Domain: orbicule.com
Stories and comments across the archive that link to orbicule.com.
Comments · 28
-
Re:Prey
On a Mac with a firmware password, it'll be a fairly useless thing to do, though... If you reformat, AFAIK it won't boot anymore (is that right?), and before reformatting, it won't boot from any other media but the hard drive (I'm sure of that). Plenty of thieves are silly enough to use the conveniently enabled guest account. That's plenty enough for undercover to check in, with their picture, too.
-
Undercover
Install Undercover http://www.orbicule.com/undercover/. Assuming you buy another Mac
:) Awesome bit of software. -
Re:Ghostery
I've been using incognito for Safari for a while now, but it looks like ghostery might be more comprehensive. I'll have to check it out. Thanks.
-
Re:Plugins
Defacer is great, and it automatically removes (part of the) button clutter. For some added Google protection, there's also this: http://www.orbicule.com/incognito/
I'm not sure if Top Sites in Safari load all scripts, but at the very least it loads images, which are also used for tracking, therefore Defacer is probably not enough.
-
Re:FUD
Reading this it becomes instantly apparent that "unauthorized use" is referring to users of stolen devices.
Yeah and it ties in nicely with the stories that turn up from time to time of people getting their stolen laptop back because they snapped a picture of the thief and did an ip lookup, or people getting iPhones back using the already existing GPS lookup called, appropriately enough "Find My iPhone". Here's just one example ("Stolen MacBook Victim Uses Screen Sharing and iSight to Bust Thieves") and there's already a product which does this for macs called Undercover.
Guess Apple likes the idea and wants it on the iPhone. -
Re:Report it to the Univeristy's judicial board...
I have a friend who was in a similar situation a while ago. Luckily, he had sshd running and the thief wasn't behind NAT, so we had ssh access to the machine once we found its IP address. The local police didn't know about IP addresses, so we were unsuccessful in motivating them to subpoena the ISP. However, we were able to remotely install Undercover, which used nearby SSIDs to give an approximate location of the laptop. Based on our work with Kismet and a directional wifi antenna, we were able to localize the thief to a single apartment building. With this information, the thief's name (gleaned from monitoring the thief's visits to myspace), and a multitude of webcam photos of the thief, the police managed to just walk in to the front office, get an apartment number, and retrieve the laptop. Unfortunately, none of this will help if you don't have remote access...
-
Re:Tell Your Wireless ...
They've enabled locations in HTML5. I was playing around with "Dive into HTML 5" and for fun clicked on the "Locate me". It was dead on. Even though I was going through a Proxy server (so I know they didn't find me through IP). Scroll to the bottom, it's "A complete live example"
Prey Project using it as the geo locator for theft recovery. I've had Orbicule's Undercover for a while, and they use Skyhook. Prey Project is 100% open source (all bash scripts more or less) and digging through they're using Google's location APIs to locate devices.
So basically Google now has a 'sky hook' type service that anyone can use for free. Not just that. Every single smart phone that doesn't have GPS built in, now has a 'near location' enabled. Meaning that google can provide location based results even without a GPS.
-
Re:Sounds Half-Assed
Remote webcam activation is a pretty standard feature of anti-theft software. The idea is to locate the laptop (via network connections, whatever), and identify the thief (webcam snapshots). The two goals work together. Check these stories out: http://www.orbicule.com/undercover/mac/nc.html
-
Re:Damn Good.
If my laptop were stolen, I'd be using all of its capabilities against the thief (in fact I have Undercover installed). I'm sure whatever software they have will log IP addresses, but the webcam just provides more evidence.
-
Re:Tape
From what I understand, there was no capability to remotely record a video. It was an anti-theft measure that could be used to snap photos (same as some of those iphone apps, or http://www.orbicule.com/undercover/ for macs, or one of the million programs that can be used to take a picture with a webcam on your stolen laptop) and that was supposed to only be activated after a theft was reported.
So obviously someone made use of that capability when they shouldn't have. The question is, was that person following policy or acting on their own? The software and capability isn't unjustified, it seems like a good thing to have on a school-given laptop. My guess is that there was one or a few people who were taking these snapshots when they weren't supposed to, saw a kid doing something bad, decided it was their job to do something about, and are now going to get the school district in a whole shitload of trouble.
See the school district's response here: http://www.lmsd.org/sections/schools/default.php?m=&t=hhs&p=hhs_today_anno&id=1138 -
Re:making thievery more risky - good!
In addition to Undercover on my Mac, I've made some home rolled solutions.
1) Installed AutoSSH and set it up ssh back to a Virtual Machine (sandboxed) on my home server. Also helps if I leave my machine on somewhere safe but forget (or aren't able) to forward ports. It has a reverse port forward to the ssh server on my Mac. Meaning anytime I can get to my home server and so can my Mac, I can get to my Mac.
autossh -M 9005 -D 1080 -R 2222:127.0.0.1:22 www.example.org
2) Another LaunchD (cron) process that curls a simple URL through the ssh socks proxy (ssh -D) that is a simple 1 or 0. (1 Stolen, 0 Not-Stolen). If it sees that it is stolen it'll just start taking pictures with the iSight (iSightCapture) and the desktop (screencapture) and uploading them to my host through scp. Literally in a while loop so as soon as it gets one photo, it gets another, and another, and another, etc...
3) I have logKext, a password keylogger, installed. Every hour (keyLog-00h.log) and then once per day (keyLog-20090824.log) it uploads a copy of the encrypted log to my host. If anyone steals my laptop and uses it to type anything personal (e-mail, passwords, phone numbers) I'll immediately getMost thieves aren't what you see in Oceans 11 after all your money, they're low income thieves. When someone broke into my car and stole my wallet, both credit cards were immediately used at 2 Walmarts 10 minutes in either direction for $300-$500 repeatedly until I called to cancel. They're not going to wipe the drive, do an EFI wipe to ensure there are no 'bios' keyloggers.
I wouldn't be surprised if the first thing a thief around here did was check his or her facebook and myspace page and then send an e-mail to his or her friends using a hotmail account.
-
If you don't want to pay $99 for MobileMe
....Perhaps this would be an alternative:
http://www.orbicule.com/undercover/iphone/
Not nearly as cool as MobileMe, but likely as effective (and perhaps safer too).
-
Re:vs iPhone
... the iPhone's keyboard isn't perfect and even less so when the iPhone assumes you're a moron that can't type and "corrects" what you meant to type with a completely different word...
Well, maybe your phone is right about you being a moron, because you can go to Settings -> General -> Keyboard and turn off auto-correction.
Owning a BlackBerry (work) and an iPhone (mine) I infinitely prefer the iPhone's keyboard. (And before my iPhone I had two Nokias with physical QWERTY keyboards so I'm not just preferring the iPhone's because it was my first exposure to a full keyboard on a phone.) You can type faster and with a lighter touch since you don't have to physically press each key, and holding the phone with one hand and typing with that thumb is a whole lot easier. And whoever thought of putting keys in anything but a straight line (BlackBerry Curve 8830, Palm Pre, and the number pads on my old Nokias) should be shot.
That said, I really hope Apple allows background apps soon, if for nothing other than Undercover. The Pre looks nice and they're doing some cool things but I won't be getting one since a) I don't have any worthwhile contacts in social sites that I need my phone to automagically gather and b) I don't need to carry around a calendar. Mainly, I'm happy that the Pre is out to give Apple some much-needed competition and force issues like MMS, video recording, background apps, etc.
-
Orbicule's Undercover
Undercover, from Orbicule, has been doing something similar for Mac laptops for a long time:
-
Re:Reformat HD = Free Laptop?
Not everyone is a *nix geek. Yes there is a linux way to do things but not everyone wants to deal with that. There is an OS X and a Windows version.
I bought my sister, brother and myself a version of Orbicle's Undercover which does everything this does and a bit more. It'll take pictures of the thieves (if your Mac has a built in iSight), change contrast, etc.)
I was pondering making my own group of shell scripts do do something similar.
curl -O mywebsite/stolen.txt. Leave it at a 0, then make it a 1 when my laptop is stolen. Then have it do weird stuff. isightcapture can record pictures of someone as soon as the lid opens or during invalid login attempts. There are apple scripts to change the monitor contrast, computer volume, say stuff. (All of which Undercover does).As soon as it detects it is in an Apple Store (by host name) it cranks the volume up and announces "This laptop is stolen. This laptop is stolen."
I thought about how much work that would take and I thought, meh. I'm watching TV and bought Undercover.
Finally, this is open source. Isn't that what the slashdot crowd bitches about most "ZOMG IT'S NOT OPEN SOURCE BURNNN". Someone took the time to build an installer for 3 different systems, make it so it used a DHS so you didn't have to configure FTP settings (You know not everyone has a my.website that they can read logs on daily) and all 1/2 the people here can do is bitch about how stupid it is or easy it could be to do with cron.
Thieves are stupid. Most will boot the machine and use it. Look at Orbiclue's "success stories." One thief loaded WoW then tried to delete all the personal files of the person. This isn't going to stop a corporate hacker but the jackass that breaks into your car, you might have a chance.
-
Undercover
Undercover does this sort of thing. It transmits network information, screenshots, and pictures from Macs with iSights. http://www.orbicule.com/undercover/
-
Undercover (Orbicule)
I have a Macbook Pro and decided to get Undercover for it. It's easy to set up and doesn't require a subscription, unlike some of the other programs out there. I'd read a bit about it before getting it, and the thing that really helped me in the end were the success stories that they have posted on their website. The fact that it makes use of the MacBook's built-in video camera to snap pictures of whoever is using it really impressed me.
-
Mac Solution
There's a really good Mac Solution - Undercover. Check their Recovery Case Studies.
-
Mac Solution
There's a really good Mac Solution - Undercover. Check their Recovery Case Studies.
-
Orbicule's Undercover for OS X (yeah, not Linux..)
http://www.orbicule.com/undercover/
I use that on my mac machines. I know it's not linux specifically but I just thought I'd toss that out there. It uses the built-in cam to take clandestine photos, too... -
Re:I have a question for the question...
Go to Orbicule and read the success stories about their Undercover product for Macs.
I must say.. that one story is impressive. Screenshots of a face certainly would escalate the case as it boils the officer's job down to comparing a face to a photo. Easy arrest.
Too bad built in cameras don't exist on all laptops. And, too bad not all criminals are dopey enough to boot the machine up "as is" from a personal home net connection. A professional thief would know better.
I view Orbicule as a temporary band-aid though. It can only work if thieves don't know about it or are amateur first-timers. Once a few busts get news press, they know about it. -
Re:Why bother at all?
I would argue that the cost of any tracking solutions is bound to be more than (the chance of laptop being stolen x value of laptop itself).
I bought Orbicule's Undercover for my MacBook Pro for all of $59. The license covers up to 5 Macs so I can install it on other Macs as well. There's no monthly costs for their service. I consider that money well spent for protecting my laptop. The success stories posted on their website demonstrate that laptops can be recovered within a couple of days in close to the same condition as when they were stolen. -
Re:I have a question for the question...
Go to Orbicule and read the success stories about their Undercover product for Macs.
-
If you have a Macbook
Go check out Undercover from Orbicule. Even if you don't have a Mac you should go read the success stories that they have posted (complete with photos of the perps taken from the Macbooks built-in camera).
-
Burglar alarm
is already there. And they can take a picture of the theft too.
-
Utter Bullshit.From the Undercover FAQ:
Can I uninstall Undercover?
Errrrr, impossible? What a stupid thing to say. Admin password recovery is trivial under os x. And a serious thief would reinstall os x before reselling.
Yes, you can. If you haven't registered Undercover yet, you can uninstall Undercover by clicking the Uninstall button in the setup assistant that's part of the installation process. If you are a registered Undercover user, please contact us and we will send you uninstall instructions. During uninstall you will need the Administrator password, to prevent thieves from uninstalling Undercover.
Can Undercover be uninstalled by a thief?
For a thief, uninstalling Undercover is impossible. You can only uninstall Undercover if you know the Administrator password for the given mac.
In other words, this piece of software is useful only to:1) Stupid people (who are reassured by a false sense of security)
Oh, and anyone tempted to quote the following from the faq at me:
2) People who want to spy on someone.What if someone does a clean install of OS X on my machine?
1) Bypassing the firmware is also trivial on Apple machines - all you have to do is add some Ram, and boot
You can prevent this by installing a firmware password. You can find the firmware password utility on your Mac OS X Tiger DVD (in /Applications/Utilities/ on the disc). :-/
2) Noone has a firmware bios password.
Oh, and last thing - again from the FAQIs it possible for Undercover to work behind a firewall?
Bullshit. If they could do that, they would be selling that, not their little toy spyware app.
Yes, Undercover has the ability to autodetect any proxy or firewall settings used to connect to the Internet. Undercover collects and autodetects the necessary settings to access the Internet even if your firewall requires a password.[emph mine] -
Re:More Mac Theft Software
The problem with Orbicule's approach is that their software can easily be removed by wiping the disk. Orbicule claims that setting a firmware password would help, but at least in PPC macs the OF password can be reset by changing the amount of RAM installed and then zapping PRAM three times, thus offering virtually no protection against thieves. It would be nice if unauthorised physical access to DIMM slots could be hardened somehow, so that complete disassembling of the laptop would be necessary to change the amount of RAM. That would hopefully make things complicated enough to get thieves to abandon the computer.
Apple's documentation does not explain the procedure for x86 Macs, so I don't know about those. -
More Mac Theft Software
I'd recommend Undercover by Orbicule. It runs continuously in the background, and if your laptop is ever stolen then you call up the company and they set it to transmit it's location every time it connects to a network. Of course since my laptop has never actually been stolen I can't really tell you whether it works or not.