Slashdot Mirror
Laptop Anti-Theft Devices
mathin writes: "The NYTimes has an interesting article about laptop theft 'alarms' and services to help track down your laptop if it's swiped." Laptops are a lot like bicycles: if you have a 50-pound laptop, it doesn't need a lock.
The majority of the companies I work with use capital insurance policies to cover the cost of replacing stolen equipment. With the proliferation of anti-theft devices, will insurance companies take the automobile route and provide discounts for using them? Or will they begin to require such devices to provide coverage at all?
A couple of years ago, I bought a brand new laptop. I went into a store for a couple of minutes and left my month old laptop sitting on the seat of my car, door unlocked (stupid, I know), knowing I would only be gone for a couple minutes.
When I got back home, I tried to boot up and nothing happened after the fan kicked on. After a couple of minutes of jiggling the power cord wire, I opened the case and found that my processor was stolen along with my two 64MB ram units. Someone had bothered to open it up, take the stuff, and close it again
That is definitely a situation in which tracking would not have helped.
*everything* is Orwellian to cats.
If your laptop is 50 pounds, it's not really a laptop, is it?!
50-pound computers are what we here in the industry call "desktops".
- A.P.
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
Pogue's article had some great things to say about the technology of tracking down stolen laptops. It would have been good to make the point that, many times, the information on the laptop is worth far more than the laptop itself.
About 18 months ago Qualcomm's CEO had his laptop swiped during a conference. The laptop was thought to have all kinds of trade secrets. Losing a several-thousand dollar laptop was a trivial loss for the CEO. But shareholders were rightfully worried that Qualcomm's strategies for implementing CDMA rollout were now in the hands of rivals. To my knowledge, they never got the laptop back. And the theft was, I suspect, for the hard drive's trade secrets rather than for the actual laptop.
I'm generally "Interesting," "Insightful," and even "Funny" here. What the hell happens to me at parties?
they could implement something like this into laptop security. I agree it would probably be a bit excessive, but you know as well as I do, that nobody else would ever try to take your notebook once word got around. Check out the video clip of it in action... I'm sure most if you /.er's out there have already seen it in action.
this statistic was startling:
As many as 30 percent of the stolen laptops are gone for good because they are never used to go online after being stolen.
Never mind that If I had a system like that I would just wipe the drive to begin with. Of course, common crooks may not bother.
"It is a greater offense to steal men's labor, than their clothes"
Christ my monitor doesn't weigh 50 pounds. How's the gravity up there at the Geek Compound anyway?
It hurts when I pee.
That has got to be the most easily comprimised password method ever!
you: Tilt left - right - back to arm laptop, and leave...
you : come back and tilt laptop right - back - left
Person outside looking in sees you do this and comes in and takes your laptop, disarming it with your (super secret password tilt combo) while you feel secure cause you spent a hundred dollars on a security device.
what a joke, that method shouldn't even exist, too many stupid users are gonna use it.
) Human Kind Vs Human Creation
) It'd be interesting to see how many humans would survive to serve us.
I have this vision of a stripped laptop on cinderblocks.
Best Slashdot Co
One of the big issues here is the things that are on the hard drive rather than the actual physical laptop.
I remember a few years back when me and a few friends were continuously scared of getting a knock on the door from the authorities, we had ideas to develop a device to entirely wipe the hard drive.
Initially, this consisted of a coil of thick guage copper wire around the HD, which was in turn connected across the mains supply. Guaranteed to fuck over the HD big time.
Problem was, that we never had the guts to put one round our main HD, because we knew that whatever mechanism used, it could get accidently turned on.
We also worried about, if the police did turn up, how would we know whether it was a friendly visit or not, then wipe or HDs for no reason.
All because of the anarchists cookbook and about 10 porn pictures.....
Excellent news ... as we know, audio alarms and tracking bugs have totally eliminated theft in the automobile industry, and I imagine these devices will do the same for laptops.
True story:
I was working in a corner of a cafe late at night when I guy came in, sat beside me, stuck a knife to my side and said "put the laptop in the bag".
My laptop was locked to the table, but I gladly unlocked it in return for my safety.
Anyway, insurance covered the loss.
Also, I had a removable hard drive with all my work on it, and I pleaded with the thief to let me keep it, and he let me!
So ultimately, I ended up with a newer machine, and a spare drive, and the thief ended up with a password protected laptop. Just goes to show, crime doesn't pay.
-... ---
I recently purchased a $2500 laptop (Toshiba 5105-S607) to use between work and home, as well as when I'm away from home. It's pretty powerful, so it also serves as a desktop replacement for my home machine.
I can't understand why people will pay thousands of dollars for a piece of machinery, then carlessly leave it at a table or seat while they go off and do something else. Even if it's company equipment, somebody paid for that laptop. I think these are the same people who leave their car running with the keys in the ignition while they drop off their 3-day-late movie at Blockbuster, or run into store to grab a coke. It never hurts to be overly cautious.
When I'm at work, I lock the laptop down with one of those 4-digit combo locks attached to a metal wire. I know that any person with an interest in my $2500 machine can come along with a pair of wire cutters and hack off the wire. Having the lock on there is to basically keep the honest people honest. When I leave for lunch I take off the combo lock and lock the laptop up in my drawer. When I'm done for the day I pack everything up and take it back home with me.
Noise alarms are just annoying and don't really help, much like car alarms. When's the last time you ran towards an alarm, thinking to help overpower a thief? If anything, like the article says, the thief would just chuck the alarm card, or better yet feign embarassment while pretending it really is his/her laptop.
Simply paying attention to your surroundings and taking that extra step to secure your laptop will often work better than more expensive options, which unfortunately might cause people to let down their guard.
My guess was that either A) he's talking about an *old* laptop, back when memory was still expensive and some models used upgradable, socketed CPUs that were identical to the ones used in desktop systems, or B) someone with an identical model notebook (except a broken one) did a quick switch with his, and he didn't notice the different serial number.
IBM has the right idea. In some (all?) of their laptops, the main board and hard drive have passwords that can't be disabled or bypassed without major surgery. If you forget the password, tough, the subassembly must be replaced. If this was more common, laptops would be less attractive to thieves.
Mea navis aericumbens anguillis abundat
Yep! I didn't own one when they were still being sold new, but I bought a used one (and got a broken, second one thrown in free, to use for spare parts) at a used computer store in town, not *too* long after Osborne went out of business.
What's pretty funny now (but was actually pretty useful at the time!) is the screen magnifier accessory I got with mine. It was a big square magnifying glass on a metal rod that velcro'd to the top of the Osborne, so it sat about 6 inches in front of the tiny monitor display. Presto, more readable screen!
Wow...sounds really hard to get around! Once criminals know how the card works, it'd be quite easy to get around.
"If at first you don't succeed, lower your standards."
Laptops are a lot like bicycles: if you have a 50-pound laptop, it doesn't need a lock.
What the hell are you talking about? If I have a 50 pound bicycle, that's too heavy to ride away?
And 50 pounds of laptop is too heavy to lug away? Maybe 200 pounds, but sheesh I could carry 50 pounds under my arm (I am bigger and stronger than average, though). Not to mention a 50 pound laptop would probably have a handle.
Oh wait, it's michael posting the story. Never mind.
Sometimes it's best to just let stupid people be stupid.
The best laptop-theft-prevention is staying with the computer. That may be where wearable computers have their best value. A computer around your belt with a glasses-style display won't be easily forgotten.
Miko O'Sullivan
I'm not saying that this is necessarily easy to achieve in a way that the average meeting-going PHB finds usable but which his 13yr daughter can't crack in 5 minutes, but reasonable levels of protection are feasible.
Of course, you have to rely on the PHB not writing down pass-phrases and leaving them plainly visible.
It wouldn't be the first time.
Anyways, I'm sure he was most distraught about losing his OutLook contact list. Which, of course, isn't the company standard, but that's what the CEO wanted to use.
"I can't give you a brain, so I'll give you a diploma" - The Great Oz (blatently stolen sig)
Even my Osbourne One only weighs twenty-four pounds.
If you don't want your laptop stolen, don't ever let it get into a situation where it can be stolen, because (people being what they are) it will be. And if you think you absolutely can't live without your laptop, do yourself a favour and evaluate what you actually mean by that. Chances are you'll find it's simply not true.
If you were blocking sigs, you wouldn't have to read this.
I believe the code was actually "Up-Up-Down-Down-Left-Right-Left-Right-B-A-Start" (For unlimited lives in Contra on the original Nintendo.
Reality has a liberal bias
The scenario is this (based on several true stories): Somebody leaves their laptop in a conference room/another's office/their own cube, unlocked. A well-dressed stranger, perhaps present for a "meeting" wanders up, picks up the laptop, and proceeds to simply walk out, looking very proper and professional with the laptop under his arm. Don't forget, this could easily be an employee of the company stealing another employee's machine (which also happens quite a bit).
Caveo technology is great for this scenario. Clearly if the PC is emitting a piercing alarm (I've heard it, and it is truly loud), the fellow would attract attention if he were walking towards the door. Similarly, were he to eject and toss the card, it still screams, leading everyone to do a quick "Where's my laptop" check at a minimum, and alerts the receptionist/folks around the door to take note of who is leaving, etc.
I think this solution fits best into a corporate setting as a deterrent to inside-job theft, rather than a deterrant to somebody reaching into your car and grabbing your notebook (though, you'd have to think that many less savvy crooks would drop a notebook pretty quick if it started to wail and really did turn heads).
Please Rate my comment (and help support Fre
Actually it was up up down down left right left right a b a b start, and it gave 30 lives in Contra, but who's really counting?
You mean, like using the Marquee/Ticker screensaver and having the password scroll by after 15 minutes of inactivity?
GTRacer
- My password is "password"
Defending IP by destroying access to it? That makes sense, RIAA/MPAA. Go to the corner until you can play nice!
PCPhoneHome has a product which claims to email "position data" regularly from your laptop (Any machine running Windows, MacOS, Linux, or PalmOS, they claim).
Ignoring however they manage to provide this GPS in software, and how they manage to send email via a variety of possible transports (without being detectable at the OS level, they claim to run at a much lower level), they have one claim in particular that is mind-boggling:
They have a couple of versions, the freeware version does everything above, and the $30 version claims that it can't be removed from a hard disk with "fdisk, low-level format, or format".
I think they're pushing snake oil. If they actually do everything they claim to do, I'd love to find out how. Does anyone have any experience with them?
When you intend to leave your laptop unattended, if only for a moment, you can "arm" it in any of several ways: by clicking a button, by using a taskbar menu or, if the lid is closed, by tilting it to three particular angles in a specific sequence
Slight problem that makes this useless - you have to remember to arm it, ie. your laptop is switched on, and the battery has not run dry. If you've got to remember to pick it up and hold it upside down you might as well just put it into hibernate mode, it saves power, and let the BIOS password deal with the thief.
The *real* problem is that laptops are stolen when you turn your back for a second because you're thinking of something else (without thinking "I should engage the security device by going dancing with my laptop"). If you are going to walk away from the laptop then *take it with you* or use BIOS-protected APM.
Even if it does work, the thief will know the alarm is activated so he'll pull out his gun and shoot you while he runs away. Or he might shoot you *before* he takes the laptop. I think I'll take the insurance payout instead ;-)
A caveman dreams of being us, the incalculable power and riches. We dream of being Q, then what?
This gave me an idea for protecting my wife's laptop.
I edited the ifup script to e-mail the IP address to me. I want the thief to use the computer for a long period of time, and use it repeatedly, so I can track them. There is an autologin feature available for gdm and kdm, so I enabled it (I didn't know it could be used as a security feature). I also put some familiar looking icons on the desktop so the thief will feel at home and use the machine frequently, and hopefully they will click the big "connect to internet" icon.
Of course, I usually just use this to eject the CD-ROM when my wife is using the computer. I think it's funny, but I think she rolls her eyes. I can't be sure. Maybe a webcam...
My wife has a Pismo G3 from her employer, whose IT department bought her a Targus laptop bag with the order because "We do it for all Laptop orders". Never mind the fact that the bag was obviously made to fit a boxy PC laptop, not the curvy Pismo. Ultimately, she found a backpack with a laptop compartment built in, and bought it herself. She's willing to trade the fact that her laptop bag doesn't look "Professional" (read: pretentious) for the fact that nobody knows its a laptop bag. Nobody's stolen it yet....
And the Targus laptop bag is sitting somewhere on a spare desk in her department. Nobody else wants to use it, either.
I'd imagine that all of the school systems that are handing out laptops to their students could benefit from this if the price was right, although I'm still of the opinion that accidental physical damage is a greater threat to laptops (in any deployment locale) than theft. And more often than not the real value is in the data and program code, not the machinery itself.
And my employer has ceased to deploy physical security measures, figuring that insurance will replace anything, and usually with more up to date equipment.
Now whether or not this is cost effective is another issue.
I'm very very happy with Targus -- not just the quality, but also the support (broke the strap two years after getting the bag, they sent a new, improved strap, for free).
The big drawback to Targus bags is that they are heavy. That is also their strength, as the bag takes a lot of abuse, saving the laptop inside from harm.
Speaking of a good way to keep a laptop from being stolen is to not put it in a bag that screams, "There's a laptop in this bag!" , I have a pile of clean old Compaq laptop bags without the laptops...
These bags scream "There is a Compaq Laptop in this bag!", though there isn't -- I give them to family members to use as briefcases, lunch bags, and even keep one in the back of my truck to hold my jumper cables.
Nobody has stolen my jumper cables or my nieces schoolbooks... yet.
I do not deploy Linux. Ever.
I find the bolded part above a bit distressing. When I started readinga bout the Caveo card I assumed that the card becomes physically secured to the machine by some means or another. I imagined that there would perhaps be a short cable to the anti-theft jack that seem to exist on all new machines.
Imagine a car alarm on the exterior of a car, where a thief could just rip the blaring siren off and ditch it while driving away. Not that car alarms are 100% effective, but at least it's a somewhat pain in the ass to disable by comparison.
This also brings up another problem with laptops. PCMCIA cards in general are quite easy to remove, especially those wireless cards which protrude a good half-inch or more out of the PCMCIA slot. Ethernet and modem cards are relatively cheap these days, but wireless cards, hard drives, video input devices, and other toys are not. Even batteries and internal hard-drives are easy to grab, and they can bring in some good cash. A good crook could clear out a few thousand dollars worth of hardware in about 10 minutes, all inconspicuously since these things are quite pocketable.
Anyway, after using a notebook for quite some time and having one stolen at the office while I took a nap (all nighters suck) I would say the most cost effective theft-detterrant for the machine is the combo-lock/key notebook cable. They're a lot cheaper, more reliable to arm, and look more secure than the $100+ fancy alternatives proposed in the article above. I would argue that a cable-locked notebook looks like a serious pain in the ass to mess with, since it entails snippers and the like. I think the products mentioned in the NYtimes article might be good only when combined with a cable lock, but definitely not alone.
So does anyone know of ways to physically secure PCMCIA devices?
My home was recently burgerarized and to my surprise they left two good laptops, i feel that the risk of the next owner (pawn shop) discovering the previous owner (me), via software registration/registry entries, scared 'em off. Of course the thiefs would not be familiar with high end concealment tools such as fdisk and format.
they did steal my laptop case to carry off the contents of my change jar, damn crackheads.
Similarly, were he to eject and toss the card, it still screams, leading everyone to do a quick "Where's my laptop" check at a minimum, and alerts the receptionist/folks around the door to take note of who is leaving, etc.
Eject card, slide under nearest locked door. Or simply, eject card apply hammer. This thing is just a pcmcia card, how long will it chirp after I've broken it in two? If I'm an employee, I already know all the laptops have these cards so I might be able to eject/smash the card before it goes off.
For this to be at all effective it would need to be built into the laptop and not easily removeable. Of all of the laptop anti-theft devices I think this is the most useless.
Si vis pacem, para bellum
The only thing more annoying than a Libertarian is an (un|mis)informed Libertarian
I have both OSes password protected. The only method for the crooks to be able to use my machine would be to either replace the hard drive, fdisk the drives and reinstall an operating system.
Unfortunately not. Unless you have encrypted harddisk partitions (which is _not_ a password protection, but orders of magnitude more secure), a new linux root password can be set with a bootdisk, if neccessary after transplanding the harddisk to another computer.
As a second step, there is a fine utility to reset a w2k admin password from Linux. I recently forgot my admin passwod for w2k on my Vaio, because I usually use Linux, and was able to set a new password with this utility.
On the other hand if you actually mean encrypted partitions by "password protection", that is a very good means to protect your data from equipment theft.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted and ignored otherwise.
You're telling me this would be surreptitious way to sneak out with the laptop? That this would not attract undue attention?
Frankly, I'm pretty sure that simply letting the alarm go off (in an office that might have a couple of false alarms every few months) would be less noticable than somebody actually beginning to smash the card right in the middle of the conference room/cubicle land space. Consider also that for an office used to the sound of the alarm and it's de-activation (again, from testing and sporadic false alarms), a very abrubt, unnatural end to the alarm would raise some eyebrows.
Any of the options you talk about would attract a great deal of attention in any office building I've ever worked in (including somebody walking around with a blaring PCMCIA card looking for a locked door to stick it under). The way employees and well-dressed strangers wander off with others' laptops is by looking completely normal - totally blending in and thus remaining invisible. Any of the approaches you talk about above immediately point out the perpetrator as not following normal behavior patterns.
Please Rate my comment (and help support Fre
Or simply, eject card apply hammer.
Yeah, right. Like that won't attract the attention of the geek in the next cube:
(shuffle shuffle) BEEPBEEPBEEPBEEPBEEP BANG! BEEPBEEPFUCKBEEPBANG! BEEPBEEPBEEPBEEPBANGBANGBANG! (silence)
-Ryan, with the unoriginal sig
In the article, it mentions that those systems will need to be brought up and conected to the internet. Based upon the intelligence of most criminals, do you think they will know how to alter a Linux password?
Again, do you think that they will know that there is a Linux partition if that is only accesible with a boot disk?
One last thing. If a thief of my laptop actually knew how to overcome what you have described. Why the hell would he/she hook the system up to the internet? They would peruse my hard drive for files they might like, then wipe the drives clean and put what they want on the machine. Then and only then would they hit the internet with the laptop.
Does that make it clearer as to why that software is useless to me?
--
.sig seperator
--
The problem that I am referring to is how useless that software would be for me, since the thief would be unable to access my system, let alone get it on the internet without wiping the hard drive.
If you ignore the other uses of a tool, does that make the tool less useful, or you less useful?
Put an old-style "intel inside" sticker on it.
Make sure that any model numbers on it somehow suggest that it is a 386, and that its screen is either black and white, or passive-matrix.
Cover all non-legacy ports with a plate having dummy serial ports or somesuch.
The CDROM drive should be made to look like a 5.25 inch floppy drive. (I don't know if notebooks ever had those, but hey, nothing wrong with overkill)
Is anyone gonna steal this thing?
Computer stores learned this the hard way. Used to be, when you went to the CDW showroom half the floor model laptops (locked down with a cable lock) would have been stripped of every removeable part, from hard drives to taking a screwdriver to the bottom access panel and stripping out the RAM.
Lately CDW locks the laptops up with this wire bondage cage that makes component removal more difficult, but you still see the occasional machine where a small hand has managed to wiggle out the 2.5 hard drive, etc.
My oldest laptop is designed so when the cable lock is in the 'security slot', you cannot remove the hard drive.
Some Toshiba models have two points to attach a cable lock, the second being below the (plastic) door that covers the PCMCIA slots. Attach a physically large security lock, and you block access to the eject button and/or the cards.I do not deploy Linux. Ever.
Agreed.
An interesting statistic -- generally an attacker with a knife is much more likely to cut a victim to 'show he means business' than an attacker with a gun. Generally, people attacked by a gun-wielding assaliant are less likely to be injured.
I do not deploy Linux. Ever.
If there's any inference to be made here, I don't think it's that gun muggers have more self-discipline than knife muggers. It seems obvious to me that anybody who uses intentional injury as a form of communication would prefer a knife to a gun. Despite all the "just wing him" scenes in the movies, a shooter can't really control whether a gunshot is fatal. I don't know much about the professional standards in the your-money-or-your-life business, but unnecessary homicides would seem to be counterproductive. On the other hand, empathy is obviously not a professional qualificantion....
For some real enlightenment, check out the statistics on the percentage of murder victims with cocaine in their bloodstream.
The unpopular inference is that firearms restrictions may actually increase the number of victims injured in these crimes. According to the cops, such crimes are acts of desparation by addicts in withdrawal, so they are not entirely rational... but they also want an easy quiet crime that won't make the newspapers.Laptops are a popular target because they are easy to turn into cash, and often left unattended. This makes them more attractive than say, a purse, which may or may not contain items of value.
I do not deploy Linux. Ever.
If I'm in public somewhere, I'm not leaving my laptop unattended.
actually what I do whenever I get a new laptop (this is my third, none stolen, just upgrades) is to remove the hard drive retaining screw; the drive is usually in some kind of carrier that is connected to the rest of the laptop by a single screw. Whenever I go somewhere and I don't want to lug the laptop with me, I pop out the drive. Laptops are easily replaced and are insurable. Backups I have but it's still a pain in the ass and if I'm out for a few days the work isn't backed up. The data loss is far worse than the actual theft.
Still, we weren't talking about street zombies with a declining brain cell count. We were talking about professional thieves carrying out carefully planned robberies.