LapCop: Tracking down a Stolen Computer
Near the end of last year, I stod in front of my gate and saw that the front door was open: the mosquito sceeen was on the floor. I thought that I had forgotten to lock the door and that the dog had nudged it open. As if to confirm this, she was lying at the entrance, her ears in the "submit" mode, with an expression that read, "I know I am going to get blamed for this."
It looked as if she had made a serious search of the premises -- perhaps a mouse? But then I saw that the video player was missing; and then a whole lot more. I rushed up to my office and breathed a sigh of relief: the iMac and the peripherals were still in the room but the stereo was missing. The police came: great on recording but poor on detection. Later, I did find out from other sources who had been responsible; and that the portable items had found new homes via the night market. The main motivators were opportunity, portability and ease of disposal.
Had I lost the computer, I would have been in a difficult situation. All my data is backed up, and I have installers for all the software I use, so (once I could afford another machine) I would be up and running as before. Belatedly I enquired about insurance.
A burglary is one matter, and I have now increased home security, but regular thefts of portable computers occur at locations like airports where the owners may be preoccupied. It takes a moment's inattention and the computer could be on its way to a new owner who may may not know (or care) about what has been lost, in physical or virtual terms. That computer has been lost for ever.
Or perhaps not. It is almost invariable these days that a computer is going to be used for making a connection to the Internet. A program I found recently, LapCop -- for desktops too, despite the name -- makes use of this. On installation, LapCop records details of the computer's current operating parameters with regard to modem and network settings. If any of these change (including telephone numbers), when the computer is connected to the Internet, it sends the recorded computer owner an e-mail.
Installation is not 100% direct. An Assistant (Wizard) leads you through the recording of data; but the writers of LapCop recognise that it is possible to boot up OSX with the Installer disk and change passwords, thus gaining access to Root settings quite easily.
During the LapCop installation, therefore, after entering details about the use and the user, there is an opportunity (as part of the procedure) to access the Apple website to download the Open Firmware Password application. Once set up, this prevents anyone from booting via an externally mounted source -- such as a Firewire drive or a CDROM -- unless a password is entered.
I wondered why this has not been included as part of the operating system. There is some danger in new users starting up everything, especially when the retailers have been the ones to set up the machines in the first place. I have received many tales of woe from those new to OSX who have been left to fend for themselves. I suspect that, with there already being some levels of protection, Apple wanted to leave decisions about this additional lock in users' hands.
Once the Open Firmware Password application is configured, the LapCop Assistant takes over again and the job is done in a few seconds. LapCop recommends that disk image files for both the LapCop installer and the Open Firmware password installer are dumped. As these files are only about 400KB each, this is not a problem: a legitimate user does not need them again unless the disk is initialised.I had an opportunity to test the program within a couple of days when I moved the iMac to work for the last of the OSX labs. Instead of using my modem and a dialup connection to my ISP, the students connected the computer to the outside world via the University network.
At 10.55 am the computer sent me an e-mail. I can find no record of this transmission; but I received it the next time I checked for mail, just after lunch. The subject was "Your Mac has been located" and the tenor of the message was that, You can ignore this e-mail if you know about it, but the computer is working somewhere else from normal.
Details include the serial number of the computer (entered automatically), the router IP address, and the internal IP address. These details would be a good start for law enforcement. The message contains a link so that the company can assist with any locating enquiries.
In my case, I was sitting in front of the iMac when the message arrived; and this time the computer was not in someone else's hands. You may lose the computer at the airport, but there is something sweet about the chance of finding it again (and the merest hint of revenge too).
Information about the Open Firmware Password application is contained in the Apple Knowledge Base at in document number 120095. There is a link on that page to enable a download of the necessary software.
LapCop is available from the website where there are details about the product and about purchasing. The utility costs $25 but there are significant discounts for education purchases: $4 purchase price per machine for orders over 100.
Note: Installing the Open Firmware Password software means that none of the keyboard startup commands are available unless you access the PRAM settings, and only then with a password. For legitimate owners this should only cause a slight delay.
For further information, e-mail to Graham K. Rogers.
Back to homepage