Email	Print Reprint
	add to:
	Del.icio.us Digg Google Furl	Slashdot Y! MyWeb Blink
	TABLE OF CONTENTS Home Tracking

Tracking

Stolen laptops are no longer a lost cause. Today's new LoJack-like tracking software gives victims a real shot at tracking down a misappropriated notebook.

Tracking involves adding software to the laptop that will, once a day or so, check with an Internet server while the machine is on-line. Since most notebooks are on-line in some capacity, why not add software that can -- in the background and unknown to the user -- check with a server once a day or so? If the machine is reported stolen, the next time it checks with the server, the machine will find special instructions to follow. Usually, the machine will be told to send out pings every few minutes so its physical location can be tracked. Then the local police can be notified.

Absolute Software of Vancouver, B.C., has the patent on this concept. Its Computrace service is worth the price. High-end pricing for the full service peaks at $128.95 for three years. For a cheaper alternative, the company's LoJack for Laptops consumer product costs $49.99 for one year.

You'd think a clever thief could format the hard disk and reload the operating system, effectively erasing the software that allows tracking to happen—killing off the phone-home application. (Of course, this assumes the machine was stolen along with its restore disc). In an effort to prevent such activity, Absolute Software has made agreements with leading laptop vendors -- including Hewlett-Packard, Gateway, Dell and Fujitsu -- to put function calls to Computrace software in the BIOS chips of its machines, so that the Computrace functionality will survive restoration.

Absolute Software's principal patent licensee is CyberAngel Security Solutions of Nashville, Tenn., which offers a mix of tracking and encryption. Single-quantity for CyberAngel pricing is $59.95 for one year.

The CyberAngel software creates an encrypted partition on the hard drive. Anyone who boots the system and gives an incorrect password will get access to the system and will appear to have free to use it. Since the thief will assume that no password was enabled, the thief will not be able to see any of the files in the encrypted P: partition, since the OS will simply pretend the partition does not exist. Here's a shot of the before-and-after file directory from a laptop running CyberAngel:

Only by analyzing the disk space allocation display would the thief begin to suspect something was amiss. In the meantime, the machine would be sending tracking pings anytime it found itself on-line. In other words, the system is a honey-pot. With such easy, partial access, the thief will be most likely be using the laptop when the police arrive.

The "Kill Switch"

In some cases, the value of the laptop may be trivial in comparison with the value of the data it holds. In these instances, the owner may have little or no interest in tracking and recovering the physical machine. It's the data they want returned. However, they may also be interested in retaining control over the data on the missing machine. There's actually a way to accomplish that, thanks to technology called a "kill switch." It's analogous to the emergency switch in a race car that automatically turns off the engine in the event of an emergency.

Kill switches are the core of the Lost Data Destruction service offered by Beachhead Solutions of Santa Clara, Calif. As with the tracking service described above, a stolen machine checks with an Internet server at intervals. If the server sees that the laptop is flagged as stolen, the server will launch a pre-determined series of actions, some of which can be quite nasty. Single-user pricing for this service is $129 per year per machine.

As shown in the following illustration, such actions include "secure delete" operations that overwrite (rather than merely erase) sensitive files, in a specified order. Typically, the operation would start by overwriting the file containing the system decryption key. Here's how it looks:

The thief may notice the disk activity and turn it off, but the activity will resume when the system is turned back on. The machine can then go on and pull other tricks, like reformatting the drive and lapsing into eternal-reboot mode.

The kill switch can still work even if the machine never goes on-line again. The machine can decide that it's been stolen based on various parameters, including a suspicious amount of time since it was last turned on, failed log-ons, or signs of tampering. Clever, no?

There is no single technological solution for laptop security. But with encryption, tracking and kill switches, you've got three serious tools for securing your customers' laptops.

---

LAMONT WOOD is a freelance writer in San Antonio, Tex., who has been covering technology for nearly 25 years.

Previous Page | 1 | 2 Tracking

RELATED ARTICLES No Related Articles		TOP 5 ARTICLES No Top Articles.