Security Software Tracks Down Stolen PCs

NEWYou can now listen to Fox News articles!

A thief pilfers a laptop computer from an unsuspecting traveler at an airport departure lounge and flits off, unnoticed.

A few years ago, the laptop's rightful user would have had little chance of seeing it again.

But today, a handful of security companies offer software and gadgets to recover stolen notebook computers or, at least, make the sensitive corporate data they hold inaccessible to criminals.

According to statistics from the Gartner Group, which tracks computer-industry trends, a laptop computer is stolen every 53 seconds from U.S. airport lounges, hotel rooms and restaurants.

• Click here to visit's Cybersecurity Center.

• Click here for's Personal Technology Center.

The FBI notes that 97 percent of the portable PCs are never recovered, with potentially catastrophic losses for the owners, who may have lost not only work-related files, but personal information such as credit card and banking information and digital family photos.

"That costs consumers and businesses an awful lot of money," said Robert Siciliano, an information security consultant based in Boston.

The computer industry, however, is now using technology to beat back the thieves.

Like a Lojack device that car owners can put in their vehicles to track a stolen BMW or Mercedes, computer users can now purchase software that allows them to monitor the whereabouts of their Toshiba Satellite or Lenovo ThinkPad once a crafty crook gets hold of it.

What's more, some of the software enables owners of stolen computers to delete files remotely via satellite networks, preventing the cyber-punks from accessing the vital information.

"That's multiple layers of protection," Siciliano told

There are a number of companies in this electronic-security market, and some of their products for consumers and companies are priced as low as $49.99.

One of the better known developers is Vancouver, B.C.-based Absolute Software, maker of Computrace.

Its Lojack for Laptops consumer software — yes, that's what it's called — can be downloaded from the Internet and works on both Windows-based PCs and Macs.

The company's more sophisticated corporate Computrace software comes embedded in the BIOS — basic input, output system — of computers produced by Dell, Lenovo, Gateway, HP and Fujitsu. Recent deals have also been reached with Apple, Sony and Toshiba.

When a computer using either Computrace or Lojack for Laptops is reported stolen by the owner and then connected to the Internet by the thief or the person he sells it to, the embedded software "agent" sends a silent signal to a monitoring center providing critical location information.

Absolute then works with local law enforcement to recover the computer, and, if necessary, assists with search warrant and subpoena applications to Internet Service Providers (ISPs) to quickly address what Absolute CEO John Livingston wryly calls "mobile security challenges."

The company claims its recovery team, made up of many former police officers, has close relationships with more than 1,000 police departments in the U.S. and Canada.

The stealthy software agent is said to be able to survive accidental or deliberate attempts at removal by crooks seeking to resell the PC on the black market.

There's no external dongle for thieves to unplug, and the company said the software transmits a signal whenever the stolen laptop is connected to the Internet.

Another product with some of the same functionality is eBlaster by SpectorSoft Corp., based in Vero Beach, Fla.

SpectorSoft President Doug Fowler told his software was originally meant to let parents track every keystroke their children made on computers, and that the anti-theft application came about somewhat serendipitously.

"It wasn't developed with that functionality in mind," said Fowler. "It is used to track keystrokes and record all e-mails that are sent, as well as online chats, instant messages and activity. It puts together a report and e-mails the parent of the child using the computer every hour if something dangerous comes up."

But, interestingly, if the computer is stolen, the software continues to send the reports. Inevitably, the cyber-crooks, or those to whom they resell the PC, go surfing on the Internet.

"They're not buying it to word process," said Siciliano. "They want to commit more crimes online. Where there is a stolen laptop, there are other illegal activities going on. Drugs. Other thieves. Or those they fence it to."

When the crooks log on to the Internet, the eBlaster software e-mails the laptop's Internet Protocol address back to the original owner, said Fowler.

"You could get a city location of the computer, for example, with an IP address. Then you would have to take it to an ISP to get the location of the computer," Fowler added. "You might also be able to identify them based on the e-mails they are sending.

"We know of people who have retrieved a computer by sending an e-mail to the thieves — and saying, 'I know who you are. I know what you are doing. If you don't stop, I'll turn you over to the police.'"

Fowler said that not only private consumers, but major companies and organizations had lately been added as eBlaster customers, among them Kaiser Permanente, IBM and the federal government.

Another major developer just getting into the business is Franco-American communications giant Alcatel-Lucent, which recently launched a product called Laptop Guardian jointly with Sprint.

It's basically a tiny Linux computer built into a standard PCMCIA card, with its own CPU, memory, power supply, GPS transceiver and 3G cell phone transmitter.

Laptop Guardian enables "business IT managers to secure, track through GPS, manage and encrypt data on an employee's laptop, all through remote capabilities ... even when the laptop is turned off," according to Alcatel spokeswoman Tracy Dupree.

Upon first installation, Laptop Guardian encrypts all data on the laptop's hard drive and reroutes all Internet traffic through the client's virtual private network.

From then on, the card functions as an ignition key for the laptop — the user can't get into, or out of, the computer without it.

With its own battery, the Laptop Guardian card is always on and transmitting its location back to a central server via cell phone networks.

Administrators can use Laptop Guardian to remotely upload patches and software updates to company PCs, or wipe hard drives — even after a machine's been reported as stolen.

A thief could pop out the Laptop Guardian card and be able to boot the laptop after installing a new operating system, but he wouldn't have been able to get at any of the corporate secrets locked inside.

"Our goal is to protect the corporate data, and not to recover the machine, although we can help with that as well," says Dupree.

Of course, there's another way to keep your corporate data from laptop thieves: Don't let it leave the office at all.

"I had all of my company's data on my laptop — accounting, employee, strategic planning — and thus lived in fear of having it stolen," said David Becker, president of Philippe Becker Design, a San Francisco branding agency. "I solved this by buying a cheap laptop that I use as nothing more than a 'dumb' terminal."

Becker installed GoToMyPC, a consumer-oriented subscription software service that lets one PC remotely access another, on both his office PC and his laptop.

"There's nothing on [the laptop] but a Web browser," said Becker. "I access my desktop through the Web browser using"