Slashdot Mirror
Mac Thief Caught Thanks To Applescript & Timbuktu
el.cerrito.slasher sent in an amusing bit found on MacSlash. This story
is a tale of a stolen iMac that just happened to be running Timbuktu (a remote
control program like VNC I believe). Well the stolen box kept getting
used, and the owner was able to track it down through
a variety of amusing Timbuktu Fu. Funny story.
This shows how stupid people that steal really are..
--
\ Christian A Strømmen
What a brilliant idea. AppleScript - although simplistic and arcane - obviously has some uses. Forget getting the iTunes song or FTPing files, here comes the Timbuktu/AppleScript remote-disk-erase squad! ^_^
I think, therefore, I'm smarter than our president.
And that is what he did, by setting the default AOL phone numbers to two numbers with caller id, and watched for a modem to call both.
-dair
I do not use Windows 9x. What does your sig do?
Did you actually read the article. It says that's what he did. But the number was unlisted. The suggestions later on are also a lot better, with some ideas of scripting OE to email details etc... Perhaps read the full article next time.
Bloody morning classes. They distract me from paying proper attention to Slashdot :-)
*oops*
There's something called the earth.. It's.. like.. divided into 24 time-zones... Hello?
--
\ Christian A Strømmen
Personally, I'm slightly security paranoid, but I don't believe that anyone who steals my machine is going to care what's on it, but more likely swap drives. Ok, that's what I'd do, at least.
But, looking at this, I'd love to have something like this running. Are they any current security programs that do things like this? I would need it for Windows and Linux.
Now if only I could have it run in the BIOS. Imagine if on the bios level, without a proper key or password or whatever, if the hard drive was removed and replaced, it would then call a panic number whenever connected. That'd be neat.
The power of accurate observation is commonly called cynicism by those who have not got it. - G.B. Shaw
Anonymous Coward
"Things are more moderner than before- bigger, and yet smaller- it's computers-- San Dimas High School football RULES!"
For those of you who got a real kick out of this thing, you may want to read Cuckoo's Egg. Cuckoo's Egg is a little older (he talks about using the teletype), and follows a real life story of an admin who went and tracked a bad hacker (or thief? -- sorry it's been a while). It has the same sort of "you out-think me, i'll out-think you!" back and forth flavour to it. Give it a read, you won't be disappointed.
Any professional would have wiped the hard drive. An easier solution would be along the lines of what they do with dogs. It would't be hard to make a tracker device/PCI graphics card that looked pretty mundane.
here 'tis
e script+imac+timbuktu&btnG=Google+Search
http://www.google.com/search?q=Bridges+myers+appl
All it would take to permanently disable this sort of thing would be to format the hard drive and reinstall the OS. And that would be very likely to happen on a Linux box. I mean seriously, how many thieves are going to be willing to sit and work at a Linux box till they come up with a valid Username/Password combo?
With a Windows box, on the other hand, you could easily write a program to verify the computer's IP address at boot time, and if it doesn't match, send an email to you reporting the unusual IP address and any other useful info you can think of. At each boot thereafter (common with Windows, of course) it checks a particular file on a particular server for instructions on what else to do, such as activating auto-destruct. That way you never auto-destruct your own computer by accident, since it requires permission first.
If you were particularly ambitious, you could have it activate a keystroke logger and email the recorded info to you each time it boots.
Now if only there was a way to remotely electrocute the current machine's user when they touched the keyboard (this feature might be useful in a day to day network environment as well).
I Am My Own Worst Enemy
FYI:
p plescript+imac+timbuktu&num=20&hl=en&sa=N&tab=wg
http://groups.google.com/groups?q=Bridges+myers+a
I'd like to think this is real, but it sounds more like Bridges was making it all up. Maybe it's because I can't stand Macs.
I really hate Dan Patrick.
I had flashbacks to reading "The Cuckoo's Egg" while reading this transcription. Does anyone else remember reading the commands listed in the book and quickly running over to a unix box to play?
Honestly, I'm not -too- surprised that this happened. My machine runs:
/bin/date | mail
/sbin/ifconfig -a | mail
(Running dyndns would be interesting also.)
on bootup. I originally did this so that I could keep track of my box and identify when it went down and what the current IP was so I could ssh in and look around more comprehensively, although it has crossed my mind that if my machine were to get stolen it might report back to me where it was. I'd happy to see that it's worked out at least once for someone.
Most ISPS keep logs of usernames and passwords on certain ips (especially if they're static/near static as in a cable modem or dsl connection). From there, it's fairly easy for the ISP for connect that back to a real name.
I'd be very intrested to see if this is enough information to get a search warrent.
-- Mike wildcard@illuminatus.org
The article doesn't say the thief was caught. To quote the guy himself: "So the conclusion to the story is: iMac and Lexmark printer recovered, one female pled out to possession of stolen property and got a year's probation.".
Possession of stolen property is very different to theft. She claims to have bought the imac from "some guy". Ok, she might be complicit, but we won't ever know.
ooooooh! What does this button do? - DeeDee, Dexters Lab.
On erasing the drive:Wouldn't it have been better to give some cryptic error message that prompts you to call the "service" number for some agency? If you just wipe the drive, wouldn't anyone know the drive died? I did like the idea of phone home, then get caller id. Just don't use *(remove call id!;)
Whoever the "fence" is(hot item buyer), they should know a few things.
However, I've known a few machines that had a hard drive crash due to heads hitting the platters, maybe that would be a useful "feature";) to implement.
I have another idea. ID the cpu somehow, so no matter if you pull the drive, unless you dissect the sucker, it will register itself, and the phone number connected, to a security co., then pay them a visit *weg*
This mind intentionally left blank.
The KKK a bunch of sheetheads? You decide!
<SARCASM>
In related news, the FBI has announced that its stealthy "Magic Lantern" program is officially being launched under the name "fbiJack."
"This guy got lucky, but how 'bout you, Slick?" taunted Special Agent Kay. "Wouldn't you feel better knowing that fbiJack is running on your machine? You can pick up an installer disk at any U.S. Post Office or download it from Microsoft.com."
</SARCASM>
what a great story. the geek fights back - and gets a conviction out of it to boot.
I have to drop some friends off at the pool.
That is right. CmdrTaco should be fucking his girl right now.
I thought that his name was Hamburgler, not Mac Thief...
Oh THAT kind of Mac.
"So there he is, risen from the dead. Like that fella, E. T." - Father Ted Crilly
This is quite a bit fancier than putting "logout" in someones .login when they leave their terminal unguarded.
The problem with doing something like this under a system requiring user accounts is that once the person discovers that they can't just turn it on and get a point-and-drool interface, they'll erase it and start from scratch. Perhaps if you wanted something like this (and had a bit of technical skill) you could have it boot from a small partition (I mean, how many users know much about that?) that checks to see if what its booting into is what it should be (ie has windows been installed where linux should be), and if so alters something on that OS to make it phone home (obviously, something different for every OS that may be installed would have to be done, but this is hypothetical), and then proceeds to boot the new OS normally.
In the case of many Linux machines on dialups with a dedicated phone line, they are told to dialup on boot anyway, so that would give you some oppertunity to trace it, by checking the number that it is calling from. However, that is assuming that someone sets everything up, including the modem cable, before turning it on the first time.
On another note, how come erasing everything didn't remove Timbuktu? Does it live in the System Folder only?
...why Windows XP is frequently calling "home" :-)
Now instead of all that freaky AppleScript, the payload of the script is a simple
sudo rm -rf /
Applescript is my least favorite part of Macs. (shudder). it's nice to be able to integrate shell scripts as AppleScript now; just wrap the entire shell script in a single line of Applescript.
ZOMG I WOULD LOVE TO KNOW ABOUT YOUR FEELINGS ON MACINTOSH VERSUS WINDOWS, VI VERSUS EMACS, AND HOW YOU'RE NOT A DORK
Please mod down before more trolls reply to it.
if they have the boot loader set up with no password then you can just force it into single user mode then edit the
or if you are not so lucky you could just use a boot disk to get in.. my redhat 7.2 CD works wonders
That alone deserves public flogging and ridicule.
I hope this lunatic gets what's coming to him.
"Adequacy.org: Where congenital stupidity is not an option, but a requirement."
Wired Article on how d.net helped someone track down their stolen computer.
That line woulnd't even work. Cat looks for a file, it needs to be an echo command to output that argument.
Do i get the feeling that some American has forget that there are other countries in other time zones??
That's assuming your thief hasn't flogged your goods to some bloke down the pub who buys it for their kids to play games on...
--- Users are like bacteria -> Each one causing a thousand tiny crises until the host finally gives up and dies.
Seriously.
If you were really serious about inflicting pain, how about:
setting up one of those $125 per call phone lines in the bahamas and then having the imac call it every 2 minutes...
repeatedly call 911 and play recorded message: "help! I've fallen and I can't get up!" over and over again
install a keylogger so you can post their most intimate conversations on your website.
those are just a few ideas that have popped in my head.. Hell, you could do that with VB email virii and make a mint with the first one...
If you were me, you'd be good lookin'. - six string samurai
.. to get a story posted on Slashdot.
And all it took was:
- Write a utility for OS X and submit it to Versiontracker.com
- Get bitched at for lack of user-friendliness and write a replacement program
- Accidentally find my replacement program listed at Macscripter.net through Google
- Submit an article about the story I noticed there to Macslash.com
- Get my article re-submitted by a third party to Slashdot !
Makes me wonder what I'll have to program next to get an article (re)submitted. I bet it'll be a Gnutella client or something.
Future warning: "How dare you list my program, eat flaming Slashdot!"
Recovering the iMac at all is very cool. Every PC and Mac should have some "phone home" program installed; I bet most stolen computers aren't wiped. Anyone buying a Mac/PC on the super-cheap, is unlikely to buy or dig up a copy of the OS to start fresh.
:-)
:-)
:-)
The lack of a prosecution for the theft is disappointing. (As someone who has had their place robbed twice in the past two years, I find the low capture/prosecution rates depressing; it just doesn't seem to be a priority with law enforcement. Sigh. Oh well, if anyone tries to hit me again, they'll be on candid camera
What might also have been cool, would be to use AppleScript to flip on the microphone, record the sound in the room, and send the recordings now and then, when connected. (Or use AppleScript to download a program that does the same; I don't know AppleScript.) That would potentially allow more "evidence" to be collected. If the lady didn't steal it, there's a chance you'd record something that would be useful. (Her thanking her brother-in-law for the Mac, or the like.) Having the Mac copy you on all incoming and outgoing mail may also be useful. (Not sure if the Mac could do it; Outlook almost does this by itself, with all the viruses it accepts
Probably not admissible in court, I guess. Although using a stolen device for surveillance really *should* be a legal means of admissible evidence, in a perfect world
-me
Love many, trust a few, do harm to none.
That's why when *I* submitted the story to Macslash.com, my title said 'thwarted', not 'caught' ;)
Wow! It's like... there's a party in my intestines and everyone's invited!
I too have had my pace burgled before, and its really upsetting, that , after catching the thieves, *nothing* happened to them. Probation my ass.
My place is now wired to *fry* the next fucker who tries to steal my stuff, and even better iv'e figured out how to make it legal
The boot sector is replaced with a BSD style boot selector, set to boot from the "stolen" partition by default (ie if you are using the machine yourself, you select BSD or Windows - thief has 5 secs to figure out what is wrong, and cant, so gets default behaviour.
After the initial boot sector process, control passes to a next stage, "Stolen" ... This displays a message "Unable to start Windows ... perhaps modem cable is not connected to the phone? ... Please connect cable to phone, and press return"
The average thief will understand this, and connect the phone cable. The real owner would press CTL-ALT-DEL.
When the thief connects the cable and presses "enter" the phone dials the owner, his mates, his mobile, his dog, cat, ma, pa, and the 911, 999 (in case its in Europe), FPI's private number, SWAT, the US Marines, Bin Laden, the Mafia hit-man hot line, and that number the Gas Company reserves for reporting leaking gas mains.
Not only that, the boot sequence will auto-hack so this is the ONLY boot option, and disable CTL-ALT-DEL. The dialling sequence will repeat till the battery runs out.
Someone will be pissed enough to find out who owns the unlisted number and send the boys with big sticks round for a visit.
Sent from my ASR33 using ASCII
Ugh, why do people think that centering the entire text of the article makes it easier to read?
Problem solved:
/etc/lilo.conf), then this won't work without a password. But a lot of Linux installs I've sat in front of are open to this...
LILO boot: linux -s
To be precise, that should be whatever the name of the image is, followed by '-s'. You can hit TAB to view a list of images.
Now, if whoever installed Linux locked down lilo as well (with the restricted keyword in
I believe, unless I'm hallucinating, that it has, and was even reported on Slashdot.
At any rate, this is an interesting idea. Boxxen security. Most computer thieves (Not counting those of us who, erm, dumpster dive. HEY! They threw it *away!*) seem to be your garden variety breaking and entering a house types.
Having software installed that blabs to a random server could be quite interesting and useful in hunting down boxxen that've gotten away from you.
Or not.
I hear geeks can get violent when someone steals their box. With all that FPS practice, think of the hand to eye coordination!
(*watches some geek bust down some hoser's door, filling him with lead, before walking off with the stolen box under arm*)
All you need to do is read between the lines here, and you'll see that I'm full of shit
Yes Dan, we're all aware of that
Of an admin legend I heard once about an overzealous equipment cage guy that spent years doing tcpdumps scanning for the mac addresses that belonged to a shipment of missing ethernet cards, and eventually caught the guy that did it. Anybody ever heard that one?
The most important thing any republican needs to know.
Congradulations, you've invented Product Activation!
"...and then bam, no cartoons for a week!" classic! pure quality!
as being a doorjam, paperweight, etc.
You have the phone number. Doesn't anyone have any clever social engineering skills anymore? Get the damn user to tell you their address....
It sounds like you're implying that the boot script cannot be done under Linux - which is simply not the case. I guarantee that the capabilities under Linux for this concept are far far greater than the capabilites under Windows. (and would take a fraction of the time to develop!)
Reader: I have got a much better idea!
Write a script that pops up a window saying "You have won a special 500.00 prize. Your machine has run for 3000 hours without a major problem!"
Create fields for them to enter name, address and phne numbers to receive the prize.
Make the script write that data to disk and you can pull it with timbuktu
Then call the police.
Crooks often fall for the stupidest tricks, especially if you appeal to GREED!!!
I know THIS would work. I steal computers all the time, and I ALWAYS click on every pop up and fill out ALL the forms. As everyone knows, they are all 100% real!
Wouldn't it be great if every Mac/WinTel computer came with a stripped-down, Timbuktu-like program as part of the operating system? That way, owners and police could locate and retrieve it any time it was stolen anywhere in the world...
Kidding, of course. But you know that Microsoft is working on something like this already, if they haven't finished it by now. On the other hand, it *would* be nice to have a THIRD-PARTY tool that I could purchase separately (for less than Timbuktu) that would let me do things like this, locate it online anywhere should it be stolen simply by using a login/password combination I secretly set myself. It wouldn't do any system-takeover kind of stuff, just tell me what phone number or static IP it's being used at. Yes, a hard-drive format would solve the thieves' problem for me, but as this story indicates, not everyone is that careful when dealing with stolen property.
I just don't want Microsoft to install it for me by default. But that's a given.
That sounds like an ok idea. I think if I did that to any of my machines I'd have to go bail my wife out of jail every night.
So he called up all the places in town that sold Macs (all two or three of them) and waited. Sure enough the idiot kid shows up at a store asking about an HD-20 boot disk. Snagged!
The difference now is that the internet is everywhere, and it's now possible to have the computer "phone home".
--
"Open source is good." - Steve Jobs
"Open source is evil." - Microsoft
Hmm. If you have a voice modem it wouldn't be too hard to just call 911 and play an audio file "This computer was stolen, blah blah blah" through the modem. Don't forget the AT command to turn off the speaker first.
Now if G.Bush could just get a certain Saudi to steal his computer...
The grammer doesn't make any sense to me, it not as logical as Java and even Perl is simpler by comparison , and I don't mean that as flamebait.
Anyone can use AppleScript, but it's a lot of pain and greif to make it do something really useful. IMO, it's worth speding 2 weeks getting familer with Perl as you'll be able to do much more much faster.
No wonder you are having trouble with this. Grammar makes no sense to you, and you not only forgot the apostrophe in it's but forgot the "s" as well. To save others pain and grief in reading your posts, perhaps you should be spending those two weeks getting familiar with the English language (or at least a dictionary.
And anyone with physical access can boot off a floppy and by pass the whole burrito.
Which theif is going to know about the '-s' arguement to init?
Pretty much, if you are running Linux, expect your machine to be rebuilt with Windows.
These tracking programs are only useful for Windows, Mac, or the bios.
Joe Batt Solid Design
If this were my machine, I would definitely not want the script to be visible in any way to the user. Especially I would not want it to be shut down. I would want the user to be online as much as possible in order to keep tabs on it. Of course I would never own an iMac either. I know there's some work being done on linux BIOS programming, maybe we will see some great abilities of a computer BIOS in the future. How cool would that be?
no offense mate, but I think you're reading into this a little too deeply. A parable for you - how many car theifs take their newly acquired goods around town for a spin? Not many - if they do, they're idiots. No, the first thing they do is get it to a chop shop as soon as humanly possible to be sold for parts. The parts themselves are worth much more than the car as a whole. Some guy who steals your computer doesn't care what you're running or what your password is - he cares how large (and popular) your HD is and if the cd-rom's a dvd too. It's not about the machine, it's about the total income derived from selling all the parts. You could be running Basic for all he cares; if it spins or hums or whatever he can sell it. Triv
yeah...
imac owner: Hello! This is John Doe from the Acme Insurance company.
thief: Hello! What do you want?
imac owner (aka John Doe): I've heard you bought a shiny new iMac lately...
thief: Yes, indeed
John Doe: I have a really cheap insurance package for you, that covers everything that can happen to your new computer. Figure that we even give you another one if it gets stolen!
thief:....
and so on...
"Wouldn't it be great if every Mac/WinTel computer came with a stripped-down, Timbuktu-like program as part of the operating system? That way, owners and police could locate and retrieve it any time it was stolen anywhere in the world...
"
There IS already a program in WinTel that does this - it's called NetMeeting Remote Desktop Sharing. You can even give it username/passwd protection. And it comes standard on every Windows machine since 95.
.pilsen.
"14k Gold slum computer wizard,
tappin inside my brain causes blizzards"
Isn't it time to build a good web cam into the monitor?
Think of the fun you could have with that...
Risk versus Reward...
.mp3s). The only way you (an end-user not running an .mp3 server) get caught is if you are nabbed for other crimes, and whoever is pusuing you in the legal arena is looking for even more charges to bring against you.
.mp3 "piracy" *could* hypothetically have a death penalty punishment imposed on it, but if various DAs and other prosecutors / Law Enforcement Officers said that they will not prosecute / enforce, then people are going to have a field day.
Honestly, what is the likelyhood, if you're not running a server, that you will be caught? Not very likely. Honestly, if you're not a distribution point, you're too much "small potatoes" for them to even bother going after on the single basis of music "piracy" (quoted here because there are legitimate uses of
I think one of my college professors said it best when he said something along the lines that it's not the punishment that deterrs people by and large, it's the likelyhood of getting caught (outside of one's own moral guidance, of course). People would commit all sorts of punshiable-by-death crimes if they thought they had a really good chance of never being caught. Honestly,
So I placed a Lost and Found ad with a Reward, and sure enough a couple days later this kind person calls me to say they found the laptop.
The people who found it said they watched it fall off my car on the highway and stopped to pick it up. The amazing thing was that the only damage to the Powerbook was the floppy drive and a scuffed case (battle scars.)
Unfortunately, the people who rescued my mac weren't mac users. Actually I don't think they were computer users at all as it seemed the only thing they were capable of was changing the names of all the files on the desktop to variations of :aaasjkdfl;jjj, including the hard disk:fhhdks;jasdfjjh. And that's what really would've been nice, a form of nag-ware that ran when powered up saying: to whom it belonged, and how a reward for return would be paid, etc. And maybe an applescript to auto-dial the modem to my home phone. Then at least I'd have a chance of caller-id picking up!
-
Purty good security IMHO. Just something about single-user mode that strikes me a bit funny...
What I did on my Windows machine to record the IP address was use a *very* simple set of tools. .bat file, which runs and ends very quickly at startup: .sys file to my hotmail account. And it does so periodically.
.p.
1. I wrote a one-line
ipconfig > c:\windows\system32\ip_ADDR_resolv.sys
to make it look like a system file. All it is really is an output of my local IP address.
2. I used the free StealthMailer program at: http://www.amecisco.com/stealthmail.htm to mail my
3. For added cool, you can use low-level key-logging software and mail out everything that use types and mail it to yourself. Cost is about $79/license.
You can't beat that for peace of mind.
I wonder if the "theif" would be able to charge the real owner of the machine with anything.
With what? Tresspassing or some other computer crime. The "owner" hacked into a remote machine to see if it was his, and get information about the alleged crook so that he could help out the police.
Isn't that kind of like breaking into someones house when they're not home, because you think they stole your bike? Even worse, he then *maliciously* wipes the guys computer clean!!
Imagine the same story, but at the end, you found out it wasn't really his computer in the first place.
I had my computer stolen a few months ago. Of course, I didn't have any backdoor stuff installed on it.
:-)
However, after talking to the networking people at school, I was able to find my MAC address. Is there any way of finding a computer based on its MAC address? I know its a long shot but...
None, if they know what they're doing. All they would need to do would be boot the box in single-user mode, and change root's password. It is not necessary to know the old root password to do this.
That way I call the police, they track it down. I get my "family" to teach the asshole a lesson. God I love being Italian.
Well, my thought on this (I guess this is why I'm not a thief) is that if I heard my modem all of a sudden start dialing numbers, I'd yank the cable outta the modem as quick as you can say "busted".
Of course, most people who get "shady" equipment, in my experience, sell it without trying to use it for their own gain.
Karnal
Flamebait? That's bightin' funny!
There should be a moratorium on the use of the apostrophe.
Max V.
NeXTMail/MIME Mail welcome
That was Clifford Stoll. That piece of detective work was also done on a Mac. Great book. Clifford Stoll is a creative genius, weirdo, outrageous madman, and lover of thought.
Clifford Stoll's webpage
photosMy Photostream
I don't see how having OS 9 or X would make it impossible for Random J. Hacker to get the boot disks. Any mac with a floppy drive attached can be booted from a floppy (I have the boot disk) and both systems can be booted from the CD.
On the other hand, if these theives had any intelligence to them whatsoever, they would have a series of boot disks on hand.
T Money
World Domination with a plastic spoon since 1984
"An easier solution would be along the lines of what they do with dogs"
Send it to obedience school? Teach it to heel?
Watch out if your thief is Korean.
999 (in case its in Europe)
The emergency number in Europe is officially 112. "999" works in the UK, but is unlikely to work in other European countries.
This just exacerbates the problems with the current police system. Cops would much rather sit by the side of the freeway eating a donut, drinking some coffee and pointing a fucking radar gun at your car. God forbid they actually help people out in recovering stolen property, that has to be done by the individual these days.
Why is that? Is it because traffic citations are easy and gain them money? Is it because they can bust someone for possession of a "controlled" substance and also get forfeiture of property? Is it because law enforcement is just lazy when it comes to going after real criminals who leave behind real victims because it's not economically viable?
I'll let you decide.
Hammer of Truth
I the person is behind any type of router, all your getting is the router defined IP, not the actual IP. Then again, if he's behind a router, ou're screwed anyways
T Money
World Domination with a plastic spoon since 1984
So basically you're saying the thiefs made a mistake stealing an iMac... They could never sell it for parts. The thing is mostly one piece.
A smart theif should also steal the OS install disks...
You can shut of the modem's speaker with an 'AT' command. No one has to hear.
It's hard to be religious when certain people are never incinerated by bolts of lightning.
...the security implications of this "suicide script". I can easily see someone taking this applescript and tweaking it to create a really nasty trojan. Hope all you Mac users are either running a current version of an anti-virus proggie or have applescript disabled...
Knowledge is power. Knowledge shared is power multiplied.
Go here.
http://ItsBeenStolen.com/
It might help. It's a fun idea.
If you were working as a 911 emergency operator, would you take this call seriously?
I think there are more important emergency calls they need to take care of (i.e. murders, serious accidents or injuries, etc.), on top of the many unnecessary phone calls they already get from stupid people (i.e. cat stuck in a tree, lost the keys to an apartment, windows won't boot, etc.).
I wrote a program to do this years ago, I figured it would be *really cool* if when your computer got stolen it'd phone home *entered the wrong password at the login screen*.
It was done in visual basic *yuck* but I was so young then.
I'm a big retard who forgot to log out of Slashdot on Mike's computer! LOOK AT ME.
First you set the bios password. I know it can be removed, but thieves are idiots afterall and this might take them a good deal of time.
/home filesystem through the crypto loop back (you *do* mount your /home dir through the crypto loop device in Linux, right???). Obviously, they won't be able to guess this password (hell, my password to do this consists soley of 9 digits).
/home, a sweet little /etc/init.d/ script you made sends your IP address via email to you. Then you can SSH on in do whatever you like.
If they get past that, and boot, they'll be confronted with a password prompt to mount your
So they will have to remove somehow repartition the drive and install another operating system. Can a thief do that too? This causes the thief precious time and effort... more and more the machine becomes a less interesting proposition.
Between boot and trying to mount your sensitive crap in
BTW, I can't spel.
The Timbuktu extension that's installed on it posts a unique identifier to Netopia's IP Locator server (findme.netopia.com) whenever it connects to the internet.
What about the privacy aspects of this? Sure, in this instance it worked out to be a good thing, but do you really want someone else to know where you are using their license? How is this different than Windows XP phone home? What -other- information is being transmitted to Netopia?
I went through this same drama last year when our company kept having our laptops stolen at night. Our instant messenger software quickly gave us the IP of the stolen laptops as soon as they were brought online. I called the police, Earthlink, AOL, and Netzero with exact call times and IP hoping for help. Didn't get ANY... police were very impatient, saying unless I could prove (via fingerprints, door busted open, etc) who stole them, they wouldn't do ANYTHING. ISPs said they wouldn't act without a subpoena.
Moral of the story: Have it call home to a CallerID box- having just the IP won't get you anywhere.
In order to prosecute someone for possession of stolen property (their only option in this case unless there was evidence to show that the lady was the actual thief) you have to show that they knew or had reason to believe that the computer was stolen, and that's a pretty hard thing to prove in court.
So if I burn/tattoo/carve "Property of name" into the machine, is that proof enough that it's stolen property? Then when I sell it, I can include some kind of signed proof of sale.
Flushed with a sense of accomplishment from landing a cushy job getting cussed at, spit on, and occasionally having to duck bullets for the princely sum of $18,000/year, these guys really get off on standing in the rain writing tickets.
More likely it is because ticket revenue makes up a large portion of most department's annual budget, so it's more like, "If you want a new bullet proof vest you better get out there and write daddy some tickets like a good little bitch." It is inconceivable to me that these guys actually have ticket quotas. Does that mean we aren't doing our job as a citizen if we don't occasionally get caught speeding so we can pay our "supplemental taxes"?
Don't hate the cops-- hate the administration that wastes all your tax money and police resources on the "war on drugs", and forces officers to whore in the streets for money to shore up budget holes that are left behind as a result.
Hate the "police state" if you want, but try to remember that cops are people too, and a lot of them hate their jobs and bosses as much as you hate yours, only they are hating theirs for less money with a much greater risk of injury or death in most cases.
My dad was a police officer for a while, and he used to tell me, "Cops are people, just like everyone else. The problem is that for what they are paying, you tend to get two kinds of candidates: starry-eyed idealists naieve enough to think they can "make a difference", and people who couldn't find a job doing anything else." Unfortunately there is a shortage of the first kind. Feel free to sign up if you would like to offer your intelligence and talents to serving the community for little or no compensation.
When I told him I was thinking about becoming a police officer he told me, "Son, if you have any involvement with law enforcement it better be from the other side. You will make a hell of a lot more money, and people will respect you more. If that doesn't help you make up your mind know that I would rather shoot you myself than hear someone else shot you."
I think most of what is wrong with police services today comes from the top down more than the bottom up. Even granted that you aren't working with the best and brightest most of the time, if the administration pointed them in the right direction and focused on the right things we would al be happier, officers included.
I've got a Windoze 95 laptop that I need to use for programing my race car - every other machine I own/touch is Unix/Linux.
It would be good to have some sort of anti-theft reporting tool on it.
Where'd you find this ipconfig program? I had a quick look at the laptop, and didn't see it there. Is it a Win95 deal?
Does Win95 have the ability to run a script at network start?
Thanks
DG
Want to learn about race cars? Read my Book
Naturally, a local number is useless, unless you are willing to have your computer try to make a long distance call to your local PD.
It would be nice if there were a common set of geographically-independent numbers that mapped to common services (fire, police, general emergency, medical, etc.)
You could've hired me.
Some people have suggested a "real" thief would just erase the HD and start over. And, some might.
But most thieves are dumb, or at least cheap; do you think they are going to erase PhotoShop, etc and go out and buy a copy, and then do that 20 or 50 more times? It isn't much use without apps.
If you don't leave your SW about in an obvious place, they won't have an OS install CD (to boot an iMac or any Mac made since about 1996. A boot floppy is useless; most won't boot with System 7.1, which did fit on a floppy. And if your floppy collection is anything like most people's, there won't be a decent label on it anyway. x86 is, of course, different; boot floppies are pretty easy to come by and they work).
Auto-dial 911 is A Bad Idea; they have enough trouble with users who can't figure out why the cellphone called 911 from a football game cuz the guy sat on it and it auto-dialed with "quick 911" enabled.
A periodic eMail to your own account sounds good; there is plenty of evidence there and, properly done, it doesn't compromise your own security (or risk your own life w/electric keyboards... YIKES! -I don't trust any computer that far).
Especially with conventional information like a telephone number, you can often hire private investigators who are able to dig through and find enough information to snow you under--names, parents' names, histories, high-schools, photographs, social insurance (or security) numbers, voices, credit card numbers--all sorts of really cool things.
:)
And private dicks aren't that pricey!
I think, armed with a phone number, I would've been a little more likely to track down this woman on my own and steal my computer back from under her nose. Maybe leave a note--"Your computer was stolen property and I'm taking back what's mine. I dare you to call up the police and report it!"
Chances are pretty good that the PI will be able to track down that "some guy" that she got the 'puter from as well by following her round and taking photos. That would be even cooler.
HELP! Do you know MiniVend or Red Hat Interchange? I'm transferring this website to an ISP that uses Interchange and I'm baffled by simple stuff - how to set up a simple post form from my static html, how to turn on a shared SSL. I don't want such features as inventory tracking, product searching, or top/side/left pushbutton transfers. I wish to keep the same appearance of my website, but use Interchange for the ordering.I'll gladly trade several Klein Bottles in exchange for help. Send email or call on the phone!
from http://www.kleinbottle.com/
An Education is the Font of All Liberty
I'm glad to see that this still works.
I used to admin a Mac only shop, and all of our desktops and powerbooks had Applescripts to email us any new files that had been created if they were stolen. Authentication was a dialog box at boot that said "Erase Computer?"
It was very simple, and I believe that lowendmac.com has a story about recovering a stolen powerbook.
Why not have a nice gui lilo (that looks like windows 98 startup sequence) default boot into a windows 98 partition if the computer has been off for X hours? You can easily suppress showing the real startup sequence. Who here has their main computer off for more than 4 hours?
An Education is the Font of All Liberty
Since you mention it, what ever happened to Timbuktu?
It was supposed to release last March, then they delayed and delayed it. Then they took down their site. Never contacted their old friends either!
IANAL, but I have previous experience with issues like this as I used to sell used computers, and I didn't always purchase my stock from the most reputable sources.
If you buy from a store, or from an auction, you're probably safe. But if you buy from an individual, especially from someone you don't know, you might want to do some sanity checks. First, check for serial numbers. If there aren't any, DON'T BUY IT. This can be tough if the computer was self assembled as some clone cases don't have serial numbers on them, but practically all OEM computers will.
After purchasing it, WIPE IT. Reinstall the operating system from scratch at the very least. If you're a good samaritan, you might want do back up the system, especially if there seems to be any personal information on it. But you want the system itself to be clean.
Take the serial number on the computer and any other equipment you bought, and report it to the police. Pawn shops do this all the time. First of all, if any equipment you report comes back stolen, you can't be prosecuted for possession of stolen property, even if you had a pretty good idea it was stolen. Secondly, I'm not sure about every state, but in Texas even if it IS reported stolen, you're still the rightful owner of it and its the responsibility of the original owner to prove in court that they are the rightful owner before being able to reclaim it. Pawn shops usually get around this by offering to return the equipment for the price they paid for it (which is generally a small fraction of what the equipment is really worth). In many cases the equipment is insured and the original owner would easier collect on the insurance rather than spend a couple years in court trying to get a computer back that by the time they finally get it would need to be replaced anyways.
As for the lady in the article, it was probably one of those "look the other way" things. I'll get a good deal on a computer and I just won't pay attention to how I got it. If there was even the slight bit of legitimacy to her purchase she wouldn't have been so eagar to take a plea agreement.
-Restil
Play with my webcams and lights here
CMU stolen-printer recovery story
Yeah, I'm a Karma whore. That's why I'm AC.
Rack up the perps LD bills with overseas calls
to ISPs at the other side of the world.
- Applescript/Timbuktu run as root,
- People can upload and run all kinds of interesting applications to any computer running Timbuktu and execute them in real time.
How is this better than Outlook Express and VBScript ? The #2 feature is useful, I suppose, but running it as root (#1) turns it from a useful tool into a nuclear bomb on a self-timer.>|<*:=
At our local geek store, on the wall, is this running gag. This guy took an old case and filled it with cement (harder than you might think). Then he sets the 250lb beast on his front porch. He keeps a running log of movement and/or spottings of people trying to steal it. One time someone did steal it only to leave it in a ditch not 20 feet away. Later, he made a 350lb version of a working computer! He has detailed plans for doing this :). Personally, after driving by the place to see for myself, I can't imagine walking all the way across his yard, picking a computer off the porch, and walking back, in plain daylight with neighbors and all! But, no, the logs plainly show that people try this all the time. he should design a camera triggered by the case's movement to get the look on their faces when they try to pick it up >:).
I would like some milk from the milkman's wife's tits
I have a program that connects to my web site and downloads a file when it is online. The file has commands to run on the local comptuer, usually this is just "pass" to do nothing.
Using GPG I make sure the digital signature of the file matches before running the commands. This way I can remotely update the file and it can execute anything I can program in Python.
Never had to use it yet though.
You're kidding!
$50K and I get to carry a GUN?
Screw system administration. I never get to wave a gun at anyone here...
I'm going to sign up.
I wonder what my odds of passing the psych eval are...
Sounds like they did her a favor, especially if it was one of those teal ones.
I belive Chicago has set up 311 as a non-emergency number...
I thought that there was a company that claimed a year ago that even after wiping the hard drive of a notebook, it could still contact either that company or the owner about it's wearabouts. I thought I remember seeing it 8 months ago. Anyone else know what I am referring to?
I turned mine off yesterday while I was at work. I was saving time so that I could get my new hard drive in ASAP when I got home.
These Mac guys are getting all excited about after the fact (albiet somewhat clever) 'document shredding' precautions in case someone ever steals their computers.
Howabout do something that preserves the content, yet renders it useless/unreadable to crooks? I'm of course talking about using encryption, either file level or file system level.
Of course there is a saying, "If all you have is a hammer, everything starts looking like nails.". I say "If all you know is Applescript, start learning about other more widely used solutions."
-k
Yeah but you can realize whats going on and issue commands to lilo once you've stopped it or just use a boot disk if it has been down that long.
An Education is the Font of All Liberty
LILO: linux init=/bin/sh
Of course, would a theif know that....
Lies about crimes
What is wrong with you people? It would be SO easy to build a FOOLPROOF PC recovery system. Here's what I'd do in two easys steps (if I was a paranoid loser):
1) I run a cable modem. Because of this the phone line is never plugged in. Create a script that dials the modem to 911 after 2 hours of inactivity and play a recorded message stating that the system was stolen and to call you at home for details, etc. All 911 calls are recorded, caller ID'ed and taken seriously. Instant thief ID.
2) Install Back Orifice! It does everything you could ask it to do when a user gets online. Easy and proven effective. If for some reason the 911 trick fails or the cops aren't amused, you'll always have this a a backdoor.
1. No. But the owner probably set herself to auto-login, so the owner and theif had the same permissions;
2. Only if they have the username and password to that account, and Timbuktu is set to allow remote connections.
Maybe think-before-post next time?
Lies about crimes
Uh, read it again, Captain Swift. He's saying that a thief is more likely to reformat and install Windows than try to figure out what this weird Linux thing is. On the other hand, if the machine automatically boots into Windows, the thief is much more likely to use it as is, allowing the scripts to do their job. So really, you're better off having a small Windows partition for this purpose that'll boot automatically under "stolen" conditions, rather than give the thief an excuse to wipe it clean.
Only one thing kept crossing my mind though.....why bother !
:o)
The best punishment would have been to let them keep it, that way they'd never learn about "real" computers
Stick with 112 for even in the UK this works :)
May contain traces of nut.
But if you had a program such as this on your Windows machine, someone would think of a way to incorporate it into an email worm and activate it remotely. Something like this could send all your personal data to someone you don't even know, and without you even knowing about it. If a program like this is ever written, it would be a major security risk to any Windows user.
Possibly even more of a security risk than Outlook. Mmmm, maybe not.
Lack of eloquence does not denote lack of intelligence, though they often coincide.
Naturally, a local number is useless, unless you are willing to have your computer try to make a long distance call to your local PD.
Well, it's not like it's your phone line the laptop will be using when it's supposed to do that.
What time is it/will be over there? Check with my iPhone app!
I was thinking about this yesterday, actually.
a -remote-detonator as well.
When I turn my Thinkpad on, it gives me a nice big IBM logo. What if one could replace that logo with a bitmap of some sort, that was password protected like BIOS passwords are? It could say "property of, gimme the thing back, etc etc" and would be completely impenetrable.
The whole phone-home thing seems logical, but for those of us who use OS's that can't be accessed without a password (ie XP/WinNT/Win2k, assuming it's set up properly) the machine is going to NEED a reformat/reinstall before it's been swiped anyways. By the time someone got into my OS (so that a dialer could work) they would need my user pwd, which hopefully they wouldn't have.
It would also be nice to see a machine *properly* support secure smartcards so that the machine would be useless (except for parts, no way around that) without it.
Of course, I like the mini-tower-case-on-the-porch-stuffed-with-C4-and-
-
-- "Ignorance more frequently begets confidence than does knowledge." (Charles Darwin)
The problem is that for what they are paying, you tend to get two kinds of candidates: starry-eyed idealists naieve enough to think they can "make a difference", and people who couldn't find a job doing anything else.
So cops are like teachers, except they get shot at slightly more often?
> if they have the boot loader set up with no password then you can just force it into single user mode then edit the /etc/passwd file
You mean, you could boot it into single user mode - your average home thief, they're staring at a LILO: prompt with no clue what to do except get rid of it or reinstall Windows.
> 2) Install Back Orifice! It does everything you could ask it to do when a user gets online. Easy and proven effective.
Sounds good; do you have a link to the Linux version?
Or you can just have a backup OpenBSD partition on your computer all the time. Set it to load by default, unless you enter in your password, in which case you can load an operating system of your choice. Of course, the theif won't know this password so he'll be loading up OpenBSD when it boots and just trying to figure out how the fuck to use it would be enough to make him/her _pay_ to return the computer. ;-)
The woman in possesion of the computer got
1 year probation and the thief was not found ('some guy')?
I find it difficult to believe that this
happened in the same country where
the police put 40 rounds into a man reaching for
his wallet.
Justice was certainly not done in this case
and the man who stole the iMac may be
stealing YOUR PC tommorow.
as soon at is powered on, phone home wirelessly
Problem with not dialing a local number is that the thief may not have long distance.
At least old AWARD bioses allowed you to flash a small logo of your own. I think AMI allowed that too. You needed to find the program to do that but it wasn't too difficult. I'm somehow thinking IBM wouldn't provide such programs - shame, would've made this A30p just perfect.
Of course, computers that you could order to self destruct with for example an SMS message would be cool. "That thief's not getting his stuff... and what's that smoke coming from the garage?"
Thieves would have an exceptionally hard time even working out how to turn on my computer.
It runs a real rat's nest of cables. It has two SCSI controllers. The hard drive inside the machine isn't set to boot, and its currently not even showing up.
Three hard drives run in two external cases (one is boot), and to switch it on at present requires the throwing of two switches on the wall behind; one on the side of this desk; and one on the front of a external HD case.
It runs an obscure architecure and OS (suposely dead since 1994) and has cables to all ports bar one (Mono video out)
The Internal floppy drive is a mess too; I use the external.
(David Bowman, EVA near HUGE Monolithic Win-PC in orbit around Jupiter) "My God - its full of Malware!"
At least hers was attractive enough to want to steal.
What happens if there's a power failure while you're not around? When the system reboots and you're not around, you're in trouble. Of course, many BIOSes are compliant enough with ATX to offer the ability to stay down if power failure occurs, but what if your BIOS battery gets wiped out?
I like the idea, written above, of having a GPS phone send an SMS daily with tracking info. However, I know nothing about GPS phones. I hope this functionality is easy to create...
Get off my launchpad!
Sorry, musta not had enough coffee that evening, but her/his tone caught a nerve.
It really doesn't have anything to do with Macs though (and certainly nothing to do with the hardware); it is no different than ftp and a shell script.
I take exception to your think-before-you-post comment though: a reasonable assumption is perfectly valid. I could have gone through all the other possibilities, but in effect they are the same: owner and thief had the same privs.
Lies about crimes
Well thanks for that.
In fairness it's not quite as structureless as Cobol. It kind of "pretends" to be structured (again not flamebait, but compared to other languages it's certainly lacking), and at first glance it looks to have a little scructure, but it's actually not got much (imo).
I mean, there is no way you could program anything heavy duty in it in an enjoyable way because there is not enough flexibility to create your own methadologies. What I love about Perl (sick and twisted as it is) is that you can very quickly easily create your own coding methadologies for a project - one that every one can agree on and that suits the project best.
HyperTalk had that (only slightly less so than Perl)
It's easy to do actions and then record them in AppleScript, so you can open an email or a file, send an email, modify a file, move folders, compress folders etc and you can very easily figure out how to modify the scripts and you never have to read documentation. That's a good jumping off point for users, but that is not the same thing as grokking the language and using it properly, and the lack of structure makes it difficult to get beyond this (or even want to get beyond this stage!) for all but the most bitterly determinted, meaning that most people look at it once and get board.
If you want to write something a regular Systems Admin might find easy, like say (just as an example):
Recursively open all the files in a directory and all it's subdirectories that end in ".c" , grep them for variables, permform subsituions on a couple of the variable names and then compress all the directories that contain files that haven't been modified in the last 30 days.
Then it's possible in AppleScript, but it will be ugly and you look at the code, and go, yuck! There would be just so much code, about the same as a C version of the same thing.
It's hard to imagine that Apple don't see these issues, but I get the impression that by trying to bring powerful scripting tools to users the engineers developing the software are loosing focus and don't realise how hard it really is to use for really useful day to day stuff. I think, in this instance, that they need to change AppleScript to be more like a typical scripting language - using some features of something like Rebol and Perl - and just have the users accept that they need to spend a *little* time learning it to actually use it well and to reap the rich rewards that it can offer.
As I understand it most car theives take the car to an abandoned lot, and leave it there for at least a few hours. There is too large a risk of having the chop-shop/shipping dock exposed via Lo-jack technology.
As for a Laptop, it's not quite as understood as an automobile, and a non-professional theif probably wouldn't be able to open one without breaking it. Automobile parts tend to be more interchangable then most laptop parts as well. Most computers, especially Laptops (and iMacs) tend to be treated as Unit items.
Too bad I don't have the link, but I recall reading about somebody who had their laptop stolen, perhaps on a train. But within the hour, it was abandoned and he got it back, presumably because it booted to a Linux command line, and was likely considered useless. I guess you have to see the pretty Windows screen to show that it works.