eXclusive: New OS X security software to retrieve a stolen computer and catch the thieves

By Graham K. Rogers

undercover Apple graphic One of the major threats to a laptop user worldwide, is not so much the insecurities and attacks on the machine when online, but the physical threat of the computer being stolen. In Bangkok alone, several have been stolen in the last few months, and there are many tales of travellers -- airports are known high-risk locations -- who have paid for a moment's inattention by the loss of their computers.

Apart from the computer itself, the cost of which can range from 30,000 baht to more than 150,000 (if you have a top-of-line Sony Vaio), there is the loss of data -- personal, identity, company information, term papers, perhaps a thesis -- which may be lost for ever. It is easy to say "Backup your data" (and you should), but sometimes (a business trip for example) new information is created and saved on the journey itself.

In September 2003, I reviewed a smart little OS X utility, Lapcop, that enabled someone who had suffered from computer theft to start the tracking procedure. The utility would "phone home" when not in a recognised location. An e-mail would be sent with computer details, including the current IP number. When a theft had occurred, an Internet service provider (ISP) would be able to use the information and perhaps locate the lost device.

The makers of Lapcop have taken a long, cool look at the process. A new company, Orbicule has been founded and they have come up with "Undercover", an enhanced application for OS X (Tiger). Instead of passively waiting for criminals to provide the tracking information, Undercover pro-actively collects incriminating data and tricks the miscreants into giving themselves (or at least the computer) up.

When Undercover is first installed, the user is sent an Undercover ID number within a few seconds. Mine arrived 10 seconds after I registered. This has to be kept separate from the computer as it is the use of this number that starts the tracking process. I printed one copy and keep that secure in my office, away from home.

Undercover screenshotUndercover is activated by e-mail, fax or phone to the Orbicule monitoring centre. The stolen computer details are entered into their database. As the computer polls the database regularly, this now triggers the recovery process, which is in two parts.

Like Lapcop, IP information will be sent to Orbicule, whichever method is used to connect the computer to the Internet: dialup, ADSL, network, WiFi. Certain screen shots are also captured and these are sent too. Screen images can help in identification of the user, for example with browser use or e-mail. Along with the ISPs, Orbicule works with law enforcement to track down and recover the stolen computer. Although this type of application highlights the risks of theft to a laptop, it works equally well on a desktop computer or even on the Mac mini: thieves haunt airports; burglars visit houses.

All the best managers and tacticians have a Plan B. In this case, if the computer is not tracked down quickly, Undercover begins to simulate hardware failure.

Undercover screenshot Let me emphasise the "simulation" aspect. I was concerned about this and checked with Dr. Peter Schols of Orbicule who told me that he could guarantee that it would not damage or otherwise interfere with a Mac on which Undercover was not activated. He and his team have tested this extensively on OS X installed computers, including Intel-equipped Macs.

With Open Firmware Password installed (and I would recommend this for anyone who cares about their security) it is not possible to start up with a CD, DVD or by using any of the normal startup keystrokes unless a user knows the Open Formware Password. A thief will not be able to wipe the hard disk or remove Undercover (see below).

If the user is unable to effect repairs, the next stop is a repair shop, or perhaps to sell it. The screen will show a message warning the shop that the computer has been stolen; and Orbicule offers a finder's fee. The shop will be able to use databases that exist for reporting computer theft. A sound message is also transmitted: it must be embarrassing for a computer to be shouting to all those around that it has been stolen.

Once Undercover has been installed, instructions for an uninstall need to be requested from the company. As a point of security, it is in our interests as users not to have this done by dragging the application to the Trash. The application is not visible under normal use.

A single-user licence for Undercover is $29.99 although a household licence (5 machines) comes to $44. A student licence is $25 and a volume discount for education is $6 per computer.

Undercover logo

For further information, e-mail to Graham K. Rogers.

To eXtensions, Year One

To eXtensions: 2004-05

To eXtensions, Year Two

To eXtensions, Book Reviews

To Education Page

To Motorcycles Page

Back to homepage