Contingency plan if computer stolen

Discussion in 'other security issues & news' started by FileShredder, Feb 21, 2011.

Thread Status:
Not open for further replies.
  1. FileShredder

    FileShredder Registered Member

    Joined:
    Jan 3, 2011
    Posts:
    28
    This has been puzzling me for a while. Is there some form of software that I can put on my computer that could be used as a "trap" if my computer was stolen? Perhaps keylogging software, that might give me an idea as to the thief's identity, that sort of idea?
     
  2. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
  3. x942

    x942 Guest

    Google for Prey it is open source and free and does everything computrace does. Honestly though 99.9% of thiefs will do 1 or 2 things:
    1) boot from usb grab all of you personal data and wipe the HDD

    or

    2) Just wipe the HDD and reinstall windows/linux/mac. Unless you tag it with a GPS device it would be to easy to disable.

    My advice just encrypt the HDD with TrueCrypt or PGP to keep them out of your data and then get it marked with those Microdots or even a GPS if you can afford it.
     
  4. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi,
    Lojack will not be removed by a disk format or physical substitution.
    A part of its code is embedded in the Bios, and another one in an hidden area on the disk.
    I've studied it but I'm on the right side, and will not give here more career opportunities for bad guys.

    I have two Toshiba laptop, and i never get a theft problem.
    A good first step is best practises, and example of policy can be found on this pdf (rename "a" to "f" on the next extension link):

    https://policies.auckland.ac.nz/policies/Policies/policy-display-register/laptop-security-policy.pda

    The main problem for choosing a theft prevention solution is "who will stole your laptop?", a moron or a high skilled hacker?
    In case of skilled person, backdooring your computer will not help.
    The Intel theft solution, combined with Computrace one is certainly one of the most interesting solution, but unfortunately paid and devoted to Pro laptops (http://www.intel.com/technology/anti-theft/laptops/index.htm ).
    Anyway, there's still software free solution which can't be -off course- the panacea:
    Prey as mentioned by X942: http://preyproject.com/
    Adeona (has not been updated since a long time): http://adeona.cs.washington.edu/
    LAlarm: http://www.lalarm.com/en/LAlarm_Laptop_Alarm.htm

    But i guess that it's better to invest a few dollars or euros in a laptop locking physical solution.
    Anyway i have my own private solution on the attached image, but this one is certainly more effective:)

    http://3.bp.blogspot.com/_xwE0rBDpg...bhwMnfn07t4/s1600-h/mad-looking-dog-photo.jpg

    Rgds
     

    Attached Files:

  5. Someheresomethere

    Someheresomethere Registered Member

    Joined:
    Feb 17, 2011
    Posts:
    71
    The cheapest solution would be to password-protect the BIOS, install a tracing program and enable a guest account.
     
  6. FileShredder

    FileShredder Registered Member

    Joined:
    Jan 3, 2011
    Posts:
    28
    Thank you, I tried out Prey yesterday, marked my computer as "missing" and got a screenshot, IP, MAC address, and a map location accurate to the same street I am on, all in 10 minutes.

    This seems good, but I believe it can easily be uninstalled from the computer?
     
  7. x942

    x942 Guest

    kareldjag: That works if you buy a laptop with lojack built in. Plus even with that I still recomend FDE to prevent a thief from stealling your personal data. In all honesty a thief will go after your data first as it will be more valuable than the laptop. Once he/she cannot access it than they will wipe and sell the laptop. Lojack works great in that case but too bad it isn't standard in more laptops. I do believe they can flash it for you not sure on that though.
    EDIT: I should emphise that this is MY opinion and it may be different then yours. Sorry if that response came accross wrong.

    Glad you like it That is what I use. My setup is this
    Windows 7 Encrypted with TrueCrypt Boot loader on SD Card
    Ubuntu 10.10 installed with no password. and prey running

    Grub boots Ubuntu and a script creates files and changes timestamps to make it look used. This helps keep the thief occupied. Now prey is running in the background and they have no way of knowing that the other partition is encrypted or wiped. This has worked for me in the past but none-the-less a profesional thief would wipe it or use a boot disk so hardware lojack is better.
    In order to acces Windows 7 I need to boot off my SD Card and enter my password.
     
    Last edited by a moderator: Feb 22, 2011
  8. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi,

    More seriously: any software based solution is a dead end: with the beginning of physical access to the computer, this is the end of security.
    Due to its stealth and persistence features, Lojack has been accused of being a rootkit (IT IS NOT) by the Coresecurity team.
    As i said previously, formatting or changing the disk will not affect it, read carefully:
    http://www.docstoc.com/docs/22503385/LoJack-for-Laptops

    Storing his important data on his laptop is not serious, make backup on external hardrive and on an online and trusted service.
    By this way less reason to worry.
    Of course there is various way to make the thief job much more difficult: Bios and disk password protection, encryption, hidden OS, removing or locking CD Rom and USB devices etc.
    But since we never know in advance who will stole the laptop, we can't be sure of the right preventive solutions.

    Even if lockpicking can be effective against some models, i would personally more interested in investing in laptop locking physical solutions (example: http://www.securitysolutions.ca/main.php?p=product-laptop ).

    The main problem in security, is that: attack is often in advance in comparison to defense because she has the PRIVILEGE of SURPRISE: who, why, when, how?
    Endless story...

    Rgds
     
  9. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi Someheresomethere
    Pulling the reset battery, will kill the BIOS Password :shifty:

    Take Care
    TheQuest :cool:
     
  10. katio

    katio Guest


    Not in most laptops these days. The password is stored in non-volatile memory.
    To reset it you have to be really good with soldering and electronics and I'm not even sure if that suffices...

    BIOS and HDD passwords are actually the hardest nuts to crack. Anything else is software based and a simple format of the hdd will get rid of it.

    Anti theft software is becoming mainstream so I wouldn't count on it that your would-be theft hasn't yet heard of it and doesn't know how to circumvent it.
     
  11. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi katio

    Thank you for the info, learning something new all the time. :)

    Take Care
    TheQuest :cool:
     
  12. x942

    x942 Guest

    I fully agree with this post with one exception: Encryption is one lock that won't be broken any time soon if a strong password is used and not left anywhere. The other thing is there cannot be any backdoors in the software, any recovery methods, or weak hashing algorithms. If none of those problems are present then Encryption stands unbreakable. (with AES, Serpent). AES-256 BIT would take a petaflop processor 3 x 10^23 years to crack. not to mention the INSANE power consumption need to crack 1 key. I do agree with the rest though any thief would "defeat" this by simply formatting the HDD. Sadly software sucks in this regard maybe a HDD which can be locked in such a way that formatting cannot be done by normal means. That would be cool :D
     
Loading...
Thread Status:
Not open for further replies.