Laptop owners: Hot freakin deal to recover a laptop should it be stolen.

[ALAVergas]

Neavaurichealinkificalbiracation

$29.95

PC PhoneHome is a stealth software application that secretly transmits an "electronic beacon" to an email address of your choice, allowing you to track & locate your computer, anywhere in the world. It sends a message to your designated email address once a day, or every time the computer connects to the Internet and is assigned an IP address. If your computer is lost or stolen, you report the loss to the police and continue to monitor your designated email address. When your stolen computer accesses the Internet by any method, your lost or stolen computer will send you it's IP address information, which can be used to determine the location. PC PhoneHome cannot be removed by unauthorized parties even if they attempt to wipe the computer's hard drive using format or fdisk commands. A special uninstall program is used to remove the software.

As a registered user of PC PhoneHome, you may seek technical service assistance in locating your computer's exact coordinates and alerting the local police to recover it. As a side benefit, other items of your property (like expensive jewelry or your USB microscope) that might have been taken at the same time, may also be recovered.

There are no yearly add-on costs or additional charges beyond the one-time purchase price of the software. This version is for Windows 95/98/ME/NT/2000/XP.



I just ordered it, if its as good as it claims to be I will DEFINITELY refresh this thread, way cheaper than the $140 GPS locator I had installed. The not uninstalling from a hard disk format is totally kick ass (though slightly unsettling at the same time). If anyone else has experience with this or a similar product, please post info on it.

 

[Rufio]

doesn't look too bad....

other similar softwares charge by the year..i like how this is a one time fee.

 

[hamburglar]

how is it possible for the program to stay on your computer even after a reformat? That seems impossible to me, thus making this software bogus. Am I naive?

 

[ALAVergas]

Independent Review

Manufacturer's Website

You can download and use a freeware version of the product, but unlike the purchased product it will not withstand a reformat of the drive. Note that even with the full version of the program you should set BIOS to boot by HARD DISK ONLY, and protect BIOS with a password. Setting a hard disk password is also another simple and free method to protect your PC.

Hamburglar- Yes you're naive but no I can't explain exactly how it works other than to say there are portions of your hard disk that have free space but don't normally allow data storage and are used for data recovery should you need to do it, I imagine it installs on those sections somehow. Speculation, so if someone reads and knows I'm wrong please explain it. I do intend to make the sacrifice of a format to put it to the test. I also intend to install the notebook HD in a standard IDE bracket and see if the program can still send even if installed via adapter into a desktop machine.

 

[VegasF6]

If I wanted to test this software, I would do more than a format, I would boot off of partition magic to look for any hidden partitions, and wipe all partitions first. I would also try an option like this

Zero Filling an ATA (IDE) Drive destroys 100% of the data on the drive. Make sure the drive is completely backed up before proceeding.
The Zero Fill option of DiscWizard Starter Edition is the only safe methods for use with Seagate and Conner hard drives. Some system BIOSs may include a Low Level Format option; use these at your own risk, as this may produce undesirable results.


I can't imagine it would survive a low level format and a zero fill. However, if it did I would be impressed. It also makes me wonder how new computer like HP and Compaq that don't come with a restore CD work. They have a restore partition on the hard drive instead. I wonder if there is any relation. Course, that sucks if your HD goes out, or you just want to upgrade it.

VegasF6

 

[dp004i]

Wouldn't a firewall render this thing useless? Also, I highly doubt it can survive a low-level format, unless they somehow stick it in BIOS itself.
From the review: We discovered, however, that users can effectively disable PC PhoneHome if they know where to change the SMTP information recorded by the software. We would not have known about it if Brigadoon hadn't directed us to make some registration adjustments, but the fact that it can be accessed by any user could be a loophole. - now that's bad.

 

[ALAVergas]

Originally posted by: dp004i
Wouldn't a firewall render this thing useless? Also, I highly doubt it can survive a low-level format, unless they somehow stick it in BIOS itself.

From the review link above, posted so you could read it and learn about the product without asking redundant questions:

"PC PhoneHome is available in three versions. PC PhoneHome Lite is a free application that sends stealth e-mails, but unlike the paid versions, it can be removed from the hard drive by running simple format, low-level format or FDISK procedure disk-formatting utilities.

PC PhoneHome Pro, which we tested, is appropriate for individuals or small installations. Unlike the Lite version, it can withstand disk-formatting procedures."

So yes, it can survive low-level formats.

I'll leave the firewall question to someone who understands it better, I know it well enough to understand its not a problem but probably not well enough for a thurough explanation.

As for the SMTP, it sends a message within 30 seconds if an active net connection is present, faster than you could change it. SMTP is something only the most experienced computer tech would know about, and only a VERY bold one would go and manipulate manually. The registry is not something to toy with on your system just to see what happens. If there's a different way to manipulate SMTP outside of regedit I don't know of it.

 

[Rufio]

Originally posted by: ALAVergas

Originally posted by: dp004i

As for the SMTP, it sends a message within 30 seconds if an active net connection is present, faster than you could change it. SMTP is something only the most experienced computer tech would know about, and only a VERY bold one would go and manipulate manually. The registry is not something to toy with on your system just to see what happens. If there's a different way to manipulate SMTP outside of regedit I don't know of it.

never underestimate a determined thief or hacker...

 

[Shinj1EVA]

What if they just buy a new HDD because they're paranoid?

Well.. at least if number of thefts go up.. number of HDD sales will go up..
and then number of laptop sales will go up for replacements... weird how the economy works...

No, I don't condone stealing.. it's bad... bad bad bad.

 

[damonpip]

ALAVergas, I'd stick with the GPS locator, it's much more likely that;d help getting it back. I think the GPD signal would also be ALOT easier to track, than trying to locate IP addresses.

 

[fr]

Hey, whatever happened to that Intel Processor Serial Number feature? Did they totally stop doing that?

 

[ironring]

Most new laptops have built-in NICs. Isn't the MAC address a permanent ID
for the laptop? Maybe we need a registry of stolen MAC addresses and
some way to block internet access by them.

Originally posted by: fr
Hey, whatever happened to that Intel Processor Serial Number feature? Did they totally stop doing that?

 

[jburnham]

"Users need to reset the boot sequence so the machine only boots from the hard drive. They should also protect this setting with a supervisory password. Otherwise, someone could boot from the floppy or CD-ROM drive and possibly delete PC PhoneHome."

What's the first thing you do when you get a machine (stolen or otherwise)?

Wipe it clean and reload the OS. "Oh, I can only boot from the hard drive. Oh, the BIOS setup is password protected. Okay, bypass the BIOS password, flash a new BIOS, boot off of my OS install CD and go". If I couldn't get around the BIOS, I would be very focused on wiping the hard drive clean in another machine or even buying a new drive - even if I had never heard of this kind of software.

I think this is a great idea and a good step in the right direction - it would be even better if you had the option to purchase this functionality built into the hardware with a lifetime monitoring service. If someone didn't want big brother watching them, they could buy the laptop without the functionality, and the other 95% of us could buy it and effectively eliminate laptop theft.

 

[duhh]

One thing you have to considder is that in a lot of theft cases, the person stealing the object does not necissarily know much about the object, they just know that it is worth something. Even if the person were to put the computer online even once, that would give you a chance at catching them/gettign your stuff back.

You know, i got hit for about $4k before, and even though those funds were recovered, I was a much happier person when the two guys landed in jail.

What disturbs me is the concept of a manufacturer using the same software to and also having it do an audit of your PC. hrmm, good old firewalls ...

 

[dman]

Originally posted by: jburnham
"Users need to reset the boot sequence so the machine only boots from the hard drive. They should also protect this setting with a supervisory password. Otherwise, someone could boot from the floppy or CD-ROM drive and possibly delete PC PhoneHome."

What's the first thing you do when you get a machine (stolen or otherwise)?

Wipe it clean and reload the OS. "Oh, I can only boot from the hard drive. Oh, the BIOS setup is password protected. Okay, bypass the BIOS password, flash a new BIOS, boot off of my OS install CD and go". If I couldn't get around the BIOS, I would be very focused on wiping the hard drive clean in another machine or even buying a new drive - even if I had never heard of this kind of software.

I think this is a great idea and a good step in the right direction - it would be even better if you had the option to purchase this functionality built into the hardware with a lifetime monitoring service. If someone didn't want big brother watching them, they could buy the laptop without the functionality, and the other 95% of us could buy it and effectively eliminate laptop theft.

IBM systems have a harddrive password. The password itself is burned into the harddrives firmware (somehow). Moving it to another machine to format = no good. The drive won't allow access to it's important sectors rendering it unreadable.

It is not cheap or easy to remove (but it is possible, I saw some schematics for a device on the net, didn't look like it was for a novice to build). If you loose your password (or laptop is gone) your data is fairly safe from viewing. Won't help you get your laptop back but it will make the thief's life more difficult and drop resale value.

Other manuf. may have a similar protection, but, it's dependent on the harddrive manuf. not just the laptop.


EDIT: I found this out when I was trying to backup my harddrive from my laptop to my desktop and couldn't get it to read on my Desktop pc. I had the adapter connected, the computer saw the drive, just wouldn't allow me to access any data. Put drive back in thinkpad, removed the harddrive password, and was then able to do what I needed. I looked it up afterwards and found out that it's in the drive firmware and 'clearing' it isn't simple without knowing the password or having a special circuit board.

 

[RDMustang1]

If this program is safe from formatting then it must be on a seperate partition which is easily removed...

Also, what information will it tell you about the thief? Maybe his IP address? Good luck getting an ISP to give you his personal information... the police will have to badger them for it and then they MIGHT give in and I doubt that the police are going to badger an ISP over 1 theft..

I really think this is a waste of money because it must be easily removable and the information it gives you really isn't going to be that important...

Just my $0.02

 

[dethman]

certainly a good idea, but not foolproof, if all i have to do to bypass it is boot from a cd and low-level and zero the HD. of course i guess the basis is that thieves wouldn't know any better. yet.

 

[Arkayz]

Never underestimate the greed and stupidity of a thief, haven't you guys ever watched Cops before.

 

[cmetz]

I've seen several programs like this advertised, and their marketing has many classic signs of snake oil. I would be very wary of these products.

For example, notice how the manufacturers all omit important technical details -- if they had real security, they wouldn't need to do that. Survives a reformat? What, exactly, does "reformat" mean? FORMAT C:? That's easy to survive -- put code in the boot track -- and easy to wipe -- a Linux/BSD boot floppy or your favorite drive diagnostic's "erase disk" can take care of that (incidentally, I believe at least of these programs do in fact put their code in the boot track). If the code has to be run by the computer, then it stands to reason that at least some of it is in a location on the disk visible to users, and therefore vulnerable to erase. Even if some of the program is put in hidden areas, some chunk of code has to actually access those hidden areas. Also, the commands to access hidden regions of the disk are manufacturer-specific last I checked. Anyway, snake oil unless someone credible can demonstrate otherwise.

Many/most IDE hard drives (laptop and desktop) support a firmware password, it's a standard IDE command/feature set apparently. OpenBSD is the only OS I know of that really knows how to deal with this feature, however. I would suggest that if you want to protect your laptop against non- to semi- technical thieves, password the hard drive, BIOS, and system boot -- it'll make the system pretty much unusable to a thief and presumably then much much harder to fence. A highly technical thief who has your laptop in your hands is going to get in, so forget about them.

To go back to the original thread topic, the difference between free version of this program and the pay version of this program is intended to address exactly the same more skilled thieves that you don't really stand a chance against. The free version should still be fine against a clueless thief, and as some folks have pointed out, there are plenty of those in the world.

 

[soltrain]

Most new laptops have built-in NICs. Isn't the MAC address a permanent ID

Yes, the MAC address is permenant, however I believe it is non-realistic to try and limit access to the internet my MAC address. You would have to store a copy of everysingle stolen MAC address on every single capable switch where the user could possibly connect at. I believe that you'd have to stop the connection using the switches ARP table, I don't think a router handles hardware addresses at all.

 

[nekote]

2¢

Even if MAC addresses are "permanent" in your laptop or other PCs / NICs, there would be nothing to prevent plugging into a NAT router that uses a different MAC address.

Indeed, many such SOHO routers have a "Clone MAC" feature that permits the router to take over the MAC identity of a pre-existing MAC id. That eliminates the need to contact a broadband ISP to make any admistrative adjustment to the MAC address they may already have on record. And it has the effect of shielding / hiding the MAC address of any other (stolen) machines that might be connecting through a NAT router.

So even a completely naive thief might unwittingly hide the MAC address by (unknowingly) using such intermediate devices.

What's more, such routers often also include DHCP servers to provide dynamic IP addresses - say, 192.168.nnn.nnn - potentially triggering the "email home" feature. Even if such a router was physically disconnected from the Internet. Thus potentially providing a way in which to detect the attempt to "phone home" to report a useless (internal only) IP address?

 

[MontyBurns]

This is simply bunk. Knowing the IP address that your laptop is connecting from does you very little good. You can't call 911 and give them the IP address and expect a SWAT team to go break down a door.

You'd need to hire a lawyer and subpoena an ISP, and even then there is no guarantee that you're going to find the accurate owner of the connection -- let alone your laptop.

 

[sygyzy]

How is a Mac address permanent? I was under the impression you could change it.

 

[soltrain]

MAC address

On a local area network (LAN) or other network, the MAC (Media Access Control) address is your computer's unique hardware number. (On an Ethernet LAN, it's the same as your Ethernet address.) When you're connected to the Internet from your computer (or host as the Internet protocol thinks of it), a correspondence table relates your IP address to your computer's physical (MAC) address on the LAN.
The MAC address is used by the Media Access Control sublayer of the Data-Link Layer (DLC) layer of telecommunication protocol. There is a different MAC sublayer for each physical device type. The other sublayer level in the DLC layer is the Logical Link Control sublayer.

www.whatis.com


Mac address is unique to your ethernet card. It a the 16bit (?) hexadecimal code hardwired into the chip itself. The MAC address is fundamental for the basics of networking.

 

[MontyBurns]

You can't change a device's MAC address, but you can "spoof" and broadcast any MAC address you want.

Regardless, I don't think a thief is going to engage in any of the high-tech behavior we're talking about here. Still, I can't imagine how this product could get you back your laptop.