27/09/2011: Review: Prey Anti-theft SoftwareTuesday, September 27, 2011 by Matt Woodward | Taxonomy: Commercial, Non-Commercial, Open-Source, Review, Security, Software | 1 Comment
Recently I was asked about anti-theft software by a friend, who’s company had unfortunately had one of their laptops stolen. His question was fair enough – “Is there any way to geographically track a laptop if it’s stolen?”. Without some tremendous effort and access to data which most of us dont have, the simple answer is “No” 🙁
I spent a few moments Googling and found an open-source project called Prey. I hadn’t heard of it before despite some quite obviously favourable reviews. I decided to take it for a test drive to see how it worked!
Getting started was very straight forward and would most likely be readily accepted by most home users. The software had a very user-friendly install process, which included creating a new “free” user account to get you up and running. A quick confirmation email to validate my account and my laptop was registered with Prey and being tracked!
Not one to hope for the best and close my eyes, I decided to run a few false positives (i.e. act as if my laptop were stolen) and see what information I’d glean from Prey. I was pleasantly surprised, the default report contained:
- Current network details (IP Addresses – internal / external)
- An approximate geo-location (so you can see where you device is likely located – obviously improved where a mobile dongle or 3g is in use)*
- A screenshot of the current user’s session (i.e. so you can see what the user is doing)
- Basic session details (i.e. who is the user logged on as)
- Play an alarm sound (to notify nearby people. or the user, that the laptop is stolen)
- Show an alert message (to make the user aware the device is stolen and who to contact to resolve this)
- Play the alert message (this worked out-the-box with the Macbook pro, but not on my HP machine)
- Acquire more detailed network details (nearby wifi points, traceroutes to the internet etc.)
- Lock the machine (to stop the user from being able to use it)
- Remove / Hide and personal data (e.g. browser cookies, local emails etc.)
- A Macbook Pro (running Lion – which Prey picked up as Tiger, minor point but didn’t affect anything!)
- A HP Laptop (running windows 7 Pro – which Prey picked up correctly)
- A Samsung Nexus S (running Gingerbread)
Overall the experience on the PC & Mac were pretty solid, I didn’t jump into locking myself out entirely but tested out the alarms / alerts and assessed the reports that got sent back. Geolocation for the PC & Mac were subject to the usual restrictions where there was no 3g signal i.e. only the local exchange / ISP servers would be located, never the less the ability to capture nearby WiFi points and undertake a full trace route would certainly assist the authorities quite nicely in apprehending your nasty little neighbourhood thief!
On the Nexus S the experience was a little more ropey, the reports didn’t seem to be sent back unless the phone was unlocked. Given I use the screen pattern facility to lock / unlock my phone, it’s likely a thief would not be able to get passed this anyway which is good. However, if Prey fails to send the report because it is locked then it’s likely I’d be non-the-wiser on its whereabouts. Shame!
As a project, and an open-source one at that, the offerings by Prey are pretty decent considering the pricing model. You can happily use the product for up to 3 devices and 10 reports per device for free, and the pro accounts start from as little as $5 USD per month. Prey also provide pro accounts for business (offering a full support service as well) which come with upgraded features – Full SSL Encryption and Automated Deployment for multiple devices to name a few.
Overall, not a bad product at all – would be good to see the android quirks ironed out a little, and can’t wait to see what the iOS version for iPhone and iPad has to offer! Reading between the lines this should be on the app store in the near future!