Here are some links to databases listing stolen laptops, notebooks, PDAs, handhelds, mobile (cellular) phones and other mobile computers. As well as tips and tricks for theft protection and data loss prevention of mobile Linux computers. See also Debian Linux Laptop for Road Warriors(http://www.giac.org/practical/gcux/Stephanie_Thomas_GCUX.pdf) [PDF] a highly recommended HOWTO to secure Debian and some more tips and tricks for mobile security.
The following travel alert is reprinted courtesy of the US Federal Aviation Authority (FAA).
The FAA recently learned of a hustle that's being employed at airports all across the country to steal laptop computers. It involves two persons who look for a victim carrying a laptop and approaching a metal detector. They position themselves in front of the unsuspecting passenger. They stall until the mark puts the laptop computer on the conveyor belt. Then the first subject moves through the metal detector easily. The second subject sets off the detector and begins a slow process of emptying pockets, removing jewelry, etc. While this is happening, the first subject takes the laptop as soon as it appears on the conveyor belt and moves away quickly. When the passenger finally gets through the metal detector, the laptop is gone. The subject that picks it up heads into the gate area and disappears among the crowd.
Sometimes a third subject will take a hand-off from the first subject and the computer is out of the restricted area before the mark even knows that it is gone.
This is becoming a widely practiced problem and is happening at airports everywhere. When traveling with a laptop computer, try to avoid lines to enter a metal detector when possible. When you can't do that, delay putting your luggage and laptop on the conveyor belt until you are sure that you will be the next person through the metal detector. As you move through the metal detector, keep your eyes on the conveyor belt and watch for your luggage and laptop to come through as well as watching for what those in front of you are picking up.
This Encrypted dual boot single hard drive system HOWTO(http://shappyhopper.co.uk/b2154/sharedencryptedhowto.cgi), explains how to secure your system using nothing but Free Software. It was primarily written for people with a dual boot laptop, describing free tools to encrypt Microsoft Windows as well as Linux partitions.
TheftGuard(http://www.phoenix.com/en/about+phoenix/investors/news+releases/2003/may+27,+2003-a.htm) is the first theft deterrent application that cannot be removed or replaced merely by installing another hard drive. The solution is digitally registered and installed in the Phoenix cME FirstBIOS and Host Protected Area (HPA), which is a secure environment independent of the operating system. If a registered machine is reported as stolen on the TheftGuard website, the next time the machine is connected to the Internet it will automatically send a signal which will verify it as stolen. The machine can then immediately be disabled, the IP address can be captured for tracking purposes and the data on the hard drive can even be deleted. Since TheftGuard is enabled through Phoenix cME FirstBIOS, the application will still be able to check for integrity of the application components even if a new hard drive is placed in the system. Also it does not depend on the operating system installed.
Homing Pigeon(http://www.zeasoft.com/products/hpgn.shtml) runs fully autonomously, it can get out of networks where browsing is blocked, it can get out of very hostile network situations, it can run periodically if desired, and report a myriad of information about the machine and thief. Also it includes format blocking and format recovery. Best of all, Homing Pigeon has no subscription fee. You buy it once for $39.95, and it will function for life.
From Jon Anderson <jon_at_locust.co.uk>:
"Use the power of the laptop! I read recently that several laptops were recovered as they were running the RC5DES distributed computing client Distributed.Net(http://www.distributed.net) this exchanged http requests on a regular basis and was used to trap the thief after they went on the net with their new toy!
Perhaps a more targeted system would be if someone (maybe me if anyone is interested) could set up a host on the net and then you just add a ping to that host into your ppp-on script (dial on demand etc) with the -p option to pass data in the packet with a unique reference number. That way if the laptop is ever stolen you could enter in the unique number and get tracking information as to where the laptop was last registered as connecting to the net from etc?"
"iSpy, from Lexent, is a product that's well suited to the mobile professional who may need to leave his luggage and laptop for a period of time, say while in the restroom or in line for a snack. iSpy uses "PC Radar," a hybrid of motion and proximity sensing with 2-way wireless notification system to protect a computer (and its data). You attach iSpy to your laptop computer or carrying case, arm it using the 2-way key chain remote, and you will be discretely alerted on your key chain when someone moves your computer and you are outside of its immediate proximity of about ten feet. You can then choose to remotely sound a 110 decibel alarm if the situation calls for it.
While we found the key chain remote didn't always have enough transmitting power to sound the alarm, when it did it was effective. This product definitely deserves a look, especially if you have one of the old "proximity alarms" that goes off automatically. Nothing is more embarrassing than forgetting to turn off one of these things and then having your luggage start blaring as it rounds the corner on the conveyor belt at the ticket window, or when you get up from your airplane seat to go to the restroom and the laptop bag in the overhead starts squawking. iSpy is available direct from the Lexent(http://www.lexent.com) ."
Transponders are small devices, which don't need a battery. They can be used for identification purposes: Trovan Transponders(http://www.trovan.com/) The rfid library(http://nongnu.org/projects/rfid/) is a set of C functions to communicate with RFID devices. A RFID transponder is a wireless memory area made of a chip and an antenna. A RFID reader creates a magnetic field that is used as a power source by RFID transponders and as a carrier for communication. A program can use the rfid library to be notified when a RFID transponder enters or leaves the range of a RFID reader. When a RFID transponder is in range, data can be read from its memory or written into it.
vp-usb-lock(http://www.voyagerproject.org/) is a Linux kernel driver and PAM module that utilizes the PC wireless USB lock and makes it possible to use it as authentication method for your Linux box. It is easy to install, but needs access to the sources of the kernel and PAM to build correctly. It has been tested under Fedora Core 2 with a custom made 2.6.7-1.494.2.2 kernel, but it should also work with other kernel versions and distributions.
Using your laptop in a public library you may rely on their theft protection mechanisms. Just put one of their CDs or DVDs with these litte magnetic tags into the drive. Mounting the media will prevent it from removal. Now imagine the thief leaving the library security gate! Nasty, isn't it? Note: make sure _you_ remove the media before passing the gate.
Just an idea and not yet worked out. But I suppose it is somehow possible to use WLAN and/or LAN capabilities of a Linux laptop either as a warning method if a machine is moved or as a method to trace it.
Just another idea and not yet worked out. But I suppose it is somehow possible to use WLAN and GPS capabilities of a Linux laptop either as a warning method if a machine is moved or as a method to trace it.
From Lionel, trollhunter Bouchpan-Lerust-Juery: "With a friend we are installing OpenBSD on a friend's computer and there is an interesting feature in his BIOS: the BIOS was flashed and the computer shop's appears on the screen qt boot up with the BIOS #. I guess they took an hexadecimal editor and edited the BIOS image replacing ABIT by the vendor's references. Such an idea, I guess could improve the overall safety of laptops acting as a deterant on amateur thief while displaying the owner's name at boot up: harder to sell if you see what I mean."
How to change the BIOS bootsplash screen for IBM/Lenovo Thinkpad T4x series(http://thinkwiki.org/wiki/How_to_change_the_BIOS_bootsplash_screen)
Here(http://www.ryandesign.com/jagboot/) is a tip on how to customize the OS splash screen, thus enabling someone to display a logo with owner's information.
You may also consider to implement a nice Linux BootSplash(http://www.bootsplash.org) screen.
In a SlashDot discussion(http://slashdot.org/article.pl?sid=04/04/01/1249204) I have found an interesting experience: " Were you running dnetc(http://www.distributed.net/) on the laptop? We've recovered a few pieces of stolen computer equipment over the years when the thieves plugged the boxes back in to the net and the installed client software sent back completed work."
There are many offers for locks, alarms, transponders and other means of computer security at:
STOP Security Tracking of Office Property(http://www.stoptheft.com/): "STOP's patented, permanent bar coded security plate actively deters laptop theft at the source as well as eliminates the reason for most theft: resale value. Equipment and laptop recovery is more likely when tagged with a STOP Security Plate."
Foiling laptop data thieves. Storing personal data on an external storage devices like USB sticks, memory sticks or portable hard disks will make it easier to take your data with you. Also it seems easier to encrypt these data.
The theft-alarm.sh(http://www.informatik.hu-berlin.de/~pilop/HOWTO_Gentoo_T43) script provides some theft protection plugins for laptops (especially for IBM/Lenovo ThinkPads). These plugins check for example power state, ethernet state, lid state and movement.
As an alternative you may subscribe an insurance. Here are some insurance companies, which are specialised in this field. Also some laptop and PDA manufacturers offer insurance solutions.
From Cryptome(http://cryptome.org/mi6-laptop.htm): "A second spy lost a security services laptop after drinking too much and losing track of it. The £2,000 computer was reported last night to contain details of British secret agents working abroad. It is an embarrassing sequel to the March 4 theft at Paddington that cost an MI5 officer his laptop and the secrets of the Ulster peace process that it contained. In this case, the agent had spent the March 3 evening drinking at Rebato's tapas bar, about a mile from the MI6 headquarters beside the Thames at Vauxhall, London. He then lost track of it, but thought it might have been left in a taxi. MI6's efforts to recover the laptop, using an anonymous newspaper advert, will further embarrass the Government. The advert placed by MI6 begged return of the laptop with 'vital research notes' to the 'academic' that lost it, in return for a reward. The computer was recovered on March 16."
"LONDON (June 5, 2000 4:29 p.m. EDT NandoTimes(http://www.nandotimes.com)) - Britain's Ministry of Defense, embarrassed by several recent computer thefts from military and security personnel, disclosed Monday it has lost 67 laptop computers in the last three years."
From SlashDot(http://slashdot.org/comments.pl?sid=03/11/28/0530208): Mundocani writes " Yahoo (Reuters) is (http://story.news.yahoo.com/news?tmpl=story&cid=581&e=3&u=/nm/20031126/tc_nm/financial_wellsfargo_theft_dc) reporting that the FBI has caught the guy who stole computers from Wells Fargo. The interesting part is that 'Investigators traced the computer to Krastof when he logged onto his own America Online account at home through one of the stolen computers.' Makes you wonder what sort of hooks the FBI has into AOL or other ISPs and what hardware identification is being transmitted at login."
See this story about using Timbuktu to recover a stolen Apple iMac(http://maccentral.macworld.com/news/2002/01/25/timbuktu/index.php?redirect=1077924048000).
Loss Statistics Charts(http://www.safeware.com/losscharts.htm) by SafeWare Inc.
Here are the slides of my presentation Theft and Loss Protection for Linux Laptops and Notebooks.