Ask Slashdot: Good Tracking Solutions For Linux Laptop?

First time accepted submitter WillHPower writes "So I have ordered a new Ubuntu-powered laptop. I spent some extra bucks on lots of RAM and a good sized solid state drive. After putting money into it, I'd like to find a way to track this laptop in case it's ever stolen. Are there any good tracking software/services the run on Linux laptops? Also, are there any other techniques besides tracking for dealing with a lost or stolen laptop that I should consider?"

No

No, there's no good Linux HW tracking software. Why? Cause there's no good software for other platforms either. It's all "make-you-feel-good-software" which doesn't survive a simple OS reinstallation...

Re:No

[schnell]

No, there's no good Linux HW tracking software

Of course there is. You just need to tape a note to the laptop asking the thief to compile and install it after doing a code review to make sure it's trusted, and submitting any code patches necessary back to the developers.

Re:No

[gothzilla]

Sure there is. http://www1.euro.dell.com/content/topics/global.aspx/services/prosupport/computrace?c=uk&l=en&cs=ukbsdr3 Computer will ship with the Laptop Tracking and Recovery software agent and a persistence module embedded in the BIOS. The software agent can survive operating system re-installations, hard drive reformats and even hard drive replacements. When a lost or stolen computer connects to the Internet, the software agent contacts the monitoring center to report the computer’s location. For systems with GPS technology included, Laptop Tracking and Recovery has the ability to capture and report more detailed location information. It also provides the ability to track your laptops as they change hands or move around the organization.

Re:No

[greg1104]

There's a list of where BIOS level Computrace is available on their BIOS compatibility page.

Re:No

[egamma]

Can you point out a free OR open-source implementation of a phone-home BIOS on a laptop? No. No one can, as there ain't one. And a closed-cource security feature is a scam, plain and simple. I'd stay away from laptops that HAVE that feature, even if "deactivated" (how would you know?) by default.

WillHPower did not make FOSS a requirement; why are you making it a requirement? Can you explain why a closed-source security feature must by a scam?

WillHPower wants to get his laptop back if it is stolen. He's not asking for ideological purity. He knows that if his laptop has a tracking device that the tracking data could be used by law enforcement against him. That's what tracking software does; it tracks. That is not a bug, that's a feature, and is actually the feature he wants to have. Apparently he doesn't wear tinfoil; he's not required to. It is his right as a thinking person to choose to be paranoid, or not be paranoid.

The best solution is some form of hardware lo-jack. Maybe a GPS transmitter that can fit in one of the external ports on his laptop, if that isn't built in already.

Theft prevention: label it "Linux Laptop"

[xxxJonBoyxxx]

You're probably better off going with theft protection. Your best bet might be to label it a "Linux Laptop" in big bold letters.

Re:Theft prevention: label it "Linux Laptop"

[54mc]

This is actually not a terrible idea. Kinda along the lines of how people joke that the best anti-theft an American car can have is a clutch.

Prey

http://preyproject.com/

Stop Theft Plates

[kullnd]

I'm a big fan of these - - They deter the actual theft before it happens.

http://www.stoptheft.com/

Here is what you could do:

[stewsters]

Get internal gps. Dual boot with a no-password windows xp account. The thief will have a much higher chance to log into that. Make it spam a home server with its coordinates every second its on and has access to the internet. Encrypt your linux partition. The key is you want the thief not to just wipe it and sell it, they need to power it on.

Insurance

[L4t3r4lu5]

Encrypt the hard drive. Insure against theft. Forget about it if it's stolen.

Re:Insurance

[bill_mcgonigle]

Encrypt the hard drive. Insure against theft. Forget about it if it's stolen.

Right, your data integrity is almost always worth more than the hardware itself. In order to install a tracker, you have to permit the attacker access to your filesystem. Don't do that.

If my laptop is stolen, they'll see a grub screen, and then dracut asking them for a password. I'm SoL on ever seeing it again but I don't have to go explain to clients how their security may have been compromised.

I guess ... you could try to bait them with a Windows boot option in grub. Maybe even make it the default if you think it's really likely that your laptop will be stolen. Install the tracker there, perhaps. One could continue along that train of thought with silent grub options and delays to make a deadman's switch of sorts, that would automatically bring up wireless, connect to any routable AP and send a help packet. Hey, there's an opportunity for the next guy who wants to make a new micro linux distro that does something unique - the more silent, slim, and faster the better. Maybe even a fake Windows splash screen while it's doing its business.

Linux OS likely to be erased offline

[advid.net]

The first thing the theft will do: an offline OS installation.

I bet the stolen Linux laptop will have its OS erased to either to run MS Windows or an other Linux distro.

Re:Disk encryption

[greg1104]

If you encrypt the boot drive properly, it won't boot to anywhere useful without a password. That means you can't use any of the OS-level tracking solutions, because the thief won't be able to boot into the regular OS. If you've let a criminal boot far enough to track them properly, you've really let them get too close to your data.

It sucks in a way that a locked down system can't also phone home easily to find the thief, but realistically that's the trade-off here. I'm willing to write off the cost of a laptop if it's stolen, as long as the thief doesn't also get access to any personal data I have on the drive. Recovering from a case of identity theft costs a lot more than any single device.

CompuTrace

[DigiShaman]

Depending on the laptop (in BIOS), you can use CompuTrace with Dell laptops.

http://www.absolute.com/en/products/absolute-computrace

DDoS

[DougOtto]

Configure it to launch a DDoS against the NSA and FBI if your password isn't entered within 30 seconds of booting.

How about a C4 "Deadman" Switch

You're a slashdot guy, so you must be pretty talented. Open the thing up and find some unused GPIO (or serial port) that you can tap into and hook a small block of C4 and a detonator up to it [1]. Then, create a cron job that runs daily to check that you've been logged in at least once, and if it doesn't it should assume the laptop was stolen and trigger the detonator. No. Wait. Better make the cron job run every 12 hours. You can never be too careful. Just make sure you never sleep in on weekends or leave your house without your laptop.

Next, to be extra safe, you'll want to somehow monitor failed login attempts and trigger the C4 whenever too many happen. Not sure how to do this as I'm a hardware guy myself, but I'm sure you can figure things out on your own or with your frienemy Google. I'd say that allowing one failed login attempt should be a safe threshold, but I'd recommend against allowing any more than that, as you're just asking for trouble. In fact, unless you're some kind of pussy that can't type, you can probably get away without any grace login attempts.

If you were really paranoid, you could try to implement some sort of retina scan or proximity sensor using the built-in webcam, but that's an advanced topic probably better left for some future "Ask Slashdot" post.

[1] If you have sort sort of issue with using C4, maybe you should consider somehow using a thermite charge instead. Less "bang", yes, but definitively more colourful, and would give new meaning to the term "toasted skin syndrome".

Simple solution

[PPH]

Put a Windows 8 sticker on it. Nobody will touch it.

PREY

[Jeremiah+Cornelius]

Prey is great. It is more effective than "Find My Mac" and runs on may platforms, including most Linuces. :-) Android, MacOS and iOS - besides teh usual vanilla from Redmond.

http://preyproject.com/

From the FAQ:

Can Prey be removed by a thief?

Not unless he has your administrative password.

And what if he formats the computer?

That's a different story. We encourage you to add a BIOS password and disable booting from removable devices on your PC, so that the thief will be forced to boot into the previous installation and thus, not be able to format your hard disk easily.

If you have a Mac, there's a firmware password utility on your Tiger/Leopard Mac OS installation DVD (look for it in in Applications/Utilities). On OSX Lion you'll find the utility by booting from the recovery partition.

Re:Just ask the NSA

No, just enter the following URL:

www.nsa.gov/applications/search/index.cfm?q=I lost my laptop could you tell me where it is

I have to admit I was freaked out when the result came back and said, "You're ON your laptop. Stop fucking around, Robert"