Which Lost/Stolen Laptop Trackers Do You Like?

saudadelinux writes "I was held up at gunpoint in July, and my laptop was stolen. There are companies out there which, for a fee, install tracker software on your laptop. If it's stolen or lost, they track its whereabouts whenever it gets on the 'Net and work with local law enforcement and ISPs to find the machine. I'm wondering: has anyone used one of these services? Does anyone have a recommendation for which company to go with? My new laptop is a a dual-boot Ubuntu/XP machine, and the couple of companies I've looked at do Windows-only. Are there Linux options?"

Hmmmm... Selfmade solution?

[jawtheshark]

A pack of semtex in your laptop.... If you fail to write the correct password after three times, it explodes...

I'm kidding... If those programs can track muggers, they can also track you and that's why I wouldn't trust them. The best way to handle this is to encrypt all your data and insure your laptop against theft. Oh, and daily backups of your data on trusted media which you lock away in a safe.

Essentially, only your data is worth something. The hardware can be covered by insurance.

Re:Hmmmm... Selfmade solution?

[glop]

Actually, there is something to be said for reducing the value of the stolen good. If you make it more dangerous to resell and purchase stolen laptops through identification techniques (engravings, serial ID marked stolen in the laptop vendor's customer service database etc.), you reduce the incentive for stealing them in the first place.
Just buying insurance does nothing to improve the situation, it just mitigates your own risk (which is good). Encryption and backups are good too, of course.

Re:

[jawtheshark]

Granted, I didn't think of engravings... The same style as they do for cars where all windows are engraved with a serial number so that the car can be identified and that it would cost way too much to replace all windows.

However, in the cars case, I doubt that someone stealing your car and exporting it to Russia will care. (I live in Europe, this stuff happens) Someone who pays 100€ for a state of the art laptop knows that it doesn't come from legit sources. So an engraving won't help and who chec

Re:Hmmmm... Selfmade solution?

[sdpuppy]

engraving won't help and who checks laptop engravings

Now you tell me, after I used my bowie knife to dig my name and contact information into the screen of my laptop... :-)

Re:Hmmmm... Selfmade solution?

[Reverend528]

One of the best self-made solutions I've heard of is a custom bootloader image (pretty easy to do in grub). It displays a picture of the owner, his or her name, and a phone number to contact if the laptop is found. It'll be the first thing the pawn-shop clerk sees when they turn it on to test it out.

Re:

[Mr Z]

If I were ever to steal a laptop, the first thing I'd do is take out the HD. Slap the HD in another system as a secondary, so I could scan it for sensitive information (CC#'s, usernames, passwords), and then blast the drive with a squeaky clean install image. I'd do all of this before I even turned the laptop on for the first time. If I were really thinking, I'd probably also take out the laptop batteries until I was ready to flip it.

So how does your boot loader work with that attack vector?

--Joe

Re:

[itwerx]

If I were really thinking

Ah, there's the rub! Most criminals are lazy and/or stupid. The few who aren't tend to be engaged in pursuits far more profitable than mugging.

Re:Hmmmm... Selfmade solution?

[sumdumass]

It would probably mean they would nuke the install and boot loader and reload some other operating system.

I had a note book stolen from my van once. The guy who stole it did exactly this after someone told them I have a script that checks into a website and leaves IP information as well as the location it was accessed the web from. He was having trouble getting rid of it because they didn't know the passwords. Anyways, he had issues getting some drivers installed and took it to my shop to get help with it. This is about 3 months after it was stolen and I guess the ass wipe didn't know he stole it from me. Fortunately, I recognized the product code I had to use to get drivers from dell and after a quick double check, the cops cops agreed. When we called to inform him to pick it up, the cops arrested him.

Of course this was a cluster fuck too, the cops wanted to keep it as evidence, then they wanted me to show my original receipt to prove ownership of it, and then it was lost in their evidence locker for year. I had started to sue the city when they found it and returned it. All in all, I was without it for a little under 2 years (20 months) because of the ordeal. In the end, I wish I just had better insurance and could have just forgot about it.

My advice, don't keep anything personal on it, make sure you have backups of everything, and enough insurance to cover it as a loss no matter how or where it is stolen from. By the time you get it back, you might have already moved on and nothing guarantees they will connect to the internet (and allow you to bust them) before they get anything personal from it. It would be nice if there was something built into the power supply or maybe the Ethernet card so it could be tracked without and OS installed like when charging or when and after reloading the OS. But absent something on a level like that, I don't think anything would be muhc help.

Agreed

[Valdrax]

If those programs can track muggers, they can also track you and that's why I wouldn't trust them. The best way to handle this is to encrypt all your data and insure your laptop against theft. Oh, and daily backups of your data on trusted media which you lock away in a safe.

Essentially, only your data is worth something. The hardware can be covered by insurance.

Agreed. Hands down, this is the best solution, and it will save you in many cases other than theft where you lose data. Modern laptops come with s

Re:

[cayenne8]

"While it's nice to maybe one day find your thief, it's not worth the security and privacy trade-off in my opinion. Besides, you should be encrypting a laptop anyway just as a matter of policy."

Well, the author of the article mentioned it was a windows/linux laptop, and that he couldn't find a tracker for anything but windows.

I put for that that we've FINALLY found a real use for windows. Create a small partion on it for windows, with the tracker software, and only use it for that.

It is doubtful the cri

Re:

[Applekid]

It is doubtful the criminals would know what to do a boot into linux...so, encrypt and protect your real work on the Linux side, and leave the windows part for them to log into when they steal it.

IANALT (I am not a laptop thief), but, if I were to steal one, the first thing I'd do is a reformat/install of my favorite OS, after disconnecting the battery for a few days to take care of any CMOS passwords.

Not that the comedy of having a thief get all caught up with Bonzai Buddy is lost on me, though...

Re:Agreed

[Sen.NullProcPntr]

IANALT but If I were I would try to get the Laptop away from me and turned into Cash as fast as possible. Not wast time Installing an OS, or trying to get pass the password. Also most people who rob others at gunpoint are usually so desperate that they wouldn't think about doing such.... Being that you could do such activities you could at least get a job at CompUSA fixing these things.

The thief may not have time to do this but the fence [wikipedia.org] probably does. After all most car thieves don't strip the car they steal - they take it to a chop shop [wikipedia.org] (is there an equivalent for PC/laptops?).

Your $1k laptop may only get the thief $50 (more than enough for an addict to risk pointing a gun at someone), but the next guy in the chain maybe gets $200-$300 after he reformats the drive and alters the serial numbers, MAC address, etc.

Well, at least...

[msauve]

the DHS [dhs.gov] has found a way to pay for citizen surveillance without using taxpayer dollars.

Re:

[jawtheshark]

I forgot to mention: for encryption you don't need to shell out big bucks like the dolts at the IT department did where I work. Just install Truecrypt [truecrypt.org] and encrypt your data partition. Let that partion map on your My Documents folder and you're done.

I use it on my USB sticks.... Love it

That said, while Truecrypt exists for Linux, I'm sure there is a native way to do encryption without additional software. If anyone has more information about that, I'll be glad to hear of it. (Migrating to Ubuntu full-t

Re:Hmmmm... Selfmade solution?

[Penguinshit]

A pack of semtex in your laptop....

That would make airline travel more enjoyable...

Re:

[SatanicPuppy]

Especially because they reformulated semtex to make it more detectable by bomb sniffing dogs [wikipedia.org]. They'll be on you like you're smuggling milkbones.

Smuggling milkbones

[benhocking]

Remind me to try that (smuggling milkbones, that is) next time I fly somewhere. Boy, would that be a funny misunderstanding. Well, for some definitions of the word "funny".

Re:

[slashbob22]

Well, for some definitions of the word "funny".

Funny: See +1 Funny
+1 Funny: A moderator's intent to see the moderated shamed, humiliated or otherwise injured by their own sarcastic illustrations.

Re:Hmmmm... Selfmade solution?

[Anonymous Coward]

Laptop trackers are a betrayal of the Free Software philosophy.

The Free Software philosophy employs its own method of laptop theft countermeasures. If you install only linux on the laptop, the thief will be so confused, he'll return you your computer. Now that's what I call sneaky.

Re:Hmmmm... Selfmade solution?

[Provocateur]

The only solution? Anti-theft stickers!

ANTI THEFT: Runs Slackware Only!

GENTOO: Not For You

DEBIAN: CUTTING EDGE (2 years ago)

NO GUI: RUNS CLI ONLY

and so on

I kid, I kid!

Re:

[Kingrames]

I was originally hesitant to believe that linux made that big a difference, but it might work that way for mine. It has a fingerprint scanner, which worked nicely at first with vista installed, but I got so frustrated with Vista I tried installing xp - just to remember about that annoying "you have 30 days to register xp before it can no longer work" bit.

I installed fedora on it, and much to my surprise, suddenly my computer asked for my fingerprint BEFORE giving me the opportunity to change the BIOS settin

Re:

[sumdumass]

I don't know. The fingerprint scanner probably isn't fool proof. And if you leave your fingerprints on the computer somewhere, you are likely leaving anything the thief needs to access the stuff.

When I got my first inkjet printer, I noticed that it printed differently then the dot matrix it replace. Soon, we were using the scanner to scan finger prints into the computer and printing them on to paper. We even played around with painting latex on the paper to see if we could wrap it around someone else's fing

Re:

[Technician]

If you install only linux on the laptop, the thief will be so confused, he'll return you your computer. Now that's what I call sneaky.

Even if the thief doesn't know how to log-in, if there is a net connection a simple cron job to sync with your server would provide IP addresses as it phoned home as part of the daily routine. Trace the route and get a court order to find the subscriber of the ISP.

Part of the cron job could be to look for tasks to run. When the laptop is gone, have cron start the keylogger

Re:Hmmmm... Selfmade solution?

[ThinkingInBinary]

Your comment seems to miss the point. First, DRM, like encryption, can be used for good or bad purposes. Properly controlled, you can use it to deny thieves access to your laptop or deny them the ability to remove the DRM, while still allowing you (with cryptographic authentication) to modify it. The point of tracking down the thief is to recover the laptop, since it is worth quite a bit of money. Sure, insurance will cover it, but if you can save the deductible by just finding it, why not? I also disagree that laptop trackers "betray" the free software philosophy by definition. As long as *you* are in control, and could uninstall the software if you wanted, there's no problem.

Second, please don't try to explain how we shouldn't be annoyed when people steal our stuff because they need the money. That's a slippery slope that leads in a bad direction. Besides, like I said, it's about getting the data back.

Re:Hmmmm... Selfmade solution?

[Creedo]

don't complain when someone needs a few hundred bucks, more than you need a PORTABLE INTERNET COMMUNICATIONS DEVICE!!!!!
He was held up AT GUNPOINT! This wasn't a "broke the car window and swiped a laptop" type of crime, this was someone brandishing an instrument of death. Yes, sir, I want that person locked up until such time(if any) as they can be rehabilitated.

Re:

[jinxidoru]

Also, the difficulty with trackers is that the require an internet connection. I suspect that most thefts involve stealing the hardware, not the software. Afterall, if you have a password on your machine, they aren't going to easily boot up the computer. So, I doubt those sorts of things will even work all that well. I could be wrong though.

That said, my friend has a little piece of software on her MacBook where if you try to unlock it without the remote, the iSight camera takes a picture of you then em

Re:Hmmmm... Selfmade solution?

[darkonc]

Then don't complain when someone needs a few hundred bucks, more than you need a PORTABLE INTERNET COMMUNICATIONS DEVICE!!!!!

The guy had a gun. If he really needed the money, he could have sold the gun.

Re:

[Adambomb]

Wouldn't that be like a fisherman selling his boat to afford the fuel?

yes yes, bad, but just sayin.

The problem with your risk/return analysis

[benhocking]

Your car might drive you into the ground first. Please make sure, for your sake and others', that you're at least keeping your car safe.

Re:Hmmmm... Selfmade solution?

[AndersOSU]

How-To [dell.com]

Active Countermeasures

[Anonymous Coward]

I use a built in grenade on a timer you must reset every 24 hours.

I did forget to reset it once with tragic consequences. I really miss that dog.

Oh well, its the price you have to pay for security.

Let me guess

[Anonymous Coward]

O.J. just wanted those jpegs of him and hoover that were in your documents folder.

Don't bother.

[Bartab]

First thing that happens is the laptop gets wiped.

Re:Don't bother.

[MitchInOmaha]

Only if they're reasonably smart. We had a thief call Dell Support after he could not get logged in. Duh. -- Mitch

Re:

[Iphtashu Fitz]

First thing that happens is the laptop gets wiped.

Not if it's a properly configured MacBook laptop. If you set a firmware password then they can't simply wipe & re-install. That, combined with a product like Undercover [www.orbicule] from Orbicule can make recovery of a stolen MacBook much more likely.

Re:

[drawfour]

If they can't get past the firmware password, then they'll just destroy the laptop. So a software application doesn't help, because the OS never booted. If they're competent enough to get past the firmware password, they're going to be competent enough to wipe the hard drive.

Re:

[drawfour]

So who's going to buy a laptop without being shown that it works? A pawn shop certainly isn't going to let you pawn it off to them unless you can show it works, and anybody with a slight amount of sense is going to as well. Maybe they can find someone who's going to buy it without even turning it on, but I doubt that.

Yes, laptops are a crime of convenience. And so is selling them. If it's not convenient for them to sell it, then they're going to toss it. Into the nearest garbage can, maybe just toss

Re:

[walt-sjc]

Oh please. There are ways of bypassing firmware passwords on every machine. Google is your friend.

Re:

[p0tat03]

You do not understand the vast majority of laptop thefts. Sure, if this was a targeted hit and the perp is after some confidential data on the drive, then yes, they're likely to know every trick in the book. Keep in mind the average laptop thief is not even very technically savvy - they may know enough to wipe your personal settings, or even enough to reinstall the OS, but the VAST VAST majority will never crack the case open.

I've crossed paths with a few people who were selling hot laptops in university,

Laptop security is possible

[jmorris42]

> I think it's a foregone conclusion that there's a reset jumper somewhere on the MacBook. You and
> I not knowing where it is doesn't make it any less so.

Or not. Laptop makers have become serious about security because so many customers demanded it. Not sure what Apple is doing exactly, but if a Thinkpad has a hard drive password set the only way to defeat it is to send the whole unit along with either documentation proving ownership or LEO creds to one of a select group of data recovery houses. Th

Re:

[bcattwoo]

First thing that happens is the laptop gets wiped.

That's what I was thinking, especially if the thing boots up Linux by default. It would be pretty easy to roll your own solution and hide it in one of the start-up scripts though.

Re:Don't bother.

[A non-mouse Coward]

First thing that happens is the laptop gets wiped.

Exactly. There are only two motivations for theft of a laptop:

1) The hardware. In which case, the data will likely be destroyed immediately. There is no guarantee the machine will be booted with your hoodwinked "locator" software in tow.

2) The data. In which case, the drive will be imaged or some other "offline" method will suck up the data without booting the OS's controls.

The reason why remote wipe/kill functions work on a small device like a blackberry is because the service provider's network is required for the device to be usable. And even then, there's still the option that the theft is hardware-only motivated, and the thing will get wiped anyway. The blackberry wipe wasn't ever really intended on being used for a physical recovery method.

Potentially, a system BIOS would be a good place to run a "phone home" program, except that it would require advanced components, like a TCP/IP stack, etc., to run properly, and it could still be easily wiped by replacing the firmware with boot media. Apple, for that matter, has an upper hand at such a tool since they "own" both the hardware and software. But either way, what you're attempting to do is no more possible than DRM (and Slashdotters know that DRM is nothing short of an attempt at perpetual motion).

So lesson #1 is protect your data and insure your hardware. And please remember, that "protect your data" really could mean not having a copy of your data on the laptop at all. After all, encrypted data in the hands of an adversary is still your data, just with a time-sensitive lock on it (the length of time needed for CPU power to increase where access is trivial, or the length of time a well-resourced adversary will need to destroy today's top crypto).

The actual product tracking companies are selling

[jmorris42]

> I'm willing to bet a free program could be almost as useful, with maybe a bit more work if the thing is stolen.

No it couldn't. The software is trivial. A program that sends a web request with the serial number embedded in the url a few seconds after a network interface comes up is all that is needed. But once you know your laptop is at IP x.x.x.x that doesn't do YOU a damned bit of good. No ISP is stupid enough to give you the IP+timestamp to physical connection point mapping for liability reasons. Think it through and imagine the Pandora's Box doing that would open. That is what you are actually buying from the tracking company, their preestablished relationships with law enforcement and the ISP community. Once known and trusted as a laptop tracking company they CAN get that info into the hands of law enforcement. Although I bet for legal reasons the tracking company itself NEVER sees the phone number/node/physical address.

Re:Don't bother.

[QuantumRiff]

Actually, Some of the newer Dell and HP laptops have the tracking software built into the bios/motherboard. Were looking at using it in combination with the Encrypted laptop hard drives, and fingerprint readers.. For us, its not so much about getting the laptop back, but making sure they can't get at our data. Privacy of our customers is critical. Also, the Computrace stuff built into the Dells can be told to remotely wipe the hard drive.

Re:

[vertinox]

First thing that happens is the laptop gets wiped.

Most people stealing laptops at gun point aren't that technically inclined or professional. There have been documented instances where the thieves were viewed with the built in laptop camera. Most of the time the they only grabbed the laptop from you because it seemed valuable.

Secondly, if you go to a pawn shop and pickup a laptop you can usually get the last owners personal data.

However, thieves that target laptops professionally will probably wipe your dat

If you have a Macbook

[Iphtashu Fitz]

Go check out Undercover [orbicule.com] from Orbicule. Even if you don't have a Mac you should go read the success stories that they have posted (complete with photos of the perps taken from the Macbooks built-in camera).

Re:

[dollar99]

I checked out the undercover website and noticed that in one of the perp snapshots the dude is in the bathroom, sitting on the can. I'm not sure if I'd want my Mac back after seeing that pic.

Roll your own or wait...

[Dareth]

Either roll your own or wait. If you are lucky, someone will rob Linus Torvalds of his laptop, all production on the kernel will stop while Torvalds and friends crank out a "stolen laptop tracking system" that is greatly superiorthan any other.

If you are really proactive, you could go steal his laptop yourself. That way you have another laptop to use, and you will jumpstart this scenario.

Re:Roll your own or wait...

[pugugly]

BRB - off to mug Linus

Re:

[norton_I]

Better make sure Tove isn't there, she will kick your ass :)

Re:

[slimjim8094]

I hear he sleeps with nunchucks

Re:

[QuantumRiff]

Heaven help us Linux users if some commercial company were to get access to the source code for the Kernel!

Why do we need another tracker?

[LM741N]

When we have Microsoft Vista tracking our every move on the computer, installing unwanted software, etc.

Re:

[White Shade]

That assumes someone would A) install vista, and B) want to steal a laptop with vista on it.

neither are likely ;)

Re:

[LM741N]

Nonsense, people keep MS on their computers "just in case". Eventually it will get booted. Remember, these are criminals, not Linux geeks!!

Re:

[everphilski]

then my laptop is safe! woot!

(I bought a laptop Circuit City had on sale for $350 a few weekends ago, regular price $600. Sempron 3600+, 80GB hdd, 512M RAM, GeForce 6100, widescreen. Popped in a gig of RAM. I'm actually suprised how well Vista runs on it, given the Sempron processor. I installed XP and ran it side by side with my favorite MMORPG and couldn't tell the difference. But anyways...)

Linux Monitoring

[Nosklo]

It seems to me that you can always install some software like that yourself. Once I lost my laptop in my own house. Since I have ipcheck [sourceforge.net] in a cron job, updating my laptop's IP address on DynDns [dyndns.org], I just SSHed into it and made it play loud sounds until I found it under the bed. (I don't answer questions about what it was doing there)

Re:Linux Monitoring

[everphilski]

kinky.

CompuTrace

[ironwill96]

Our University is using CompuTrace/Lo-Jack on our laptops. AFAIK, this is built into the BIOS and is not something that nuking the OS etc can remove. It allows for tracking location OR the option of remotely nuking the data on the drive to stop identity theft. It is a pretty widely used system and I think they are also responsible for the Lo-Jack system that Police Departments use to track physical equipment such as construction equipment when it is stolen. The website is here: http://www.absolute.com/ [absolute.com]

Re:CompuTrace

[packetmon]

I suggest you read about Computrace and how they offered me money to hush and go away with their false claims. http://www.infiltrated.net/lojack.pdf [infiltrated.net]

Re:

[ironwill96]

The assumption you have here is that some thieves are not complete morons. Some thieves are smart enough to do the easy workarounds like you said, but there are others (many of them) who are not and will easily get caught. I view most of these solutions merely as "deterrence" more than an actual way of recovering the items. We had some computers stolen, we put in cameras and large signs notifying people they were under 24-hour surveillance. I think the signs are probably more effective than the actual c

Re:

[ironwill96]

Browsed a little more on their website and found this tidbit: http://www.absolute.com/products-core-technology.asp [absolute.com] Looks like the BIOS install I was talking about only works if an OEM mfrer puts it there. I'm not sure if as a personal product you can get that functionality (self-repair even after hard drive wipe or re-image of machine). We use Gateway machines here so we have it pre-installed into the BIOS so the hard drive wipe scenario or hard drive replacement or service disable doesn't matter. The B

Cron

[delirium of disorder]

Just set up a cron job to periodically connect to any server that you have access to. Make it connect to an obscure port or just request a non-public file (not indexed nor linked and with a long obscure name to keep crawlers/bots off it). Check your logs and you have the IP address that your thief is using.

If you want top be super paranoid, install a keylogger and set up a cron job to periodically scp the files to an ssh account you own. You would have every password, url, word processor document, etc typed by your attacker.

remember, people trust the computer

[geekoid]

and believe what it tells them.

Just periodically have it pop up a dialog that says something like "To begin routine maintenance, please enter the password otherwise click cancel"

The if they fail to enter the password, it shoots you an email the contain a trace from it to google.com, or some other site that is unlikely to move. If it connects through a wireless device, be sure to have it email that info as well. Also turn on a key logger and get that information. It's actually pretty easy to do. Could probab

Dell has this in many of their laptops BIOSs

[Ransak]

Dell has been embedding Absolute's Computrace [absolute.com] in many of their laptops (I'm typing this on a SuSE 10.2 install [roboguys.com] on a Dell Latitude D820 that has it enabled). Once you enable it in the BIOS, there is no way to disable it without physically removing and replacing the chip.

Re:

[Socguy]

I work for an organization that has a deal with Dell, they supply all our computing needs. We had a laptop go 'missing' and shortly thereafter the tracing program suddenly stopped functioning. Now, I don't work in IT, but the guys assured me that the tracing software was extremely difficult to remove. I know the individual in question, and let me assure you he's not the brightest bulb, so-to-speak, so obviously there are people out there who are fully capable and aware when dealing in this kind of mercha

Re:

[Creepy Crawler]

Since it's a laptop, we can assume to know what wired and wireless hardware it runs. Knowing that, we can then shim direct data through the NICs. Better yet, if we can query NIC information via ACPI, all the better.

I have a question for the question...

[lena_10326]

There are companies out there which, for a fee, install tracker software on your laptop. If it's stolen or lost, they track its whereabouts whenever it gets on the 'Net and work with local law enforcement and ISPs to find the machine.

I've been the victim of a stolen vehicle before... and I know police really don't give a diddly squat about stolen vehicles. Sure, paperwork will be filed but that's all they do. When a stolen vehicle is recovered it's almost always recovered due to happenstance. So, my question is.. what makes anyone think police care about your $1000 laptop when they barely care about your $20,000 vehicle as it is?

Even with an IP address, postal address, and mapquest directions to the thief's house, I have a hard time believing an officer will put down his chocolate iced donut to go knock on doors over a laptop.

Re:I have a question for the question...

[bigdavex]

I've been the victim of a stolen vehicle before... and I know police really don't give a diddly squat about stolen vehicles. Sure, paperwork will be filed but that's all they do. When a stolen vehicle is recovered it's almost always recovered due to happenstance. So, my question is.. what makes anyone think police care about your $1000 laptop when they barely care about your $20,000 vehicle as it is?

The impression we get from TV crime drama is out of touch with reality. For lack of resources or otherwise, even violent crimes don't get the attention CSI portrays. I was shot by a robber at a friend's house, and the detective declined to review the crime scene with me. When the police allowed my friend back into the house after they collected the evidence, he pointed out the shooter's hat was still on the table.

There's nobody with tweezers going through the carpet looking for hairs. Nobody really gives a shit about a laptop or a car except the victim.

Re:

[Angst Badger]

No kidding. When I was young and wild and involved in a bunch of very minor infractions of the law, I couldn't get rid of the police.

Now that I'm approaching middle-age and actually have assets worth stealing, I can't get the police to do anything. I stopped reporting break-ins a long time ago. The few minutes I spent on the phone trying to convince someone to let me file a report were better spent cleaning up the mess.

Re:

[garnetlion]

Seriously! How many times were the police on my ass and my friends' asses when we were 12 or 13 smoking cigarettes? And where were they when my house was broken into? Probably out hunting down truant teenagers.

In all fairness, it probably has to do with complaints. No one but me bitches that some jerkoff broke into my house, but I bet the whole neighborhood calls in to report loitering teenagers. As public servants, they have to follow the guide of public interest.

Re:I have a question for the question...

[Anonymous Coward]

I was shot by a robber at a friend's house

For the love of... I shoot you just once and you won't shut the hell up about it!

Re:

[umStefa]

Call me old fashioned but I still like to believe that the majority of Police do have an interest in protecting the public, the members who are only interested in the power trip are a minority (although the do exist).

As a personal example, a couple of years ago I had a bike stolen from my garage. It was probably only worthy $200-$300 and I figured the chances of the police finding it where non-existant so I didn't bother to even file a police report. About 2 weeks later I was driving on the other side of to

Don't worry about Ubuntu

[gosand]

If you have Linux on your laptop, they won't be able to figure out how to get on the net anyway, especially via wireless. :)

could be done with LinuxBIOS

[ecloud]

The thieves would have a harder time wiping that, and if it looks "normal" enough they might not suspect that the machine is reporting itself. But there are not many choices of machines on which it's possible...

Stop (R)

[vtechpilot]

I had, er, still have but no longer use, a laptop that had a Stop Security Plate [stoptheft.com] on it. The basic idea is that it has contact information on it that anyone can call and verify the ownership of the property. If the plate is removed, it leaves a permanent mark on the property indicating it is stolen property. The nice thing about this product is that it is not software based, so it will work on anything with a large enough flat spot to glue the plate to.

Re:

[CaptainPatent]

The problem with systems like this is with the plate in place, only people in close contact with the person who stole the laptop would ever be suspicious if the laptop is stolen and only a select few people who know how the system works would recognize the mark.

Re:

[walt-sjc]

Silly. So all the thief has to do is stick a NEW plate over where the old one was, with the same type of adhesive.

Why bother at all?

[johnthorensen]

There are two reasons to care about a lost/stolen laptop: 1) losing the value of the laptop itself, and 2) the value of the data within.

For the value of the laptop itself, I would argue that the cost of any tracking solutions is bound to be more than (the chance of laptop being stolen x value of laptop itself). This comes down to the age-old question of 'whether or not to buy insurance'. In this case, it's just not worth it - especially considering that you're buying insurance that may or may not 'pay' in the event of a loss!

Regarding the value of the data contained in the laptop, my reasoning is that if you are carrying around data that is *truly* valuable, then being able to get the laptop back if stolen is the least of your worries. If you are not responsible enough to keep valuable data either by your side at all times, or in a safe place, then you aren't responsible enough to be working with said data to begin with. Secondly, if people are clever enough to track down a laptop with valuable data in the pursuit of corporate/governmental espionage - they're damn well clever enough not to hook the thing up to the internet. Finally, if by some chance the swipers decide to drop the thing off at the pawn shop in order to make an extra $100 (yeah right), by the time you get the laptop back the real damage has been done anyway.

Summary: tracking services = waste of time. -JT

Teddy says...

[EaglemanBSA]

Speak softly and carry a big stick...and hit him with it. Unless he's got you at gunpoint...where on earth were you that you got held at gunpoint for a laptop, anyway?

You could script it for Linux

[wytcld]

If you install Perl and the Mail::Sendmail module, you could have this script triggered from, for instance, the boot sequence, or a cron job, or really from just about anything you expect will be unobtrusive and regularly run:

#! /usr/bin/perl

use Mail::Sendmail;

$subject = "your laptop";
$message = "Wish you were here!";

if ($message ne "") {
%mail = ( To => 'You <you@somewhere.com>',
From =>

For Linux.....

[Creepy Crawler]

1. Set up a DynDNS account, and do the pay thing for "ownership" of the dns name for a time.
2. Set up on Linux a DynDNS client updater. Do the same for Windows.
3. Set up a secure rootkit with your authentication. Use kernel module hiders and use the kmod that hides certain port sniffing.. Its in HoneyD

When you deal with a thief...

4. Locate the IP address via DynDNS. Log into the stolen machine.
5. Stream the audio from mics (pipe it from raw device to mp3 and send compressed). Do the same with webcam if it w

Re:For Linux.....

[Chineseyes]

4. Locate the IP address via DynDNS. Log into the stolen machine. 5. Stream the audio from mics (pipe it from raw device to mp3 and send compressed). Do the same with webcam if it works with Linux 6. Go then show up and stick that fucker up with a gun. See how he likes it. "I want my laptop back.."

7. Get arrested for assault with a deadly weapon
8. Go to jail

I'm not sure where people on slashdot get some of these retarded ideas from but I know someone personally who was held at gunpoint for his belongings when we were in college. The thief used his cellphone that very night and with the help of the cell company he was able to get all of the numbers the person called. A reverse directory lookup later he had the address of one of the thieves friend/female family member.

After waiting in his car for two days (no shower, no sleep) he finally saw the guy who robbed him walking to his girlfriends house and held him at gunpoint. The guy who had originally robbed him called the cops and told them HE was held at gunpoint and guess where this genius is at now? In a state prison doing his third year for assault with a deadly weapon. When he was sentenced the judge told him that he didn't see any difference between him and the guy who he was robbed by.

Before you start posting on slashdot advocating vigilante justice I suggest you think about the consequences of being a vigilante. You aren't dog the bounty hunter and this isn't A&E.

What's the risk?

[nate nice]

How much are you going to pay for the software and then how much are you going to pay for monthly fee? Is it worth it? For a computer?

As another read said here, the only thing really worth anything is your data. Back it up and save it. Encrypt it on your disk.

Is it really worth it to pay possibly 10% of the new value of the computer, if not more, to maybe catch someone who stole it in the unlikely event it gets stolen?

Using software like this reminds me of buying a lot of warranties. They generally are

software != best idea

[weirdcrashingnoises]

software can be deleted, chances are the hard drive will be wiped, so all ur data's already gone

really the best idea is to call chuck norris, and convince him roundhouse kick every laptop thief in the universe.

Simply spread

[antifoidulus]

random bodily fluids all over the laptop. Nobody will want to come near it, let alone steal it.

Don't use anything software- or firmware-dependent

[sczimme]

A decent alternative has nothing to do with the OS or the BIOS. There are a number of security devices available, but I like this method:

- The laptop (or laptop bag) has a module on/in it.

- There is a another module that fits e.g. in your pocket.

- If the distance between Module A and Module B exceeds N meters (configurable, and/or varies by product), the modules generate a loud and piercing alarm.

The idea is that the thief will become unnerved and will drop the stolen item.

...but will it survive DBAN?

[mwilliamson]

I can't see how anything that isn't tied to BIOS could possibly survive a DBAN erasure, or even a simple dd if=/dev/zero of=/dev/hda from a linux live CD. This pretty much rules out anything that isn't from the manufacturer. I think there's a lot of snake-oil in this area, partially because it catches the idiots who comprise the majority of criminals. If mediocre security products are vindicated by the fact most criminals are idiots, then I guess this is OK in some twisted fashion. LoJack for Laptop's

A linux solution...

[Brian Gordon]

...to spyware? Doubt it.

Nothing is BulletProof, but do it with HARDWARE

[Kyrka]

I've been down this road several times... and can't say enough good things about CompuTrace. Most of their staff are former law enforcement, and there is an "insurance policy" for lack of a better word that accompanies situations in which they locate the device but it's in, say, the Soviet Union and the like. (For example, if stolen, properly reported, and unrecoverable within 30 days you get $1K the first year, $500.00 the second, and $250.00 the third towards replacement.)

To me, the most vitally important aspect is going for something that is hardware based. With TPM enabled bios and such these days on a modern laptop, the client is embedded and does not rely on your OS whatsoever. This is great considering most of what we seem to be discussing in this thread is Linux.

CompuTrace worked so well that in our tests (and later, based on four thefts out of 300 systems) that we noted the following: - I can wipe the hard drive (even low-level format) and the system will _still_ phone home immediately once on the Internet. - If you take the hard drive out and place it in a different system, _THAT_ system _also_ phoned home, based on the TPM components there.

(This was mostly HP TC4200 and HP TC4400 tablets.)
www.absolute.com

Orbicule's Undercover for OS X (yeah, not Linux..)

[5n3ak3rp1mp]

http://www.orbicule.com/undercover/ [orbicule.com]

I use that on my mac machines. I know it's not linux specifically but I just thought I'd toss that out there. It uses the built-in cam to take clandestine photos, too...

Linux is easier and free

[JustNiz]

Just set up a cron job on your laptop to run traceroute to some arbitrary place (say google) and email you the output twice a day.
Have the spam filter on your inbox just toss the email away until the day you need it.

It does rely on the thief not knowing enough to fire up linux in sngle-user mode and kill your crontab entry, which is probably a safe bet.
Or (more likely) to just blow away your whole linux partition with a fresh windows install, but that would even affect a commercial product the same, unless it was hardware-based.

BIOS-level via OEM

[belgar]

Absolute Software might have what you want:

Absolute BIOS-Level Protection [absolute.com]

(Disclaimer: Not involved with these guys at all -- did a training session with some of their developers several years ago, and was impressed by their pitch)

duh

[InvisblePinkUnicorn]

Because nobody knows how to remove that little battery inside your computer to reset the BIOS.....

Re:

[halivar]

Not the kind who mug people at gunpoint; no, they don't.

Re:

[orclevegam]

so the thief can't use it such that it's worthless to him :)

At least until he pulls the CMOS battery. With unfettered physical access to the hardware, there is no possible way to secure it completely. You can make the job tougher by having custom hardware that does things like put a bunch of chips into one of those surface mount resin blobs you see in some cheap consumer gadgets, but even those can be gotten around with enough effort.

Re:

[bcmm]

You need to set it up so that if you don't run a certain script once a week, the Goatse wallpaper happens.

Re:

[packetmon]

Again... I linked to Verichip directly which is doing something with Department of Defense (Coast Guard I believe) to replace dog tags. They can be tracked via satellite ;)

Re:Held up at gunpoint?

[everphilski]

I did not steal a notebook, but had I stolen a notebook, here is how I would have done it ...

Re:

[SatanicPuppy]

Lot of them claim to be written at a lower level than windows checks, whatever the hell that means. It's all snakeoil. To get a really reliable system you have to get a lo-jack or some other theft tracking system, and those you have to pay a monthly fee for.

Just get it insured, and keep your backups current.