Rule number 1: if you do not have such software on your device, you are a dumbass

What are you using, what did you pay and how good is it?

I'm using Prey, it is free, can send messages to the (lost) phone that can be read even when blocked, your can continuously see the location of the device and you can sound an alarm on the mobile if you are close enough to probably hear it (also useful if you lost your device at home). You can also erase data and I don't know what more, because I never actually had to use it.

I use this on my Android phone, but have no comparative data with equivalent software.

What do you use?

For iOS, Find My iPhone (a default app, so obviously free) offers all of those features, too, I think. I've used it (tracking / alert / send message) and it all worked well.

Thank you.
You also have access to both cameras. Maybe it's just my paranoia, but I was immediately thinking about a predator companion product.

Spoof the prey server and lock all devices you can (man in the middle). Take a picture when the user realizes his phone has been locked. Sent him a message to tell him where he can 'buy' the unlock code.

predator.com is for sale; facesofprey.com is available. All I need is a patsy.
Nothing.

5 Apple devices, may as well use it.

android phones automatically have android device manager, which lets you see your phone's gps and ring it. you can also remotely wipe it using that, but you have to enable that functionality from the phone.

I like the way you think, mate! You continue to be one of my favourite posters. Cheers!

Jh1711 has a good point ... You have to completely trust the security firm that is providing this. Not only to protect you from internal abuse, but from the ability of someone to hack or spoof their control servers.

I have a corporate device, so am subscribed to a Mobile Device Management service that provides all the above. I would hope I can trust them...

Yeah, we use MobileIron here. Good business to be in, I suspect.

Trust is key in that area. Sadly most companies spent more money on advertising to build trust than on actual security. The scandals are short-lived like fappening, snappening, mspy. Within a week it's back to business as usual.

Here's a link to the report that inspired my first post (forgot to link it). As far as I can tell they never really promoted the new version as a major security improvement. I can't really blame them, because I don't think they ever bothered to really fix the issue (the latest version on github seems vulnerable). The link is a bit technical, but the Report Timeline (scroll down) is entertaining, even if you don't want to bother with the details.

+1

Unless you're worried about someone hacking your google account, which is a big ordeal.

A lot of the third party device managers you have to remember specific passwords (and hopefully new separate passwords) so you can log onto your and remote wipe or remote photo or beep it. Android Device Manager, just log into google account and then locate it, remote wipe it, and delete google account access.

If you've lost or sold your Android, you should log into Android Device Manager anyway to remove its access.

Mobile phone getting lost/stolen and being able to do something about it

vs

The tracking software being compromised and backfiring

Seems like a +EV decision, especially for my 12 year old daughter's phone

Damn. I didn't think of the kids. Maybe you should go one step further and track them all the time. I recommend mspy. Their PR managed to deny a breach even after it happened. I'm sure their app is even better than their PR. You won't even have to punish her for taking a topless selfie in a few years. Half the internet will shame her straight.

Sarcasm aside. Are you sure you calculated the EV correctly? Fappening? Snappening? Ever heard of those?

Oh, I'm not arguing against phone tracking software. Far from it - I'm an advocate of 'Find my iPhone' and MobileIron because I have had good experience with their software.

But that doesn't mean that I have no concerns about the security of those services. Look at the security vulnerabilities that have been exposed over the last year or so (like heartbleed) that are seemingly the cornerstone of so much of the software that we trust. Wouldn't you like to know that the tracking software on your daughters phone isn't subject to those? or if the company is even concerned about it (you would be surprised how many didn't care that they were susceptible to heartbleed).

I'm definitely concerned about using any tracking software for my daughters phone, although I do still use it.

It's a fine line. Sure, software making use of GPS services can help users find and/or retrieve lost mobile devices, but such applications have an incredibly deep access to mobile device operating systems and services and can pose a very legitimate security risk.

In my view, it all comes down to a balance, and the balance resides in personal responsibility. If you are susceptible to losing your mobile deice, you are susceptible to being owned, not just through malicious hackers, but also through mobile GPS tracking applications.

The old adage stands true; if attackers have physical access, there's nothing you can do. The point shouldn't be, "what can I do in case I lose physical access to my mobile device?" The point is, don't lose physical access to your mobile device, otherwise you're owned, no matter what.

That's almost certainly true, but here in the UK at least, most miscreants who get hold of your phone are not going to be remotely interested in your data. In terms of real-world risks finding your phone is going to be generally more advantageous than not being able to do so. I'm all for the tin foil hat (for example I stay resolutely logged out of my Google and Facebook accounts, depsite having Ghostery, Disconnect, and various other things installed in my browser) but I'm pretty sure the risk of losing your device AND it falling into the hands of someone who can and does exploit the location software you're running on it is minimal compared to the risk of just losing it.

Of course, the real solution here is to make sure you lock your device at all times, and that you protect it with as complex a passcode as it will allow. For example, iPhone fans, those four digits are nowhere near the full extent of what's possible: visit Settings to extend the length of your passcode. Similarly, set your device to wipe after x wrong attempts to log in.

Android device manager tracks your phone anyhow unless you've disabled it. You can also remotely lock and delete your phone with that.