Slashdot Mirror


Free Software Tracking a Stolen Computer?

JeffTL asks: "By necessity, I carry around an Apple iBook running OS X Panther. In the event of its theft, I would like to have the thing send me its IP address, not only for the benefit of law enforcement but also so I could SSH in and trash my personal data with srm, while doing an SFTP backup of anything I forgot to back up. I am not really wanting a subscription, so I am looking for a free-as-in-beer (and if anything beyond a shell script is involved, free-as-in-speech would be much preferred to make sure that no one else is getting anything). Currently, I have a bash script that can create a report, and I am thinking about sending it using either e-mail or FTP. I am considering setting it up to where it only starts barraging me if a specific code is posted to an HTML document of my choice. Is there already something like this in existence somewhere for free? If not, does anyone have any pointers on how this can be done?"

3 of 137 comments (clear)

  1. A few suggestions... by eyeball · · Score: 5, Insightful

    If you are going to roll your own, I would suggest setting up a script on the laptop so that if it detects it has been stolen (i.e.: by checking if a website has a special message from you), and if so, connect to a secure ssh server as a client (using public key authentication so it can connect without a password), making sure you use the options to set a TCP tunnel going back to your laptop (to port 22, or perhaps VNC port, or multiple ones). In other words, have the laptop automatically ssh to a stationary server, and establish a tunnel back the other way that you can then use to get in. This way if someone runs it behind a nat device, or even installs a firewall, you can still get in.

    Another thing you might want to look at is using an IM protocol with the language of your choice, and allowing remote command execution (with certain precautions such as command signing with a private key). For example, grab the Perl AIM module, create a server, add some way to sign commands (i.e.: if ( md5($msg . 'someprivate') eq $msg_key ) { shell($msg); } or something like that -- that's just off the top of my head so it may not be perfect).

    --

    _______
    2B1ASK1
  2. Very simple possibility by cybermace5 · · Score: 5, Insightful

    The odds are maybe 50/50 that a person stealing your laptop would have a clue to avoid something like this. If they do consider this, they'll wipe your disk clean at the earliest possibility, in the absence of a network connection. Get rid of the evidence.

    If this is a kid who plans to pawn it or sell it on eBay, or possibly just use it, they might plug it in to make sure the Internet works. What's the first thing they'll run? The web browser. It's just a web browser, that couldn't hurt right?

    All you have to do is set the browser's home page to a page on your own site, not linked from anywhere else. If your laptop gets stolen, you could activate some PHP in that page to send you an email or SMS. The IP address will be logged, so you can (maybe) SSH in and do your dirty work. If the user has a firewall, that would be a problem.

    But anyway, this is a pretty easy way to do it. You could even just start up the web browser on boot, and if they are on the Internet, they're nailed.

    --
    ...
  3. Give me a break by dedazo · · Score: 5, Insightful
    Use a physical lock. Take care of your laptop (what, are you assuming that it will be stolen?). Use an encrypted filesystem. Do some sort of dead man's switch where the wrong logon will wipe your data.

    Expecting that whomever steals it will merrily go home and plug it into an ethernet jack is a bit too much, I think.

    --
    Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo