PDA

View Full Version : Undercover: recover your stolen Mac


MacBytes
Jan 19, 2006, 09:29 AM
http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: 3rd Party Software
Link: Undercover: recover your stolen Mac (http://www.macbytes.com/link.php?sid=20060119102944)
Description:: Undercover is the next-generation anti-theft software that traces the location of missing or stolen Macs for recovery.

Posted on MacBytes.com (http://www.macbytes.com)
Approved by arn

Eluon
Jan 19, 2006, 09:40 AM
that is awesome. too bad I don't have my laptop anymore.

Seasought
Jan 19, 2006, 09:46 AM
Undercover can not be disabled by the thief. If you install Apple's firmware password, your Mac can not be formatted without knowing your firmware password.

I'd really like to play with this feature. Booting from your OS X CD and doing a wipe that way won't work either then apparently.

Sounds like a great piece of software. Anyone using it?

pgwalsh
Jan 19, 2006, 10:46 AM
I'd really like to play with this feature. Booting from your OS X CD and doing a wipe that way won't work either then apparently.

Sounds like a great piece of software. Anyone using it?
Unless ther theif is clever enough to open up your laptop and hard reset the firmware. I'd imagine any thief would as quickly as possible erase the hard drive.

DMann
Jan 19, 2006, 10:51 AM
I'd really like to play with this feature. Booting from your OS X CD and doing a wipe that way won't work either then apparently.

Sounds like a great piece of software. Anyone using it?


Perhaps a small micro Lo-jack chip inconspicuously placed into
the interior would help for those long distance theft jobs...

pgwalsh
Jan 19, 2006, 10:58 AM
Perhaps a small micro Lo-jack chip inconspicuously placed into
the interior would help for those long distance theft jobs...That would be cool. ET phone home.

Seasought
Jan 19, 2006, 11:00 AM
I'd like a feature that allows you to remotely detonate your laptop as a failsafe mechanism. Kamikaze Powerbook. Hai!:D

angelwatt
Jan 19, 2006, 11:00 AM
One problem that comes to mind is that I'd like to think most people have their accounts password protected, so if a thief got the laptop they wouldn't be able to login and use it and therefore this software couldn't send anyone a message about it being stolen.

Sharewaredemon
Jan 19, 2006, 11:03 AM
Does this app prevent from target booting and erasing the hard drive?

pgwalsh
Jan 19, 2006, 11:03 AM
I'd like a feature that allows you to remotely detonate your laptop as a failsafe mechanism. Kamikaze Powerbook. Hai!:DHa ha.. I thought about that on my last respone, but I once said something like that in a forum and people got pissed, but that was on slashdot.

grapes911
Jan 19, 2006, 11:19 AM
I'd like a feature that allows you to remotely detonate your laptop as a failsafe mechanism. Kamikaze Powerbook. Hai!:D
No, then the laptop would be gone forever. I'd rather it just leak some cyanide gas.

grapes911
Jan 19, 2006, 11:20 AM
One problem that comes to mind is that I'd like to think most people have their accounts password protected, so if a thief got the laptop they wouldn't be able to login and use it and therefore this software couldn't send anyone a message about it being stolen.
You are a wishful thinker. Do you know how easy it is to reset your password? I could do it in about 1 minute.

pgwalsh
Jan 19, 2006, 11:24 AM
No, then the laptop would be gone forever. I'd rather it just leak some cyanide gas. How about setting it up so they get one hell of a shock every time they type. It would kill batter life, but if they stole one with an iSight camera and it sent you photo's of every shock, it could be quite entertaining.

settledown
Jan 19, 2006, 11:42 AM
If I were a thief, I would either:
a. get rid of it immediately, sell it for whatever I could get for it.
b. keep it, swap in a new hard drive and pitch the old one, or clean wipe the old one

in case b., if I know how to swap a hard drive, then I know where the firmware reset button is.

just keep your lappy safe, and get insurance on it.

Thieves in most cases arent dumb. A simple google will tell you how to defeat anti-theft software. Also thieves wont be taking thier HotMac in to AppleCare EVER.


Having said all that, it is a cool app. just not one that can be very effective i dont think

grapes911
Jan 19, 2006, 11:43 AM
How about setting it up so they get one hell of a shock every time they type. It would kill batter life, but if they stole one with an iSight camera and it sent you photo's of every shock, it could be quite entertaining.

I'm be ecstatic if they could pull that off.

http://grapes911.com/pics/shocked.jpg

pgwalsh
Jan 19, 2006, 12:02 PM
I'm be ecstatic if they could pull that off.

http://grapes911.com/pics/shocked.jpghaha love it

winmacguy
Jan 19, 2006, 12:11 PM
I can't remember who does it but a few years ago I was told of an app that you 'hide' in your system - there is a PC version as well- it works like an email tracking device sending back the IP address to your email that the thief is using when they log on and surf the web so that you can track down your laptop without alerting the thief. Quite sneaky :p

Lau
Jan 19, 2006, 12:16 PM
What if it sent a screenshot the other way, through the iSight as well. :eek:

pgwalsh
Jan 19, 2006, 12:16 PM
I can't remember who does it but a few years ago I was told of an app that you 'hide' in your system - there is a PC version as well- it works like an email tracking device sending back the IP address to your email that the thief is using when they log on and surf the web so that you can track down your laptop without alerting the thief. Quite sneaky :p
Did you read anything about this company because that's what they do.

winmacguy
Jan 19, 2006, 02:59 PM
Did you read anything about this company because that's what they do.
Ah, no I just went on everybody elses comments :rolleyes: Doh!

Lacero
Jan 19, 2006, 03:02 PM
Most thieves steal to resell for money. I doubt they'll know or even bother to hard reset or wipe the HD.

Even if you could trace it, the thief would have already sold it to the network of people waiting for such laptops. And the buyer hopefully is smart enough to reformat the HD and cut off internet access before using it.Here's to the Crazy Ones http://forums.macrumors.com/attachment.php?attachmentid=35452 (http://www.uriah.com/apple-qt/movies/think-different.mov)

dr427
Jan 19, 2006, 03:10 PM
I have been scanning ebay for a used Powerbook and the auctions being held by Pawn shops or those that mysteriously don't have a charger or anything else always make me wonder.....:cool:

alamar
Jan 19, 2006, 04:58 PM
If the computer doesn't get recovered you get the software money back? If they'd replace the box that would be a much better idea, though would still suck if you didn't have a recent backup, or if they got ahold of all your software disks with the box.

Nermal
Jan 19, 2006, 08:53 PM
I'd really like to play with this feature. Booting from your OS X CD and doing a wipe that way won't work either then apparently.

Correct. If you have a firmware password then you can't boot from CD without entering it :)

grapes911
Jan 19, 2006, 08:58 PM
Correct. If you have a firmware password then you can't boot from CD without entering it :)
But firmware passwords can removed in about 3 minutes by anyone with basic computer knowledge and access to google.

winmacguy
Jan 19, 2006, 09:24 PM
But firmware passwords can removed in about 3 minutes by anyone with basic computer knowledge and access to google.
Id say that they would need more that just a 'basic' bit of computer knowledge and would need to be aware of the need to change or enter the firmware password. I think most people who would steal a laptop would be doing it to make a quick buck and at most would probably just delete the contents of the harddrive with out necessarily re-installing or replacing anything - far easier to advertise it for $50-$100 or sell it 'down at the pub to a mate'.

I could be wrong of course ;)

Nermal
Jan 19, 2006, 09:55 PM
How would they wipe the drive without booting from CD? Even if they get around the user account password, I'm pretty sure that you can't wipe the drive with the running OS.

BTW, I did have a quick look on Google and the only way I could see to get around the firmware password involved running an app - therefore you need to get past the user account password too. I suppose there's a "reset jumper" or similar, but most people wouldn't know how to get at it (I don't!)

grapes911
Jan 20, 2006, 01:57 AM
All you have to do is remove or add a RAM chip and then reboot. Sometimes you have to reset the PRAM up to 3 times, but not always. Works like a charm.

Seasought
Jan 20, 2006, 09:45 AM
No, then the laptop would be gone forever. I'd rather it just leak some cyanide gas.

Genius! Perhaps we can have coffee some time and discuss such mayhem. :p

grapes911
Jan 20, 2006, 09:59 AM
Genius! Perhaps we can have coffee some time and discuss such mayhem. :p
Oh, if you only knew the mayhem that goes though my brain. Next I'm working on the MacBook Pro. This defense system will take a thief's picture and edit out their clothing leaving them in the buff. If the thief is a male, the pic will make him look "inadequate". If the thief is a female, the pic will add an "extra body part". Finally the computer will mail out this pic to the thief's fiends, family, wife/husband, girlfriend/boyfriends, and others.

[booming voice]
HAHAHAHAHAHAHAHAHA . . .
[/booming voice]

Seasought
Jan 20, 2006, 10:03 AM
Oh, if you only knew the mayhem that goes though my brain...

[booming voice]
HAHAHAHAHAHAHAHAHA . . .
[/booming voice]

I'm still fond of explosive, poisonous or electrically-deviant traps myself. That would make quite a keynote parody.

"I want to announce something REALLY exciting today. The new MacBook sharpnel. Now we took the original Macbook and installed a bouncing betty explosive device. If the MacBook detects someone elses hand signature or multiple failed password attempts well...let's have a look." <insert artsy, and stylish demo of a MacBook sharpnel wiping out half a city block>

d_and_n5000
Jan 22, 2006, 01:18 PM
I'm still fond of explosive, poisonous or electrically-deviant traps myself. That would make quite a keynote parody.

"I want to announce something REALLY exciting today. The new MacBook sharpnel. Now we took the original Macbook and installed a bouncing betty explosive device. If the MacBook detects someone elses hand signature or multiple failed password attempts well...let's have a look." <insert artsy, and stylish demo of a MacBook sharpnel wiping out half a city block>

SWEET!!!!!! The only problem is that I might let others use it, and i will always e in the room, and i don't wanna die cause i let someone use my macbook. Any othere suggestions?

MacOMat
Jan 22, 2006, 02:54 PM
I searched for reviews of the software and found that (http://blogs.23.nu/c0re/stories/11058/).
:eek: :eek: :eek:
Oops, that's very bad. I was even going to BUY this product.:mad:

themutant
Jan 25, 2006, 07:25 AM
MacOMat, I have read this review and I tried to verify it as I'm interested in this software too and I have quite some experience hacking Mac OS X apps. Surpisingly, it turns out that most of their statements are just plain false and that this entire "review" is a piece of junk!

First of all, they claim that the "hardware damage feature" (or whatever they call it) consists of just one dialog box. This claim is false based on the website text and my own analysis of classes and methods in the binary. The hardware failure in Undercover will make the screen gradually darker. It is true that the binary contains a Mac OS X system error lookalike, but this is definitely not the only part of the plan B they describe.

Secondly, they claim that Applescript is used. That's a correct conclusion, but I don't see how this would affect the app's functioning or security. Almost every Mac OS X app I have dissected makes AS calls for some of its functionality. Nothing wrong with that.

Furthermore, they state that MAC addresses of stolen Macs are exposed online. I could not verify this so I contacted the author on this one. He wrote me that the MAC address is not exposed online. They only expose a code based on the MAC address. Getting the MAC address from this code is impossible without the key they use. Moreover, this code is only exposed for stolen Macs. I don't see how this could possibly affect security.

Their final claim of backdooring risks with the binary seems false as well. It would not surprise me if these guys were paid by the Undercover competition...

Based on my findings, Undercover seems quite robust and secure

I searched for reviews of the software and found that (http://blogs.23.nu/c0re/stories/11058/).
:eek: :eek: :eek:
Oops, that's very bad. I was even going to BUY this product.:mad:

alamar
Feb 8, 2006, 05:10 PM
If I were a thief, I would either:
a. get rid of it immediately, sell it for whatever I could get for it.
b. keep it, swap in a new hard drive and pitch the old one, or clean wipe the old one

in case b., if I know how to swap a hard drive, then I know where the firmware reset button is.

just keep your lappy safe, and get insurance on it.

Thieves in most cases arent dumb. A simple google will tell you how to defeat anti-theft software. Also thieves wont be taking thier HotMac in to AppleCare EVER.


Having said all that, it is a cool app. just not one that can be very effective i dont think

not if you were on crack you wouldn't.