Track Your Laptop Anywhere�Or Not

By Ronald Pacchiano | Posted March 31, 2006

Computers, especially laptops, are stolen every day. More often then not, they're loaded with a company's proprietary data and many are configured for VPN access into their corporate networks. So not only is the data on the notebook at risk, but even the data stored on the corporate servers could be compromised.

Don't believe me? Check out these statistics from a Safeware Insurance survey. It reported that more than 600,000 laptop thefts occurred in 2004, totaling an estimated $720 million in physical losses and an estimated $5.4 billion in theft of proprietary information. According to FBI statistics, less then two percent of stolen laptops are ever recovered. Those are some staggering numbers!

That being the case, what would you say if I told you that for only about $30 bucks, you could purchase a piece of software based insurance that could significantly increase your chances of recovering your laptop in the event it was ever stolen? You wouldn't believe me would you? Me either.

However that's what New Jersey-based Synet Electronics, Inc. would have you believe its latest product, the Synet nTracker Laptop/Desktop Anti-Theft tracking software, can do. Going into this review I had my reservations about its effectiveness, and now that I've had sometime to work with it, I'm even less convinced; but more on that later. For now let's discuss exactly what the nTracker software is and what it can do for you.

The Best Laid Plans…
The nTracker software was designed to help you recover your stolen notebook. It installs onto the system invisibly, meaning that it does not come up in the Windows Task Manager and is not listed in the "Add/Remove Programs" applet under the Windows Control Panel. Once installed on the system, nTracker will periodically send out a stealth e-mail, to a pre-determined e-mail address (set by you), which contains an encrypted attachment with details on the PCs' physical location whenever the stolen computer goes online.

These stealth messages are transmitted automatically and can be set to recur every three, seven or 15 days. This ability to quietly send out this e-mail notification is the true "value" of this software. The encrypted attachment that you receive will contain the local and global IP address of whatever network the computer is using.

It should go without saying, but the e-mail address that you configure it to use should be one that you can access from a machine other then the one you're installing the program on. An example of a suitable e-mail address would be like an AOL or G-Mail account, which is accessible from any computer. The only reason I mention this is because Synet's tech support people told me that some people had configured the program with an e-mail address used by the mail client on their notebook.

Once you receive the tracking information, you can pass it on to your local law enforcement agency to assist you in recovering your stolen property. Essentially the officers investigating your case will run a WHOIS using the IP information you provide them.

WHOIS is a service by the American Registry of Internet Numbers or ARIN, which maintains records on the registered users of any given IP address. With that information, they can contact the registered ISP for that IP address, and with their assistance, track down the actual location of your stolen PC (at least in theory).

In order to view the encrypted e-mail attachment from nTracker, you need to have Synet's proprietary viewer installed on whatever system you're using to receive the message. The software can be installed using the original installation CD, but if you don't have access to it for some reason, it can be downloaded right from Synet's Web site.

What I don't understand is why should you need a special viewer to read this file, and why does it need to be encrypted? The information it contains isn't that sensitive. Basically it's only your name, address, phone number, some system info and the IP address of its location. I've entered more personal information then that on Web sites when downloading technical documents.

Authentication Issues
In addition to its tracking ability, the nTracker software will also protect all of your important data by automatically encrypting up to three folders on your system as soon as it detects that someone attempted to access the system three times with an unauthorized-password. Plus it will periodically display warning screens prompting for user authentication and sound alarms if the proper password isn't provided.

I understand that the purpose of this software is primarily to track down and recover your stolen PC, not necessarily to secure it. However, the PC's data is just as important — even more so — than the hardware. Synet seems to agree — it provides encryption functionality to protect the data. Yet if that's the case, why doesn't nTracker software ask for authentication each time you log into the computer? The documentation recommends setting up a BIOS password to protect the system, so why doesn't the software force you to authenticate as well?

Consider this, let's say you configure nTracker to send out a location report every 15 days and the computer is stolen on day seven of the report cycle. Under those circumstances, that would give the thief eight days to use the machine and either copy or eradicate your data before nTracker informs you of the system's location and encrypts your data.

Considering all the personal information most people store on their PCs, that gives the thief plenty of time to examine the data on the notebook and find whatever information they need to steal your identity or possibly access your corporate network. I don't know about you, but that doesn't strike me as a solid security solution.

In nTracker's defense, according to the folks at Synet, the system should send out a location report whenever it detects that it's on a different network. In other words, if a notebook's stolen and the criminal uses it on his home network, nTracker should be able to detect that it is on another network and transmit a location report to the proper owner. During our testing though, that never happened.

Apparently Failure is an Option
I mentioned earlier that I was apprehensive about the software's effectiveness. For starters, we were never able to get it to work as advertised. We installed it on two different systems: A Sony VAIO laptop test system running Windows XP Home Edition with SP2 and a Dell Inspiron running Windows XP Professional with SP2. I never once received an e-mail notification from either system.

Originally I tried using an AOL e-mail address, but Synet's tech support people thought that might be contributing to the problem. So I tried three other POP3 accounts. Those didn't work either. I contacted tech support again for assistance, and for some unknown reason, it wasn't working for them either. They worked with it awhile and finally got it to respond to one of my e-mail addresses (out of three) using one of their systems, but they never got it to work with either of my test systems or with my AOL e-mail.

That said, let's suppose that what I experienced was a fluke and everything worked as it was intended. It's possible. Let's say it installed flawlessly on my system, sent out the location reports when it was suppose to and protected my system data when unauthorized access was detected. OK, great.

So you have the IP address indicating where the system is located. Now what? You can't retrieve the PC on your own for obvious safety and privacy issues, so that means local law enforcement has to do all the legwork to retrieve it. And I'm sure they'll get right on that — just as soon as they finish investigating the murders, assaults, burglaries, missing person reports and stolen cars they have to deal with. I'm sure your missing laptop will rank high up on their list of priorities and they'll get it back to you with any luck, within a few months. Of course, your results may vary.

Now in all fairness, this is not a fault of the company or its software. But spending $30 in the hope of receiving an IP address that may or may not come, and then having to rely on the help of an already overworked police force, just gives people a false sense of security. If my data were really that important, I would invest in serious encryption software like PGP Desktop Professional that can lock down everything. I'd also enable password protection or biometric security systems. And if I wanted a shot at getting my notebook back, I'd invest in a GPS tracking system. It might be a more expensive solution, but it's a far more effective one.

If however all you're looking for is a little piece of mind, then I suppose Synet nTracker Laptop/Desktop Anti-Theft is better then nothing. But before you put any money down, I suggest that you try it out for yourself. You can download a free trial of the nTracker software directly from Synet's Web site. I hope you have better luck with it then I did.

Pros:
• Inexpensive
• No monthly subscription cost
• Theoretically gives law enforcement a useful lead

Cons:
• Questionable operation
• Dubious value at best
• Company doesn't coordinate with law enforcement on recovery
• Never worked for us

Ronald Pacchiano is a contributing writer for both SmallBusinessComputing.com and PracticallyNetworked.com.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!


Comment and Contribute


     

    Get free tips, news and advice on how to make technology work harder for your business.

    Submit
    Learn more
     
    You have successfuly registered to
    Enterprise Apps Daily Newsletter
    Thanks for your registration, follow us on our social networks to keep up-to-date