Laptops

How do I use Prey to help recover a stolen laptop?

Prey is an open source application that can help you find your laptop when it is stolen.

Laptops are stolen all the time. And recovering a stolen laptop is made very difficult when steps have not been taken to help this task get accomplished. Prey is an open source application, available for Windows, Mac, and Linux, that can help you out when your laptop is stolen. Prey takes an ingenious approach to laptop recovery, because once it is installed, it will send timed reports to a configured e-mail address containing information describing its whereabouts. The information collected includes:

  • Status of the computer
  • List of running programs and active connections
  • Detailed network and WI-FI report
  • Screenshot of running desktop
  • A picture of the thief (if the stolen laptop is equipped with a Webcam)

Of course you are probably thinking that this is a lot of information to be sending out, especially since, with this setup, your laptop will be sending out this information even when the laptop isn't stolen. Ah, but the creators have thought of that as well. You can configure Prey to send out the information only if it finds a certain Web URL that you created in the event of the laptop being stolen. We'll address that in a bit. First, let's look at how to get the program and install it.

This blog post is also available in PDF format in a free TechRepublic download.

Getting and installing

Before we start, you should know that Prey requires the .NET library. If your laptop does not have this installed, you will have to install it before you can work with Prey. First download the zip file from the Prey Download Page. Once you have that on your hard drive, unzip the file and open the resulting folder. Within this folder you will see a few executable files. The file you need to concentrate on is PreyConfig.exe.

Configuring Prey

Here is the information you will need to set up Prey:

  • URL: More on this later
  • E-mail address: This will be the address Prey sends all information to.
  • SMTP Server: The SMTP server Prey will use to send e-mail.
  • Port: The port the SMTP server will use.
  • SSL: If your SMTP server uses SSL, you will have to check this box.
  • Username: This is the username for the SMTP server.
  • Password: This is the password for the SMTP server.
In order to configure Prey, double-click on the PreyConfig.exe file. When the configuration window opens (Figure A), enter the necessary information, but do not enter a URL.

Figure A

If you don't want to create an account with Prey, you can go the simple e-mail route.

One thing to note is that if you use Google's SMTP server you will need to set the port to 587 and click the SSL checkbox.

Before you activate Prey you have to locate the PreyAgent executable command. To do this, click the Activate checkbox, which will open an Explorer window where you can locate the PreyAgent.exe file.

Once you have entered all the information, click the Activate button and you are good to go. Prey will begin to send information to the configured e-mail address in the time increment you have configured.

Setting up a URL

As stated earlier, the developers have created a way for you to pseudo-activate Prey should your laptop be stolen. What you do is create a URL that Prey can check for (it will do so at the time increment configured). When Prey finds that URL, it will then begin to send out the information to the configured e-mail address.

The URL you create is up to you, but make sure you have the capability of creating that URL from anywhere at any time. Say you own the domain http://www.mydomainishere.com. You can configure Prey to check for the URL http:///www.mydomainishere.com/STOLEN.html. If your laptop is, in fact, stolen, create a Web page with that address (you can just create a blank STOLEN.html file as Prey checks only for the existence of the address) and then you will begin to receive information at the configured e-mail address.

When you click the Activate button, a new window will pop up with a message telling you the configuration is OK.

Using the Prey Control Panel

If you choose to create an account on Prey's site, you can take advantage of their Control Panel for more granular control of your stolen hardware. After you sign up for the service, you will get an activation key, which you will enter in the configuration screen. You will also have to add a new device in the Control Panel. Click the Add New Device button once you have logged in. In this new screen (Figure B), you enter a name, select the device type, select the OS, and then click the Create button. When you create the device, you will be given a device code that you will then enter into the configuration screen.

Figure B

You can add numerous devices here.

Problem

In order for Prey to actually work, it will have to be booted up and connected online. This can be avoided unless the first thing a thief does is format your hard drive. If that is the case, you are out of luck.

Final thoughts

Is Prey a perfect solution? No, but it is an interesting and well-executed solution that just happens to be open source and cross-platform. This enables pretty much anyone to have at least a slight chance of recovering a stolen laptop. And even the slightest assurance is better than none.

Stay on top of the latest XP tips and tricks with TechRepublic's Windows XP newsletter, delivered every Thursday. Automatically sign up today!

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.

77 comments
chas_2
chas_2

Interesting idea! Thanks for reporting on this, Jack. I don't have LoJack or anything similar to protect my laptop and you are correct in saying if the thief formats the hard drive, the data are gone. Although if the VERY first thing the thief does is format the hard drive, he couldn't steal any personal data, could he? There's some degree of protection in that. In addition, I like that this is an open-source solution.

ammar_zaatreh
ammar_zaatreh

Isn't sending such detailed information about your system on a regular scheduled basis a bad security idea ? I mean if someone could intercept that email then my security is doomed. On a different note, my laptop has enough security measures, passwords, and encryptions to prevent anyone but me from even booting it (even if they wipe the BIOS my HDD is inaccessible without a password), so unless the laptop is stolen while windows is running unlocked, these methods won't be very effective.

brettlyian
brettlyian

Might be pretty nice if you install VNC server and gather some info. Watch them in facebook, etc. might be enough to find them. Of course you'd have to hope you'll catch them somewhere with those ports open.

cwilson
cwilson

How does this compare to other software such as LoJack for Laptops, LocateMyLaptop, etc

goldi.raj9
goldi.raj9

what if someone formet your laptop after stolen.....?

azizurrehmans
azizurrehmans

What if the stolen laptop is formated and OS reinstalled? What is the stolen laptop is not connected to interlink. What is the stolen laptop is soled in parts.

marcpen
marcpen

I have a ?500 laptop for work. It is insured in case it's lost or stolen. The entire hard drive is encrypted with TrueCrypt so it won't boot without the password. They can wipe it and start again, but they'll never get my data. I can get a new PC and be back up and running in a few hours. Pfff. If I had to pay for the replacement PC, maybe, otherwise I'd just write it off and get a new one.

gealogom
gealogom

I've installed Prey and openned up the Prey Configurator. Nowhere on the window (exactly like your Figure A) to check a box to activate and nowhere in my system can I find the executable PreyAgent.exe. Can someone help? Thanks

reisen55
reisen55

ARE USUALLY the fault of stupid users. Leaving it in a bag on the back seat. NEVER EVER let a laptop be seen in public in an unguarded environment. EVER. Put into the trunk of the car. Always. Hide it, do not let it out of your sight. EVER.

ahafez
ahafez

Now that this program is known the thief may be precocious and switching off the wifi or not plugging in the network cable, and then disable the software.

kandyass
kandyass

It seems the most effective way to use this software would be to have a user account accessible to the unsophisticated thief but with limited privileges and having your actual data on an encrypted space. Ideally the the dummy/honeypot account would have lots of interesting (fake) data that would turn the thief's curiosity against them. Use case: your laptop phones home as the thief browses a pile of data designed to appeal to the lowest common denominator (i.e. scandalous emails, fake financial info, compromising photographs). Perhaps one could tailor this info to entice an extortion attempt.

NCWeber
NCWeber

I think I prefer the "let it go method" and encrypt the entire hard drive with TrueCrpyt. The thief can't get at the data on the drive no matter what machine he installs it on, and laptops are cheap enough to replace without going totally bankrupt. Also, I'd make sure all data I had on there was backed up properly.

edward.j.obrien
edward.j.obrien

Although well over 70 I enjoy playing with computers - building the odd website as a sort of paying hobby and playing games - but by knowledge is really a bit narrow. I think this may be a stupid question and I'm going to be a bit red faced here. However, this article looks really useful for me, so what is ".NET library"? I looked it up and all kinds of stuff about online books etc came up. Can someone help me with this? 1: How do I check whether I have .NET library installed? (I have looked but can't find anything) 2: If not, where do I get it? TIA for any help - I know it's not a forum, but I hope I'm forgiven!

techrepublic
techrepublic

The first thing I would do if I were to steal a laptop would be to completely NUKE the file system. That makes PREY moot!

yonman
yonman

BIG QUESTION: Exactly what IP information "is" gleamed to assist authorities with the arrest and retrieval of the laptop? How can you locate and catch a 'tief who is using a public wi-fi?

Skibum
Skibum

I'm gonna turn it on (a) to make sure it works for when I pawn it; and (b) just to see what's there. If I hit a boot or OS password, I'd probably forget about it and reformat. Computrace and Lowjack may get me then. If I can get in without a password, then I'm gonna look for Nurse Nelly's nationwide database of physician social security numbers I can sell, or better yet her online banking passwords (after all, I'm not an average thief). Whoops, here comes Prey as well. Concur with Daniel.Muzrall ref: encryption Concur with rogerwal ref: what thieves want Disagree with bad-idea. So we ban the tool because of potential for abuse? Oh, I see, it's only a select core of techno-elites which will be allowed to use it. You're using a stale gun-control-style argument. So I'm just gonna let the thief have my laptop? I think not, especially when I have an inexpensive locator I can use. And what does use of the tool have to do with chain of custody when I report to the police a stolen laptop along with the information on where it and the crooks are located? The cops I know would be very very happy with that information. There are already laws against unauthorized use and abuse of process.

dawid.dekock
dawid.dekock

Why cant you get something like that embedded in the bios ?? that way a format wont matter

rogerwal
rogerwal

when a thief steals a laptop belonging to someone else they will first want to peak their nose into your personal and private business. they will want to access what pictures you may have of yourself and any others, see if you have any usernames and passwords for any personal or private web sites stored on your computer, for example, online banking account, and they will be compelled to check that out to see if there is anything else worth stealing from you as well. so i believe that they will not resist that temptation and just wipe your harddrive to only benefit from gaining a laptop computer but make themselves get caught in the process of trying to see if they can steal many other things from you (remember invasion of privacy and identity theft is the most online crime that is committed). Roger.

rshaw
rshaw

As Daniel.Muzrall posted, there are services and software such as LoJack that load into the firmware of several laptops designed to support this feature. Formatting the drive will not prevent the laptop from contacting the service monitor when it is powered up and has an available network connection. Also, the laptop can be remotely wiped to protect sensitive data. This would be the way to go for anyone who keeps sensitive information and/or is at risk for theft because of location or frequent travel.

bad-idea
bad-idea

This software allows, and article encourages, people to do things most are not qualified for. Running a surveilance operation and, maintaining evidence and chain of custody for starters. Further, being free and, because there is no third party involvement it's much more likely to actually be used in unintended(?) ways, spying, stalking etc...

JSmotherman
JSmotherman

You mention "Outside of the translation issue, the only foreseeable problem...", but you never mention what the translation issue is.

Scott R.
Scott R.

I hate to break it to you, but the HDD passwords are easy to break. The manufacturer builds in a back door in case customers lock their HDD and forget the password. This back-door is often sold to hackers for a fee. Especially if it an older laptop, these tools are free and fully available.

tony
tony

Lojack has a team dedicated to recoving the laptop if you purchase the premium option. As a single individual your chances are slim, since you will be ignored by the local police dept.

bhughes55
bhughes55

I've read a number of replies. Not only laptop but desktops get stolen as well. The way I figure it is, if the motivation was taken away from the theives -- data ( full encrytpion ) and hardware ( bios level when triggered by owner for a full nuke to make the laptop now totally useless -- including motherboard, ram etc, laptop makers could easily do this with a device to zap the whole thing at little cost to the comsumer and would probably increase sales too ) would the theives then give up. Then pretty soon you'd be able to leave your laptop anywhere and people would just walk by it. Some may say then they wouldn't connect to the net --- sure but tell me who has used a system and never connected it the net. It's like the air we breathe now, it's part of everyday life. A pc that can't connect to the net is like having a car without gas, how much would pay for a unconnectable laptop. I say let's nuke 'em and make then worthless.

WiseITOne
WiseITOne

I had a Manager at my old job get his laptop jacked because he put it in the back seat of his car. DUH. Went to dinner and his back window was busted in - no laptop. I always take mine with me when I go to the store. If you are strong enough to pry it from my dead body then you can have it, I suppose. I don't walk around dark corners or the south side of town so i am not worried about armed robbery. Additionally, my HD is encrypted so if it were stolen I would be upset but at least know I have my data protected as well as backed up in two different locations.

rogerwal
rogerwal

.NET is a programming language developed by Microsoft for developing applications with web support. You can always get it as .NET Framework 1.1 to 4.0 and its service packs. All you need to do is go to Microsoft's website and look for download center or do a search for it and download and install the version(s) you need. Usually a application requiring .NET support will prompt you for it to be installed first before the setup process starts or continues.

nolamatt09
nolamatt09

if you go to add remove programs and there is a listing of Microsoft .NET Framework then you have the .NET library if not just find .net framework from microsoft's website

WiseITOne
WiseITOne

My thought exactly. Are you going to raid Starbucks? Cmon, I doubt a theif would have internet at their residence and/or plug it in there. Majority will use free public wi-fi because they are cheap or not stupid.

luis
luis

We have similar agents on hundreds of laptops. About ten have been stolen in the last two years and only three have signaled back their location. We can remote in and wipe, clean, or otherwise glean information. No problem so far. The issue is when you give the information to the police they don't follow up. We've traced it to the theif's house, phone number, name, FaceBook page, given them pictures of the holder and they have yet to recover one laptop. We currently can still connect to all three machines, one in Oakland two in New York. We have one person who follows up with updating the police to there location. Its been a while now so we don't expect the laptops back. With our agents we have been able to recover data then wipe those areas we deem private so the user can't use the information. I'd be interested in hearing some cases where mere mortals (non-politicians or military) have been able recover a stolen laptop and how they did it.

WiseITOne
WiseITOne

I really don't understand why anyone thinks this will work. I really think that most theives don't have internet or won't hook up the internet to get to the hard drive. Really, people think about it, who in their right mind would connect to the internet. If they do they will do it at Starbucks, please don't ever think that a theif is a moron - especially one that takes laptops and high value items. They aren't stupid and a simple internet search would reveal the way to AVOID getting caught. I do not think that any feature that requires the internet to work is worth anything. As some have stated, it is easy to mount the HD and get any data needed. The only protection is drive encryption or folder encryption for confidential information. Any other form of protection or detection is a waste of time and money. Get a good back-up solution so when you lose the laptop you can move on and not worry about the data or hardware.

ammar_zaatreh
ammar_zaatreh

While my drive isn't the standard one that came with the laptop and its backdoor (if existant) should be harder to exploit, I'm aware most measures taken at hardware or BIOS level usually have backdoors. The sad truth is that manufacturers never trust the user to never forget his password and always take such steps which end up being exploited by hackers. *sigh*

hapecat
hapecat

I use the BIOS method of, LoJack Premium from Computrace, which relies on an Internet connection. Most everywhere you go these days, you can find an un-protected WiFi signal somewhere to connect to. All sensitive data is encrypted with PC-Encrypt. With PC-Encrypt, it is easy to have individual files and folders encrypted, instead of having to creating a separate encrypted space. Everything else is accessible. Even an auto-login into my user account is performed at OS boot, and boots directly to the desktop. But, I use RoBoForm for all other account logins, which in turn is controlled by 1 master password that is of 128bit strength. I want my thief to feel comfortable and have a good time, while the LoJack team is doing it's thing. My mission here: Keep the thief connected to the Internet for as long as possible. If this is made easy for him and entertaining, he will stay connected longer.

TexDad
TexDad

Nuke 'em: I like the concept, but, I'd bet that one possible result would be that your laptop is under your sofa when you nuke it, and it takes out your house full of expensive electronics with it !! OK, I am super surprised that no one has mention that thief could take the hard drive out of the stolen laptop, mounts it in an external USB case and then has a look around. LoJack is foiled, as well as Prey, and any other recovery software/hardware. All these scenarios (including the ones first covered in the article, but rehashed in the replys as if they were the first to think of them) are possible. Early in the article the author said something to the effect that there is no perfect solution to the problem. Stuff gets stolen. Even if you were to trigger a built-in dye packet with a mild acid, the laptop could still be under the rear seat in your friends' car, where you left it, but forgot. The whole point of Prey is one more attempt at a solution to a problem. And, it's free! Think of WEP as a solution to wireless security. It will stop MOST people, even casual thieves who won't bother to go through the trouble of breaking the code.

Lovs2look
Lovs2look

My lappy is for personal use, therefore no company data is stored on it. Just my media files and documents, which I back up to 2 locations...for this very reason. I use a bios password, so no casual hacker can crack it, it's long. And it can't be booted until the password is entered. Not a deterrent, and no guarantee that it won't be stolen, but minimal loss if it does. That's why God invented insurance.

edward.j.obrien
edward.j.obrien

Thanks for that. It's there and all should now be okay. Best wishes.

Realvdude
Realvdude

It gives some real statistics for the issue. Looks like your problem is the other 7 laptops, which you hope were not accessed.

migv1
migv1

Just what I was thinking - you go through all that trouble and the cops don't follow up, what are you going to do? Raid their den yourself? Personally, if I my laptop was stolen I'd rather have it explode in the thief's face or maybe send it a command to activate an EMP pulse device that fries all the electronics in the laptop and everything else in a 10 foot radius ;)

ZoomZoom
ZoomZoom

Doesn't pretty much every laptop require the user to log in when turning it on? I imagine the odds of the thief being able to figure out the login is pretty slim so most logical action is immediate reformat... which wouldn't give Prey a chance to do it's thing. I'm sure there's a chance it could work (and it would be pretty cool to receive picture of theif in email) but it shouldn't be your only line of defense. Anybody have ideas on what else to use that offers better odds of recovery? Is there such a thing as a bios level program? Any specific recommendations for disk encryption & backups?

tony
tony

Just google truecrupt hack and you find that it can be beaten. But it is better than having nothing at all.

marcpen
marcpen

By using TrueCrypt on the drive you cannot mount it in another PC and access the data without the password. Put it in a USB caddy and even a hex editor will just see garbage. The only thing a thief can do with my laptop to make it work again is to format it and start again.

igtddave
igtddave

How about just physical security measures, like cable locks, placing said laptop in locked cabinet or closet. Out of sight, out of mind for an in-and-out kind of thief. Of course, I leave my laptop in the same room with my Pitbull.

tony
tony

Great idea, but would get far. The best solution would be to remotely trigger a Lithium battery fire, perhaps burning down the perps home.

paladin2
paladin2

About a pound of C4 in the optical drive or someplace (doesn't need much space) and a few explosions later I think fewer laptops may be stolen. Most thieves are risk averse enough to wonder after a pal or two get blown to bits that maybe they can steal something else. And a big sticker on the lid stating that you have some govt. explosives permit exemption might be enough to make it worth making space in the case for a lump of C4 (or Semtex)

tony
tony

ZoomZoom, The logon password is very easy to change. there are dozens of password changing boot disks solutions. So the thief first boots with a password changing software, changes your local admin password and then logs on as admin. Now they have full access to all your data, Internet Explorer favorites, password cache. Now there are hundred of tools you can download off the internet to harvest that information. Next thing you know they are logged into your online Chase Checking account transferring cash to a prepaid credit card, sending checks to their friends, etc. Selling your identity information they gathered to other internet theives etc. The possibilities are endless. Of course you say well they boot up and and the software captures them, OR I have BIOS passwords, fingerprint, biometric sign-ons etc. All that is just junk, as the savoy theif simply pulls the drive and connects it to their linux box and grabs the data off. The best protection is entire drive encryption, with the account passwords changed, most encrpted drives become completely unreadable - except only the most expert hackers. If you think like a theif, most would just try to clear any owner idenifing data and pawn the laptop for cash. It's just those high-end theives that would target specific individuals simply because there laptop could contain some valuable information.

paladin2
paladin2

Laptop Cop ( a Dell option) resides in BIOS and even with a different drive installed you can still take total control of the laptop and lock it down or wipe it.

jimrinflorida
jimrinflorida

There are very good free products available for download that can wipe away Windows user passwords (Vista & XP) so a person can log on without knowing the admin password. You boot to these programs first and you can change passwords there.