LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Prey: Open source theft recovery

Prey: Open source theft recovery

Posted Jul 7, 2011 9:05 UTC (Thu) by pcampe (guest, #28223)
Parent article: Prey: Open source theft recovery

Maybe I've read it too fast, but I don't find an answer to the fundamental question: how this anti-theft system avoids being deactivated by the thief?

From the point of view of the thief, this software is a trojan, and so the very first thing that (s)he has to do is disable it: if such only requires rm-ing some bash scripts it's a way too easy.

(Log in to post comments)

Prey: Open source theft recovery

Posted Jul 7, 2011 9:33 UTC (Thu) by akumria (subscriber, #7773) [Link]

Or, just as simple, ensure that the target domain never resolves to anything useful.

Prey: Open source theft recovery

Posted Jul 7, 2011 10:26 UTC (Thu) by pcampe (guest, #28223) [Link]

Title: Prey disabling howto

1. rm -f usual_path_of_prey/usual_file_1
2. rm -f usual_path_of_prey/usual_file_2

It's also true that, before issuing 1. and 2., the system is up and running, and so there is a small window of opportunity for Prey to call the target domain and downloading instructions (if there is some network connectivity, and it's a big if) but it's not bullet-proof; so it seems to me that some kind of obfuscating executables is worth of; am I missing something?

Prey: Open source theft recovery

Posted Jul 7, 2011 19:55 UTC (Thu) by n8willis (editor, #43041) [Link]

That's precisely why Prey takes pains to educate people on the value of disk encryption, password-protected BIOS, and other security measures.

Nate

Prey: Open source theft recovery

Posted Jul 8, 2011 7:55 UTC (Fri) by pcampe (guest, #28223) [Link]

If the hard disk is encrypted, the system won't boot without a legitimate password (that should be in the exclusive knowledge of the owner) and so the phone home anti-theft system won't start.

Prey: Open source theft recovery

Posted Jul 8, 2011 15:16 UTC (Fri) by n8willis (editor, #43041) [Link]

You seem to fundamentally misunderstand what Prey, Adeona, and the proprietary offerings actually are. They are not anti-theft systems.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds