Some people aren’t very good at keeping track of things, especially small things that may contain personal details such as USB flash drives.  If these are lost or stolen it would be enough to send most people into a panic.  There are three options, encrypt the data, buy a flash drive with biometric security (finger print scanner) but not a Sony one or use GadgetTrak.

GadgetTrak is a new service that when installed and activated on your USB device will make it “phone home” whenever it is plugged into an Internet connected computer.  GadgetTrak costs $12.95 for one device or $49.95 for up to 20 devices.

Once you have your GadgetTrack account you will need to set up the device by selecting the type (MP3 player, flash drive, digital camera, etc.), enter the manufacturer, model number and serial numer.  After the device is registered it will appear under your account in the “Device list” section.

Now you need to install the software to the device itself.  A zip archive file will be provided containing setup instructions and the files needed for installation consisting of, according to Last100, an autorun file, an icon file, the “phone home” application itself, and an “id” file which contains the device’s unique 40-character reference generated by the GadgetTrak website.

How the software works is described by the following,

“The autorun file causes the GadgetTrak application to be launched whenever the device is plugged into a computer, as well as changing the default behavior in Windows Explorer so that double clicking on the device’s icon also runs the application. Secondly, the application is named passwords.exe, and the icon is set to look like a text file. In Windows XP, with the default settings, file extensions are hidden, so to a casual viewer the device will look like it contains a text file called passwords — creating a nice little “honeytrap”.

Although it currently runs on Windows 2000/XP and is partially functional on Vista, a Mac compatible solution is coming soon.  It does not yet have a version that will run on Linux (big deal).

Now, this does make some assumptions that AutoRun is enabled on the perpetrators PC and that the thief isn’t that smart, some are, some aren’t.  But disguising the password file as a text file does seem a bit odd since you should be able to see the file extensions.  If you don’t have your computer set to view the file extensions, change that setting now, it’s simple common sense.

I also don’t know many people dumb enough to actually store passwords in a text file (now that would be the height of stupidity).  At any rate it is disappointing that the GadgetTrak software lacks the ability to encrypt the files once the device is listed as stolen, that’s a feature that should be implemented post haste.

According to GadgetTrak the system is effective because it seems thieves are both stupid and in a hurry,

“In the “real world”, of the 5 devices that have been reported stolen in the past two months we have recovered 4 for our subscribers.”

Thanks but no, I’ll stick with biometric security or continue to encrypt my files.  If GadgetTrak offered automatic encryption once the device is reported as stolen and is plugged into an “alien” computer then it might be worth the $12.95.  As it stands, people still have access to your data if its not protected in any other way and GadgetTrak only offers recovery of the device but does nothing to safeguard your data.

Related:

Entry was posted on Tuesday, September 4th, 2007 at 5:40 am under Security, Uncategorized.

Read more entries by Jonathan Schlaffer.
Stumble It!