Solving Laptop Larceny

Continued from page 1

The tracking system also helps keep students honest. "Before, we had a huge rate of people dropping out of the program and not bringing their laptops back," Gomes recalled. "Now I let them know that I can track them. Their eyes kind of open, and they bring it back right away."

The Computrace service costs about $50 per year* per machine. At that price, Gomes figures the service will pay for itself if it prevents ten $2,000 machines from disappearing. A boxed consumer version of Computrace, called "Lojack for Laptops" (after the car-tracking device), costs $49.99 per year.

Some 80 percent of stolen or wayward laptops protected by Computrace are recovered, according to Jickling. A thief would be safe if he kept the stolen laptop off line -- but that rarely happens, especially now that Wi-Fi networks have sprouted in every apartment building and corner café. Absolute Software has placed the instructions for contacting Computrace into the basic input-output system (BIOS) of recent Hewlett-Packard, Gateway, Lenovo, Dell, and Fujitsu laptops, so that even reinstalling the operating system will not stop the machines from reporting in, Jickling says.

Nevertheless, since tracked machines remain in the hands of thieves until they're recovered, another security measure may also be useful: encryption. One firm licensing Absolute's software, CyberAngel Security Solutions in Nashville, TN, combines tracking with an encryption scheme. Their software creates an encrypted partition on the hard drive, says spokesperson Bradley Lide. If someone boots the system without inputting the right password, they will be able to use the machine -- but it will hide the encrypted partition from the user while sending alerts to the tracking service.

"If you steal it, boot it, and connect it, and violate authentication, the computer operates like a honey pot, as we draw in the thief while protecting the confidential information on it," says Lide. The service starts at about $60 per machine per year.

But "kill" switches are the most dramatic -- and drastic -- way to foil thieves. As with Computrace, laptops equipped with kill switches report to a central server at intervals. But no tracking is attempted; instead, the purpose is to check whether a machine should start destroying its data files.

When a stolen machine reports in, it can be instructed to overwrite selected files, explains Jeff Rubin, a representative of Santa Clara, CA-based Beachhead Solutions, which offers a kill service called Lost Data Destruction. Deleting a file -- simply putting it into a trash can or recycle bin, is not sufficient, since the data is still on the disk. The Pentagon, for instance, requires three over-writes to expunge sensitive data. Beachhead's system, which starts at $129 per year, can be set to overwrite as many as eight times.

"If the VA [Veteran Affairs] had had this, there would have been no problem," says Rubin.

*Correction: In the original version, we wrote that this service costs $50 per month.