Ask Slashdot: Good Tracking Solutions For Linux Laptop?

First time accepted submitter WillHPower writes "So I have ordered a new Ubuntu-powered laptop. I spent some extra bucks on lots of RAM and a good sized solid state drive. After putting money into it, I'd like to find a way to track this laptop in case it's ever stolen. Are there any good tracking software/services the run on Linux laptops? Also, are there any other techniques besides tracking for dealing with a lost or stolen laptop that I should consider?"

No

No, there's no good Linux HW tracking software. Why? Cause there's no good software for other platforms either. It's all "make-you-feel-good-software" which doesn't survive a simple OS reinstallation...

Re:No

[fuzzyfuzzyfungus]

No, there's no good Linux HW tracking software. Why? Cause there's no good software for other platforms either. It's all "make-you-feel-good-software" which doesn't survive a simple OS reinstallation...

It doesn't exactly give you the warm-and-fuzzies to know that this is possible; but some models have it baked right into the firmware. A suitably provisioned AMT 6+ device can do entertaining things like phone home and provide 'home' with an IP KVM, regardless of OS state.

Re:No

[schnell]

No, there's no good Linux HW tracking software

Of course there is. You just need to tape a note to the laptop asking the thief to compile and install it after doing a code review to make sure it's trusted, and submitting any code patches necessary back to the developers.

Re:No

[gothzilla]

Sure there is. http://www1.euro.dell.com/content/topics/global.aspx/services/prosupport/computrace?c=uk&l=en&cs=ukbsdr3 Computer will ship with the Laptop Tracking and Recovery software agent and a persistence module embedded in the BIOS. The software agent can survive operating system re-installations, hard drive reformats and even hard drive replacements. When a lost or stolen computer connects to the Internet, the software agent contacts the monitoring center to report the computer’s location. For systems with GPS technology included, Laptop Tracking and Recovery has the ability to capture and report more detailed location information. It also provides the ability to track your laptops as they change hands or move around the organization.

Re:No

[melikamp]

Can you point out a free OR open-source implementation of a phone-home BIOS on a laptop? No. No one can, as there ain't one. And a closed-cource security feature is a scam, plain and simple. I'd stay away from laptops that HAVE that feature, even if "deactivated" (how would you know?) by default.

Re:No

[sasquatch989]

Wrong. Computrace loads on the BIOS, and you can PW protect admin access to that. We've recovered lost and stolen equipment with this service.

Re:No

[kthreadd]

Some laptops actually has this built into UEFI. So it can survive a reinstall.

Re:No

[kthreadd]

Well, I guess it comes down to trust and if you trust the vendor.

Re:No

[tlhIngan]

It's all "make-you-feel-good-software" which doesn't survive a simple OS reinstallation...

False. Computrace (LoJack) actually survives OS reinstallation, provided the new OS is compatible (i.e., WIndows).

It does it by relying on a BIOS component that checks for it to be installed and if not, patches itself back in on the hard drive.

Of course, it lacks a lot of authentication and can easily be hijacked if you modifiy the BIOS...

Re:No

[greg1104]

There's a list of where BIOS level Computrace is available on their BIOS compatibility page.

Re:No

[gmuslera]

And maybe more important: even if there is a hardware tracking software, you don't want it. Not only is sharing your location to others without your consent, maybe is sharing more than that.

In any case, a cron script that send you just a mail every N minutes (and if having some supporting hardware, your gps coordinates, a picture of the front camera, etc) will be enough to give a hint of what happened with it before the OS gets reinstalled.

Re:No

[davester666]

How about...try to establish communications with known terrorists using it. Claim you want to start your own cell. Then the NSA will track your laptop for you, for free.

A simple lawsuit will get them to tell you its location if its lost or stolen.

Re:No

[mlts]

On Dell and HP boxes, there are hooks for it to auto-load/install LoJack for Laptops the second a Windows OS is put on the machine. That might be an idea. It won't help when Linux is running, but if a thief decides to install Windows, the BIOS will automatically install the tracing program.

Of course, the best thing is to have the laptop insured, and the HDD encrypted.

I like using multiple layers of encryption, mainly for compartmentalization. One layer for everything on the HDD, preferably using a TPM (to prevent brute-forcing), then different partitions/VMs for different tasks, This way, if the laptop gets snatched while browsing the Web, my Quicken data is still protected.

Re:No

[egamma]

Can you point out a free OR open-source implementation of a phone-home BIOS on a laptop? No. No one can, as there ain't one. And a closed-cource security feature is a scam, plain and simple. I'd stay away from laptops that HAVE that feature, even if "deactivated" (how would you know?) by default.

WillHPower did not make FOSS a requirement; why are you making it a requirement? Can you explain why a closed-source security feature must by a scam?

WillHPower wants to get his laptop back if it is stolen. He's not asking for ideological purity. He knows that if his laptop has a tracking device that the tracking data could be used by law enforcement against him. That's what tracking software does; it tracks. That is not a bug, that's a feature, and is actually the feature he wants to have. Apparently he doesn't wear tinfoil; he's not required to. It is his right as a thinking person to choose to be paranoid, or not be paranoid.

The best solution is some form of hardware lo-jack. Maybe a GPS transmitter that can fit in one of the external ports on his laptop, if that isn't built in already.

Re:No

[Zordak]

How about...try to establish communications with known terrorists using it. Claim you want to start your own cell. Then the NSA will track your laptop for you, for free.

A simple lawsuit will get them to tell you its location if its lost or stolen.

You included some unnecessary steps in there. The correct procedure is:

1. Operate a computer.
2. NSA tracks the computer.
3. Computer gets stolen.
4. File FOIA request to find your stolen laptop.
5. ???
6. Don't lose as much money! (Sorry, I don't see any profit, unless you make a business model out of filing FOIA requests for other people to help them locate stolen laptops.)

Oh, and backup with Carbonite. Unless this is a trivial gaming machine, your data are more valuable than your hardware.

Re:No

[ciderbrew]

Just ask the NSA where it is.

Re:No

[tibit]

If the thief is that technically literate, then, arguably, you've been had, get over it. Use insurance or just buy a new machine and enjoy the fresh smell :)

Alas, in most cases, a BIOS/firmware password and a password-less guest account on the OS are enough the ensure that you'll hear back from your machine. Thiefs are mostly silly.

Here's a solution that will work on any Unix system (less Orbicule, of course).

Re:No

[kav2k]

Note it's a hardware solution, while the question as about a software solution for existing hardware.

Re:No

[tibit]

I'm pretty sure it could be done using coreboot (formerly linuxbios). I don't think the code for it is written yet, of course, so yeah, there ain't one - yet.

Re:No

[fuzzyfuzzyfungus]

Did you see the part where I mentioned it not exactly giving you the warm and fuzzies? There are basically no FOSS x86s BIOSes at all(yeah, coreboot runs on a few things, most of them old and few/none of them laptops, or you could get an OLPC from before their switch to ARM; but that's about it). As it happens, the 'AMT' stuff isn't really part of the BIOS(I'm sure there are points of integration; but they are distinct systems). It's a separate CPU, with its own firmware(never fear, it's cryptographicially signed by Intel and 100% Trustworthy(tm)!) that is active at all times the system has power(including when the computer proper is off), with the ability to piggyback on the NIC(s) for communication with the outside world, to emulate storage devices and HID events, snoop the framebuffer without assistance from the OS, and generally do useful-but-unnerving things.

I said nothing about it being FOSS(indeed, it is to Stallman's Trusted Computing Dystopia roughly what RFID is to the 'Mark of the beast', possibly not the real deal; but a very logical implementation), just that it's an example of tracking software that will survive substantially more than a simple OS re-installation.

Re:No

[TheCarp]

This is an interesting solution, and may even be the best one for a Linux laptop.

Simple, have windows and computrace on there...run linux. The software does nothing until someone steals it and tries to run or reinstall windows, at which point it activates and starts doing its thing. In the mean time, it doesn't really track you.

The only real problem comes if the thief decides to keep it running linux or some other non-windows flavor (encrypt the whole hard drive with LUKS and that should at least make it useless until they install something on it.... which decreases the likelyhood of them not loading win one way or another)

Of course, a Windows license is around $100, plus any other software costs. Figuring that cost vs the chance that your laptop will first be stolen, then have windows loaded on it by someone wbo doesn't know any better, then be used in such a way as to get back uselful information that can be used to recover it.... well, I don't even generally buy extended warrantees, not sure how this compares value wise, but, its unlikely to be worth it.

Re:No

[v1]

It's all "make-you-feel-good-software" which doesn't survive a simple OS reinstallation...

Macintosh, use the command line for your linux needs (since it's linux based)

Enable firmware password and full disk encryption, both included free.

Current model macs cannot be overridden by any tech without your apple id. So as long as that stays secure, it's a brick if stolen. There are no back doors.

The tracking software is up to you. There are several commercially available, and I personally rolled my own. They can still remove and wipe (tho not read) your hard drive once they've nicked the laptop, but the computer won't boot, off any hard drive, ever again. All they can do now is part it out, except for the logic board, which is definitely the most expensive part.

Re:No

[geminidomino]

Of course, a Windows license is around $100, plus any other software costs.

Call it a hunch, but I'd bet that someone who doesn't have any qualms about stealing a laptop is not going to shy away from grabbing a windows All-in-one ISO from Piratebay...

Re:No

[melikamp]

I wasn't arguing with you, more like adding on.

Re:No

[chemosh6969]

And they won't reinstall linux, they'll install Windows

Re:No

[anechoic]

it is not *based on* Unix - it has a modular Mach kernel that contains some userspace bolt-on's licensed from BSD

OS X is "Unix compliant" which is code for "OS X acts like and smells like Unix but it ain't Unix"

https://en.wikipedia.org/wiki/XNU

Re:No

[TheCarp]

Nope, thats not what i meant at all. I was assuming that "you" (ie the rightful owner) would not be using unlicensed commercial software to "protect" your laptop. That extra $100 (plus other software) is in terms of cost to the owner of the laptop.

Of course the thief will have no qualms about downloading windows....but will a linux user buy a copy (assuming he doesn't already have it) just on the off chance that the other conditions for it to work are met?

My real point is that, in the real cost/benefit, I am not sure that adding even that $100 to the cost of a laptop is worth it. Remember, if the laptop is never stolen that $100 is wasted. If it is stolen, then it still needs to be used in such a way as to catch the thief or their customer.... the value purchased by that $100 is likely on the low side); and again, this is all before counting in the other software which requires it to work.

You are essentially buying a form of insurance, a very limited one. As such, the cost should be looked at accordingly.

Re:No

[rwa2]

Well... you could try to solder a little USBLinux distro with a phone home mechanism to an internal USB header inside the laptop. That would be like a note, except a bit more high-tech. Couple it with a BIOS password that forces you to boot through that device.

Would at least make it inconvenient for thieves to go through and reset / disconnect all that, at least.

Re:No

[gl4ss]

funny thing is that on the first page of google for computrace you'll find this as well
http://www.freakyacres.com/remove_computrace_lojack

it's apparently only bios level in the sense that it installs itself from there. it's like a security team of your own! this is an extremely cheap "hw" solution though...

Re:No

And security by obscurity is a fallacy.

1. No, it's not.
2. You ought to understand what a fallacy is before you start calling something that.
3. It's not even the correct quote.
4. The correct way to say it is like this: "Security ONLY by obscurity is ill-advised"
5. Obscurity is a perfectly valid layer in almost any security model.

Without the ability to inspect the conduct and performance of elected officials, there's no reliable way to know who to vote for in an election.

And that's just flat out not true at all. For example, you could vote for someone who has never served in a government office.

Re:No

[geminidomino]

I get what you mean now, but I'll counter-posit that most of the laptops that come with this firmware are likely to include Windows out of the box, and so it's $100 thrown away when installing linux in the first place.

Re:No

[TheCarp]

I thought about that but, figured that using the $100 for windows as a yard stick was easier than looking up what the add-on software on top of that costs :)

Course, as someone who runs linux exclusively on his laptops, and only got a windows license to play steam games on his desktop..... I also reserve the right to store my head up my own ass on that issue :)

Re:No

[greg1104]

If your Linux laptop is stolen, odds are good at some point the system will be reformatted with Windows to try and make it "work" again. That's the premise behind why Computrace might be useful even there.

Re:No

[greg1104]

GPS signals require line of site to multiple satellites, making it ineffective a lot of the time for an indoor computer. LoJack uses their own radio signals to operate, and that signal only goes a few miles. The only reason that works is because they've gotten receivers into a large number of police cars. Even there, it doesn't work in many areas of the US, their Wikipedia page has an unreferenced claim of only 27 states. Presumably rural ones where the police density drops won't work.

Re:No

[hairyfeet]

Bullshit, just because something doesn't have code for you to play with doesn't automatically make it "security by obscurity" and it has been proven time and again that many eyes like the mythical man month is just that, a myth which even a tiny bit of logic and common sense can rip apart.

For something as complex as a security related program you would have to have 1.- Users with enough years of experience in the cryptography field to actually make heads or tails of it (see the obfuscated C code contest for why this is important) and 2.- These same users, which generally are some of the most in demand guys in IT, having enough free time to check not ONLY the program itself but ALSO anything that is interacting with the code,aka the "trust the compiler" problem.

Show of hands, how many here have done a detailed in depth code audit on Firefox? LibreOffice? Gimp? I rest my case. here is probably the most FOSS heavy geek site on the net and I bet you can't even find 5 people that has so much as even looked at a line of code from the above, which is the 3 most popular FOSS apps BTW, and you won't find even one that has done an in depth code audit for any of the above. And this of course isn't even taking into account the fact that code doesn't stand still so in the time it takes you to do a code audit of say LO 4.1 there will have been 3 releases so that LO is at 4.4 and your audit is worthless and you need to start over. after all who knows what weaknesses the changes added? Maybe a change affects a system you have already audited making it now a risk?

The "having the code automatically makes it more secure" myth hangs on a simple fallacy, the fallacy that assumes because something CAN happen it already HAS happened which real life proves wrong again and again. After all theoretically somebody COULD be born that is immortal but that doesn't mean there ARE immortals walking the earth, and I bet a good 70% of the little projects that make up the average Linux distro probably haven't had their code looked at by anybody that doesn't actually work on the project, everyone just ASSUMES that it has been. Well the same thing applies to proprietary, it COULD have been made by the smartest minds in cryptography or it COULD have been made by Indian call center workers, you don't know in either case how well or poorly the program has been built until AFTER somebody breaks it.

Re:No

[CohibaVancouver]

Note it's a hardware solution, while the question as about a software solution for existing hardware

It's a combination of software, hardware and services.

The hardware contains the persistence module code.

The software activates the persistence module code in the BIOS to ensure the software agent can survive an OS re-install. The software also phones home to the monitoring center.

The 'services' are the team of ex-law enforcement who liaise with local law enforcement to effect the actual recovery of the stolen computer.

Re:No

[jaymemaurice]

You know, Lenovo says the same about the Thinkpad, yet there are people re-soldering the TPMs... before that you could simply replace, read or re-program a little eeprom. The general public should know now there is a difference with what can be done vs. what can be done.

Re:No

[OneAhead]

A fallacy, you say?
https://yourlogicalfallacyis.com/ambiguity

Yes, closed source is obscure, but that doesn't mean it follows the security through obscurity model. Something can be closed source, yet using sound security practices. Example: a closed-source RFC 4880 implementation. Granted, it would be difficult for such an implementation to gain the trust of the security community, but that's a different argument.

Re:No

[evilviper]

I'd stay away from laptops that HAVE that feature, even if "deactivated"

Well then, you're NEVER buying a laptop, because ALL the major manufacturers include LoJack for Laptops (CompuTrace) in their firmware.

Re:No

[mjwx]

No, there's no good Linux HW tracking software. Why? Cause there's no good software for other platforms either. It's all "make-you-feel-good-software" which doesn't survive a simple OS reinstallation...

This.

What are my options for HW based tracking. After all, my stolen laptop will be sitting on a pawn shop shelf unpowered for some time.

Re:No

[damium]

Oh, and backup with Carbonite. Unless this is a trivial gaming machine, your data are more valuable than your hardware.

That's OK. The NSA has a "backup" of your data too.

Re:No

[kav2k]

Note that without the hardware part, the whole system cannot survive a hard drive wipe. So it's semi-useless for existing hardware not equipped with it, and my point is that the original question was about exactly this situation. Not to lessen the merits of the solution, of course - it's just not applicable.

Besides, Computrace persistency module will only re-enable itself under supported operating systems. Guess if Linux is included!
So the surviving module will be running on firmware/BIOS level only, and I personally consider that "hardware".

Re:No

[Arker]

It's true that having the code simply allows security, it does not guarantee it.

But in a free software ecosystem, while inserting backdoors is far from impossible, there are at least consequences. The perpetrator may stand a chance of getting away with it for some time, but he also stands a chance of being detected. He has to know that it is almost certain he will be detected, sooner or later, and he's left a trail so the finger will point back at him.

In a proprietary/closed ecosystem, on the other hand, inserting backdoors without being detected is almost trivial, and the risk to the perpetrators much lower. It's to be expected that any proprietary system has them, whether on purpose or simply because of sloppiness.

So while technically your point is accurate, it seems rather disingenious. The gentleman you were replying to has a simplistic view but it is basically accurate. Trusting your security to a program you cannot even in principle verify is exceptionally foolish.

Re:No

[Arker]

Without the ability to inspect the conduct and performance of elected officials, there's no reliable way to know who to vote for in an election.

And that's just flat out not true at all. For example, you could vote for someone who has never served in a government office.

But how would I know whether or not I need to do that if I dont know what the incumbent has been doing, eh?

I think you miss the entire point of a democracy. The people are supposed to judge the elected officials on their performance, on their actions, and vote accordingly. When the incumbent gets to simply designate any information that the people might disapprove of as 'secret' and prevent the voters from being informed, democracy can no longer function.

Have it log in with DynDNS and open a VPN to you.

[rtfa-troll]

Give yourself full remote administrative control over it from your home system. At that point you can use all the standard "Where's my IP" tools to track down where it is; can use the webcam etc.

Theft prevention: label it "Linux Laptop"

[xxxJonBoyxxx]

You're probably better off going with theft protection. Your best bet might be to label it a "Linux Laptop" in big bold letters.

Re:Theft prevention: label it "Linux Laptop"

[54mc]

This is actually not a terrible idea. Kinda along the lines of how people joke that the best anti-theft an American car can have is a clutch.

Re:Theft prevention: label it "Linux Laptop"

[K.+S.+Kyosuke]

You're probably better off going with theft protection. Your best bet might be to label it a "Linux Laptop" in big bold letters.

It works even better if you buy a pink one.

Re:Theft prevention: label it "Linux Laptop"

[jones_supa]

Or even Windows or Mac, actually.

Re:Theft prevention: label it "Linux Laptop"

[TheCarp]

ROTFL I have never heard that one but.... I used to live in a house (condo conversion) where 8 people in two apartments had 6 cars with 1 driveway (worst case, number of both cars and people changed over time). During most of that time, I had the only manual transmission (I find it amusing they are still called "standard" by many).

Generally speaking, nobody could move my car but me. Eventually someone moved in downstairs who could move it, but, for the most part, I had to do it, which meant I couldn't just leave without my car unless I made sure it was all the way in the back.

Re:Theft prevention: label it "Linux Laptop"

[Minwee]

Just don't install FSN.

"It's a UNIX System! I know this!"

Re:Theft prevention: label it "Linux Laptop"

[antdude]

I read that having stickers all over the lappy would give it less chances to be stolen. Maybe add decorations to look it old too.

Prey

http://preyproject.com/

Re:PREY

[CosaNostra+Pizza+Inc]

LOL. At first, I misread your post. I thought you said "PRAY is great. It is more effective and runs on most Linuces.". I wouldn't resort to prayer, myself.

Re:PREY

As much as I liked Prey (though they're in the monetize the crap out of it phase now), I noticed that it had a noticeable effect on the battery life of my laptop. I'm not sure exactly how that worked, as it only phones home every (user configurable) couple of minutes. Maybe that was enough to keep the wireless card from going into a power saving state... Anyway, after uninstalling it my battery life increased by ~50%. FYI.

Re:PREY

[Jeremiah+Cornelius]

You never know....

Prayer should be effective and properly employed when petitioning for a change in ourselves, rather than in material circumstance or disposition. ;-)

Re:PREY

[marcosdumay]

We encourage you to add a BIOS password and disable booting from removable devices on your PC

So that the thief must take the disk out of the computer for formating it? It requires a screwdriver, flawless security.

Re:PREY

[hobarrera]

The problem with Prey, is that the thief needs to turn on your computer, and connect it to the network. This means giving him access to it. This discards full disk encryption. This, in turn, means that thieves get full access to all your data.

I've often come across the dilema. I prefer to run FDE, and permanently loose my laptop if it gets stolen, being able to sleep knowing no personal data has been leaked.

Re:PREY

[Bert64]

Just because a thief boots your install, doesn't mean they will attach it to a network... You'd need to ensure the laptop had functional 3g connectivity built in (ie with a valid sim etc)...

This also brings up another problem, in order for the tracking software to run your drive needs to be unencrypted, so you have a tradeoff - do you care about the hardware or the data? If just the hardware then you might as well just insure it and get a replacement, and if the data you probably dont want it left unencrypted (and really should keep backups).

Re:PREY

[l0kl1n]

true, but how many laptops/desktops etc. are swiped by meth heads just looking to flip on cl or pawn. in those cases, they won't know/care how to pull a hd out.

Re:PREY

[bugnuts]

in order for the tracking software to run your drive needs to be unencrypted

Tracking software doesn't need the drive to be unencrypted. Boot disk can be a small partition (often ro) which this can reside. The user partition with all the data will be encrypted.

Re:PREY

[Jeremiah+Cornelius]

OK.

Come up with something better, that is embedded in hardware - like Intel has with vPro AMT - and then TRUST it is not abused to manage the computer against your own privacy interest, security, etc.

Intel has probably built the hardware primitives for the biggest NSA back-door into every Core i7. Now that they own McAfee, you will see them try and execute on the software part of the equation. They'll sell this to "enterprise" as data security measures.

The backdoor potential for abuse here is HUGE. Look at the 99% of exploitable Android phones that were just exposed with the vulnerable APK, last week.

Re:PREY

[Jeremiah+Cornelius]

I think you are right. But the "plan" is not an intellectual construction, and includes evolution, chaotic interaction, and your own striving...

God isn't a "super human" - but entirely other. Outside time and space, as we can comprehend such things, therefore without "thought" which occurs in the context of the known, of unknowns and of memory. Without anticipation and without a transition of state, God is a category beyond what can be described as a mind or even a being.

Re:PREY

[Jeremiah+Cornelius]

With laptops? That, and removing a MacBook/UltraBook type drive are well-beyond most "smash and grab" thieves.

Hell. Go and change the drive in an early 2007 MacBook. I can do it. You can do it. My brother, Frank, couldn't.

Re:Prey

[Jane+Q.+Public]

"Strange guys, bitching about Kinect spying on you and then installing spyware yourself."

It's a matter of trust.

Microsoft has very clearly and very repeatedly, over a period of many years, shown without any doubt that they can't be trusted.

I don't know of a single instance of similar complaints about The Prey Project.

Re:Prey

[Jane+Q.+Public]

"Actually, that is entirely false depending on the BIOS you have in your laptop."

And boot sector viruses have been doing this in Windows since long before "extended" BIOS existed.

But Windows "secure boot", as much as it is a good thing to hate, would basically preclude this from happening.

But of course that presumably does not affect OP's Linux distro.

Re:PREY

[jaymemaurice]

Once a computer store came to me to reset a BIOS password on a laptop for one of their customers. I reset the password and noticed the windows installation was configured to join to a domain... so I reset the local account, recovered the outlook PST file and called the former user of the laptop. It was a corporate laptop that was stolen from his garage a week prior. The police came to my work and I was summoned to show up in court as a witness to a stupid possession of stolen property charge in another city. I had to take time off for it and everything.

That said, the "useless security" was enough to get the laptop to the point where a number of people who had the technical ability to do the right thing could...

Mind you, it was an inconvenience to me to do so.

Re:PREY

[jaymemaurice]

The point you are missing is that the laptop must be usable in it's freshly stolen form for software tracking to be of any use - or else why would someone leave it powered on.

And often the person who steals the laptop doesn't hold onto it... they flip it... often as a laptop they "forgot the password to, just go to a computer shop to have it reset"

Re:PREY

[fermion]

Most tracking software security through obscurity. This is why phones are so susceptible. Everyone know the type of security that is on them, so everyone removes the SIM card and does not connect to the network until after the unit is completely set back to factory settings.

Which brings us to the real issue. A careful person will replace of reformat the drive. I have not run into a laptop where the drive cannot be removed and reformatted on another machine. Or the bios password can be bypassed, or sometimes just typing in several wrong passwords will automatically reformat the drive. Of the computer can be booted from an external drive and the original drive can sometimes be formatted that way. For a hard drive just replacing it is the best bet. For a *nix machine, it is pretty sure that the average thief is going to want to put MS Windows on it.

The best solutions are those that build the tracking into the hardware. That way a simple wipe or hard disk replace does not deactivate the tracking. The hardware can still be removed, and a network connection is still required, but that is the technology.

Re:PREY

[Eunuchswear]

Go and change the drive in an early 2007 MacBook. I can do it. You can do it. My brother, Frank, couldn't.

Still bitter about Catherine, Jerry?

Re:PREY

[Flere+Imsaho]

+1 for Prey
I run it on my Win7 laptop. I've deliberately left the guest account active with no password, so hopefully if it gets nicked the crim will log-on without wiping it. That gives Prey a chance to phone home and let me know where it is.

Re:PREY

[OneAhead]

And then there's the other part of the equation: suppose the thief is simply interested in reselling your hardware and not your data, then they can take out the HD, reinstall the OS (or just the boot loader) and pop it back in.

On my brand new laptop, my home dir is encrypted, and I'm planning to install something like Prey as soon as I've looked at the pros and cons of the different options. That way, they can run the anti-theft software without getting access to any of the data I really care about. Of course, even a moderately sophisticated thief can circumvent the best anti-theft software, provided that they're diligent enough. But in a real-life burglary or car break-in, there's a fair chance that those conditions are not met. I guess if one knows a little bit about computers, fixing them for pay is more profitable and less risky than stealing them.

Re:Prey

[readingaccount]

Why the fuck do I bother sometimes? I take the time to write what I consider a helpful and informative post, don't get modded or even commented on, while someone else (an AC at that) posts the Prey URL (without even making it clickable) and gets (Score:5, Informative).

Maybe I should have stuck to the goal of my username and remained a reader rather than a poster.

Re:PREY

[OneAhead]

A lot of petty thieves don't exactly fall under the "careful person" category...

Re:PREY

[someSnarkyBastard]

Most BIOS/Disk controllers have an additional HDD password that stays with the drive even when you pull it.

Couple this with a TPM chip attestation method to ensure that the drive won't unlock unless it recognizes the mobo and that is a non-issue.

Re:PREY

[someSnarkyBastard]

That assumes that newer laptops are still using the same old battery-backed NVRAM to hold BIOS settings. As I understand (and I could be wrong here) newer PCs, especially UEFI models, use flash storage to store those settings so there is no need for a battery.

Re:PREY

[Jmc23]

So a security device that some people pay money for, caused more financial loss to others than the laptop is worth.

Re:PREY

[Fjandr]

Who do you think most thieves are?

Re:PREY

[Swave+An+deBwoner]

How about leaving the OS and boot partitions unencrypted and just encrypting your home and data filesystems? So the OS can boot and phone home but your own data is still unavailable to the thief.

Re:PREY

[Swave+An+deBwoner]

Oh man! I couldn't have just read the reply right above mine before posting. Blech.

Free but only partially useful solution

[Deathspawner]

Writing a bash script that automatically sends the laptop's current outbound IP address to a remote file is one idea. That would at least help you figure out to some degree there the laptop has been used from. It'd require law enforcement to go further than that, though...

Re:Free but only partially useful solution

[localman57]

In our city, it depends a lot on how it was stolen. If you left it unattended at a Starbucks and it disappeared, good luck. But if you lost it through a burglary, the cops will often go to the trouble to track it. Same with xBoxes that use Live. Because sometimes when they track one of these, they find an entire garage full of stolen electronics.

Re:Free but only partially useful solution

[icebraining]

Not everyone lives in some uncivilized shithole. The cops here got my brother's $25 cellphone back after it was stolen. And they didn't need a full SWAT team with heavy gear to take it from the kid who stole it, either.

Re:Free but only partially useful solution

[marcosdumay]

That, and live the ssh server listening (passwords disabled), so that you can shred the disk if you want. There is not much more anyone can do...

Or maybe, buy one of those USB computers, plug it somewhere inside the laptop, and put a back door in it.

Re:Free but only partially useful solution

[hobarrera]

For that to work, you need to give the theif full access to your laptop. Say goodbye to FDE, or any sort of privacy.

Re:Free but only partially useful solution

[gl4ss]

Err... Not quite true. I had the cops show up at my house because they found a stolen GPS with my home address on it. Just because your relations with police were terrible doesn't mean all police are like that.

they didn't go looking for it though? and that's kind of opposite.

so I guess what he should do would be to just carve his home address on the laptop. that's not actually a bad idea as such, it might destroy resale value of the item but that's actually good for theft prevention.

Re:Free but only partially useful solution

[Deathspawner]

That's a good point. If setup as a cron job though, it'd still execute as soon as the login screen is reached. The thief might not be able to get in, but the IP would have already been sent to the remote host. The lack of effective encryption would indeed suck, however.

Re:Free but only partially useful solution

[hobarrera]

That's a good point. If setup as a cron job though, it'd still execute as soon as the login screen is reached. The thief might not be able to get in, but the IP would have already been sent to the remote host. The lack of effective encryption would indeed suck, however.

Full disk encryption means your login screen won't be reached until way after the disk encryption password is entered.
Also, without logging in, the laptop won't connect to any wireless network (don't expect the thief to have an open network around).

Re:Free but only partially useful solution

[Deathspawner]

Right, but the number of people that run FDE or even FLE are small. Good point on the wireless though. I guess you'd just have to hope that someone would plug it into a wired connection :S

Re:Free but only partially useful solution

[FuzzNugget]

I've done exactly that with my laptop and my mom's netbook running Ubuntu.

There's a nice trace route by GeoBytes from which you can easily extract itemized location output.

Re:Free but only partially useful solution

[snickers]

A friend of mine had his laptop stolen and something similar configured on it. Here's his talk at Defcon about getting his laptop back. Once he had the IP address he was able to start spying on the new owner and was eventually able to get it back. It's very funny.

https://www.youtube.com/watch?v=U4oB28ksiIo

Re:Free but only partially useful solution

[Fjandr]

That would require forwarded ports on the gateway being used by the thief. It's not like consumer machines are ever connected directly to a public IP in almost all cases. That's limited to a direct connection to a cable modem or use of dial-up, or other even more rare use cases.

Just ask the NSA

They will gladly tell you where your computer has gone to.

Re:Just ask the NSA

[kthreadd]

They will? I thought that was classified.

Re:Just ask the NSA

No, just enter the following URL:

www.nsa.gov/applications/search/index.cfm?q=I lost my laptop could you tell me where it is

I have to admit I was freaked out when the result came back and said, "You're ON your laptop. Stop fucking around, Robert"

Disk encryption

[bradley13]

Assuming you have valuable and/or personal data on the machine, don't forget disk encryption. Either encrypt the entire disk, or perhaps just the data partition. Truecrypt is a good solution for this.

Re:Disk encryption

Exactly.

In fact, just forget tracking, and encrypt the whole disk---if it gets stolen, shrug it off, and buy another one (again, do full disk encryption).

There's not much you can do about crime (sure, you *might* be one of those few folks who locates their laptop, and then breaks the law in some stupid way trying to retrieve it---or infinitely less likely, gets the thief slapped on the wrist by the cops).

Password protect bios, encrypt disk, etc., make it a hassle for someone who ends up with it, but that's pretty much it. Your toy is gone---the quicker you get over it, the better off you'll be.

Re:Disk encryption

[greg1104]

If you encrypt the boot drive properly, it won't boot to anywhere useful without a password. That means you can't use any of the OS-level tracking solutions, because the thief won't be able to boot into the regular OS. If you've let a criminal boot far enough to track them properly, you've really let them get too close to your data.

It sucks in a way that a locked down system can't also phone home easily to find the thief, but realistically that's the trade-off here. I'm willing to write off the cost of a laptop if it's stolen, as long as the thief doesn't also get access to any personal data I have on the drive. Recovering from a case of identity theft costs a lot more than any single device.

Re:Disk encryption

[rvw]

Assuming you have valuable and/or personal data on the machine, don't forget disk encryption. Either encrypt the entire disk, or perhaps just the data partition. Truecrypt is a good solution for this.

Plus provide autologin, so the user won't feel the need to reinstall immediately.

Re:Disk encryption

You have to use the bios (firmware) level tracking stuff. This is especially important when using a Linux based machine as anyone who takes it is simply going to format it or replace the drive and install Windows. Any scripts or crap you setup in the OS are gone.

Re:Disk encryption

[wiredlogic]

It is still possible to maintain a bootable system *and* encrypt your data on a separate volume that isn't mounted by default. That won't protect snooping on unencrypted data in places like /var unless you go the extra length to overlay new mount points when an authorized user logs in but it is workable. With this arrangement you can have a reasonably locked down system that is still able to phone home.

Re:Disk encryption

[hobarrera]

Truecrypt is cool for windows, but the op clearly uses Linux. In his case LUKS is fine for FDE, or ecryptfs for his home partition (Ubuntu let you set this up when you first login as well).

Re:Disk encryption

[hobarrera]

Exactly.

In fact, just forget tracking, and encrypt the whole disk---if it gets stolen, shrug it off, and buy another one (again, do full disk encryption).

The op clearly states he doesn't want to loose the laptop due to it's cost, not because of the information it contains.

Re:Disk encryption

[hobarrera]

That's what I've always though. Yet a comment further up suggested UEFI tracking might be possible. There's nothing implemented (yet) that I know anyway.

Re:Disk encryption

[greg1104]

There are so many more places that confidential info can leak to that I'm not optimistic about redirecting them all with mount points. /tmp and swap are tough, and who knows what your applications might be saving to your home directory as well. I find it hard to trust anything besides full-disk encryption solutions because of all that.

A lot of Linux systems leave the /boot partition unencrypted. That is reasonable enough, since user data is never going there. Even that is still vulnerable to evil maid attacks, but that's a different issue than the laptop being stolen.

Re:Disk encryption

[Hatta]

Easy solution. Configure grub to automatically boot an unencrypted OS that has tracking enabled. Use the hiddenmenu command to make it less obvious that there are other systems available.

You really need an unencrypted decoy OS to get through customs unmolested anyway. Might as well install Prey on it.

Re:Disk encryption

[FuzzNugget]

Not necessarily.

Have two operating systems; one's encrypted, the other is cleartext with the tracking software and boots by default There's a trick or two you can setup with TrueCrypt, GRUB and other boot loaders to obfuscate the password prompt and easily fool adversaries into booting the OS with the tracking software. Even if they figure that out, they're still not getting into your encrypted OS without the key.

Whatever the case, your data should be in a separate partition or container isolated from operating system and encrypted with a different key.

PREY

[kcmastrpc]

http://preyproject.com/download

Prey Project

[carlhaagen]

http://preyproject.com/

Re:Have it log in with DynDNS and open a VPN to yo

[carlhaagen]

A plethora of solutions already do this, without the overhead of reinventing the wheel. Check out http://preyproject.com/

Stop Theft Plates

[kullnd]

I'm a big fan of these - - They deter the actual theft before it happens.

http://www.stoptheft.com/

Re:Stop Theft Plates

[PreparationH67]

Wow, these plates actually look pretty awesome and from what I can tell they don't charge you for the registation. Nice price points too, I might have to point these off to my bosses.

Re:Stop Theft Plates

[localman57]

I'm a big fan of these - - They deter the actual theft before it happens. http://www.stoptheft.com/

It seems to me that if this works, and you can't get it off, it will probably just get your laptop thrown in a trash bin, or chopped for parts. Mildly satisfying in terms of pissing off your thief, but rather questionable with regard to helping you get your stuff back.

Re:Stop Theft Plates

[kullnd]

Nothing is perfect - I feel that these, combined with a very clear label that states the system drive is fully encrypted (which it is), dramatically decrease the value of the system to a would-be thief whether they are looking to make a quick buck at the pawn shop or mine the system for information. They also allow for return of your equipment if you leave it somewhere or loose it outside of theft. The idea is simply that my systems are a less desirable target than most others.

Never had a system stolen, but if the worst case scenario takes place I have insurance and due to the encryption and backups, I have ZERO concern about the data on the system which is where the real value lies..

Re:Stop Theft Plates

[stoptheft]

I'm a big fan of these - - They deter the actual theft before it happens. http://www.stoptheft.com/

It seems to me that if this works, and you can't get it off, it will probably just get your laptop thrown in a trash bin, or chopped for parts. Mildly satisfying in terms of pissing off your thief, but rather questionable with regard to helping you get your stuff back.

kullnd, thank you for your unsolicited endorsement of our STOP Security Plates. Full Disclosures: I'm the Customer Relations guy at STOP; and to the best of my knowledge, I do not know or have never communicated with the poster, kullnd. As all of the posts demonstrate, there are many approaches one can use to protect his/her laptop and other mobile devices. Indeed, STOP provides our STOP Security Plates for physical, up-front theft deterrence, along with STOPMonitor, a back-end tracking agent, which provides complementary protection through geolocation, remote real-time document encryption, and remote, real-time - and reversible - bootlock. These are just a couple possible solutions. There are no perfect solutions. Repeat, no perfect solutions. Ultimately, the best solutions will depend on how and where you use your device, what data are stored on it, and what the device and data are worth if they're lost or stolen. Still, even with the recent addition of our STOPMonitor real-time Asset Tracking system, STOP remains dedicated to theft-prevention, first and foremost. Our STOP Security Plates have been proven effective (since 1991) in preventing opportunistic theft and in returning both lost and stolen devices to rightful owners. Check our website for postings of recent recoveries reported to our 24/7 toll-free recovery hotline. Sure, the STOP Security Plate and "STOLEN PROPERTY" tattoo can be removed - but with great difficulty, and usually resulting in significant visible damage to render illicit resale virtually impossible. Most thieves tend not to like to have to deal with these difficulties, and will tend to go steal something else that's not protected. So, is it perfect? No? Does it provide the best bang for the buck in terms of anti-theft, recovery and inventory management? Absolutely, yes: from $25 for a single Plate to as low as $8.75 for 500+ quantities. And we include the Standard Version of the STOPMonitor real-time asset tracking system at no extra charge with bulk (10+) purchases of STOP Security Plates. So, with the front-end protection of our STOP Security Plates, backed up by the STOPMonitor agent, I believe our system gets a lot closer to perfect than many others. STOPMonitor is currently available for Windows-based systems, and will soon also be available on MacOS. If you would like to contact me regarding this post or to obtain more information, I'm at doug@stoptheft.com Sincerely, Doug Belfiore Director of Customer Relations STOP Security Tracking of Office Property www.stoptheft.com

Here is what you could do:

[stewsters]

Get internal gps. Dual boot with a no-password windows xp account. The thief will have a much higher chance to log into that. Make it spam a home server with its coordinates every second its on and has access to the internet. Encrypt your linux partition. The key is you want the thief not to just wipe it and sell it, they need to power it on.

Re:Here is what you could do:

[CanHasDIY]

The key is you want the thief not to just wipe it and sell it, they need to power it on.

Depends on the style of thief; your typical, garden-variety tweeker looking for something to sell to the pawn shop probably won't even crack the top, let alone try and boot the thing... a pro or semi-pro identity thief, on the other hand...

Then there's the ever-present bored-teenage-vandal types (especially prevalent this time of year)... those kids are likely going to break into the machine to see what kind of "cool" (read: pornographic) stuff you've got on there, shortly before they completely trash the hardware.

Insurance

[L4t3r4lu5]

Encrypt the hard drive. Insure against theft. Forget about it if it's stolen.

Re:Insurance

[auric_dude]

Please don't forget to make and test backups every now and then otherwise you may well have your insurance payout but no data.

Re:Insurance

[bill_mcgonigle]

Encrypt the hard drive. Insure against theft. Forget about it if it's stolen.

Right, your data integrity is almost always worth more than the hardware itself. In order to install a tracker, you have to permit the attacker access to your filesystem. Don't do that.

If my laptop is stolen, they'll see a grub screen, and then dracut asking them for a password. I'm SoL on ever seeing it again but I don't have to go explain to clients how their security may have been compromised.

I guess ... you could try to bait them with a Windows boot option in grub. Maybe even make it the default if you think it's really likely that your laptop will be stolen. Install the tracker there, perhaps. One could continue along that train of thought with silent grub options and delays to make a deadman's switch of sorts, that would automatically bring up wireless, connect to any routable AP and send a help packet. Hey, there's an opportunity for the next guy who wants to make a new micro linux distro that does something unique - the more silent, slim, and faster the better. Maybe even a fake Windows splash screen while it's doing its business.

Re:Insurance

[Alain+Williams]

Please don't forget to make and test backups every now and then otherwise you may well have your insurance payout but no data.

I keep my data on my server at home, I put stuff on my laptop if/when I need to use it when I am out & about. Nothing of real value would be lost if I were to lose my laptop.

Re:Insurance

[L4t3r4lu5]

Yes yes YES. I'm utterly astounded that I didn't mention this. Thanks for pointing it out!

Tracking the IP is easy but...

...the problem seems to be that just knowing the IP of your stolen computer is not enough for the police to get it back for you. It seems they also want a photo of the thief taken while using the computer, which complicated matters a lot. At least that's what other users have reported.

Re:Tracking the IP is easy but...

[jamstar7]

...the problem seems to be that just knowing the IP of your stolen computer is not enough for the police to get it back for you. It seems they also want a photo of the thief taken while using the computer, which complicated matters a lot. At least that's what other users have reported.

Not to mention the police will want to talk to you about all that Indonesian plant porn the thieves downloaded onto your laptop after they stole it. Denying that you did it just won't work with them, but might work with a jury if you have a good enough l*wy*r.

Re:Tracking the IP is easy but...

[MrNiceguy_KS]

...the problem seems to be that just knowing the IP of your stolen computer is not enough for the police to get it back for you. It seems they also want a photo of the thief taken while using the computer, which complicated matters a lot. At least that's what other users have reported.

Most laptops have built-in webcams these days.

For a while, I had my laptop set up with a "decoy" XP install. Anyone booting up that would have their pics uploaded to a dropbox account I created specifically for that purpose. I also had an Pidgin set up to auto-login to a decoy Instant Message account and start minimized to the system tray, with the tray icon hid. I figured if the laptop was ever stolen, I could watch for the IM account to go active, then chat up the thief and inform him that I had his photo and offer to not call the cops if I could simply have my laptop back. Obviously not a bulletproof solution, I admit. The last time I wiped and rebuilt the laptop, I didn't bother setting it up again. I figured my laptop was protected by a combination of full-disk encryption and the odds that few people are going to steal a 5-year-old netbook.

Nice Try, NSA

You'll have to try harder than that to get me to help you track people.

Prey!

I would recommend Prey: http://preyproject.com/blog/2011/04/its-official-prey-is-now-on-ubuntu

I have used it and it seems to work well. It's free for up to 3 machines too.

Linux OS likely to be erased offline

[advid.net]

The first thing the theft will do: an offline OS installation.

I bet the stolen Linux laptop will have its OS erased to either to run MS Windows or an other Linux distro.

Re:Linux OS likely to be erased offline

[aaron44126]

That might be the first thing you would do. Thieves often aren't techies. They'll just boot it up and see if they can get it to work, and then pawn it or sell it to someone else.

If you want to be able to track your machine after it is stolen, just make sure it is easy enough for anyone to get to a web browser (easy-to-find guest account with restricted permissions, but can still connect to the local wifi?). Then run some software like Prey. If you have sensitive data, encrypt it but make sure the machine is still bootable.

Re:Linux OS likely to be erased offline

[whoever57]

The first thing the theft will do: an offline OS installation.

Exactly. My daughter's Ubuntu laptop was stolen some years back. It was configured to start OpenVPN on boot-up. The VPN never connected after the theft, so I can safely conclude that it was never connected to the Internet while the original Linux install was present.

Re:Do nothing

[pmontra]

I know it's almost offtopic but what happens if they steal a Mac? I've seen a raided office a few days ago. They got all laptops, half of them were Macs. Do they install some OSX on them?

Insurance and backups

Seriously, just have it insured and back up the data regularly. If it gets stolen, claim it, buy another and restore. It's happened to me and I was back on my feet with a new laptop in 24 hours, the insurance claim took a week but all I had to do was file the claim and talk to a couple people on the phone.

If it is stolen and you can tack it, do you really want to do that? Track down some petty thief and confront them? Why? Thats sounds time consuming and potentially dangerous. Why bother?

Re:Insurance and backups

[jones_supa]

Combined with encrypted hard drive, this is the best answer.

Prey

[Jane+Q.+Public]

I tertiary the others on this.

While it is true none of the solutions will survive an OS re-install, in most cases that's not terribly relevant. You want to track it down before they re-install the OS anyway.

Prey is very unobtrusive; I often forget it's even there. It can give you screen shots, access location information, and even snap pictures with the webcam if your laptop is so equipped.

Great product and service.

CompuTrace

[DigiShaman]

Depending on the laptop (in BIOS), you can use CompuTrace with Dell laptops.

http://www.absolute.com/en/products/absolute-computrace

Re:CompuTrace

[QuantumRiff]

Looked into this once before for a big rollout.. Very hard to get actual info on. All the BIOS chip does, is re-install the software automatically and silently in windows. (they have some sort of special encryption key or something)..

if you ever feel the need to steal a laptop, install linux, freeBSD, or make it a hackintosh, and the computrace is worthless..

Re:CompuTrace

[SuneSpeg]

The CompuTrace solution is available on the majority of business notebooks, being a HP freak myself i can confirm it is available in most probook and elitebook series, while not available in the pavilion(private) segment. Fujitsu Siemens and Lenovo (and probably others) offer it too. It is not free, but should be considered as an insurrance. Hardware based solution is only way to go ,if the junkie that steals it cant surf porn on it right away, it will be reinstalled and all the fancy software solutions are gone.

Re:CompuTrace

[DigiShaman]

Yes, that's my understanding as well. But I'm going to guess a strong possibility of the drive being replaced and reinstalled with some variant of Windows anyways. If it's a Dell, they'll just use the OEM reinstallation media that matches the COA label to bring it back to OOBE (factory) prior to selling it online. Once it connects to the Internet, it phones home.

Re:CompuTrace

[gl4ss]

but it wont work if the thief installs ubuntu? isn't that just semi-hw solution?

attaching a gps chip with it's own communications chip to the net seems like the only true way to go. a bios extension that silently installs stuff doesn't sound so groovy, but it is a cheap, cheap, cheap way to do it in order to fill tickboxes.

Re:Have it log in with DynDNS and open a VPN to yo

[WindBourne]

Thanx. I did not know about this one.

Re:Do nothing

Actually they do the same thing, install windows on it. Go to craigslist and notice how many suspiciously cheap macbooks with windows installs there are.

Prey

[readingaccount]

Apologies if this sounds like I'm some sort of shill, but I'm not. Just a happy customer:

http://preyproject.com/

* Free and open source
* Completely passive
* If the laptop is reported missing (and has net access to know this), Prey will report its geo-location via Google Maps, take passive captures of the user with the laptop's webcam, take screenshots of their activity, and if necessary completely lock down the computer (though you'd normally do this manually and as a last resort - once locked, the thief will probably ditch it very quickly). Does other things as well.
* Works on Win/OSX/Linux/iOS/Android

* Allows you to run it in two ways:
1. Make an account on the website, install the software and link it to your account, so that should your laptop go missing you can report its absence via the site and it'll do its thing once the laptop goes online elsewhere. Free accounts all you to link up to 3 devices, pro accounts allow more in addition to more features, but you'll easily be fine with a free account.
2. If you want to be completely independent, you can run Prey stand-alone. No account needed - it works by monitoring for the existence of a URL when online, and if said URL reports a 404 error, it triggers and sends reports via email. Hence, you set up some free hosting with a dummy file, point Prey to the full URL of said file, then if laptop goes walkies, remove the file from the host to trigger Prey. No reliance on accounts or anything. Bit much for a regular user but easy enough for advanced users and not dependent on a company for the software to keep working.

also some people on ebay may part it out

[Joe_Dragon]

if they can't boot it.

that SSD and the screen can sell as well as the case / ram / cpu / and other parts.

Since you're running Linux ...

[MacTO]

Since you're running Linux, you will probably discover that any thief will reformat the hard drive to install Windows. This leaves two options:

1) Look into software that may already be baked into the firmware.

2) Have it automatically, and preferably transparently, boot into Windows then follow some of the other advice found here.

Neither route will help you recover a laptop once it has passed through the hands of professionals.

Overall, you'd probably be better off detering theft in the first place: don't use it in overly public places, never leave it alone in public places, invest in a good lock, and make it look undesirable. (One thing that I like about my ThinkPad is that it looks 10 years older than it actually is. Stickers, especially "non-removable" ones, make more identifiable and harder to resell without a cleanup effort. Scratches and dings will reduces its apparent value. Heck, smashing the slot for the lock will probably deter most thieves since it would be harder to sell.) Remember, the best way to avoid being a target is to avoid looking like a target.

Oh, and write down every serial number on the system.

Intel Anti-Theft

[javajeff]

http://www.intel.com/go/anti-theft

If your computer has Intel Anti-Theft, this will super cede the bios. No one will be able to use your computer in any way. They cannot boot to a usb or CD; they cannot access the bios. It will be a brick without the password or correct credentials from Intel.

Re:Intel Anti-Theft

[bobbied]

It just doesn't stop them from parting out the thing. Removing the SSD, memory and such is a quickly done. Common laptop repair parts, (screens, keyboards, batteries, chargers and even processors) are usually not that hard to remove. Remember, the thief just wants a quick buck,. It doesn't matter to them what the thing retails for, they will just sell what they can and trash the rest.

Yeah

[Culture20]

It's called buy a cheap laptop, encrypt it, back it up regularly, and buy another when it's lost or stolen. Works for other operating systems too. Even with computrace, you can't get police to act on the location a lot of times. Tracking software saves money on insurance, that's it.

DDoS

[DougOtto]

Configure it to launch a DDoS against the NSA and FBI if your password isn't entered within 30 seconds of booting.

Three letters:

[johanwanderer]

NSA

Cron

[sl4shd0rk]

This will get you an IP address every 15 mins in your apache log so you can login or trace it.

      */15 * * * * /usr/bin/curl https://mywebserver.org/checkin

Also, if you don't want to run a full apache stack, boa is a nice light webserver which will do the same. Also, many options for perl/python servers which could be lighter yet but you would need to implement your own logging. Another cool option is have your laptop open a reverse ssh tunnel right to your server when it boots.

      @reboot /usr/bin/ssh -R 43811:localhost:22 mywebserver.org

Re:Cron

[evilviper]

Another cool option is have your laptop open a reverse ssh tunnel right to your server when it boots.

Of course that won't work on WiFi because the network connection hasn't been negotiated at boot-time.

Instead, you should have it check and reestablish the connection every hour or so. And also, SSH connections like to silently die when there's network trouble, while the command will keep running, with no indication of trouble. To keep an SSH tunnel up and working, you want a few options like the following:

    ssh -n -N -oConnectTimeout=300 -oServerAliveCountMax=10 -oServerAliveInterval=120

Another reason you put electrical tape over webcam

[ub3r+n3u7r4l1st]

protect yourself against the tracking by the Illuminati.

How about a C4 "Deadman" Switch

You're a slashdot guy, so you must be pretty talented. Open the thing up and find some unused GPIO (or serial port) that you can tap into and hook a small block of C4 and a detonator up to it [1]. Then, create a cron job that runs daily to check that you've been logged in at least once, and if it doesn't it should assume the laptop was stolen and trigger the detonator. No. Wait. Better make the cron job run every 12 hours. You can never be too careful. Just make sure you never sleep in on weekends or leave your house without your laptop.

Next, to be extra safe, you'll want to somehow monitor failed login attempts and trigger the C4 whenever too many happen. Not sure how to do this as I'm a hardware guy myself, but I'm sure you can figure things out on your own or with your frienemy Google. I'd say that allowing one failed login attempt should be a safe threshold, but I'd recommend against allowing any more than that, as you're just asking for trouble. In fact, unless you're some kind of pussy that can't type, you can probably get away without any grace login attempts.

If you were really paranoid, you could try to implement some sort of retina scan or proximity sensor using the built-in webcam, but that's an advanced topic probably better left for some future "Ask Slashdot" post.

[1] If you have sort sort of issue with using C4, maybe you should consider somehow using a thermite charge instead. Less "bang", yes, but definitively more colourful, and would give new meaning to the term "toasted skin syndrome".

Re:How about a C4 "Deadman" Switch

It occurs to me that I completely missed the "tracking" aspect of your question when I proposed the above solution. Good thing that's the easy part! All you have to do is watch the local news about a day or two after your laptop is stolen. I'm sure you'll hear all about it...

You're welcome!

Re:How about a C4 "Deadman" Switch

[isorox]

You're a slashdot guy, so you must be pretty talented.

LOL!

That assertion turned false way before Hemos left, let alone Taco.

no password??

[MooseTick]

Unless you set it to automatically login with no password, the thief will never be able to boot it up to allow your tracking software to work.

Re:no password??

[fnj]

Dude! Booting up has nothing whatsoever to do with anyone being logged it. You put the script in rc.local, or whatever the hell serves the purpose in systemd, or make it a service, or easiest of all, just a cron job.

Jeeze, services will even start in Windows and Mac without anybody being logged in.

Simple solution

[PPH]

Put a Windows 8 sticker on it. Nobody will touch it.

Re:Simple solution

[danomac]

And make sure it's a bright pink laptop. People will pay you to take it back!

PREY

[Jeremiah+Cornelius]

Prey is great. It is more effective than "Find My Mac" and runs on may platforms, including most Linuces. :-) Android, MacOS and iOS - besides teh usual vanilla from Redmond.

http://preyproject.com/

From the FAQ:

Can Prey be removed by a thief?

Not unless he has your administrative password.

And what if he formats the computer?

That's a different story. We encourage you to add a BIOS password and disable booting from removable devices on your PC, so that the thief will be forced to boot into the previous installation and thus, not be able to format your hard disk easily.

If you have a Mac, there's a firmware password utility on your Tiger/Leopard Mac OS installation DVD (look for it in in Applications/Utilities). On OSX Lion you'll find the utility by booting from the recovery partition.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Don't waste time and money

[Ravaldy]

My best advice is don't waste time and money trying to track it. Try to avoid theft in the first place. Leave your laptop unattended and it will get stolen. The value you put in the laptop is probably not worth the cost of tracking it. You may as well add it to your current insurance. It will cost less and will pay for a replacement if ever it's stolen.

Why?

[jkflying]

Truth is, law enforcement isn't going to take you seriously if you say you have tracked down your laptop. Rather just get it insured and have your files backed up somewhere else.

how about a big, heavy logging chain?

[swschrad]

weld one end to your desk, and the other end to... oh... a wimpy little Kensington clip. hmm. just like software tools. looks tough, acts muff.

Re:how about a big, heavy logging chain?

[Capt.DrumkenBum]

Have you ever tried to cut away one of those wimpy little Kensington clips? I had to do it once. It took forever, and the heat generated melted the plastic on the side of the laptop. CFO lost her key.
That wimpy little Kensington clip is tougher than it looks.

Ebcrypt & reward

Encrypt the drive and create a boot splash screen background with contact info and a reward. Most thieves are oppertuneistic.

The Easy Solution

[hyades1]

Clearly identify it as a Ubuntu laptop. Your average, low-level thief is notoriously unwilling to steal things that are rare and unpopular.

Toss Ubunta

[fast+turtle]

First off, toss Ubunta and use Debian. Same features and much easier to find stuff that works. If you're feeling adventurous, I'd suggest going with Gentoo instead due to optimization and use flags. Simply put, you can save lots of space along with wear by configuring the installation your way. I know someone's going to chime in about Gentoo Ricers but that's not the advantage Gentoo offers in this case. Simply put, You Chose the optimizations used on your system. "Os" is best for laptops as it includes most of the O2 performance features while sticking with a smaller footprint and use flags allow you to decide what features get compiled into the apps. Simply put, why install Gnome/KDE if you don't need them? This doesn't mean various apps can't be installed. For example, I've got a mix of GTK/QT apps - Firefox, Libre Office, QTWriter (notetab plus clone) along with Filezilla (GTK based) and all of them use Fluxbox as the WM (there are many choices).

One thing I'd suggest is to use FDE (full disk encryption) and debian makes that pretty damn easy and get some of the new 32GB flash drives for backup use (critical files) because it's very likely it'll be stolen and the chances of recovery are miniscul to none - reason for the FDE use. Simply put, consider a stolen laptop to be a complete loss and plan around that as you really wont get it back and the cops have more important things to deal with.

Re:Toss Ubunta

[TeknoHog]

First of all, I have used Gentoo since 2003 on all my machines.

"Os" is best for laptops as it includes most of the O2 performance features while sticking with a smaller footprint

I use -Os on my Buffalo NAS. The first one had 128 MB of RAM, and the current one has 256 MB, so they're not even considered embedded systems, but I still find them a little memory starved for some uses. But laptops? They are not exactly memory starved these days, and the binary size has little to do with overall footprint anyway.

(Seriously, people, I've wondered since about 1997 why you consider mechanically smaller machines somehow inferior. I do most of my so-called work on a laptop, and I have a nice Thinkpad with 8 GB of memory, which is more than any other of my machines. It also has the strongest CPU; the other machines have 'mobile' CPUs on 'desktop' motherboards, because I don't want to waste power just because it's plugged in.)

and use flags allow you to decide what features get compiled into the apps. Simply put, why install Gnome/KDE if you don't need them? This doesn't mean various apps can't be installed. For example, I've got a mix of GTK/QT apps - Firefox, Libre Office, QTWriter (notetab plus clone) along with Filezilla (GTK based) and all of them use Fluxbox as the WM (there are many choices).

This is a good point, but nothing specific to laptops or Gentoo. I use Fluxbox without a panel, because I want to see the application I use and nothing more. Virtual desktops are essential for this -- you focus on one thing at a time.

(Continuing on the more general rant, I think the whole point of computers is that they can deal with much more information than what can be immediately perceived. The so-called user-friendly interfaces try to show all possible choices at once, but it will look messy no matter how you put it. At the moment, I have a few machines compiling stuff and running various other processes -- I don't need a constant reminder of that, they can run fine on their own. Logically, the same goes for other processes on this machine.)

or have some fun

[cellocgw]

This only works if you can act quickly after it's been stolen.
First, open the case. Place a block of C4 in some free area, with a detonator attached to the internal USB bus. Close the case. Remember to write down the secret code for the detonator as well as your machine's IPaddress.
When machine is stolen, send the code. Great hilarity ensues.

Re:or have some fun

[cellocgw]

Doggone it -- AC ninja'd my C4 idea. Now I gotta race him to the patent office.

Re:or have some fun

[hobarrera]

Actually, you could make sure it's always in proximity with your cell phone and detonate if the signal (bluetooth?) is lost for too many minutes.
Just remember to always bring your laptop with you (or leave you cell phone behind if you leave your laptop).

Tracking, then what?

[Kjella]

Chances are you'll need the police to actually recover anything, if all you have is an IP the ISP won't give you the time of day. If they're just using it from the wifi at the local coffee shop it'll be a dead end. Even a GPS location isn't all that good if it leads to an apartment building. For every case in the media I hear about anyone making a successful recovery it's probably ten where they just can't be arsed or it just fizzles. I'd say this is a case where an ounce of prevention is worth a pound of cure, lock it down, keep it in sight and put your time and effort towards it not getting stolen in the first place.

Use aremote linux desktop server

[Heddahenrik]

Don't have data that needs contant backup and protection on the laptop, but edit the files on your home/office computer via ssh or even better a remote Linux desktop server which is quite handy and it works fine if you're just writing text remotely and have 2Mbit Internet speed. ThinLinc and No Machine for example; they aren't open source, but free for small users.

why all these overengineered solutions?

It's simple,

1. buy such a cheep thing: http://www.ebay.com/itm/360690992346
2. strip plastic case
3. insert into laptop-case (there should be enough space... maybe remove mini-pci-e card)
4. piggyback 5V from usb-port ...
profit!

Re:Use aremote linux desktop server

[JustNiz]

He's asking about how he can protect his exisitng equipment that represents a significant invenstment, not what he coulda/shoulda done before he made it.

Re:Thieves are generally not very bright...

[geminidomino]

Unless they start it up and are greeted with a LinuxMint login screen.

Easy!

[capebretonsux]

Just set up your laptop to post crap about bombs, etc, if you don't reset a timer after a period of time. The NSA will find it for you right quick!

Linux bigot says why buy pre-installed w/ Ubuntu?

[Fitch]

The best feel-good elixir you can acquire for your shiny new toy is to be aware of how much your deductible is for your homeowners / renters insurance, and encrypt any sensitive information. Anyone serious enough to steal a laptop knows a guy who knows a guy that can re-install a bootleg OS on one simply for the purpose of fencing it. If it does get stolen, you've only got a 50/50 chance the theif will NOT be smart enough to wipe it before connecting to the internet, so laptop lo-jack systems that run on top of the OS are a joke at best.

-5 pts for not purchasing it (cheaper) with windows pre-installed and then wiping the partition to install Ubuntu (or whatever your favorite distro is) yourself. Seriously, you're posting on /. Now I remember why I wanted to petition CmdrTaco to make attribution in some GNU project a prerequisite for membership here...

The real problem

[chuckugly]

The real problem is that no one (practically) is gonna steal your PC and then use Linux, the first thing they are gonna do is install windows 7, probably a pirated version, or maybe XP.

Hardware solution Auduino + GPS+ SMS

[hibble]

Whilst not necessary cost effective as a demo for our IT department we hid a 'Geogram One' arduino device in a laptop. runs off usb power so works whenever the theft powers on the laptop. GPS antenna is hidden in the screen you can get the location by sending a 'Text Message' to the device and it responds with the co-ordinates.

1. laptop stolen
2. IT department sends sms/textmesage with password and instruction to hidden device
3. when laptop is next powered on it starts periodically sending sms messages with location to within 2-4m in our tests.
4. ring cops with location.

will survive any hard drive swap or format and with the corect epoxy if they find it they will atleast brick the laptop in the process as it takes the smd components with it.

downside is time to install and price. also ultrabooks have little space to hide it but any larger laptop you can often find a spot.

solder in a tracking solution.

[gl4ss]

For it to work though you would need to have it on a separate installation you can boot without password.

if he wants a tracking solution he should solder in a tracking solution.

more than that, even if he knew where the thief was.. THE FUCK WOULD HE DO ABOUT IT??#1= short of the thief being his cousin, he's not going to go front some hoodlums in da hood - nor would the police give a shit about it unless you get your billion dollar ceo to call the police and lie that it's worth millions.

who knows?

[SuperTechnoNerd]

Just call the NSA. They will find it for you.

Plumpergeddon

[Flere+Imsaho]

Slightly off topic, but I think plumpergeddon http://plumpergeddon.tumblr.com/ deserves a mention in this thread :-)

Dogma corrupts the mind.

[hessian]

Because closed source is obscure. And security by obscurity is a fallacy.

Any time dogma takes precedence over reality, you're going to fall like the Soviet Union.

Just label it clearly: Linux inside

[the+agent+man]

Then most people will not care to steel it.