posted in code with 0 comments
Disclaimer: This post is mostly idle speculation, dear reader(s). Actual experimentation with any script whose sole, explicit function is to variously delete files or zero write a hard disk should only be undertaken in a controlled sandbox.
I came across Prey this morning in an OMG! Ubuntu! news post, although I haven’t yet tried it (I’m sick *cough* *sniffle*) on my own machine. Prey is one of a growing class of programs that “takes care” of your laptop after it is misplaced or stolen. I say “takes care” in quotes because the variety of responses in these programs range from a full remotely ordered wipe, down to something much simpler such as your machine discreetly broadcasting its location to you. Other examples of this category of laptop include Apple’s MobileMe remote wipe, or Absolute Software’s and other vendors’ multitudinous options.
The long and short of the matter is that yes it is very easy to remotely track and wipe a stolen laptop using software on an operating system level, assuming that your thief doesn’t:
- Use a Linux live CD/USB key to access the file system without booting the machine.
- Just plain wipe the hard disk, install Windows XP and sell it on.
To send the remote wipe signal you need an Internet connection (or no Internet connection, but this is kind of scary and chancy – I’ll get into it) too, which implies crossing your fingers and hoping the thief turns on your laptop, manages to log into it as a user and then connects to the Internet. For the sake of this blurb/rant/article I’m assuming your thief does just that.
Let us begin!
Every remote wipe solution has two components:
- A remote server location that, when presented with the correct credentials, will issue a kill signal.
- An installed software application on your laptop that listens for the kill signal and acts upon it when given.
If you strip out the safeguards, the gross user interaction and any configurability, it is entirely possible to boil down a remote wipe system to a single bit located in a text file on a server and maybe ten lines (without comments) of code on your laptop. Let’s say that I have my remote server, in this case http://cheeze.bhalash.com. On this webserver is a single file named
stolen. In that folder is a single character,
1, no or yes. So long as my laptop is in my possession, it will remain flipped to
0. Should I find myself sans laptop, at any time or for any reason, I can SSH into my server from the web and flip the bit:
echo 1 > stolen
With a little luck my incriminating personal data will be wiped sometime in the next few hours (assuming that it isn’t wiped anyways by the enterprising thieves).
How does this work?
Once an hour, cron runs a script on my laptop:
0 * * * * root /usr/local/bin/amistolen
amistolen runs once an hour to connect to my server, looks at
stolen and acts accordingly.
Variables: What shameful secrets do I want deleted? Where am I dialing into to see if I’m stolen?
curl -s $SERVER 1>:$TMP
if [ $? -eq 6 ]; then
In this first part, I am giving the script a chance to fail peacefully – if it cannot connect to the Internet, it exits. Curl exits with a code of “6” if it cannot make the connection:
[mark][~] # curl -s http://www.google.com
[mark][~] # echo $?
All at once it gives me a graceful way to check if an Internet connection exists: Simply look at the exit status. Win. I’ll digress and say that curl really is an amazing piece of software for a Linux system; I’ve barely scratched 1% of what I know it can do for me, but I still come away feeling excited (which, as an nested aside, shows how busy my life is).
So if we haven’t silently exited we have the contents of the remote file sitting in our temp file:
if [ $(cat $TMP) -eq 0 ]; then
elif [ $(cat stolen) -eq 1 ]; then
rm -r $PORN
So there you have it, dear reader(s): A dangerous and insecure method to remotely wipe your laptop from across the Internet, in less than thirty lines of a bash script and all of two conditional statements. I’m offering a gilt-edged mention on this blog for the first
poor sap pioneering power user to implement it. And before the hate mail pours in: Yes, I can think of a dozen ways to make this more secure and robust.