How to: Track stolen devices

Like if this Guide is helpful
Edit Link Remove
Add up to 3 more photos
Add a caption

Want to find a stolen laptop, tablet or smartphone? We show you how to locate and wipe a missing device.

The more you use your laptop, smartphone or tablet, the more you have to lose. The loss of a machine you rely on for work is taken care of by your insurance, but consider the fact that your email is now in the hands of a stranger – as is your internet history, which probably contains details of where you shop and bank. The worst-case scenario is that your phone or computer will automatically log you in to sites such as Facebook, which is a treasure trove of valuable personal information.

You can protect yourself by adding a password (as we discuss here), but this won’t necessarily protect documents stored locally, nor will it help recover your property any faster. Fortunately, the likelihood is that either your phone or computer will be connected to the internet again – either automatically, or as a careless thief logs on. With the right software, your purloined hardware can seize the opportunity to phone home, delivering a wealth of information that could help you see it again. Alternatively, you can prime a service to destroy everything as soon as it checks into the internet.

Some devices, such as iOS hardware, come with tracking and remote wiping capabilities preinstalled; you only need to activate the service. Others, such as certain Dell Vostro laptops, come with software preinstalled with a year’s subscription to tracking and remote deletion services. If you’re using an Android device, or a laptop without preinstalled anti-theft software, you’ll need to install something yourself.

There are plenty of options out there, including very high-end, expensive options for IT managers with many devices to take care of. For consumers, there are a few high-quality packages that are easy to set up.

For those happy to spend cash, you can opt for a service such as Computrace’s LoJack for Laptops, which will set you back US$29 for a year of coverage. In return, you get the ability to lock your laptop remotely and display an unmovable message on the screen – perhaps your phone number or details of a reward for the safe return of your machine.

Alternatively, you can declare your laptop stolen, which provokes a more dramatic response. LoJack begins capturing screen grabs and logging keystrokes and sends them back to Computrace, where a member of the team begins collating them and sending them to the police. Geolocation data is also gathered and reported. All this is hidden from the owner’s view in the name of giving the relevant police force a single point of contact, and preventing the kind of vigilante action that saw a New Jersey man arrested after assaulting someone he wrongly suspected of stealing his iPhone, after tracking it to the wrong location in May. The result isn’t only location data, but an exceptionally detailed dossier of evidence about the person in control of the laptop.

For those giving their devices up as lost, the final stroke is remotely destroying your data. This won’t put your laptop beyond use, but it will at least mean your documents and internet history are removed. The days of remote data removal being the domain of high-end business-class devices are long gone – Apple’s mobile devices come with data removal built in, and it’s easily added to Android phones. On Windows laptops, LoJack can again be applied, and you can opt to remove your personal data – either folder by folder or wholesale – through another machine’s web browser. LoJack’s deletion doesn’t only move the contents of your My Documents to the Recycle Bin, either: it performs a seven-pass deletion designed to render data utterly unsalvageable.

On some laptops, LoJack is resistant to tampering: absolute  lists a huge number of machines that have Computrace included in their BIOS. Downloading Computrace’s software, such as LoJack, activates the BIOS module, and if it detects that Computrace is missing or disabled, it reinstalls it. On a machine set to be locked or wiped, for instance, even reformatting the hard disk won’t be enough to permanently restore it; the BIOS will perform a quiet reinstallation when the computer is reconnected to a network.

The drawback is that it takes a while for commands issued through LoJack to take effect; we waited almost 12 hours for a lock command to come good, and several hours passed between us issuing a remote wipe command and the erasure of documents beginning. It’s an acceptable delay as long as the person with your laptop doesn’t immediately begin trawling your Documents folder for data. The company also claims that commands issued happen faster once the software has been running for a few days – we treated our test machine as lost immediately.

For those more keen on recovering their hardware than deleting the data on it and giving it up as lost, there are numerous ways to track and trace your kit. Again, iOS devices lead the way, with Find My iPhone (or iPad) included by default. Give the necessary command through, and your phone or iPad – assuming it has a connection to the net – shares its location with you. It’s fast, free and accurate. Android devices (covered next page) require a third-party app, but the effect is the same.

WHERE IN THE WORLD?

Devices with GPS are arguably at an advantage when it comes to geolocation, but it’s possible to get an accurate location fix on any device with a Wi-Fi chip, thanks to Google’s location API, which means you can also locate laptops and non-GPS equipped devices, such as Wi-Fi-only iPads. Google’s geolocation works by mining the data gathered by its Street View cars, which includes the geographical location of wireless basestations.
By comparing the base stations your device can see with Google’s data, you can arrive at a spookily accurate – to a few metres, in some cases – estimate of a location. When used somewhere with fewer wireless networks, reliability decreases somewhat. The other option is to use your device’s IP address. This is the least accurate method: an IP address might be located anywhere in an area up to several miles across. It’s a starting point, but unlikely to help you to recover your kit.

TRACKING YOUR COMPUTER FOR FREE

LoJack isn’t the only option for tracking and recovering your kit. It’s possible to get useful tracking information for free, albeit without Computrace’s impressive team of investigators handling the resulting data and staying on top of the investigation.

In October 2011, Kamil Konzinski from the UK pleaded guilty to receiving stolen goods, after being caught using a laptop that was quietly phoning home every time it was connected to the internet. The laptop’s owner had installed a sliver of software called Prey, which, when activated, creates a hugely detailed report about the state of your laptop.



By default, you get geolocation in longitude and latitude, which can pinpoint your laptop’s location to a few streets, as well as a pair of images. The first is a screen capture of whatever is going on at the time; over time this gives you a decent chance of finding your laptop’s new owner logging into a social networking site, or giving away their email address. The second is a shot quietly captured using your laptop’s webcam. Again, you stand a decent chance of getting a head-on shot of the thief, which you can supply to the police.
The most fully featured way to use Prey is via its control panel, which requires you to register. From the control panel you can mark your device as missing, sound an alarm or lock it remotely, the latter command requiring a password to clear. Alternatively, you can display a customisable message, either warning whoever has your machine that it’s being tracked, or possibly – if you’re in a forgiving mood – offering a reward. The only missing feature is the ability to remotely wipe your documents, although Prey offers the next best thing by supplying a secure mode, which disables access to your email and removes your machine’s saved passwords and browser cookies, preventing access to websites containing personal data.

Prey’s free account allows you to track three machines at once. Each machine will file ten reports containing a location and two images; once ten reports have been generated, the oldest report is deleted to make way for new entries. For those who want to cover more devices or save more reports, Pro accounts are available starting at US$5, covering ten devices.

For users who prefer not to have their laptop report its location to a third-party website, Prey can also be run in standalone mode. You lose features such as the ability to lock your computer or display a distress message, but you still get screen capture, webcam stills and geolocation data, all to your inbox. See “How to set up Prey to track your stolen laptop”, left.

PROTECT YOUR ANDROID DEVICE

There are plenty of options if you’d like to safeguard your Android device from theft, with the Market brimming with apps to protect your handset – including apps from big-name security firms that have been tailored to Google’s OS.

Companies such as BitDefender, Norton and McAfee all offer slick apps with similar theft prevention features, most of which are controlled through web interfaces. Location tracking uses the geolocation components inside your device to pinpoint its exact position on Google Maps, and it’s possible to remotely lock your phone. If it’s turned off, it will hit lockdown as soon as the device is booted again.

There’s a more drastic option common to these apps: the ability to give your phone a factory reset if it’s fallen into the wrong hands or, if you’d like to attract attention, the option to sound a blaring alarm by pressing a button on the software’s website.

Some of these apps go beyond the normal range of features. Kaspersky Mobile Security can encrypt contacts, folders and files to ensure they’re kept safe, and can display a customised message if your phone’s lost or stolen. McAfee WaveSecure will automatically lock the phone if the SIM card is changed.

These apps aren’t cheap. WaveSecure and Kaspersky offer seven-day trials, but you’ll have to cough up money if you’d like to continue using them. Norton, meanwhile, doesn’t let you use its alarm, location and locking features unless you pay for the full version.

Look outside of the big brands and a host of other apps offer better value for money. We’ve seen how impressive the open-source app Prey is on laptops, and its Android version offers more features than the big names – for free.

As well as providing location tracking, phone locking and alarm services, it will also track the IP and MAC information of any networks your phone is accessing. If you suspect your phone is stolen, you can send a text to remotely activate Prey to begin tracking your device. You can also grant the app administrator privileges, ensuring it can’t be uninstalled by more tech-savvy thieves.

Theft Aware 2 is available for a US$15 one-off fee, and has a range of features that will appeal to technical users. As well as offering all the options already mentioned above, it has a few additional tricks up its sleeve. It’s possible to have the phone secretly call another number so you can eavesdrop on a burglar, for instance, and you can change the application’s name and hide the GPS icon so that Theft Aware’s functionality is less conspicuous.

There are further options if you’ve rooted your phone. Theft Aware can be installed to the system partition so it won’t be affected by factory resets, and can be rendered completely invisible, rather than simply hidden (not visible from the app drawer). It’s an impressive range of features but, conversely, it’s also an extremely deep level of integration that might put people off – after all, security apps are dependent on a certain level of trust between developer and user.

PROTECT YOUR IOS DEVICE

Tracking, sending a distress message and remotely wiping an iOS device is a simple job. When you set up your iOS 5 device, you’ll have been asked if you want to turn on “Find My iPhone or iPad”; in the event you said “no”, you’ll find the option in your device’s Settings menu. It won’t work at all if you’re not signed up to Apple’s free iCloud service.

To track a lost device, simply log in to icloud. and head to “Find My iPhone”. Your device’s location will be pushed to you and, thanks to Wi-Fi geolocation, even GPS-less devices such as Wi-Fi iPads and iPods can be found, as long as they’re attached to an internet-connected basestation. With your device located on the map, click the blue Information icon for more options, including pushing a message to your device, locking it remotely (with a PIN code) or, the nuclear option, wiping it remotely.

The service is obviously most effective on iPhones, which have a persistent connection to the internet without needing to be logged into a wireless network and, of course, won’t work at all if your device is wiped and paired with a new iTunes account. Your chances of effectively sparing your blushes or finding your device are greater the faster you act.

Step 1: Go to preyproject. and click Download. Prey has two options: a standard install where the tracking data is held on its servers, or a Standalone mode where it isn’t. We’re doing the latter. Follow the wizard, but change the installation location to something more cryptic than the default C:\Prey to deter savvy thieves

Step 2: You report your laptop stolen to Prey by removing a file from your web server, which you need to create first. Open Notepad, and click File|Save As. Type the name of your choice and add the “.html” suffix. If the address returns a “404 Not Found” error, Prey will leap into action..

Step 3: Choose an email address to send theft reports to. If your email is downloaded by a local application – Outlook, say – a thief could intercept it, so choose an address that’s accessible only by you, via webmail – and preferably whose details aren’t stored in your browser. Gmail and Windows Live Mail both offer free SMTP access.

Step 4: Upload your blank HTML file to your web space (most ISPs provide some free web space) and make a note of the URL. In Prey’s control panel, choose “Set up reporting method”, click Next, then choose Prey Standalone. If your SMTP server requires a specific port, append the port number after the server address and a colon.

Step 5: There are other useful settings, such as the ability to order your laptop to connect to any available Wi-Fi network – useful if a thief dodges tracking software by remaining disconnected. Once you’re happy, click Apply. To track a stolen laptop, remove the HTML file you uploaded in step 2. Prey will then start emailing location details.

Step 6:  Being open source, it’s easy to track what’s gone wrong if Prey fails to work. In the application folder, you’ll find a file called prey.txt – a running commentary of when Prey checks the HTML file. If there’s an error – problems accessing the SMTP server, for instance – details will be here. Head to the community support pages for help.









Have something to share, create your own Guide... Write a Guide
Explore more Guides