Free Software Tracking a Stolen Computer?

JeffTL asks: "By necessity, I carry around an Apple iBook running OS X Panther. In the event of its theft, I would like to have the thing send me its IP address, not only for the benefit of law enforcement but also so I could SSH in and trash my personal data with srm, while doing an SFTP backup of anything I forgot to back up. I am not really wanting a subscription, so I am looking for a free-as-in-beer (and if anything beyond a shell script is involved, free-as-in-speech would be much preferred to make sure that no one else is getting anything). Currently, I have a bash script that can create a report, and I am thinking about sending it using either e-mail or FTP. I am considering setting it up to where it only starts barraging me if a specific code is posted to an HTML document of my choice. Is there already something like this in existence somewhere for free? If not, does anyone have any pointers on how this can be done?"

A few suggestions...

[eyeball]

If you are going to roll your own, I would suggest setting up a script on the laptop so that if it detects it has been stolen (i.e.: by checking if a website has a special message from you), and if so, connect to a secure ssh server as a client (using public key authentication so it can connect without a password), making sure you use the options to set a TCP tunnel going back to your laptop (to port 22, or perhaps VNC port, or multiple ones). In other words, have the laptop automatically ssh to a stationary server, and establish a tunnel back the other way that you can then use to get in. This way if someone runs it behind a nat device, or even installs a firewall, you can still get in.

Another thing you might want to look at is using an IM protocol with the language of your choice, and allowing remote command execution (with certain precautions such as command signing with a private key). For example, grab the Perl AIM module, create a server, add some way to sign commands (i.e.: if ( md5($msg . 'someprivate') eq $msg_key ) { shell($msg); } or something like that -- that's just off the top of my head so it may not be perfect).

Just wait for Apple DirectProtect

It will cost $199, but will have very cool design and play beautiful music on your cell phone when the laptop gets stolen.

Very simple possibility

[cybermace5]

The odds are maybe 50/50 that a person stealing your laptop would have a clue to avoid something like this. If they do consider this, they'll wipe your disk clean at the earliest possibility, in the absence of a network connection. Get rid of the evidence.

If this is a kid who plans to pawn it or sell it on eBay, or possibly just use it, they might plug it in to make sure the Internet works. What's the first thing they'll run? The web browser. It's just a web browser, that couldn't hurt right?

All you have to do is set the browser's home page to a page on your own site, not linked from anywhere else. If your laptop gets stolen, you could activate some PHP in that page to send you an email or SMS. The IP address will be logged, so you can (maybe) SSH in and do your dirty work. If the user has a firewall, that would be a problem.

But anyway, this is a pretty easy way to do it. You could even just start up the web browser on boot, and if they are on the Internet, they're nailed.

Re:Easy way out

[Sancho]

Good idea!
ifconfig | mail -s YOUR LAPTOP WAS STOLEN email@isp.com

mutt
eth0 Link encap:Ethernet HWaddr DE:AD:BE:AF:00:00
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14883222 errors:0 dropped:0 overruns:0 frame:0
TX packets:6501247 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3309542786 (3.0 GiB) TX bytes:385138942 (367.2 MiB)
Base address:0xbc00 Memory:fc9e0000-fca00000

Whoo, now I can get my laptop back!

(of course, you could trace the email, but that's too easy :P)

Pack it with thermite!

[zcat_NZ]

If you really want to be secure pack the free space in your laptop with sealed plastic bags of thermite. Wire a detonation circuit to recognise a special code from spare pins on the inside of the parallel port (basically, an electronic hardware interlock so it can't possibly go off accidentally) and have it read from a special URL every time the network comes up. If the correct code is present your laptop becomes worthless to the thief in very short order. With a bit of luck, he's got it on his lap at the time and won't be stealing any more laptops for a while.

Or you could just use a crypto filesystem to protect your data, and claim the stolen laptop on your household insurance..

Give me a break

[dedazo]

Use a physical lock. Take care of your laptop (what, are you assuming that it will be stolen?). Use an encrypted filesystem. Do some sort of dead man's switch where the wrong logon will wipe your data.

Expecting that whomever steals it will merrily go home and plug it into an ethernet jack is a bit too much, I think.

Good ideas above, but review...

[rusty0101]

System: Apple iBook running OS X Panther.

Start by checking the apple.com website and see what options you should begin with. One observation above is to use File Vault to secure your personal data. This is all well and good, but it makes it tough to take one of the later steps.

In the event of its theft, I would like to have the thing send me its IP address

As has been noted this is not difficult. Set up a cron job, or even a boot job to find out the laptop's IP address (ifconfig |grep inet |mail me@myisp.com -s 'iBook's IP") and you get the ip on the lan in the body of the e-mail, and the external IP in the headers. Presuming smtp is not blocked. If you install the perl libraries for Jabber, you could even send a jabber message via a similar process.

... also so I could SSH in and trash my personal data with srm, while doing an SFTP backup of anything I forgot to back up.

Note that if you have been rsync on a regular basis to backup your personal data, which can be done across an ssh session, you may not need to do any sftp backups, and you could have a cron job take care of this so you are covered.

Several of the posters above have noted that you could use wget to pull down a "hidden" page on your personal web server with instructions. For that matter you could build a script that would be posted to that page, perhaps with a marker character before each line, (such ah $) that you grep out of the downloaded page, cut the first character out of the line, then save it with a random name, chmod the file to executable, then execute it. At that point the script could be doing anything you ask of such a script. Including downloading executables, and even running 'dd -if=/dev/null -of=/dev/disk0' to wipe the hd yourself.

Elsewhere others have noted that if the thief wipes your hard drive before they re-boot it, none of this works. That's as good of a reason as any to schedule backups of your personal data. It won't help you recover the laptop, or tell the police where the laptop is, but at least you have your personal data.

This also won't help if your laptop is not connected to a network of some sort. If they pull your HD and toss it into a second computer as a secondary drive, then you will want to have all of your data in a 'file vault' to restrict access. Sure with enough time they can break the encryption, and ultimately start performing identity theft on you, but the time involved is unlikely to be worth it to such a person. It's far more likely that they will wipe the drive, pawn the laptop, and hunt for another laptop that is not going to take so much effort to access the user information on.

Then again, these are just my opinions. I have been known to be wrong, so I do wish you good luck.

-Rusty