so it can connect without a password)

      Keep in my mind that this will give free access to the "secure ssh server" to the laptop's new "owner". (i.e. if he discovers your tunnel he then has access to the shell on your ssh server as well as your laptop).

      • The parent comment didn't say that it had to be a root account. Any user-level account would suffice, even one that has close to -zero- priviliges. All that would need to be done is to allow it to check a file in the user's home directory. You don't even need to give the user write permissions.
    • Admittedly, this is slightly (only slightly) off topic, but how does one do that with the ssh tunnel, so you can go back in from outside the computer that started the ssh session? I've been trying to do something similiar to what the original poster is attempting, but I haven't had any luck. What are the ssh command options for it?
      • The most straightforward for this sort of thing might be

        ssh user@somewhere.com "ssh `gethostip -d [machine name]`"

        Set up your keys correctly, of course.
        Of course, this can cause problems if the thief is clueful and bothers to poke around.

        Netcat could also be very helpful here.

      • Re:A few suggestions... (Score:5, Informative)

        by WayneConrad ( 312222 ) * <`moc.ingay' `ta' `darnocw'> on Saturday May 08, 2004 @11:29AM (#9093679) Homepage

        Admittedly, this is slightly (only slightly) off topic, but how does one do that with the ssh tunnel, so you can go back in from outside the computer that started the ssh session?

        Here's one way. I'll ssh from mercury to ceres so that ceres can ssh back to mercury.

        First ssh from mercury to ceres:

        wconrad@mercury:~$ ssh -R 5555:127.0.0.1:22 ceres
        Linux ceres 2.4.20-1-k6 #1 Sat Mar 22 14:38:19 EST 2003 i586 GNU/Linux

        Last login: Sat May 8 08:11:00 2004 from mercury.galaxy
        wconrad@ceres:~$

        The "-R 5555:127.0.0.1:22" switch means, "on the remote end (ceres), please make port 5555 connect to 127.0.0.1 (mercury), port 22 (ssh)."

        Now, on ceres:

        wconrad@ceres:~$ ssh -p 5555 127.0.0.1
        Password:
        Linux mercury 2.4.23-1-k7 #1 Mon Dec 1 00:05:09 EST 2003 i686 GNU/Linux

        Last login: Sat May 8 08:11:47 2004 from localhost
        wconrad@mercury:~$

        This says to ssh to port 5555 on ceres, which is really the ssh tunnel established by the ssh we did into ceres from mercury.

        SSH tunneling is a many-splendered thing.

    • Re:A few suggestions... (Score:2, Informative)

      by MCron ( 737313 )
      About using an IM protocol... A friend of mine recently installed a computer in his car for the purpose of playing his MP3's off of it. I wrote up a small program that reports whenever it is connected to the internet with a new (external) IP. To do this, it logs into AIM using some custom code (though Perl:AIM will work just fine). The one downside to using AIM is the reliance on this friend being signed on at the time, so I have the message, containing the external and internal IPs routed through DoorMa [doorman.info]

  • dyndns.org (Score:5, Interesting)

    by OmniVector ( 569062 ) <see my homepage> on Saturday May 08, 2004 @02:41AM (#9091960) Homepage
    the client is nice, and works great in os x. one thing you have to consider though is if your laptop gets stolen, there's a very high chance the hard drive will be wiped before the thief even gets a chance to boot your old machine. besides, if you password protect your login (which you should) then they won't get anywhere and will need to format in the first place.
    • Mac OS X's single user mode allows for root login without a password. So much for your last sentence.

      • Re:dyndns.org (Score:3, Insightful)

        by Johnny Mnemonic ( 176043 )

        Disable single user mode. You can also disable the ability to boot from CDs and Firewire disk mode; it's called "Firmware password."
        • Except if you change the ram config (rather easy with my powerbook with 2 512MB chips)
          and reset the PROM 3 times in a row (hold down Command+Option+P+F)
          then password (and all other PROM settings) no longer exist.
      • Mac OS X also has built-in AES filesystem encryption (which they call FileVault) which is a must-have if you have a laptop, for precisely the reason you mentioned.
    • If you prevent them from logging in, you prevent them from establishing the internet connection that will help you recover the device.

      So, I guess you have to weigh enhanced recovery chances (and the ability to trash your files) with security (that could be gotten around if they really wanted)

    • I used to do that! (Score:5, Interesting)

      by MarcQuadra ( 129430 ) * on Sunday May 09, 2004 @04:18AM (#9098775)
      I never stole anything in my life, but for a while a few years ago I was helping some 'questionable' friends wipe out machines of 'questionable' origin. At the time it was a way to feed myseld and get deals on hardware, I'm not into that sort of thing anymore.

      You can be SURE that if a laptop gets stolen, the kids that wiped it are going to take it straight to their local geek who will boot the machine off a CD and wipe the drive. Usually stolen goods go right into local low-level organized-crime units for 'laundering' and appraisal.

      My advice is to not allow your iBook to get stolen in the first place. I tote my PBG4 AL with me everywhere I go, it's never out-of-sight, not even when I hit the bathroom at my local coffee joint. Do backups and get homeowners/renters insurance on it and encrypt your home folder.
      • I never stole anything in my life

        Sorry, but according to what you say next you did.
        Buying, storing and laundaring stolen goods is no different from actually going out and stealing.
        • What do you mean it's no different? I disagree. I didn't STEAL anything. Granted, it wasn't the kind of thing I could do for a living and sleep easy, but I surely wasn't responsible for the damage done by the theft itself (lost work, broken windows, etc.).

          Where you draw the line of responsibility is your own business, but providing a service to criminals is certainly very different than committing criminal acts.

  • *nix it (Score:1, Informative)

    by techgeek10101 ( 638645 ) *
    cron a bash script. /sbin/ifconfig | mail you@where.com

    • Re:*nix it (Score:3, Informative)

      by yuri benjamin ( 222127 )
      cron a bash script. /sbin/ifconfig | mail you@where.com

      If they're behind a NAT, you'll get an email that says the IP address is something like 192.168.x.x or 10.x.x.x
      That won't be very useful.

      How about
      /sbin/traceroute www.slashdot.org | mail you@where.com
      perhaps?

      • Re:*nix it (Score:4, Informative)

        by DrSkwid ( 118965 ) on Saturday May 08, 2004 @05:49AM (#9092341) Journal
        time to take SMTP mail 101

        If behind a NAT the heders will reveal the external IP of the originating network, *not* the internal IP of the client machine.

        • Doh! You're right. The mail headers will contain the external IP.
          The body of the message will still contain the output of ifconfig which will be the 192.168.x.x address, but I forgot about the mail headers.
          • you can't rely on SMTP though, it is more likely to have outgoing blocked in some way than other ports.

            Port 80 is one's best bet, the network connection could be behind a proxy rather than a NAT.

            My laptop tries to connect home at boot, anyway, to mount it's remote file systems.

            If one configured it to use your home net as a VPN or even just Web / Pop3 proxy you could also happily snoop at whatever activities they're getting up to. You might have more fun *not* getting it back!

      • If they're behind a NAT, you'll get an email that says the IP address is something like 192.168.x.x or 10.x.x.x
        That won't be very useful.

        It could be, if you install some kind of port forwarder or VPN daemon onto your laptop, so you can login from anywhere. If it has been stolen and connected to some intranet, you can sniff their passwords, read their email and h4x0r their infrastructure into nirvana.

  • Just wait for Apple DirectProtect (Score:5, Funny)

    by Anonymous Coward on Saturday May 08, 2004 @02:46AM (#9091974)
    It will cost $199, but will have very cool design and play beautiful music on your cell phone when the laptop gets stolen.

  • Very simple possibility (Score:5, Insightful)

    by cybermace5 ( 446439 ) <g.ryan@macetech.com> on Saturday May 08, 2004 @02:47AM (#9091978) Homepage Journal
    The odds are maybe 50/50 that a person stealing your laptop would have a clue to avoid something like this. If they do consider this, they'll wipe your disk clean at the earliest possibility, in the absence of a network connection. Get rid of the evidence.

    If this is a kid who plans to pawn it or sell it on eBay, or possibly just use it, they might plug it in to make sure the Internet works. What's the first thing they'll run? The web browser. It's just a web browser, that couldn't hurt right?

    All you have to do is set the browser's home page to a page on your own site, not linked from anywhere else. If your laptop gets stolen, you could activate some PHP in that page to send you an email or SMS. The IP address will be logged, so you can (maybe) SSH in and do your dirty work. If the user has a firewall, that would be a problem.

    But anyway, this is a pretty easy way to do it. You could even just start up the web browser on boot, and if they are on the Internet, they're nailed.
    • How bout some sort of hardware tool? something that checks if the computer has been stolen added into the bios or as some other sort of hardware mod. I know there are plenty of small embedded chips with all sorts of linux tools on them, it wouldn't be too hard to make a PROM with a SSH and web client, which could implement all of the tips given above. This way, even if they trash the hard drive or even completely remove it, the computer will still report back in if it's ever turned on and connected to th
    • Chances are that your first assumption is the most valid. Most other ideas (like browser home pages, tunnels, etc.) assume that the thief would (a) plug a laptop in (b) start it up (c) very likely *login* and do something with it. That's a lot of assumptions to make about someone stealing your laptop -- it is far more likely that it would indeed be wiped out clean, and then sold.

      If it has been stolen for the possible value of *data* on it, then it is highly unlikely that it will ever be connected to the
    • If you don't want to have the computer slicked immediately, install a bunch of porn on it. That will keep them too busy to reinstall the OS!

    • If this is a kid who plans to pawn it or sell it on eBay...

      At this point your laptop is pwned, maybe even pwnx0rd.

  • How about setting up a cron job that emails the IP address everytime it's turned on? Or, dare I ask if that's a Windows laptop?

    • Re:Easy way out (Score:5, Funny)

      by Sancho ( 17056 ) on Saturday May 08, 2004 @03:11AM (#9092040) Homepage
      Good idea!
      ifconfig | mail -s YOUR LAPTOP WAS STOLEN email@isp.com

      mutt
      eth0 Link encap:Ethernet HWaddr DE:AD:BE:AF:00:00
      inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:14883222 errors:0 dropped:0 overruns:0 frame:0
      TX packets:6501247 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:3309542786 (3.0 GiB) TX bytes:385138942 (367.2 MiB)
      Base address:0xbc00 Memory:fc9e0000-fca00000

      Whoo, now I can get my laptop back!

      (of course, you could trace the email, but that's too easy :P)

      • Re:Easy way out (Score:3, Interesting)

        by asteinberg ( 521580 )
        Hmm, I've actually been thinking about setting up something similar. The catch is that I have a Sony Picturebook with a built in camera. I'm thinking about setting it to automatically take a picture any time someone opens/boots it and emailing me the picture. Maybe also if they type a bad password? (How do I set a script to run on bad password entry??) Possibly helping the situation is that I just leave a wireless card plugged in and here on campus anywhere I take the laptop is likely to have wireless.
      • Heh nice hardware address. Mine is cooler though :)

        eth0 Link encap:Ethernet HWaddr DE:AD:BA:BE:CA:FE
        inet addr:143.195.110.18 Bcast:143.195.110.255 Mask:255.255.255.0
        UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
        RX packets:459457 errors:0 dropped:0 overruns:0 frame:0
        TX packets:295450 errors:0 dropped:0 overruns:0 carrier:0
        collisions:0 txqueuelen:1000
        RX bytes:506790219 (483.3 MiB) TX bytes:34725675 (33.1 MiB)
        Interrupt:
    • You're an idiot. He specifically states it's an Apple laptop. :-)

  • Isn't a custom BIOS needed? (Score:5, Interesting)

    by ChaseTec ( 447725 ) <chase@osdev.org> on Saturday May 08, 2004 @03:02AM (#9092023) Homepage
    Like most people are pointing out there is a good chance the the drive is erased before even being booted. So wouldn't a custom bios be needed with all the reporting tools, dhcp clients, etc? Besides LinuxBIOS anyone have any data about adding custom programs to a BIOS?

    A quick search turned up this [crn.com] which seems like a good idea. Also this site [tuxmobil.org] discusses varies ideas to make theft and reselling more difficult.

  • Use a web page? (Score:4, Interesting)

    by NanoGator ( 522640 ) on Saturday May 08, 2004 @03:06AM (#9092032) Homepage Journal
    You could always set up a web page that tracks the IP of whoever hits it. Set up the laptop to automatically go to that page when it boots. (Maybe give it a magic forwarder that sends it to Google News or something after it's visited?) Then you at least get the IP. If you wanted to be snazzier, you could also have it read the HTML that comes down and look for a self destruct message. I'm not sure how you'd do this with the Mac, but I imagine it's not too hard. In the Windows world, I'd just write a little VB app to do that, wouldn't take very long.
  • Not strictly relevant to this poster, and I can't even remember the damned link (hence the uselessness of this post): can anyone remember an article a couple of years back about a guy whose Mac was stolen, and he used script magic, and the fact the thief hadn't wiped the disk, in order to find the guy and get him arrested?

  • dyndns? (Score:2, Insightful)

    by jkakar ( 259880 )
    You may consider using something like ddclient and dyndns.org. You can setup ddclient to check the state of the machine's IP address at any interval you want. When the IP address changes ddclient notifies dyndns.org to update DNS records. It runs as a daemon so it shouldn't be too hard to make it start up everytime your machine boots. When running you can monitor the machine's IP address from the dyndns.org website.

    Of course, this doesn't do anything to help you get into the machine if it's behind a NA
    • All this talk of dyndns.org, why?

      Wouldn't be just as easy to have it VPN to your home network (or ssh with tunnels). This would allow access even when behind a NAT.

      It should also send the results of a traceroute to help find the external address.

      I think IPSEC is a much better idea then dyndns.

  • Why not... (Score:5, Interesting)

    by burns210 ( 572621 ) <maburns@gmail.com> on Saturday May 08, 2004 @03:16AM (#9092052) Homepage Journal
    Here is a novel idea... set your laptop to not show user icons(and thus give the person your screenname) and not auto login... THEN, set your home directory to be encrypted using a strong(STRONG!) password using... YUP, the builtin File Vault technology. Make a good backup before you encrypt, then setup regular off-laptop backups while it is encrypted.

    If that isn't good enough for you, and i don't see why it wouldn't be, have your web browser's home page(or an applescript that runs every time it verifies a network connection) to post to a 'secret' webpage you have on your site... have it post its information(ip, blah blah) and timestamp it... this way, you have a clear record every time the laptop has a connection, and you can just take note whenever it has an entry while NOT in your posession.
    • But the guy wants it to phone home...locking it up too tight means that the theives will just get pissed and break it rather than connect to the internet. typically away from major cities and collages and nobody really knows how to hack back into a mac... Espically with a Mac, you'd want them to easily get on. sure, you should have your data locked up, but most theives are looking for a quick windows laptop score...once they find out it doesn't "work" they'll hawk it or toss it.

  • Pack it with thermite! (Score:5, Funny)

    by zcat_NZ ( 267672 ) <zcat@wired.net.nz> on Saturday May 08, 2004 @03:20AM (#9092064) Homepage
    If you really want to be secure pack the free space in your laptop with sealed plastic bags of thermite. Wire a detonation circuit to recognise a special code from spare pins on the inside of the parallel port (basically, an electronic hardware interlock so it can't possibly go off accidentally) and have it read from a special URL every time the network comes up. If the correct code is present your laptop becomes worthless to the thief in very short order. With a bit of luck, he's got it on his lap at the time and won't be stealing any more laptops for a while.

    Or you could just use a crypto filesystem to protect your data, and claim the stolen laptop on your household insurance..
    • I know this is humor, but I've three things to say.

      1. There is virtually NO free space inside an iBook. They are constructed very tightly.
      2. There is no parallel port. Macs have NO legacy ports of any kind, the iBook (assuming the dual USB) has only USB and Firewire.
      3. The thermite trick was already done on The Broken [thebroken.org], episode 3
    • Good luck if you ever try to take it on a plane....

    • Re:Pack it with thermite! (Score:2, Funny)

      by Anonymous Coward
      Just as effective - put some builder's putty in the few spare gaps in your laptop - don't forget to add some wires attached to some old LED's or transistors stuck in the putty. Any thief is going to have the time of their life going through an airport.

  • Do it like this, for example (Score:5, Informative)

    by arcade ( 16638 ) on Saturday May 08, 2004 @03:31AM (#9092086) Homepage
    Create a cronjob for root:

    crontab -e
    0 * * * * /usr/local/bin/checkWeb.sh

    The file /usr/local/bin/checkWeb.sh could contain:
    #!/usr/bin/bash

    wget http://your.host.name/stolenweb.html

    if grep "It is stolen" stolenweb.html ; then
    [generatereports and send it off]
    fi

    rm stolenweb.html

    It's a really rather simple setup that checks the webpage once each hour. If the webpage contains "It is stolen", then you do the reports-generating and whatever.

  • Give me a break (Score:5, Insightful)

    by dedazo ( 737510 ) on Saturday May 08, 2004 @04:04AM (#9092153) Journal
    Use a physical lock. Take care of your laptop (what, are you assuming that it will be stolen?). Use an encrypted filesystem. Do some sort of dead man's switch where the wrong logon will wipe your data.

    Expecting that whomever steals it will merrily go home and plug it into an ethernet jack is a bit too much, I think.

    • There was an article here not so long ago about some guys who won some marketable technology competition with a laptop alarm. You put it down and walk away and it arms until you come back, if someone fucks with your laptop it starts screaming. Well, maybe not literally, though that would be a good idea. "I'm being stolen aieeeeeeeee!"
  • Hmmmm

    So does this mean that your laptop is set to auto log-in?

    Anyone who get's their hands on your laptop can just access your info with no safeguards? If so, then keep nothing on your laptop.

    OR,

    You could go into Open Firmware, set a password so as the machine can not be booted from a CD or firewire drive (without the pw of course), set a decent password for your log in, and the forget about worrying whether your laptop gets stolen. Because the only way that some form of script is going to work for yo

  • to send the email to an account that is not configured on the laptop. Or be sure to change all your passwords.

    If the thief reads the email s/he can delete it from the server. Not to mention all the other stuff they can do to cause you problems.
    • The only way I can see the perp getting access to your email is if you're so bloody studpid that you let the computer "remember" your password.

      In that case, you are a loser. You should not to that. Never. Ever. If you do, you're one of the wankers that causes insecurity.

  • One of my servers at very remote location is connected to ADSL with dynamic IP address. Simple cronjob reports its IP-address every ten minutes. It is wget requesting special CGI-script which writes remote IP-address to text file.

    This scheme should work fine for stolen computer unless they disable this cronjob (or whatever in other OSes) or reinstall software completely.

  • fsck (Score:2)

    by kipple ( 244681 )
    the first thing I would do if I had a stolen laptop would be open it, check for extra gadgets (like active gps receivers), then fsck the hard drive. Then I might decide to plug it to the internet.

    If, on the other hand, I am interested in the data it contains, I'd remove the hard driver and dd it somewhere else.
    • Everybody keeps saying stuff like this... I really think you guys are assuming that the average computer thief is alot smarter then they really are. I could be wrong, but in my experience, the average thief is one of opportubity-- usually a junkie or kid who sees an opportunity & goes for it. These sorts of people aren't going to think to check for cron jobs, boot sripts, etc. While I'm certain that there are many more organized thiefs out there who would be smart enough to pull the hd & wipe it wit
    • Why bother locking your car then? I mean, an expert car thief will have the door open about as quickly anyway.
    • I think you mean "format" or "wipe" or some such. fsck(8) is a Unix filesystem integrity checker (the Windows equivalent is Scandisk).
  • ...but if i was to steal a computer i would reformat it as soon as i get it. oh well, but who knows, there are a lot of stupid people out there.
    • A reformat would erase my data, anyway, so meaning I'd have no reason to SSH in for a final five minutes with my data for backup and erasure.

      There are a lot of stupid thieves, though, who'd turn my computer on in a WiFi network, and if I stuck something in the init scripts, by the time they'd be to login their IP would be divulged.

      As for smarter thieves who erase, well, then my business is done, I hand the serial over to the cops and the insurance company, stick the iPod in another computer, and hit

  • Good ideas above, but review... (Score:5, Informative)

    by rusty0101 ( 565565 ) on Saturday May 08, 2004 @12:22PM (#9094001) Homepage Journal
    System: Apple iBook running OS X Panther.

    Start by checking the apple.com website and see what options you should begin with. One observation above is to use File Vault to secure your personal data. This is all well and good, but it makes it tough to take one of the later steps.

    In the event of its theft, I would like to have the thing send me its IP address

    As has been noted this is not difficult. Set up a cron job, or even a boot job to find out the laptop's IP address (ifconfig |grep inet |mail me@myisp.com -s 'iBook's IP") and you get the ip on the lan in the body of the e-mail, and the external IP in the headers. Presuming smtp is not blocked. If you install the perl libraries for Jabber, you could even send a jabber message via a similar process.

    ... also so I could SSH in and trash my personal data with srm, while doing an SFTP backup of anything I forgot to back up.

    Note that if you have been rsync on a regular basis to backup your personal data, which can be done across an ssh session, you may not need to do any sftp backups, and you could have a cron job take care of this so you are covered.

    Several of the posters above have noted that you could use wget to pull down a "hidden" page on your personal web server with instructions. For that matter you could build a script that would be posted to that page, perhaps with a marker character before each line, (such ah $) that you grep out of the downloaded page, cut the first character out of the line, then save it with a random name, chmod the file to executable, then execute it. At that point the script could be doing anything you ask of such a script. Including downloading executables, and even running 'dd -if=/dev/null -of=/dev/disk0' to wipe the hd yourself.

    Elsewhere others have noted that if the thief wipes your hard drive before they re-boot it, none of this works. That's as good of a reason as any to schedule backups of your personal data. It won't help you recover the laptop, or tell the police where the laptop is, but at least you have your personal data.

    This also won't help if your laptop is not connected to a network of some sort. If they pull your HD and toss it into a second computer as a secondary drive, then you will want to have all of your data in a 'file vault' to restrict access. Sure with enough time they can break the encryption, and ultimately start performing identity theft on you, but the time involved is unlikely to be worth it to such a person. It's far more likely that they will wipe the drive, pawn the laptop, and hunt for another laptop that is not going to take so much effort to access the user information on.

    Then again, these are just my opinions. I have been known to be wrong, so I do wish you good luck.

    -Rusty
  • I did something similar to this on Windows a few years ago. It took me about 10-15 minutes in VB. This would be even easier in Perl:

    I wrote a little app that first checked for an active network connection (we can't assume they are using ethernet. They might be using dial-up and we don't want to trigger a dial-up connection prompt if they aren't expecting it by trying to send data). If the machine was connected to the network it then visited a specific web page where I could post commands. The HTML documen

  • But I'm pretty sure that 99% of stoeln laptops are just erased then sold.

  • Assume you'll never get it back (Score:4, Insightful)

    by invisik ( 227250 ) * on Saturday May 08, 2004 @03:17PM (#9094977) Homepage
    I don't think it's realistic to assume you will get your machine back.

    1. Perform regular backups. You'll have all your data, so you don't care about getting that back.

    2. Use filsystem encryption software. Built-in, aftermarket, whatever. Ensures they can't put your hard drive in another machine. If you're that worried about it, use VNC or remote desktop to control a system at your office/house and never store any information on your local machine.

    3. Have insurance on it. Homeowners, business, whatever, just so you don't have to pay to buy another one.

    Otherwise, I say they can keep it and I'll just get another one. I wouldn't mind having a faster laptop anyway. :)

    One question for everyone out there, do you know the serial number of your laptop? I can't imagine anyone has that written down somewhere safe. How can the police prove the laptop is yours if you only know it's your because it has a SuSE sticker on the lid?

    It doesn't hurt to have BIOS and power-on passwords either. The casual theif will not be able to get past them and will probably dump the unit somewhere or possibly try to return it saying "they found it" somewhere. Never use auto-login and use good passwords on your account.

    IBM has some good laptop security features out there now. I believe part of it is some sort of hardware encryption for your hard drive. Not sure what Apple has, but IBM has definately stepped up to the plate.

    Good luck.

    -m
  • Put a small HTML Doc on the web, protected by a password (ala .htaccess)
    write a simple script in bash, using wget, to fetch the document (wget can supply the password)
    the password keeps anyone else from hitting the url
    Any other information you want sent, have wget stuff into the referer header
    Have init run the script (don't put it in your profile, cause then a login will be necessary to run the script)
    Now, if your laptop gets stolen, just check the logs!
  • cmon who wouldn't format that piece?
  • setup a cron job to post the IP to a ftp/web site every so often. then just check the ftp/web site when you need the ip.

    I've done that for just keeping track of computers with static ips.

  • Serial Number (Score:4, Informative)

    by TheBard758 ( 250598 ) on Saturday May 08, 2004 @09:12PM (#9096968)
    In addition to one of these "mailer" ideas, might I suggest having some "hard" evidence that it is, indeed, your computer (besides it having gone to the page that you asked it to or whatever).

    Make it send you the serial number :) My iBook is insured with the rental company where I got it (I'm poor, but I still gotta have a mac!). The first thing they ask for on a claim is "serial number", so this may be perfect, really.

    Check out this link on macosxhints: http://www.macosxhints.com/article.php?story=20040 330144040245#comments

    It describes how to write a bash script to get your machine serial number! Very, very cool.

    BOL

    Bard
  • If your laptop gets stolen by some kid who wants to play around, then a shell script/cron job would probably be good enough. But let's take someone like myself for example. You don't have to worry about someone like me stealing your laptop, but let's say that you forget it on the bus or in a lobby, or in a restaurant and I or someone like me stumbles across it. The first thing I'm going to do is check it for good pr0n, but without connecting it to my network. The second thing I'm going to do is wipe the dri
  • Wasn't there a story on /. where someone lost their PC as part of a burlary and within the next two weeks or so, all of his address book members started getting spam payloads indicating the loser absorbed a virus?

    Did anyone find out exactly what happened out of that? (or was it FOAF/UL?)
  • I think a really sneaky way for a laptop to "phone home" would be to run your own time server and configure the laptop to use it to set its clock. (On OS X it's in System Prefs/Date and Time/Set Date and Time automatically). Then watch the logs for the time server for where the requests come from.
  • Just get a big vinyl sticker that says "Protected With GPS Tracking by GPSecure" even though this company doesnt exist, anyone scoping your laptop would think twice about it. They would only steal it if they wanted your data for some special purpose.
  • If there's a firewall, or a NAT device in the way, chances are you'll not get into your laptop even if you know the IP address.

    A better solution would be to create a server in a fixed location (with a fixed IP address) which a script on the laptop periodically polls.

    If your laptop is stolen, you flag the server with some message. When the script on the laptop polls the server, if it sees the flag, the script knows to start trashing stuff.

    As for backing up stuff, well, you should be doing that before the
  • Can anybody tell me if FileVault is solid yet? I recall disasters on 10.3.0...

    I gather there's no data loss any longer -- however, I still hear reports of periodic loss of app settings and the like.

    Can anybody tell me their experiences? Is it worth taking the plunge? I like the idea -- if anything because it would make homedir backups to my iPod quite painless.
  • It's a feaking miracle that these people wipe their own ass, not to mention a hard drive.

    Curiosity will kill the cat. Who can't resist seeing what's on there. ID Theft freaks would have a feild day! Maybe something of value to your competition? It's a treasure trove of intelectual property.

    The easiest thing to do is to boot it up. Bingo. if they plugged into net or wifi or dialup you can get SOME information. Dialup is hard to do, since most things don't get a phone line. But someone intrested in pulling
  • then I'd say just leave it unpatched. when the thief plugs it into an unfirewalled network the worms will erase the data for you.

Slashdot Top Deals

The optimum committee has no members. -- Norman Augustine

Close