Slashdot Mirror

← Back to Stories (view on slashdot.org)

What Is the Best Way To Track Stolen Gadgets?

Posted by timothy on from the glue-to-foot dept.

An anonymous reader writes "Now that gadgets can determine their location and phone home, many companies are creating tools for finding lost and stolen gadgets. It sounds like a simple process, but this NY Times article describes a number of wildly different approaches. Some report all of the information back to the owner while others deliberately keep the owner in the dark to avoid dangerous confrontations. Some start grabbing pictures from the web cameras and logging keystrokes. Others just record IP addresses. Some don't do anything but record serial numbers to make it easier for the police to do their job. Are sophisticated systems dangerous because the tracking mechanisms could be misused to violate the privacy of the owner? Are the stakes different when a company purchases the software and gives the IT manager the ability to track everyone in the company? What are the best practices that are emerging? What should I recommend if my boss reads this article and wants to track our laptops and Blackberries?"

2 of 101 comments (clear)

  1. Re:Don't by Sockatume · · Score: 5, Funny

    If it does come back, check for signs of demonic possession, including but not limited to:

    * Bloodthirst
    * Creeping veins of ichor
    * Word-like sounds, as though chattered in a dead tongue older than space and time
    * Moving under its own bloody power

    --
    No kidding!!! What do you say at this point?
  2. Re:making thievery more risky - good! by 0100010001010011 · · Score: 5, Informative

    In addition to Undercover on my Mac, I've made some home rolled solutions.
    1) Installed AutoSSH and set it up ssh back to a Virtual Machine (sandboxed) on my home server. Also helps if I leave my machine on somewhere safe but forget (or aren't able) to forward ports. It has a reverse port forward to the ssh server on my Mac. Meaning anytime I can get to my home server and so can my Mac, I can get to my Mac.
    autossh -M 9005 -D 1080 -R 2222:127.0.0.1:22 www.example.org
    2) Another LaunchD (cron) process that curls a simple URL through the ssh socks proxy (ssh -D) that is a simple 1 or 0. (1 Stolen, 0 Not-Stolen). If it sees that it is stolen it'll just start taking pictures with the iSight (iSightCapture) and the desktop (screencapture) and uploading them to my host through scp. Literally in a while loop so as soon as it gets one photo, it gets another, and another, and another, etc...
    3) I have logKext, a password keylogger, installed. Every hour (keyLog-00h.log) and then once per day (keyLog-20090824.log) it uploads a copy of the encrypted log to my host. If anyone steals my laptop and uses it to type anything personal (e-mail, passwords, phone numbers) I'll immediately get

    Most thieves aren't what you see in Oceans 11 after all your money, they're low income thieves. When someone broke into my car and stole my wallet, both credit cards were immediately used at 2 Walmarts 10 minutes in either direction for $300-$500 repeatedly until I called to cancel. They're not going to wipe the drive, do an EFI wipe to ensure there are no 'bios' keyloggers.

    I wouldn't be surprised if the first thing a thief around here did was check his or her facebook and myspace page and then send an e-mail to his or her friends using a hotmail account.