Slashdot Mirror

← Back to Stories (view on slashdot.org)

What Is the Best Way To Track Stolen Gadgets?

Posted by timothy on from the glue-to-foot dept.

An anonymous reader writes "Now that gadgets can determine their location and phone home, many companies are creating tools for finding lost and stolen gadgets. It sounds like a simple process, but this NY Times article describes a number of wildly different approaches. Some report all of the information back to the owner while others deliberately keep the owner in the dark to avoid dangerous confrontations. Some start grabbing pictures from the web cameras and logging keystrokes. Others just record IP addresses. Some don't do anything but record serial numbers to make it easier for the police to do their job. Are sophisticated systems dangerous because the tracking mechanisms could be misused to violate the privacy of the owner? Are the stakes different when a company purchases the software and gives the IT manager the ability to track everyone in the company? What are the best practices that are emerging? What should I recommend if my boss reads this article and wants to track our laptops and Blackberries?"

11 of 101 comments (clear)

  1. Don't by Anonymous Coward · · Score: 3, Funny

    If you love something, let it go.

    If it doesn't come back, it never was yours.

    1. Re:Don't by Sockatume · · Score: 5, Funny

      If it does come back, check for signs of demonic possession, including but not limited to:

      * Bloodthirst
      * Creeping veins of ichor
      * Word-like sounds, as though chattered in a dead tongue older than space and time
      * Moving under its own bloody power

      --
      No kidding!!! What do you say at this point?
  2. Re:The termitethingie by Krneki · · Score: 3, Interesting

    Build it in... When for x time no 'special' password is given the termite gets an ignitionsource. It should be quite easy after that to spot the thief. Whoever smells like bacon most is the one you're after :)

    In Italy a person got his car stereo stolen twice in 1 week, the 3rd time he mounted some sharp knifes as a defensive mechanism. Two days later he found 4 fingers in his car. The police was not happy. I'm not sure how the story ended in a court.

    --
    Love many, trust a few, do harm to none.
  3. making thievery more risky - good! by v1 · · Score: 4, Insightful

    No matter what you as an individual do, it's nice knowing that as a whole, it's becoming a lot more dangerous to steal expensive toys, it's providing a deterrent for everyone. Built-in cameras and GPS, internet connected, really, you'd have to be quite a gambler nowadays to steal things with these features. We keep reading articles about thieves getting their pictures emailed to the owners, gadgets can brick themselves with a remote command, as well as the clandestine remote back into the owner's server with their current IP etc. I'm all for it.

    My laptop's practically got a mind of its own if it takes a walk. Doesn't make me feel like I can be any less cautious with it, but sure makes me a little more at peace when I hear someone else lost their gear and there's nothing they can do about it short of file an insurance claim.

    --
    I work for the Department of Redundancy Department.
    1. Re:making thievery more risky - good! by 0100010001010011 · · Score: 5, Informative

      In addition to Undercover on my Mac, I've made some home rolled solutions.
      1) Installed AutoSSH and set it up ssh back to a Virtual Machine (sandboxed) on my home server. Also helps if I leave my machine on somewhere safe but forget (or aren't able) to forward ports. It has a reverse port forward to the ssh server on my Mac. Meaning anytime I can get to my home server and so can my Mac, I can get to my Mac.
      autossh -M 9005 -D 1080 -R 2222:127.0.0.1:22 www.example.org
      2) Another LaunchD (cron) process that curls a simple URL through the ssh socks proxy (ssh -D) that is a simple 1 or 0. (1 Stolen, 0 Not-Stolen). If it sees that it is stolen it'll just start taking pictures with the iSight (iSightCapture) and the desktop (screencapture) and uploading them to my host through scp. Literally in a while loop so as soon as it gets one photo, it gets another, and another, and another, etc...
      3) I have logKext, a password keylogger, installed. Every hour (keyLog-00h.log) and then once per day (keyLog-20090824.log) it uploads a copy of the encrypted log to my host. If anyone steals my laptop and uses it to type anything personal (e-mail, passwords, phone numbers) I'll immediately get

      Most thieves aren't what you see in Oceans 11 after all your money, they're low income thieves. When someone broke into my car and stole my wallet, both credit cards were immediately used at 2 Walmarts 10 minutes in either direction for $300-$500 repeatedly until I called to cancel. They're not going to wipe the drive, do an EFI wipe to ensure there are no 'bios' keyloggers.

      I wouldn't be surprised if the first thing a thief around here did was check his or her facebook and myspace page and then send an e-mail to his or her friends using a hotmail account.

  4. Re:Some gadget by FlyByPC · · Score: 3, Funny

    They track your phone
    Throughout the day?
    Put it in a
    Faraday cage!
    Burma Shave

    --
    Paleotechnologist and connoisseur of pretty shiny things.
  5. Lucky "CSI: Italy" . . . by PolygamousRanchKid+ · · Score: 3, Funny

    . . . they got more than just the suspect's fingerprints . . they got the whole fingers!

    (Scene: A guy with a bandaged hand sitting in the police interrogation room. A detective walks in and tosses a package on the table.)

    "Hey, Luigi, are these your fingers?"

    "Never seen them before in my life, pal!"

    --
    Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
  6. pushing theft into organized crime by pikine · · Score: 3, Insightful

    If you use a software tracking approach, thieves will learn to put tape over the webcam, and not use it until they ask someone in the black market to reinstall the operating system for a fee, or learn to reinstall operating system by themselves. This is just like how thieves learned to use the credit card immediately after they steal it before you have a chance to cancel the card.

    Other approaches taken will lead to workarounds too. If you have a database of serial numbers and require legit second hand market to verify the serial number before going on sale, the thief will just keep the gadget for themselves, for their friends, or sell it in the black market. If you're able to remotely brick the device, the thief will still be able to use it for a while, and then just steal another one. I'm sure thieves don't mind using new gadgets all the times.

    --
    I once had a signature.
  7. Re:Don't bother by TheRaven64 · · Score: 4, Funny

    My laptop has a Sony battery. It will catch fire shortly after being stolen. Or before. Whatever.

    --
    I am TheRaven on Soylent News
  8. Re:The termitethingie by Mister+Whirly · · Score: 3, Interesting

    Not made up. My friend did almost the same thing with double edged razors on the back of his stereo. He had 3 stereos stolen from his car over the course of 2 years and was determined to not let it happen again. He went out one morning to find his car door open wide, and a gratuitous amount of blood all over the interior of his car. His stereo was still there - the thief had started to steal it, then reached around back to pull it out and cut himself badly. The unfortunate thing was that it cost quite a bit to get all the blood cleaned out from his car.

    --
    "But this one goes to 11!"
  9. GadgetTrak - Privacy Safe Tracking by kenwestin · · Score: 3, Informative

    Hello,

    My name is Ken Westin, I am the founder of GadgetTrak ( www.gadgettrak.com ) one of the companies mentioned in the article and we provide tracking software for a range of devices including Mac, Windows, Blackberry, Windows Mobile and others. The privacy component was a critical factor in our design, looking at other solutions we saw that a lot of data including location, photos etc were being sent to the companies server, some even provide a monitoring center with a backdoor into the system. When we designed our software we did so in a way that would respect user privacy.

    For example with our laptop software MacTrak and PC-Trak the only data we have is if the device tracking is active or not, the location and photos captured goes to the device owner's email address as well as Flickr account, so it goes to accounts that the owner controls and never to us. When a device is stolen we ask the customer to friend us on Flickr and share the photo and data, or they can just forward it to us. There is no reason to have this type of data come to our servers if we can avoid it. In the future we may have an option for the user to CHOOSE to upload this data to a server, but we will always provide the device owner with the control of how this data is managed.

    You can read more about our philosophy here:
    http://www.gadgettrak.com/products/mac/privacy/

    Our mobile phone software also has the capability to remotely wipe data from the device as well as track it. The mobile phone software is triggered by SMS messages. The software has a password with it as well, so if the device is stolen the user sends and SMS message with a command and the software password to activate various functions including tracking, data wipe, trigger an alarm, lock device and others. Again this data does not go through a server, it is done between the device owner and the device itself.

    We also pioneered the USB software for iPods, flash drives and other devices that was mentioned in the store and have a patent for it, all data is encrypted and transmitted securely.

    We come from a security background and are extremely paranoid about privacy ourselves, this is why we made sure that no photo or location data ever touches our servers. The best way to ensure privacy of this type of information is to build the software so there is no way it can transmit it to you, remove the man in the middle altogether. We also believe that this data should be provided to you, after all it is your device you should be given the data and be able to decide what to do with it. We assist in the recovery process and work with law enforcement, however the data goes to you first. It is very much backwards from the traditional approach where the data is sent to a monitoring center where they have a back door into your system and they only share that data with law enforcement, some will refuse to provide you with this data even though it is your device.

    Let me know if you have any questions, or suggestions.

    Thank you

    Ken Westin
    GadgetTrak Founder