A star is (re)born

We are proud to release Undercover 2, the only theft recovery solution that has been designed exclusively for Mac OS X and the first native theft-recovery application for Leopard.

With Undercover 2, we hope to recover even more stolen Macs:

• We added a dead-Mac-timeout feature: if a Mac is not connected to the net for more than two months, plan B will automatically kick in. That way, we hope to recover at least some of the stolen Macs that are never connected to the Internet.


• Undercover now only connects to the Internet when a network change occurs, dramatically reducing network traffic, while making the system even more aggressive.


• Memory footprint and CPU usage have been dramatically reduced. In most cases, memory footprint is down 75%.


• In addition, Undercover 2 sports dozens of under-the-hood improvements and fixes.


• Last but not least, Undercover is now compatible with Tiger and Leopard. One version now works on both operating systems.

Tiger instructions

First, you have to remove Undercover 1.5:

• In the Finder, remove the following file: /Library/Launchdaemons/com.orbicule.undercover.plist
• Restart your Mac
• Choose Go To Folder from the Finder's Go menu
• Enter the following path: /etc and remove the uc file in this folder

Next, you can download Undercover 2 and run the installer. You can use your existing Kagi license key (not your Undercover ID) to register Undercover 2. By upgrading, you will not use an additional license seat. In most cases, Undercover will simply recognize your 1.5 registration and it won't ask for a license key.

Leopard instructions

If you have installed Leopard by doing a 'Clean install', or by doing an 'Archive and install' you don't have to do any extra work.
Simply download Undercover 2 and run the installer. You can use your existing Kagi license key (not your Undercover ID) to register Undercover 2. By upgrading, you will not use an additional license seat. In most cases, Undercover will simply recognize your 1.5 registration and it won't prompt you to enter your license key.

If you have installed Leopard by doing an upgrade install, you first have to remove Undercover 1.5 by removing the following file: /Library/Launchdaemons/com.orbicule.undercover.plist. Restart your Mac after this removal. Next, you can install Undercover 2 as described in the paragraph above.

Leopard spotted in the wild (almost)

Leopard is almost here, and we are getting ready for it. Here is what you need to know about Undercover on Leopard:

- The current version of Undercover (version 1.5), is not compatible with Leopard.
- For the past few months, we have been working on Undercover 2.0, which will run fine on both Tiger and Leopard and which will sport some new features too.
- We will release Undercover 2 as soon as we possibly can. However we can't ship it before we can test Undercover on the final Leopard build. As I'm writing this, Apple has not released it to developers yet.
- If you want to install Leopard before Undercover 2 ships, there is no need to uninstall Undercover in advance. Note that your Mac won't be protected when booted in Leopard until we release Undercover 2.
- As soon as we ship Undercover 2, we will send out emails to all registered users explaining how to upgrade under different scenarios (upgrade, archive and install, clean install).

Just to make it clear for everyone: Undercover 2 will be totally free for all registered 1.x users! Talk about an incentive to upgrade...

Undercover recovers 4 Macs at once

We are proud to announce a new recovery story. While every recovery is unique, this story is quite special, as we recovered four brand new MacBooks at once. Read the good news yourself on our recovery page.

Exit TheftSensor

We have decided to halt development of TheftSensor. It has been a difficult decision to make, but we think it's the right choice for several reasons. I'll try to explain.

Last year, when we released the first TheftSensor beta, Apple had just introduced the Apple Remote on some of their Macs, as well as the Sudden Motion Sensor. TheftSensor made innovative use of private, unreleased APIs to access both these hardware additions. For a beta, that's OK. We hoped that Apple in the meantime would release a public API. Now with the Leopard release only weeks away, it does not look like this will happen for Leopard. If we want to make TheftSensor work on both Tiger and Leopard, we will need to use a private API, which is unsupported by Apple and which could break with any software update. As we want to release high quality software this is no option for us. Worse, the API could even change between Mac models, as is the case with the Motion sensor API, which has effectively changed at least two times between different MacBook models. We could keep working around these issues, but we don't like to build on a weak foundation.

Another reason we are not developing TheftSensor any more is that it can be circumvented in many different ways: a thief could plugin a headphone to silence the alert sound. There is no way around this. The same goes for removing the battery or for holding down the power button for a couple of seconds. There are just too many issues that we can't solve, as we obviously don't have any access to the hardware Apple makes. Additionally, TheftSensor won't work when the laptop is turned off (in a backpack) or when it's already sleeping.

Our users have been aware of all these shortcomings too, and that's why most of them installed Undercover alongside TheftSensor anyway. As Undercover is a much more robust theft recovery application that works under almost every scenario and does not have the shortcomings outlined above, we decided it does not make sense to invest any more resources in TheftSensor. We will focus all our efforts on Undercover instead. As I have written before, the next Undercover update will be released soon after Apple releases Leopard and it will feature some major advancements to make Undercover even more effective.

People who really want TheftSensor-like functionality on their Mac should have a look at iAlertU or JackSMS

Now for the good news: we will have an interesting announcement on our website tomorrow, September 11. Please come back soon...

Undercover in The Mac Observer podcast

Dave Hamilton & John Braun talk about Undercover and other theft recovery software for the Mac. They have some nice things to say about our product, so check out their podcast. You can listen to episode #114 directly in your browser, or subscribe to the podcast using iTunes. The section about Undercover starts at about 25:52, although the entire podcast is worth listening to.

Undercover in Clickx

It's great to see Undercover being discussed in a Belgian computer magazine. The scoop is for Clickx, one of the most popular multimedia magazines in our home country. The article is available below for your reading pleasure, at least if you understand Dutch....

Animation design contest

As mentioned in our previous post, the development of the next - Leopard compatible - Undercover release keeps us pretty busy at the moment. Although the application itself takes up most of the development resources, we don't want to forget the UI and graphical aspect of the application either. As you probably know, the current version of Undercover plays a Quicktime movie when the registration screen comes up. If you haven't already installed Undercover, you can view the movie below. [Or even better, simply download and install Undercover, it will even get your Mac back in case of theft...]

For the next Undercover release, we would like to replace this Quicktime movie with something more lightweight and more easily localizable, such as a Flash animation. While at it, the animation could be spiced up a bit as well. Instead of simply outsourcing this animation, we decided to organise an animation design contest.

Here are the rules:

• The information provided should be similar to that in the current version (see movie above), although you are free to make the message more creative and appealing


• There should be a sound track. You can either use the current sound track, or compose a new one (what a great way to put Garageband to good use)!


• The file size should not exceed 2 Megabytes and should be easily editable (in order to make small adjustments or do the localisation).


• The animation should include the Undercover logo.

The winner will receive:

• A free Undercover household license (worth $59)


• Free Undercover updates for life (worth: err well)


• His/her name featured on this weblog (we receive about 12,000 unique hits every day)


• His/her name name mentioned in the application's documentation


• $400 in cash!

All submissions must be received before Aug 20 2007 23:59 GMT. Send them to info@orbicule.com. The winner will be announced on this weblog.

Development update

This blog has been quiet over the past few weeks. First there has been WWDC07 and subsequently we have gone Undercover ourselves to make sure that the next version of Undercover runs smoothly on Leopard (Mac OS X 10.5). Initially we planned to have Undercover 2 out of the door by July, but since Leopard itself has been a bit of moving target, we had to change our plans accordingly. We keep testing on the latest Leopard builds, while ensuring that Undercover remains compatible with Tiger as well.

In the meantime, we are compiling some very interesting, illustrated recovery stories. They are almost ready to go: please keep an eye on this weblog, it will be worth the wait!

What you need to know about the Apple firmware password

The Apple firmware password can be a very important tool to make your Mac more secure: it basically prevents anyone who does not know the password to reformat your hard disk. For Undercover users, this is particularly useful, since a reformat is the only way to disable Undercover. In spite of its usefulness, the firmware password utility is one of the most poorly understood Apple tools.

Before explaining how to enable the firmware password on your Mac, we first squash some common misconceptions.

Misconception 1: The firmware password does not work on Intel Macs.
This is absolutely untrue: Intel Macs use EFI (Extensible Firmware) and Apple has adapted the firmware password utility to work with EFI. For the end user, this is completely transparent: although the underlying technology is totally different on PPC (Open Firmware) and Intel Macs (Extensible Firmware), the firmware password utility looks and works the same way on every Mac.

Misconception 2: If I enable the firmware password, I will need to enter a password every time I boot my Mac.
Only when booting from *another* disk than your default startup disk, the firmware password needs to be entered. This is what makes the firmware password very convenient: since most of us boot from our default startup disk 99% of the time, one will rarely need to enter a password. At the same time, this prevents thieves from reformatting the HD, because the current startup disk cannot be formatted while in use and booting from another drive without entering the password is impossible.

Misconception 3: If I enable the firmware password, a thief cannot boot my Mac, making Undercover useless.
When enabling the password, a thief can still boot your Mac. The only restriction is that he can only boot your Mac from the default startup disk. As a result, a thief can still work and play with your Mac and Undercover can do its work.
In addition, we recommend to create a dummy user account that has no admin privileges and requires no password. That way, a thief can still login and connect to the net, while your personal files are hidden behind a password protected (admin) account.

Misconception 4: With the firmware password enabled, I will not be able to troubleshoot my Mac in case of a problem.
Since you know the password, you will still be able to boot your Mac from any drive you want, including CDs, DVDs, ... and troubleshoot or reformat your drive. You just need to enter the firmware password when prompted.

Enabling the firmware password on your Mac

• Locate the Mac OS X install CD/DVD that came with your Mac.


• In the Finder, locate the /Applications/Utilities folder on that disk.


• Double click the Firmware Password Utility application inside this folder.


• Click the icon to authenticate. Enter an administrator username and password when prompted.


• Click Change.


• Click to select the checkbox for "Require password to change Open Firmware settings".


• Type your password in the Password and Verify fields and click OK. A confirmation appears.


• Click the lock icon to prevent further changes.


• Quit from the Open Firmware Password application.


• Eject the Mac OS X install disk.

NOTE: It is important NOT to use a disk that came with another Mac model. Also, do NOT download the firmware password utility application from the Net! Use the disk that came with your Mac.

More information regarding the Apple firmware password is available on the Apple website at http://docs.info.apple.com/article.html?artnum=106482.

New theft web form

As promised in one of our previous blog posts, we now have a web form available that makes it very easy to report a theft: http://orbicule.com/theft. When launching Undercover last year, we told clients that they can inform us of a theft either by phone or by email. In practice, almost every theft is reported by email. That's why we streamlined the process and created a web form, giving instant feedback to our customers. Another advantage is that victims of theft no longer need to have access to an email account. Any internet connection will suffice to activate Undercover.

Taming Leopard

Although the next major release of Mac OS X is still some months away, we are proud to report that most of the work has been done to make Undercover sing on Leopard. Current internal builds of Undercover run perfectly on the latest Leopard build (9A410). Although Undercover is a modern application, 'porting' it to a new OS version is always a challenge, because the application is so unusual in many ways (totally hidden, no user interface, ...). We also managed to add two major new features to Undercover. At least one of these features has been discussed previously on this weblog. As things stand now, we plan to release Undercover 2.0 as a free upgrade for both Tiger and Leopard, soon after Apple releases its newest feline. Of course, Leopard is still very much work in progress so we keep testing Undercover on every new release.

Undercover is a "Neat Little Mac App"

Undercover has been reviewed by the guys from the Neat Little Mac Apps podcast and they love it. They were a bit sceptic at first, but after their review, they have come to the conclusion that Undercover can really make a difference when your Mac gets stolen. So if you were waiting for an unbiased review of Undercover, or if you just want to listen to an interesting Mac podcast, point your browser to the latest NLMA episode. As a plus, you could be winning one of the free Undercover licenses they are giving away!

[Update: the podcast episode with the interview has been posted. It was an interesting experience, although I think my voice really sounds awful].

Recovery statistics

As almost all of our cases for the past year have been closed, we are ready to report our recovery statistics for 2006, our first year of operation. A lot of our clients have asked for these statistiscs, so we are happy to finally publish them. In order to make reading and / or skimming easier, we are publishing the facts, followed by our comments.

About 2.2% of all Undercover-enabled Macs have been stolen in 2006
This number is even higher than we anticipated. This means that during the average lifetime of a Mac, which is about 4 years, you have a chance of about 8% that it will be stolen.

Of all stolen Macs, 72% are connected to the Internet at least once
This percentage refutes the common misconception that most thieves will never use a stolen Mac on the Internet. Think about it, almost 3 out of 4 thieves will go online with the stolen machine!

Of all stolen Macs that are connected, we were able to recover 96%
If your stolen Mac were to be connected to the Internet, even if it's just for a few seconds, you can be almost certain that we will recover it. Since some cases haven't been closed yet, we hope to end the year with a recovery rate that's even closer to 100%.

All in all, we are extremely pleased with these numbers and we are very proud to report them. We are confident to have one of the highest recovery rates in the industry. The bottom line is that we recovered 96% of the stolen Macs that we were technically able to recover, as there is no way to track a Mac that has not been connected.

You might ask yourself, what happens to the other 28% of stolen machines which are never connected? With the current generation of theft recovery software, they are pretty much out of luck. No software currently on the market today is able to geographically locate a Mac that does not phone home. We want to change that, however, and we want to go for the remaining 28% (= 100%- 72%) that's never connected. The next upgrade to Undercover will be even smarter and it will be able to play its cards, even if the stolen machine never goes online. And before you are asking: yes, the upgrade will be free.

Global Undercover Tracking System (gUts)

As promised, we will offer you a glimpse of Undercover's future. The first aspect we would like to talk about, is the server backend. A lot of our users might not realize it, but the Undercover software is just one part of the equation. A recovery would be impossible without our servers and our custom server software.

Based on our recovery experiences we have completely rewritten this backend system, streamlining the entire recovery procedure from the moment you report your Mac as stolen until we get the final confirmation from the police that your Mac has been located. The new system enables us to get an even better overview of all thefts, while making it easier and faster to change the status of a stolen Mac.

Over the past few days, we moved all previous thefts to this new system, called gUts, or the global Undercover tracking system. As of today, we started using gUts as our sole recovery system. Unlike its predecessor, gUts is completely written in Ruby and Ruby on Rails.

Many of guts' benefits might not be immediatley apparent to our clients. However, the system will enable us to easily add new features to Undercover, such as reporting a theft through our website. At present, victims of theft have to either email us, or grab a phone and call us. In the very near future, it will be possible to report your Mac as stolen through our new web interface, adding a third reporting possibility.

Another benefit of this new system is that we can gather recovery statistics by pressing one button. As we are just finishing our first year of operation, this feature has been very handy to compile our recovery statistics for 2006. Since so many people have asked us to share statistics and recovery percentages, we will be publishing our statistics for 2006 on this weblog. Stay tuned!

Hiatus

For more than two months, this weblog has been very quiet. That's about to change: over the next few weeks, we will use this blog to outline our Undercover plans for 2007, share more recovery stories and statistics and give you a glimpse of the things we are currently working on. Stay tuned...

PS: We love you Poe!