Mac Theft Recovery Software Tracks Thieves

Dubpal writes "Apple Macintosh users can now fit their machines with theft protection software that reports back on what a thief is doing with their computer, should it ever be stolen. The software, named "Undercover" allows users to report their Macs as stolen, causing the software to report back with IPs, screenshots and even a picture of the thief and his surroundings. In addition to this, Undercover begins faking hardware faults, displaying messages and even reading them aloud, alerting anyone around that the Mac's been stolen."

Utter Bullshit.

[Whiney+Mac+Fanboy]

From the Undercover FAQ:

Can I uninstall Undercover?

Yes, you can. If you haven't registered Undercover yet, you can uninstall Undercover by clicking the Uninstall button in the setup assistant that's part of the installation process. If you are a registered Undercover user, please contact us and we will send you uninstall instructions. During uninstall you will need the Administrator password, to prevent thieves from uninstalling Undercover.

Can Undercover be uninstalled by a thief?

For a thief, uninstalling Undercover is impossible. You can only uninstall Undercover if you know the Administrator password for the given mac.

Errrrr, impossible? What a stupid thing to say. Admin password recovery is trivial under os x. And a serious thief would reinstall os x before reselling.

In other words, this piece of software is useful only to:

1) Stupid people (who are reassured by a false sense of security)

2) People who want to spy on someone.

Oh, and anyone tempted to quote the following from the faq at me:

What if someone does a clean install of OS X on my machine?

You can prevent this by installing a firmware password. You can find the firmware password utility on your Mac OS X Tiger DVD (in /Applications/Utilities/ on the disc).

1) Bypassing the firmware is also trivial on Apple machines - all you have to do is add some Ram, and boot :-/

2) Noone has a firmware bios password.

Oh, and last thing - again from the FAQ

Is it possible for Undercover to work behind a firewall?

Yes, Undercover has the ability to autodetect any proxy or firewall settings used to connect to the Internet. Undercover collects and autodetects the necessary settings to access the Internet even if your firewall requires a password.[emph mine]

Bullshit. If they could do that, they would be selling that, not their little toy spyware app.

Re:Utter Bullshit.

[Detritus]

Thieves are not known for their intelligence, contrary to what Hollywood would have you believe.

Re:Utter Bullshit.

[Shisha]

I would expand on this. Theives who steal laptops are not known for their intelligence. Usually they're rather sorry sods who need some cash to get the next hit. Hence they take the laptop to a random pawn shop and get very little money (but enough to get their drugs) for it. It then gets re-sold to some middleman who reinstalls it (how else would you explain to the potential buyer that you don't know the password?) and sold on ebay. None of the people involved are particularly intelligent. But the whole process _still_ makes the afromentioned software pretty much useless.

Re:Utter Bullshit.

[countach]

Follow the advice of the manufacturer and install a firmware password. Then it WON'T be useless.

Re:Utter Bullshit.

[Mini-Geek]

1) Stupid people (who are reassured by a false sense of security)

What if I like my false sense of security?

Re:Utter Bullshit.

[Whiney+Mac+Fanboy]

Follow the advice of the manufacturer and install a firmware password. Then it WON'T be useless.

Horsecrap. The firmware password is trivial to get around - you can just add Ram & remove it. Bam. Done.

Re:Utter Bullshit.

[Bastian]

Good loord, youre one heck of a pessimist.

It's a $30 program that provides a far sight more chance of recovering a stolen laptop than nothing does. I, for one, think it's worth it, even if it would only have a chance of working work 1/10 of the time.

Which I would be willing to wager is a pretty low guess, given the tech-savviness of your average opportunist thief - someone who knows enough about computers to know how to reset the firmware password on a Mac is more than likely going to be tech-savvy enough to be able to get a better job than stealing computers off of tables at coffee shops.

A picture of the theif?

[Lave]

I assume this is with the macbook's built in webcam?

I have issues with this, in that if the webcam is hardwired to the machine, and can be accessed remotely without the users knowledge - what stops a hacker spying on you for less legitimate reasons?

Like the schokwave debacle? I would have preferred Apple to have included a physical shutter to close the webcam when not in use rather than chance the unsightly aspects of my private life being shown to the masses. It's a little too orwellian for me.

Re:A picture of the theif?

[nuggetman]

and can be accessed remotely without the users knowledge - what stops a hacker spying on you for less legitimate reasons?

Don't let any shady characters in trenchcoats install apps on your Mac?

The camera does have an indicator light for when it's on..

Audio Message

"This computer has been stolen...and is looking at horse porn..."

-tgpo
http://www.tgpo.info/

Not foolproof!

[melonqueen]

If te thief decides to not use the net with the laptop, youre chances of getting it back are zero. So there goes the money you spent on both the laptop and the software. I wonder if the money back guarantee takes that into account?

Re:Car alarm syndrome?

[famebait]

It is quite common to post ones little thoughts around a subject without reading TFA, and that is, if not OK then at least human. But when your ambition is to reveal supposedly fatal flaws with a product, you really should check your facts about what it claims to do, or at the very least re-read the abstact to make sure you at least understood that correctly.

Hint: it doesn't discover it is stolen, you (the owner) report it as such to the company.

Put your tinfoil hats

[suv4x4]

What happens if a would-be thief reports your PC as stolen so he can find out when to steal your car :)?

Terrible idea..

[ivan256]

reading them aloud, alerting anyone around that the Mac's been stolen

Sounds like a guaranteed way to get your stolen mac smashed into unuseable pieces.

How to steal a laptop

Thanks to reading slashdot and digg regularly, I now know how to steal a laptop and get away with it.
1. Remove Kensington Laptop Lock.

2. Add / Remove Ram if firmware pw is set.

3. Boot from removable install media.

4. Format Hard Drive (after you go through it and keep the good bits, music pron etc)

5. Reinstall OS

I've dealt with several stolen laptops.

[TwitchCHNO]

Sending you screenshots of the laptop being used is very useful, most security software "phones home" but only gives limited information, like the IP address of the machine (public IP if it is NATed).

The stolen laptops that law enforcement have contacted me about, have been largely pointless (as I work for an ISP and have access to the customer records). The perpetraitor or possesor of stolen goods is almost always at a hotel (wifi hotspot - what have you). Under US law - John Doe search warrant of a hotel isn't good enough.

You can't wake everyone in a hotel up and search thier rooms, the police need a specific name and room number, they can only search one room.

So thus screen shots, and knowing the identity of the person who's using their stolen laptop, improves your chances of recovery immensely.

All the people grousing about how useless this is

[AEther141]

have obviously never met the kind of person who steals laptops. Almost without exception they are heroin or crack addicts stealing for drugs. They will get perhaps fifty dollars from the pawnshop owner or dodgy friend and be very happy with it. For very obvious reasons the laptop will be sold on as quickly as possible, usually at far below market value. Given that 95%+ of laptops are unprotected, anything that doesn't boot straight into an OS will be refused by the middleman - for the same reason that there are very few mac and linux viruses, these guys never bother to learn much more than how to reinstall windows. The level of skill people are talking about when they say "the mac firmware password is easy to bypass" is more than enough skill to get a higher paying, lower risk job in IT rather than spending your day looking over your shoulder and dealing with jumped-up crackheads.

This is really a bit convoluted as an anti-theft measure, although it does look interesting. By far the best way to avoid having your laptop stolen is not to leave it unattended, not to use it anywhere you wouldn't wave $1000 in cash above your head and not to keep it in anything that resembles a laptop bag - use a ratty old satchel or a diaper bag. Muggers are just about the bottom of the criminal food chain, it doesn't take a lot to outsmart them. Just like net security, you just need to be a slightly more difficult target than the next guy and that next guy is talking on his cellphone while walking through a car park at 11pm with a swanky leather 'dell' bag on his shoulder.

Another Option

[Wolfout]

I administer a network of over 8000 computers, half of which are Apple computers. We use a program from http://www.absolute.com/ called Computrace (Win/Mac) and it writes a piece to the BIOS that calls home REGARDLESS of OS reinstall. If removed, it will reinstall the software to call back home. Can it be stopped? Yes, but only with packet captures and other assorted goodies. Works really slick and it has been tested.

Re:So how silly are theifs?

[Zhe+Mappel]

12. ???
13. Profit!!!