undercover: theft recovery software for mac os x software review
DESCRIPTION
This is a software review of Undercover, the theft recovery solution for Mac OS X computers by Orbicule.TRANSCRIPT
Undercover: Theft Recovery Software for Mac OS XReview by Tracy Boyer
www.innovativeinteractivity.com
Undercover is a theft recovery application made by Orbicule. The Belgium company was founded in 2006 and currently provides security solutions for Apple computers, iPhones and iPods. For this software evaluation, I will be solely focusing on Undercover Mac, their computer recovery solution.
How Undercover Works:
Undercover Mac works behind-the-scenes only when a computer is reported as stolen. Otherwise, the application remains dormant on the computer. It requires only a very minimal amount of space (ap-proximately one half of the memory required for a dashboard widget) and does not require any annual fees or subscription costs. The computer owner purchases a one-time $49 license to download and install Un-dercover on his computer. There are also reduced prices for students, households, and educational institu-tions. Undercover Mac works on Tiger (Mac OS X 10.4), Leopard (Mac OS X 10.5) or Snow Leopard (Mac OS X 10.6) for the MacBook, MacBook Air, MacBook Pro, iMac, Mac Pro and Mac Mini. The software was written in Objective-C using Apple’s Cocoa framework (Orbicule - Undercover, “F.A.Q.”).
Once the owner installs Undercover, he receives an email containing a unique Undercover ID, which only he technically should know. Undercover cannot start monitoring computer usage until the computer is reported as stolen on their Website by submitting this ID number. Once flagged as stolen, Undercover uses the built-in wireless technology to collect geographical information to accurately determine its loca-tion from within 10-20 meters. Furthermore, the application will use the built-in camera to take pictures of the perpetrator every six minutes. In addition to taking pictures of the thief, Undercover will take periodic screenshots of his computer activity. Screenshots of emails, social networking profiles, and other browsing information will be bundled with the location information and pictures and sent to local police. Undercover works directly with the owner and police to ensure rapid recovery of the stolen computer. They even have a money-back guarantee and will refund the cost of Undercover if they are not able to recover the computer (Orbicule | Undercover, “How it Works”).
While Undercover can work behind firewalls and used in conjunction with other security solutions such as Little Snitch, it also has a “Plan B” in case something goes wrong. Undercover subsequently fakes a hardware failure and slowly fades to black within thirty seconds, rendering the computer useless to the thief. The likelihood is that the perpetrator will either quickly sell the computer, or attempt to get it fixed at an Apple Store. Regardless, Undercover continues to transmit location information and when it registers an of-ficial store location, the software will display a full-screen message alerting the reseller or potential buyer of the theft and provide information for its safe return.
Undercover Test Run:
I was granted a temporary license to download Undercover Mac and run a simulated theft trial on my laptop for the purpose of this analysis. I downloaded the Undercover disk image from their homepage. Orbi-cule provided step-by-step directions to install the software in an email with my license key. Similar to other installations, I clicked on the .dmg file and followed the instructions on the screen (Image 1). After rebooting my computer, I was presented with a user-friendly window asking me for my license information (Image 2). It was interesting to see that a user can download the software before buying a license, but will be unable to complete the installation at this point without one.
Once I inserted my license key, I immediately received an email from Orbicule notifying me of the successful installation, and providing me with a 17-character Undercover ID. Note that this ID is different than the registration key. While both should be kept confidential, it is the Undercover ID that is vital for initi-ating the theft-recovery process.
To then report my laptop as stolen, I went to their theft page and provided my name, email address, and Undercover ID. I was immediately presented with a reassuring message letting me know that they are now tracking my computer and will contact me within 24 hours (Image 3). The next day I noticed a small green light appearing periodically next to my computer’s webcam. I realized that this was the software using iSight to take pictures of me (Image 4). Moreover, it set off a silent trigger to begin taking pictures again when I initialized activity on my computer after periods of absence. It is important to note that I only saw this light because I was conscious of the tracking process, whereas I don’t think perpetrators would notice this “out-of-the-ordinary” activity. I used my computer throughout the weekend and never noticed anything else strange about my “stolen computer.” 48 hours after reporting the theft, I received an email from Orbicule with a variety of pictures of the computer user, computer usage, and location information. From their office in Belgium, they successfully tracked my location to not only the apartment complex, but down to the building unit where I was staying in Greenville, NC:
Skyhook Wireless location latitude: 35.616438 / longitude: -77.404010 GoogleMap: http://maps.google.com/?q=35.616438,-77.404010&spn=0.05,0.05&t=h&om=1&hl=en
They also detected my internal IP addresses and router IP address. In total, they provided a sampling of ten screenshots and user photos over two days. From the screenshots, they tracked my activity on iTunes (Image 5), email and Google Reader, among others. My name was included in several of their screenshots, which they said helps them accurately match a name (computer screenshot) with a face (webcam picture). Overall Impressions:
I was thoroughly impressed with this software. Their monitoring capabilities are top-notch, and their customer service is excellent. They treated my case with care in a timely fashion, and it put me at ease to know that they were hypothetically working hard around the clock to retrieve my computer. Undercover does exactly what it says it promotes, and while I couldn’t test the “Plan B” hardware failure, I was amazed with the results of the tracking phase. From the evidence they provided me, it would be extremely easy to track me down with my picture, full name, and apartment location. Therefore, the software successfully ac-complishes its claimed purpose. Moreover, it is evident that they have helped numerous customers retrieve their stolen goods from their page of recovery stories.
This software has numerous strong points surrounding its ease-of-use and non-detectable tracking services. Unless the perpetrator knew to look through my application folder specifically for Undercover, or did a clean install of OS X, he would be oblivious to the tracking software. Upon download, Orbicule advised me to create a dummy account with no password so that the thief would use this access, and therefore not have access to personal files and administrative controls under my account. A thief has to be able to log in and on to the Internet for Undercover to retrieve location information, so this guest account provides a fool-proof entry point.
Privacy issues are always of concern when using tracking software such as Undercover. Orbicule states several times on their Website that they cannot monitor a computer until the user initializes action
by providing his unique ID number. However, they also mention that they do run periodic checks against its theft database to ensure that the computer running Undercover is not reported as stolen. If everything looks normal, they state that no data is transferred to their servers. One hacking possibility is if someone else was able to get access to your email account and initialize a theft using the ID in a previous email. Orbicule would then send tracking information to this email account, and the hacker could retrieve sensitive informa-tion about you before quickly deleting the message without your knowledge. While this may seem far-fetched, it is important to note that this scenario would not be a security shortcoming of Orbicule, but rather of your email client.
Another weak point of this software is that the owner has to have forethought to install Undercover before a theft occurs. Unfortunately, many people do not assume the worst and fail to adequately protect themselves. If a laptop is already stolen without Undercover installed, there is no way for Orbicule to moni-tor its usage and location. Therefore, Orbicule has to rely that people will be proactive about protecting their computers.
Final Thoughts:
I would highly recommend Undercover Mac as a theft recovery application. I currently have two Mac computers in my house, and I look forward to installing Undercover on both of them to protect my assets. This software is revolutionary for information security because it works directly (and remotely) with both the owner and authorities to retrieve stolen property. In the digital age where technology is easily snatched, tampered with, and destroyed, Orbicule works to combat this unsettling issue with their highly-professional and extremely accurate anti-theft application.
Undercover can be downloaded here: http://www.orbicule.com/undercover/mac/Read recovery stories here: http://www.orbicule.com/undercover/mac/recovery.html
Image 1
Image 2
Image 3
Image 4
Image 5