Prey, may help you to recover you lost or stolen laptop. http://preyproject.com/
Interesting idea, Glenn, I wonder what sort of success rate they have?
No idea, but it could be used by big companies, if they develop it correctly.
Being open source and free, would anyone be able to look at the code and come up with a way of activating the software when the owner isn't aware?! Not the best for security!
it's a shame these sort of things don't work when using drive encryption :(
Quote from: Lance on Sep 30, 2009, 23:06:24
Being open source and free, would anyone be able to look at the code and come up with a way of activating the software when the owner isn't aware?! Not the best for security!
The fact that it is free (as in freedom not just as in cost) is the reason this is less likely to be exploited. Because the source can be examined by anyone it's far more likely any such bug would be found and be fed back to the developers to get fixed. I'd much rather the software I run had been publicly examined than rely on a big company to honestly inform me about bugs they might know about. The great thing about the open source model is that you can look at the code if you are able (or pay someone else to if you can't) and answer your question. It is in a commercial vendor's interest to keep quiet about any problem they can't fix that would make customers think badly of the product.
I believe with Prey you can choose your own activation mechanism, such as making it look at your blog and look for the word "Rumplestiltskin" in it. If someone steals your machine you just write a blog entry with the magic word in it and wait for the machine to phone home. IMO that is far less likely to be abusable than a product like Dell's Laptop Recovery package which uses a single method to activate and nobody outside the company that wrote it has ever been allowed to examine it to make sure the code isn't a complete crock. If someone has sufficient acccess to your machine to work out the activation mechanism then they already have everything and know about your security software. Don't get me wrong, this product could be OK but there's no way of independently checking and you have to decide whether you trust the people that wrote it or not. A wise person once said that "security through obscurity isn't real security" (if the only thing stopping someone cracking it is they haven't seen how it works then there is something wrong with how it works and you're dead the first time it leaks.)
Cheers,
Paul.
QuoteIMO that is far less likely to be abusable than a product like Dell's Laptop Recovery package
Laptop security needs to exist in the bios not the os which is what dell's does... Except of course if people are happy having no drive encryption or passwords on their accounts....