An open-source approach to tracking stolen laptops

SEATTLE--Imagine your laptop is stolen.

Set aside for a second the likelihood that if it was you wouldn't be able to read this story and think instead about how you might go about tracking it down.

There are existing services, such as LoJack, that are designed to help find purloined laptops by identifying the IP addresses where they are subsequently used and through other assorted methods.

(Credit: Adeona, a project being run out of the Computer Science department at the University of Washington, aims to give people a way to track stolen laptops while also providing the kind of privacy that commercial services may not offer.)

But according to a team of computer scientists at the University of Washington, the price you pay for utilizing such services is a loss of privacy--as well as a reliance on a corporate third party to take care of you.

That's why the team has come up with its own alternative, which it is calling Adeona, the name for the Roman goddess of safe returns.

The idea behind Adeona, according to Tadayoshi Kohno and Gabriel Maganis, who gave a talk about the project at the Gnomedex conference here Saturday, is to give people a method for safeguarding their laptops that relies neither on proprietary commercial software nor the centralized servers of the companies that provide such software.

Adeona, they said, is the world's first free, open-source laptop-tracking system, and one that can be installed by users themselves, and which doesn't require a corporate intermediary.

The team is also developing a version of its software for iPhones, though it isn't ready for public use yet.

To Kohno, the danger associated with commercial laptop-tracking services is that it's never possible to know for sure that someone at a company that makes such software wouldn't exploit the company's possession of your personal information--and access to what's on your laptop--for personal gain. Or, he said, that information could be subpoenaed in court cases.

To be sure, it's a very unlikely scenario, but Kohno--the faculty leader of the Adeona project--pointed out several recent instances where companies in possession of people's personal information were either forced to give it up in court, or where it was stolen by employees.

With Adeona, however, a user needs only install a piece of free, downloadable, software on their computer, and then make sure to make a copy of a credential key that the software provides and that they must keep on, say, a thumb drive, and which is required to track the laptop if it's stolen.

In essence, Adeona works very much like services like LoJack. But because the tracking doesn't go through central servers, Kohno suggested that there is more privacy and less reliance on corporate middlemen.

To be sure, the information you can get from Adeona if your computer does end up stolen will not necessarily lead you directly to it. It would most likely still take a bit of sleuthing, Kohno suggested.

But the software does use several different methods for laptop tracking, some of which might offer quick recovery.

The simplest is that it can broadcast the IP address where the computer is used, and the owner can use that information to contact law enforcement to help find the specific location.

Additionally, if the laptop is a Mac--at least one with a built-in camera--the software directs the camera to take a picture every 30 seconds or so. This means that the owner--if he or she has the credential key required to communicate with the laptop--can get pictures of whoever is using it. In some cases, they might recognize the person if, say, it was stolen by a neighbor, a co-worker, or someone else they know.

It also can sniff the SSID of the wireless network the thief is on, something that could be useful in tracking down the location of the computer.

Of course, the utility of Adeona, and any other laptop tracking software, for that matter, relies on the thief not being sufficiently tech-savvy that they can discover it and uninstall it. Further, as a FAQ on the Adeona site points out, the software can be abused by the owner to track, say, what a girlfriend or boyfriend is doing with the computer.

But in most cases, users who are wary of trusting their privacy to corporations may find that software like Adeona gives them an alternative they like.

My sense is that this software isn't for everyone and that it would require more knowledge of technology than the average laptop owner. But for those who have the requisite understanding, it might provide some comfort to know that they can turn to open-source software that doesn't require going through anyone else's servers.

Plus, you get the benefit of being protected by a Roman goddess. And when is that not a good thing?

[The_Decider]

So how exactly does that key translate to any possible IP address that the laptop could be using?

The stolen laptop would have to know it is stolen to "broadcast" its IP and good luck broadcasting the IP address to where the person who lost the laptop is currently connected. Even on a campus network, the laptop won't likely be able to broadcast across the entire network. If thief and victim are on separate networks? Yeah, right.

You didn't post enough details to know for sure, but this sounds more like a feel good measure that will only work if the thief is a total moron and that the planets align just at the right time.

[Demolition]

According to the FAQ on their website, the tracking client automatically broadcasts an update (including internal and external IP addresses, network router names, access point names, photos (for Macs only)) at random intervals. If you suspect that your laptop has been stolen, then you would use the retrieval tools (installed on another computer) to gather the update's information which you would then provide to the police.

Seems fairly straightforward. A few of the commercial tracking products do essentially the same thing. The only difference is that Adeona is decentralized.

[The_Decider]

It is not straightforward at all.

You can't broadcast across the Internet and usually can't across subnets. Where is this "broadcast" going and how does a second computer with the recovery tools get the message?

[dude7895]

You are a moron. If you actually read the faq before posting, it would explain everything. Read before you comment.

[The_Decider]

The morons are those that think this doesn't use a server to track IP addresses like the article says.

There is no way to verify that this is not being used to invade privacy.

Learn to read.

[CloudedGuru]

What they meant by "broadcast", I hope, is not network broadcasting in networking terms. It would likely send its public IP address to a server the user owns or something as simple as email if the user hasn't verified his possession recently. The idea is you'd get regular notices, by email for instance, as to where it was being used.

This is how LoJack works, the difference being that LoJack can be nearly impossible to remove if it was purchased with a new computer. They have integrated LoJack with the BIOS of some new laptops so that it keeps installing itself on new OS installs. This one, being open-source and user installable could be removed by a simple OS reload. ...though in reality you'd hope your thief wasn't computer savvy.

[The_Decider]

You are probably correct, but how does that get around the claim that it doesn't need a server.

[daftkey]

Looking at the technology itself, it seems to be a "hot potato" (is Dan Quayle still around?) approach a'la Gnutella. (OpenDHT). So we have to assume there will be enough OpenDHT clients in use so that your laptop's broadcast signal reaches whatever computer you are currently using.

So the question is - how is more privacy provided by your location data hopping all over the internet instead of at a central server? Even more importantly, can we rely on all the location data hopping around the internet being timely enough to even help you find your computer?

The answer, I guess, is encryption - except that I'm pretty sure encryption is something that close-source programmers know how to do, too.

Is it any surprise that Terdiman attempts to cover his ass from these kinds of questions with the typical "it's not for everyone" disclaimer. So, like many other OSS initiatives that aim to replace already commercially available solutions, it's just for the elite among us with the "requisite understanding..of technology". Somehow I don't buy this last statement. We're talking about a security tool that should have some pretty simple configuration and setup. I don't see what kind of "technical understanding" you would need, other than to explain why the tool can't find your laptop as quickly as the central-server-based solutions.

[howard_nyc]

potential blindspot:

NO JOY... if thief does not have your OS level password

NO JOY... if thief does not attach to internet

NO JOY... if thief immediatel reformats harddrive and installs OS onto bare metal

NO JOY... if thief simply tosses laptop in trash (oh sure, there are no knuckleheads that nasty)

[jlkansascity]

Or, if you're running True Crypt you're just out the hardware. The data remains secure. http://www.truecrypt.org/

[The_Decider]

"If you use encryption you are secure" is one of the biggest myths.

It is completely dependent on two things:

1. The True Crypt implementation has no exploitable flaws.

2. The passphrase is sufficiently strong

Otherwise you are not secure at all.

[Alphaman63]

Amazing how most of the above comments are based on ignorance. I've been running Adeona on my Macbook for over a month now, and it's unobtrusive, secure, and continuously on the watch. It does not only record info after the unit's stolen. It encrypts everything it saves on the Internet. It takes photos at random intervals up to an hour apart (not 30 seconds, Dan). It does not "broadcast" the IP of the laptop, but stores it on the encrypted file store in a log file, along with ping and trace info that should help indicate where the laptop is. Only YOU can get that info off the encrypted store.

And any Mac owner who knows anything can easily set up their Mac to prevent the disk from being overwritten through a "reformat ... and install". RTFM, or even easier, boot from your installation DVD.

My only complaint about the software is that it is easy to uninstall. But, before you jump all over the developers, that is for a reason, while the software is still in beta form, and this "feature" is planned on being removed in the near future. You still need to get logged into the computer and be able to su or sudo to a priv'd account.

Overall, Adeona is at least equal to, if not better, than the commercial versions of the software out there. I do wish that people who didn't know what they were talking about would LEARN ABOUT and INVESTIGATE the software before making outlandish and irresponsible comments about a very useful program. At least read the FAQ on the UW site. Yeesh, people...

[daftkey]

(I prefer to call it a deep charcoal, myself, Pot, but thanks for noticing).

Okay, so you have anecdotal evidence on your laptop that it is tracking.. "something". You still haven't answered the biggest question that us ignorant nitwits have asked - how does the location of the laptop, and all those pictures, get back to the owner after it's stolen? There isn't exactly a magic internet out there for data to flow through without servers of some sort getting involved, though you and Terdiman wants us to think this. (yes, it's encrypted on "the internet" - so what's the internet, genius?)

Any Mac owner that knows enough to prevent booting from a system DVD (and no, it's not as straightforward as you think) also knows how easy it is to get around this "fix". There is a built-in reset on all Macs with this capability. If you don't know how to use the reset, any Mac authorized technician will be able to do it within about two minutes.

I would guess that your "overall" statement about Adenona comes from the same ignorance that you accuse other commenters here of. That is, of course, unless you have actually used some of the commercial equivalents and had your laptop stolen enough times to render an actual opinion. In that case, please accept my apologies on behalf of all us uninformed morons in this forum who don't read FAQs and accept them at face value.

[Lerianis]

Here is the best way to prevent laptops being stolen: don't leave them alone in the first place and do what I do: have them connected by a chain to my person (the bag is connected, not the laptop itself) and have a lock on the bag so it cannot be open by anyone but you without someone noticing.

Really, as inexpensive as laptops are today..... who would want to steal one, unless it's a super-expensive Alienware one? No one I can think of, not even professional criminals.

[daftkey]

While you're at it - sleep in your car as well. That'll probably prevent it from being stolen. Then you don't have to spend all your time chasing that, too!

Same thing with bikes - make sure you keep it in your bedroom at night. Unless it's a cheap one like laptops are these days - you know, they don't ever get stolen, either!

[AJ Pants]

I agree. Don't let them out of your sight in the first place.

For those lucky enough to be on a Mac, the Firmware Password Utility can be used to render your iBook/Macbook etc completely unusable in the event it does get pinched. Check it out.

[daftkey]

Except for those of us who know the (rather easy) way to reset the EFI to re-allow booting from the system CD. In fact, it is so easy, some users do it by accident when upgrading their system.

[chlimouj]

**sigh**

I wouldn't want Fraus, the Roman goddess of treachery, watching over me.

[jasonschlachter]

in reply to Lerianis...as in expensive as laptops are? Mine personal laptop is $2,500 and I have a work laptop that is worth $3,500...not everyone is a college student with a $500 laptop. Besides, $500 is still a lot of money to say it's not worth protecting.

[Fire Balls]

Lojack while it is in the BIOS can be disabled permanently from the BIOS. Also BIOS passwords are very easy to over write and erase. If the thief is tech savvy at all lojack is a joke. Your best bet is like "jlkansascity" said encrypt your hard drive or sensitive data. You may not get your hardware back but you don't have to worry about your sensitive data getting into the wrong hands. Nothing wrong with having laptop recovery software don't misunderstand me. But it is in no way foolproof and can be disabled much easier then they would like you to believe.

[jwkware]

I thought of a decent Idea, comment and tell me if you think it would work. Take a GPS-like system and put in the laptop. A small one, Like you would bug someones car with. If you could track that GPS, You would know exactly where that laptop is and could go get it. Tell me if you think something like this would work, and why or why not. Thanks, Joe(jwkware)

PS: even tho the GPS would have to have a power source, couldnt there be a Little battery built in for that, and it charges when you charge the actual laptop battery. A gps would not require near as much power.

[jwkware]

I thought of a decent Idea, comment and tell me if you think it would work. Take a GPS-like system and put in the laptop. A small one, Like you would bug someones car with. If you could track that GPS, You would know exactly where that laptop is and could go get it. Tell me if you think something like this would work, and why or why not. Thanks, Joe(jwkware)

PS: even tho the GPS would have to have a power source, couldnt there be a Little battery built in for that, and it charges when you charge the actual laptop battery. A gps would not require near as much power.

[susieart5]

So, can any of you tell me how to retrieve my stolen laptop, without a tracking device having been installed prior to the theft?

[seanlabs]

there's another open source laptop tracker called Prey. I just switched to it from Adeona (now that open dht isn't working) and it works quite well. it works in windows & macs too. the url is preyproject.com by the way