Prey: Open source theft recovery

Posted Jul 8, 2011 9:11 UTC (Fri) by dsommers (subscriber, #55274)
In reply to: Prey: Open source theft recovery by alex
Parent article: Prey: Open source theft recovery

There are two types of thieves, clever ones and stupid ones. It's amazing how many there are of the latter ones.

What if an extended grub boot loader would do dhcp and phone home ... then if missing, it would boot up a special "fake" OS installation, which would harvest the needed info and the thief itself would believe it was a "good" theft - and s/he might miss the encrypted harddrive. This "fake" OS could even be instructed to wipe the encrypted drive(s), all based on the initial grub call.

Of course, the challenge is how to tackle wireless networks, where some require authentication, some networks are hidden/no ESSID broadcast ... and when the rightful owner tries to boot the laptop on a plane, where there are no networking available, what to do here?

Anti-theft, not impossible, but darn hard to do without a secure and non-interactive way of communication to the "controller", which, ideally, is activated before BIOS passwords are entered.

Prey: Open source theft recovery

Posted Jul 8, 2011 12:16 UTC (Fri) by ndye (guest, #9947) [Link]

could even be instructed to wipe the encrypted drive(s), all based on the initial grub call

Here I suggest a number of grace reboots before wiping the owner's data, supporting the next suggestion.

the challenge is how to tackle wireless networks, where some require authentication, some networks are hidden/no ESSID broadcast ... and when the rightful owner tries to boot the laptop on a plane, where there are no networking available

How about a special, hidden key sequence (controlled by the owner) that opens a backdoor in the "fake" OS, to authenticate the owner when phone-home fails?