One of our competitors who develops laptop theft recovery software has made the news recently due to a lawsuit filed against them where they are accused of crossing the line in terms of privacy, particularly a staff member who had back door access to a customer’s computer. It is important to note that not all theft recovery software and approaches are created equal, we saw serious issues early on with the “traditional approach” to theft recovery which requires the company to provide a back door into the computer system for monitoring center staff to access.
When we designed our software we kept customer privacy at the top of mind and built the system so that a back door was not needed. With privacy in mind we also gather only the critical information that law enforcement need to recover a stolen device. We do not capture screenshots, not only because it is not needed but we also felt that it was in violation of the Electronic Communications Privacy Act ( ECPA ). The information we do gather includes location, network information and a photo of who is using the computer, all of which are sent directly to the owner of the device. The device owner can even configure the software to use their own mail servers for added privacy. The data our customers’ see when testing the software is the only information our software gathers and they have full control of how and where this data is delivered and stored.
GadgetTrak pioneered the use of Wi-Fi positioning for laptop theft recovery, paired with the web camera capture and network information we provide law enforcement powerful tools to investigate theft. Since launching our innovative and privacy-safe approach to laptop theft recovery in 2008 we have had a very high recovery rate while still protecting our customers’ privacy. By using advanced technology we are able to provide law enforcement with the information they need to recover the device, while at the same time not requiring invasive back doors that not only compromise customers’ privacy, but also security.
If you have questions or concerns regarding privacy, or our technology feel free to contact me directly.
Although Apple is on the hot seat this week for the file that was found that is logging your location data unencrypted, both Apple and Google have been logging your location for quite a while. Both platforms regularly transmit name, location and signal strength of Wi-Fi networks along with a unique device ID back to Google and Apple. Although both claim that this data is collected and “anonymized” they do not provide a lot of specifics regarding how the data is collected and secured. Android also keeps a cache of location data, however it is only accessible by a root user and is once the file hits a certain size will reset itself, unlike the Apple file which saves cached data for what seems to be forever, it does not appear to cycle itself. (Continued)
Researchers have discovered a spy in your pocket, your iPhone is keeping a working history of where you have been in a hidden file on the phone that is copied over to your computer when connected and synched with iTunes. Not only is the device logging your location, but also at timestamp so anyone with access to this file will know when and where you have been.
Odds are that this is something Apple was doing for use in a later feature, or possibly for bug reporting purposes, but the fact that this data is logged on your device and copied to your computer without consent is grounds for concern. That Apple would intentionally do this also raises serious concerns regarding Apple’s approach to privacy. You can download an application that you can run that will load the file and show on a map where you have been. I ran a test on my iPhone 4 which is only a few days old and the results were as expected, it showed me at work and at home and everywhere in between.
With GadgetTrak software we always felt that tracking should only occur when the customer activates tracking and location data should only be saved on the server when the user specifically requests this option, apparently our privacy philosophy is not something shared with Apple. When you activate tracking with GadgetTrak for iOS you are provided with an option to store the data on the server, or simply have the tracking data emailed to you without it being stored.
As many as 50 female celebrities in Hollywood have fallen victim to a ring of hackers who have been stealing naked images of them from their phones and laptops. The targets are said to include Scarlett Johansson, Jessica Alba, Christina Aguilera and Miley Cyrus to name a few. Former “High School Musical” star Vanessa Hudgens recently met with the FBI to discuss nude photos stolen from her e-mail account.
Of course the best way to keep images such as this from being stolen and hitting the Internet is to not take such photos in the first place, however it does raise privacy questions with regards to the images you take, where they are stored and how you share them. Even if we are not taking naked photos, sometimes our photos are still very private and not something we wish to share with anyone. Photos of our children, family and friends can be both priceless as well as sacred to us, especially celebrities who have to work hard to keep their private lives private.
We take privacy very seriously, this is key to why we have so many celebrity customers. GadgetTrak Mobile Security provides users with the ability to remotely wipe their phones including photos if the device is lost or stolen. The images are also encrypted on the phone and backed up securely using their own privacy key that only the customer knows, so not even our employees can access the images or contact data. This is all by design, GadgetTrak Mobile Security was designed to help protect your data and privacy from the ground up. Try our free 7 day trial to see for yourself.
Nationally, police believe 75 to 80 percent of all property crimes are committed by people addicted to methamphetamine, or who profit from addicts. In our experience recovering devices we have found this to ring true, so every time we recover a device for our customers we make a donation to The Meth Project. The Meth Project is a large-scale prevention program aimed at reducing first-time Meth use through public service messaging, public policy, and community outreach. Central to the program is a research-based marketing campaign that graphically communicates the risks of Meth use. If you would like to learn more about the project or make a donation yourself please vist www.methproject.org.
The recent “rageagainstthecage” or “DroidDream” malware scare in the Android market is one of the first real malware incidents we have seen on the Android platform in the Marketplace to affect a number of users. Google just pulled more than 50 popular free apps from the Android Market which contained malware aimed at rooting the user’s device, stealing large amounts of personal data and downloading more malicious code. The applications that are being marketed in the Android Market as “anti-virus” which are supposed to protect users from this type of malware were completely ineffective in this case, it was only when Google pulled the plug on them that people were aware.
All of the bad apps were put into the market by the publishers Myournet, Kingmall2010 and we20090202 here is a working list of the malicious applications: (Continued)
We are asked quite often by customers and partners how our systems are able to scale with such a high number of devices and users hitting our infrastructure per second and how we will continue to manage this growth. Our new mobile security product GadgetTrak® Mobile Security 3 is one of the most advanced security solutions for smartphones, not only does it empower our customers track lost or stolen phones, but to also remotely backup sensitive data like photos and contacts. The new system was not only built for our direct customers, but also developed on a full multi-tenant architecture that allows larger organizations to manage their devices, as well as a rich API for our partners to implement more complex integrations.
The recent launch of our new iPhone application has been quite successful, the first ever ability to capture a photo of who has your phone in connection with tracking data has been a big hit. What was particularly amazing about this launch was some interesting celebrity endorsements we had as a result of our launch. One such endorsement came from Tony Robbins, the well known motivational speaker and author, all of sudden one night I found this in my Twitter stream:
This past week was a wake up call to consumers regarding mobile security and privacy, with the data breach of Trapster which is said to have affected their 10 million users. The company responded quickly telling users to change their passwords, particularly if the password they used on the site is used elsewhere. The key issue here appears that the passwords were left unencrypted in the database. Like the recent Gawker data breach, Trapster failed to use a one-way hash to secure the passwords. Particularly in the mobile space we are seeing developers focus on “speed” to get their products to market vs. taking time to ensure their systems follow security best practices, putting their customers’ data at risk.
This is also very true in the world of mobile security, where some of our biggest and even well-funded competitors are providing backup but fail to encrypt it. You can log into their control panel to see all of your contacts and photos. While convenient, this means that their staff can as well. Of course, if their systems are compromised, a hacker can get access to this data as well. GadgetTrak Mobile Security 3 is the only mobile security application for Android and Blackberry that encrypts data on the phone using a privacy key that only you know before it is uploaded this data is only decrypted when you download the data and enter your privacy key. This method ensures that not even our staff can view your contacts and photos. When you log into our control panel you will not be able to see your photos or contact data, but this means neither can we. Your privacy and security are important to us and we prove it every day.
Every day we hear stories of laptop and mobile phone theft, it occurs more often than people would like to think. Celebrity laptops are particularly hot targets, not just for the value of the device but also their contents, be it personal photos, or even intellectual property such as scripts, music and other priceless items. R&B singer Ryan Leslie knows this pain all too well. During his tour a bag containing his laptop, hard drive, $10,000 in cash and passport went missing in Cologne, Germany. As the laptop and hard drive contained “invaluable intellectual property” he is offering a $1,000,000 reward for its return, here is a video with his plea and some footage of his entourage interacting with security:
Many celebrities use GadgetTrak software for this very reason. Our software is on tour with quite a few musicians, many big names you would know, as well as actors and other professionals. The fact that we not only allow them the ability to track stolen devices, but can do so without a back door into their systems are key reasons they have placed their trust in us.
We get asked quite a bit why we don’t add anti-virus to our new mobile security product and the answer is simple, it would be dishonest, as true anti-virus for mobile devices is not possible with the SDKs provided by most mobile platforms. In the mobile security space there are many companies selling what they call “anti-virus” applications for your smartphone, however the term is being used erroneously on purpose. A virus as it relates to computing devices is defined by the security community as software that can replicate itself into documents and executables and infect other devices either automatically through a network, or a storage device such as a USB flash drive, with the end goal of corrupting data and damaging the operating system.
In order to detect and mitigate the risk of real viruses the software would need to be able to run as a root process on the system, something that is currently not possible on most mobile platforms where applications run in a sandbox. For example, none of the Android “anti-virus” apps can provide zero day protection, at best they listen for the package installed intent then do signature based detection. If there were an actual real kernel exploit in the wild a sandboxed third party app won’t be able protect you, you would need an OTA patch from Apple, Google, OEM or your mobile operator. (Continued)
Cloud computing and SaaS ( Software as a Service) has revolutionized the web and how we interact with computers. Off-loading applications and our data to the Internet makes things more convenient and scalable. However, with this convenience comes a trade-off in terms of privacy and security; by its very nature these architectures store more of our personal information on servers outside of our personal or even IT administrator’s control.
Although most providers of online tools go to great lengths to protect data and servers from outside hackers, there is little done to protect your data from employees who manage data. The recent privacy breach by Google Engineer David Barksdale reveals the dangers of the cloud and entrusting sensitive data with corporations. Mr. Barksdale allegedly used his position as a key engineer to break into Gmail and Google voice accounts of several teens. Google fired him once they learned of the issue after parents of children complained to Google regarding the issue. (Continued)
What have we learned from this year’s CES? There is a great article up on BBC “Ultra-mobile future beckons for PCs” discussing the death of the desktop PC. As we see Intel and other chip makers ramping up in developing processors for smaller devices that are increasingly powerful, hand held devices are no longer childs play.
Today’s laptops have more processing power than all the computers that took the Apollo rocket to the moon.
Not only do these devices have increased processing power but also storage as well. The problem is that as the devices get smaller and more portable is that we will bring them everywhere with us and are much more likely to be lost or stolen given their small size and price point. Also, as we rely on these devices to be our phone, camera, contact list and personal computer the information on these devices will become more valuable and important to protect.
We knew it was coming, only a matter of time. Cell phones will be your wallets very soon. Apple appears to have filed a patent to do just this, enabling users to place orders at a Starbucks or local burger joint, pay with their phone and then being notified by their phones when their item is ready to be picked up. As we all know a cell phone is no longer just a phone, it is an MP3 player, contact manager, camera and life storage device. In the next few years we will be seeing them function more as our wallets and increasingly our identities as well.
What if this futuristic do-it-all device is stolen? It is not only an expensive piece of equipment, but now it will also be your wallet, social security card, drivers license and precious memories all rolled into one. The theft of this device can be devastating, enabling a thief to steal your money, your identity and memories. As these devices get smaller they will also become easier to steal and misplace. This will be a reality in the next few years and GadgetTrak will be there protecting and recovering phones lives.
In the recent recovery of an iPod in Dublin, Ohio for one of our subscribers, it was not just our subscribers property that was discovered. In addition several other stolen items were found.
In Australia during a recent drug bust 1,500 ecstasy tablets were found along with a weapons cache and several stolen iPods. It appears an outlaw motorcycle gang were responsible for the crimes, which appear to have been going on for quite some time. If GadgetTrak were installed on just one of those stolen iPods and the police followed up with the recovery, they could have discovered criminals much earlier on.
It is estimated that 5% of the time, when law enforcement go to recover stolen property they uncover larger crimes being commited, be it larger property crimes, weapons caches, drugs or more. With the data that GadgetTrak provides, law enforcement will have the evidence they need to get specific address details from Internet Service Providers and mobile phone carriers from where the devices are sending signals from.
A few weeks ago the UK government boasted that stolen mobile phones can be deactivated within 48 hours. True. However, circumventing the methods used to deactivate is not difficult as we have mentioned. However, there is another twist to this story, these stolen mobiles will still work overseas, the database that is used to reference if a phone is stolen or not is only accessed while using a UK network.
The methods imposed by the UK may deter a minor percentage of cell phone theft, however it will be a very small dent. Even if a stolen phone is deactivated, it does not help the owner of the device get it back. Only GadgetTrak PhoneBak software will help mobile owners get their devices back in the event they are stolen. GadgetTrak PhoneBak is also designed to work internationally, specifically with travelers in mind. If you are on a business trip in the United States and your phone is stolen, it can still notify phones in your home country with important information to help retrieve your device and catch a gadget thief.
Leopard is ready to pounce! We would like to announce that GadgetTrak Verey is also ready to pounce on would-be-mac-thieves. The latest version of Verey is fully compatible with Apple’s latest, greatest and sexy new OS. Many of us have been holding off on buying a new Mac until the new OS was released, as such it is time to consider protecting your investment. Macs are not cheap. GadgetTrak Verey increases the chances of recovering your system in the event of theft. With GadgetTrak Verey you can find out who took your laptop, where they are and with the video capture feature even what they are wearing.
A brewer in New Zealand has a novel way of recovering a stolen laptop. Free beer. Croucher Brewing Company, recently had a laptop stolen that contains designs, contact details and financial information. To help in the recovery they have offered free beer for life to anyone who can provide information leading to its recovery. However their idea of a lifetime of beer is twelve bottles a month.
Web 3.0 will be about mobile devices. The iPhone craze and the move of web content to our wireless devices is just a tip of the iceberg. All of our data, music, contacts, identity, essentially our lives will be tied to these little mobile devices that we carry with us. Ever increasingly these devices will also function as our wallets, in five years credit cards will be dead, you will be paying with your cell phone.
So with all of that important data on your phone, what will you do when you lose it? I am not saying if, I am saying when. These devices are getting smaller and are hot items for thieves and easy to lose. Having your phone stolen even today is not just the loss of a communication device, but a bit like losing your laptop, purse, wallet and identity all at once.
Note to thieves: If you are going to steal a cell phone, make sure it is an iPhone.
So we have been getting quite a few questions regarding whether we offer a theft recovery software solution for the iPhone. I hate to say it, but the answer is no. We tried, but given Apple’s current attitude when it comes to folks tinkering with their precious iPhone we have decided to put that on the back burner. But, you will be glad to know that support for most of the OTHER major mobile phone platforms will be available shortly. Sony Ericsson phones are the next platform that we will be launching here shortly, followed by more in the coming weeks.
So a little advice to thieves. If you are going to steal a phone, play it safe and make it an iPhone. Until Apple opens up the platform to developers, folks like us cannot develop anti-theft solutions for them. Any other phone you steal just might be a GadgetTrak snitch!
As many as 
The recent “rageagainstthecage” or “DroidDream” malware scare in the Android market is one of the first real malware incidents we have seen on the Android platform in the Marketplace to affect a number of users. Google just pulled more than 50 popular free apps from the Android Market which contained malware aimed at rooting the user’s device, stealing large amounts of personal data and downloading more malicious code. The applications that are being marketed in the Android Market as “anti-virus” which are supposed to protect users from this type of malware were completely ineffective in this case, it was only when Google pulled the plug on them that people were aware. 
This past week was a wake up call to consumers regarding mobile security and privacy, with the 
We get asked quite a bit why we don’t add anti-virus to our new mobile security product and the answer is simple, it would be dishonest, as true anti-virus for mobile devices is not possible with the SDKs provided by most mobile platforms. In the mobile security space there are many companies selling what they call “anti-virus” applications for your smartphone, however the term is being used erroneously on purpose. A virus as it relates to computing devices is defined by the security community as software that can replicate itself into documents and executables and infect other devices either automatically through a network, or a storage device such as a USB flash drive, with the end goal of corrupting data and damaging the operating system. 
