Monday, March 30, 2009

Find Your Laptop after It's Filched

Find Your Laptop after Its Filched

Wi-Fi makes it possible to find a stolen laptop with a pin on a map: Last week, I heard a story of a laptop theft that made me sit up. I talked to the victim (still distraught), who had her laptop stolen when a young man in a group of four in a coffeeshop walked up to her and grabbed it. (She grabbed it back once, and he snatched it again.) The four men scattered, and they weren't found. She had, apparently, no backups and no way of locating the stolen item.

The trick here, of course, is that once the horse is out of the barn there's little that you can do. If you plan, you might be able to recover that stolen laptop; reports of recovery are quite encouraging with the right software installed. This dovetails with my interest in Wi-Fi because software makers are starting to pair Skyhook Wireless's Wi-Fi positioning system and software with recovery software.

The basic idea is that you pay a relatively modest one-time fee or yearly subscription fee to have difficult-to-remove software running on your computer at all times. The computer checks in at frequent intervals to see if it's been marked as stolen. Once it has, it activates various recording and transmission modes, sending (depending on the package) anything from Web camera snapshots to IP data. A few packages now offer Wi-Fi positioning info, too. (I wrote an article for the Seattle Times that appeared last Saturday that wasn't focused on the Wi-Fi aspect.)

The assumption lies in most thieves of this kind being technically unsophisticated and having a laptop join a network in order to use it. Some laptops may be set (Windows and Mac OS X have options) to join any available network, too. While this is a security issue when the laptop is in your hands, it's an advantage when it's roaming.

Programs that use Wi-Fi location information that I've tested or use include Undercover (Mac OS X, $49 one-time fee) and MacTrak (Mac OS X, $24.95 per year); there's also Laptop Cop ($49.95 per year, Windows XP/Vista). There are plenty of others, too, mostly for Windows, that lack location scanning. Computrace LoJack for Laptops notably has a BIOS agent preinstalled on many major Wintel brand computers that can be activated and not disabled without BIOS being wiped!

Find Your Laptop after Its Filched

Each package has the same fundamental working methodology, but offers different front-end features. Orbicule's Undercover takes screen shots and Web camera pictures, capturing that along with identifying network data and Wi-Fi scans. If a laptop remains unrecoverable, it goes into a simulated failure mode, and then activates a kind of screaming stolen laptop alarm if the machine is taken into a known Apple repair shop or Apple Store.

Find Your Laptop after Its Filched

GadgetTrak's MacTrak sends information directly to you via email and/or Flickr, uploading Web camera photos and providing network details, as well as a link with the calculated coordinates.

Find Your Laptop after Its Filched

Laptop Cop has a variety of extra, including remote file deletion, remote file retrieval, and full-on capture of everything a thief is doing, including keystrokes. (These options are available in some other Windows packages, too, but not in Undercover nor MacTrak. GadgetTrak plans to add Wi-Fi positioning to its higher-end Windows product at some point.)

Each of these firms works with your local law enforcement agency to provide data; in the case of MacTrak, GadgetTrak is happy to work with police, but you can also take the information the company's software sends you to officers directly.

After a rash of thefts among friends and acquaintances, I've installed recovery software on each of my computers, as well as arranging both local and remote backups.

Alternatives with no software installed: If you haven't installed recovery software, you're not entirely out of luck. Many people now run remote backup software, such as Mozy or CrashPlan, or use synchronized storage like Dropbox, Microsoft Live Sync, or Apple's iDisk. And many of us have email software that regularly and automatically checks for messages.

In all of those cases, the current IP address of the computer is recorded whenever a request is made. With your account information in hand, you may be able to log in directly to one of the services, and retrieve the IP address. Or, you can call the company or use customer support to get this information as long as you're the valid account holder. Some firms may require law enforcement to contact them directly.

Police can take an IP address, use that to determine the Internet service provider at which that address is located, and then get the street address that corresponded at that point in time (IP addresses are sometimes reassigned when a modem is rebooted or over time). A warrant may be required.

If you have remote backup software installed, you might get the benefit of having files backed up even if your machine can't be recovered. My friend David Blatner wrote up his own laptop-theft article after his machine was stolen. He had CrashPlan running, and the thieves reconnected to a network after taking his machine, and this gapped much of the difference between a month-old local backup he had made and what was on the stolen machine.

In an oddball case last year, an Apple Store employee who had the remote access software Back to My Mac installed, which allows remote screen-sharing and file transfer, was able to snap shots of a thief and transfer photos he and a collaborator had put onto her computer. That was a sort of one-in-a-million shot.




Ekehau Releases Free Wi-Fi Heatmap Software
Wee-Fi: Green Wi-Fi, Gogo Mobile Price, Ruckus Enterprise, Apple Firmware Update
Phish lands another keeper in reunion
(AP)