Ceci est une ancienne révision du document !
Rest safe. That's the headline of the Prey project. If you have lost your laptop or your phone, or they were stolen, Prey gives you the chance to locate them anywhere in the world and get them back. Simply the possibility of locking a stolen laptop and denying a thief access to the data is worth thinking about. Prey is currently available for Linux, Mac, and Windows based computers, and Android based phones. The iPhone and iPad Apps are currently under Apple’s review.
How it works
The location of the lost or stolen computer or phone will be tracked by an Internet access, the nearest Wifi access point, or GPS. Prey will then send us an E-Mail or a SMS, and then we can access our computer remotely with the following options:
• take a snapshot of the current user if there is a built-in camera.
• take a snapshot of what he is currently doing. With a little luck, it's possible to check out his E-Mail, social network account, or something else of evidence.
• hide private Thunderbird or Outlook data and/or delete stored passwords.
• lock the computer and make it unusable.
• send an alarm sound or show a message on the display.
Sound interesting? Let's go.
First, visit the Prey website (http://www.preyproject.com/) to create an account. After we click the Login button, we hit on “Not registered? Sign up”. Now we can choose between a free or pay account. We can register up to three computers or phones for free. For more devices, or some special services (more reports, permanent tracking, shorter reporting intervals), we can choose one of their pro offers.
For testing, the free version just suits us, and we work through the procedure. After entering our name, e-mail, country, and password, we will receive an e-mail to activate our Prey account.
When that is done, it's time to install the tiny Prey client on every device we want to protect. Since Ubuntu 11.04, we'll find Prey in the Ubuntu Software-Center. Install it from there, or via Terminal, with
sudo apt-get install prey
For older Ubuntu versions, chose the download from the projects website and install with Gdebi. Next thing to do is to open the Dash. In the category System, we'll find the Prey Configurator.
After opening it, we work through the Main Settings.
First, we decide about the Frequency of reports and actions. This means we set the time-frequency when Prey will awake after we’ve raised an alert of a lost device, and the number of minutes between the single reports we'll receive, or an action will take place. If you are not in a hurry, the default setting of 20 minutes will be just fine. If necessary, you can change that later at the Control Panel.
Next we have to think about enabling a guest account. This is a must for computers protected with a password to get full remote access.
Wifi autoconnect should be enabled, it allows locating the computer if it is near a Wifi access point - whether its new owner is online or not.
We accept the Reporting mode as recommended.
Because the Prey account is already created, the last step is to type our login data (e-mail and password).
Finished! The unit is registered now and can be tracked.
The Control Panel
To check out if it works, and to see which options activate if the device is lost, let's surf again to preyproject.com. After we log in, we'll find our registered machine at the control panel in the category Devices.
Before changing something, let's take a closer look at the panel. It is clearly structured in three groups. The function of every switch will be displayed when we move the mouse over the question mark beside it. Functions labeled with a little red pro are available only in the pay version.
Let's start with the settings in the section “Information to gather.”
Of course Geo and Network switches have to be ON. For network details, it will be useful to switch on YES to gather active connections. If the computer possesses a WLAN-module, we should enable the listing of Wifi hotspots near the device. To be able to trace the route the current user has taken with our equipment, we first need to install the package “traceroute”. We'll find it in the Ubuntu repositories, install it in the usual way and activate this function.
Next we can choose to take a screenshot of what the user is doing. If we are lucky he is logged in somewhere where we recognize his name or something else of evidence. If there is a built-in webcam, and we want to take a picture of the person who is using our property, we shift the Webcam-button to ON.
Under the section “Actions to perform”, currently we don't change anything, because these functions will work whether the computer is registered as missing or not. Caution particularly with the Secure button!
At least let's activate the Missing-button, save the changes, and let's see what happens.
When I made this test with my PC, after some minutes I received an e-mail which told me that the device has been located. At the control panel appeared the first report. The current IP, time, OS, and active connections up to the Internet-browser were shown. It was all correct so far.
Worth knowing
If a device is announced as missing, Prey will send us 10 reports. The eleventh report will overwrite the first one and so on. So we see always the ten latest reports (up to 100 in the pro-version).
To prove that we are the legal owners, it's important to notice the computer’s or phone’s serial numbers.
To prevent a thief from installing another operating system, we should protect the BIOS with a password, and disable booting from CD/DVD or other removable devices.
To format the HDD, or to remove the Prey-software from our Computer, a thief needs to know the administrator-password. There is no need to worry about updates for the prey software. It will update automatically when necessary.
The software is open source and can be checked by everyone.
Prey people say that privacy is their number one priority, and that they gather information only with our permission. But we have to be aware that we give them at least the access to our computers or phones. Even when they promise never to spy, and never to do anything that might harm us, there is still a little risk.
This article can only briefly cover the basic essentials of Prey. There is much more to learn about. For further information, especially for details of handling Prey on your phone, visit the FAQ at their homepage. For discussion with other users or the developers, there is a forum and an IRC-channel.
Conclusion
There is no assurance we will get back our property, but we can improve our chances. I've decided to keep this little guard on my computers. Just the option to lock out a stolen computer persuades me. By the way, in case of a burglary, maybe the PC will lead me to the thief, and help me get back other stolen property. Who knows?
For the storage of sensitive data, I use Cryptkeeper (Ubuntu repositories) or a TrueCrypt container - to keep any possible spy at bay.
URLs of interest: Website of the Prey-project http://www.preyproject.com/ Host of the Prey-sourcecode https://github.com/prey/prey-bash-client Prey forum https://groups.google.com/forum/#!forum/prey-security Prey IRC-channel http://webchat.freenode.net/?channels=preyproject
Editor’s note: There’s also an Android version of Prey (https://play.google.com/store/search?q=pname:com.prey), but having read the comments, it seems quite easy to defeat.