There are a variety of tools out there to help recover stolen technological devices. They make the devices “phone home” to the security company, and if stolen, this can be used to find the laptop (based on IP traceroutes etc.) and get it back. Some of these tools work hard to hide on the machine, even claiming they will survive low level disk formats. Some reportedly get installed into the BIOS to survive a disk swap.
This has always been interesting to me, but it seems like something that could be used to track you against your will. I don’t know how all the different products work inside — they are deliberately obtuse about some parts of it — but here’s a design for one that you could perhaps trust with your privacy.
- When setting it up, you would create a passphrase. Write it down somewhere else, as you need it for recovery.
- Every so often, it will make a DNS request of a magic DNS server. In the request will be embedded a random number, and an encryption of the random number based on the passphrase.
- Without the passphrase, these requests mean nothing to the tracking company. They don’t know who made the request
- When your device is stolen, you give the tracking company your passphrase
- When a request comes in, the tracking company checks it using the passphrases of the devices that are currently reported stolen. If it matches, bingo.
- In a match, return a DNS answer that says, “You’re stolen. Do the stuff you should do.” That answer is of course also encrypted with the passphrase.
- At that point, the device can do complex traceroutes, take photos with its built in camera, record audio, you name it.
If there are a lot of stolen laptops in the database, the search could be sped up one of two ways:
- The random number isn’t random, it’s the date. The site can then pre-compute all the codes it is likely to get from stolen laptops that day. Changing the date on the computer won’t help, as that just means a little more CPU on that particular request.
- Include an 8 or 9 bit hash of the passphrase + date. That can reduce by a factor of 256 or 512 how many phrases you must try. This identifies you a bit but if the company has lots of customers you are fine.
Note that DNS requests tend to get through just about any firewall other than a firewall deliberately tuned to block sneaky DNS requests.
This system could be integrated into a BIOS or right into an ethernet card. However, since it is the high level OS that does DHCP etc. you need a bit of network layer cheating to do this right. I presume they already do that.
You can also run the DNS server yourself, if you are so inclined. It’s not that hard. But this system lets you trust a 3rd party as they learn nothing about you as long as they have lots of customers.