Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mac Thief Caught Thanks To Applescript & Timbuktu

Posted by CmdrTaco on from the funny-late-night-story dept.

el.cerrito.slasher sent in an amusing bit found on MacSlash. This story is a tale of a stolen iMac that just happened to be running Timbuktu (a remote control program like VNC I believe). Well the stolen box kept getting used, and the owner was able to track it down through a variety of amusing Timbuktu Fu. Funny story.

15 of 367 comments (clear)

  1. applescript strikes back by athagon · · Score: 4, Interesting

    What a brilliant idea. AppleScript - although simplistic and arcane - obviously has some uses. Forget getting the iTunes song or FTPing files, here comes the Timbuktu/AppleScript remote-disk-erase squad! ^_^

    --
    I think, therefore, I'm smarter than our president.
    1. Re:applescript strikes back by Morth · · Score: 5, Interesting
      Yikes! That is some urglee code. I mean come on, since when has code used a possessive apostrophe?

      Since AppleScript was invented, obviously. (90-91?)
      IIRC, set text item delimiters of AppleScript to {":"} works just as well. It's the versatility and its way of knowing where to put parentheses that makes AppleScript easy.

    2. Re:applescript strikes back by gazbo · · Score: 3, Interesting

      Thanks for your response, it was enlightening (for those of you who got the wrong idea, I really was looking for comments about writeability, and not just starting a flamewar)

      In fact, although it seems a little 'ungodly' I can see the appeal of the apostrophe to refer to a member variable. Of course, this would likely not work in C++ as the -> and . operator mean different things, so could not just be replaced. I can see how it would work nicely in Java however (*slap* Java uses . not -> there is no need for a pointer dereferencing operator in Java because of its pointer model)

      Not too sure about using it to reference array elements though, it loses some of its English semantics, and there is a lot to be said for having one operator to do one thing.

      I guess the most enlightening part of the response was about using it for interoperability. I guess you're right, it makes perfect sense for that; after spending the last week doing efficiency hacking, I was looking at the code from the wrong viewpoint ;) On a second look, I particularly like the line:
      tell application "Finder"
      Nice way to bring apps into context.

      Anyway, enough rambling, but thanks for the info.
      NB. I'll stick with bash for now...

    3. Re:applescript strikes back by phillymjs · · Score: 3, Interesting

      I'll grant it's wonderfully readable, but in people's experience, is it actually easy to write?

      It takes some getting used to, but AppleScript is extremely powerful. Scriptable applications written by competent authors/companies include a dictionary of all the scriptable terms/objects/etc so you have a ready reference.

      I few months ago I wrote an AppleScript CGI that duplicated the functionality of Outlook Web Access, but pulled the mail from the copy of Microsoft Entourage (not the OS X version) on my Mac at home.

      I did this mostly just because I was bored one day at work. It worked very well during testing with a copy of Entourage with only a few dummy messages scattered around, but unfortunately any decent amount of mail (like that contained on my Mac at home) would bring timeouts galore because it took too long to parse the mail folders and generate the pages. I dropped the project, but kept the code because it had a lot of useful functions I might need again someday. It was also pretty portable-- in less than two hours, I made two more versions of the CGI that worked with Claris Emailer and Outlook Express to see if things would work better, but they didn't.

      ~Philly

  2. Can I do this with my laptop? by bildstorm · · Score: 5, Interesting

    Personally, I'm slightly security paranoid, but I don't believe that anyone who steals my machine is going to care what's on it, but more likely swap drives. Ok, that's what I'd do, at least.

    But, looking at this, I'd love to have something like this running. Are they any current security programs that do things like this? I would need it for Windows and Linux.

    Now if only I could have it run in the BIOS. Imagine if on the bios level, without a proper key or password or whatever, if the hard drive was removed and replaced, it would then call a panic number whenever connected. That'd be neat.

    --
    The power of accurate observation is commonly called cynicism by those who have not got it. - G.B. Shaw
    1. Re:Can I do this with my laptop? by nzhavok · · Score: 3, Interesting

      but I don't believe that anyone who steals my machine is going to care what's on it

      Well I'm sure plenty of people would want my massive pr0n collection ;-)

      Are they any current security programs that do things like this?

      Well I looked into this last year when I was flatting with 5 new people. It's not that I didn't trust my roommates but when flatting with so many people they're bound to at least have a couple of pretty dodgy friends amoung them.
      Linux is pretty straightforward, I mean if your using a dial out you can just use pppup to launch a script to mail you when they're online or whatever.
      Problem is most theives aren't likely to be able to pring up ppp on my box, oh well.
      For windows I don't know. But it shouldn't be too hard to set something up like this, even modify back-oriface 2k or something to give you the functionality you need.
      In the end I decided the best way to do this was to get a prepaid cellphone with GPS (charged by the 5v line with a regulator), have it send an SMS message every day or so. The benefit is it doesn't matter if the machine is dial up/lan, or even if it's not used by the theives. Of course the problem with this system is a GPS cell phone isn't cheap.

      --

      He who defends everything, defends nothing. -- Fredrick The Great
    2. Re:Can I do this with my laptop? by mindstrm · · Score: 3, Interesting

      You would swap drives, yes. But you aren't a thief.

      But your average guy who stole the computer to make a quick buck won't.. and neither will the schmuck who bought it from him.

      Several companies sell packages for the PC that are theft-detection packages. Very low-level virus-like things that are internet aware, etc.

  3. Neat! But . . . by Selanit · · Score: 5, Interesting

    All it would take to permanently disable this sort of thing would be to format the hard drive and reinstall the OS. And that would be very likely to happen on a Linux box. I mean seriously, how many thieves are going to be willing to sit and work at a Linux box till they come up with a valid Username/Password combo?

    With a Windows box, on the other hand, you could easily write a program to verify the computer's IP address at boot time, and if it doesn't match, send an email to you reporting the unusual IP address and any other useful info you can think of. At each boot thereafter (common with Windows, of course) it checks a particular file on a particular server for instructions on what else to do, such as activating auto-destruct. That way you never auto-destruct your own computer by accident, since it requires permission first.

    If you were particularly ambitious, you could have it activate a keystroke logger and email the recorded info to you each time it boots.

  4. praise osx by banky · · Score: 4, Interesting

    Now instead of all that freaky AppleScript, the payload of the script is a simple
    sudo rm -rf /

    Applescript is my least favorite part of Macs. (shudder). it's nice to be able to integrate shell scripts as AppleScript now; just wrap the entire shell script in a single line of Applescript.

    --
    ZOMG I WOULD LOVE TO KNOW ABOUT YOUR FEELINGS ON MACINTOSH VERSUS WINDOWS, VI VERSUS EMACS, AND HOW YOU'RE NOT A DORK
  5. Reminds me of Distributed.net by realdpk · · Score: 5, Interesting


    Wired Article on how d.net helped someone track down their stolen computer.

  6. Record 'em! by PhotoGuy · · Score: 5, Interesting

    Recovering the iMac at all is very cool. Every PC and Mac should have some "phone home" program installed; I bet most stolen computers aren't wiped. Anyone buying a Mac/PC on the super-cheap, is unlikely to buy or dig up a copy of the OS to start fresh.

    The lack of a prosecution for the theft is disappointing. (As someone who has had their place robbed twice in the past two years, I find the low capture/prosecution rates depressing; it just doesn't seem to be a priority with law enforcement. Sigh. Oh well, if anyone tries to hit me again, they'll be on candid camera :-)

    What might also have been cool, would be to use AppleScript to flip on the microphone, record the sound in the room, and send the recordings now and then, when connected. (Or use AppleScript to download a program that does the same; I don't know AppleScript.) That would potentially allow more "evidence" to be collected. If the lady didn't steal it, there's a chance you'd record something that would be useful. (Her thanking her brother-in-law for the Mac, or the like.) Having the Mac copy you on all incoming and outgoing mail may also be useful. (Not sure if the Mac could do it; Outlook almost does this by itself, with all the viruses it accepts :-)

    Probably not admissible in court, I guess. Although using a stolen device for surveillance really *should* be a legal means of admissible evidence, in a perfect world :-)

    -me

    --
    Love many, trust a few, do harm to none.
  7. Re:Neat! But . . . by alexburke · · Score: 3, Interesting

    Problem solved:
    LILO boot: linux -s

    To be precise, that should be whatever the name of the image is, followed by '-s'. You can hit TAB to view a list of images.

    Now, if whoever installed Linux locked down lilo as well (with the restricted keyword in /etc/lilo.conf), then this won't work without a password. But a lot of Linux installs I've sat in front of are open to this...

  8. This reminds me.... by sawilson · · Score: 3, Interesting

    Of an admin legend I heard once about an overzealous equipment cage guy that spent years doing tcpdumps scanning for the mac addresses that belonged to a shipment of missing ethernet cards, and eventually caught the guy that did it. Anybody ever heard that one?

    --

    The most important thing any republican needs to know.
  9. Very Sad by smack_attack · · Score: 4, Interesting

    This just exacerbates the problems with the current police system. Cops would much rather sit by the side of the freeway eating a donut, drinking some coffee and pointing a fucking radar gun at your car. God forbid they actually help people out in recovering stolen property, that has to be done by the individual these days.

    Why is that? Is it because traffic citations are easy and gain them money? Is it because they can bust someone for possession of a "controlled" substance and also get forfeiture of property? Is it because law enforcement is just lazy when it comes to going after real criminals who leave behind real victims because it's not economically viable?

    I'll let you decide.

    --

    Hammer of Truth
  10. Make it undesirable!! by debiansierra · · Score: 4, Interesting

    At our local geek store, on the wall, is this running gag. This guy took an old case and filled it with cement (harder than you might think). Then he sets the 250lb beast on his front porch. He keeps a running log of movement and/or spottings of people trying to steal it. One time someone did steal it only to leave it in a ditch not 20 feet away. Later, he made a 350lb version of a working computer! He has detailed plans for doing this :). Personally, after driving by the place to see for myself, I can't imagine walking all the way across his yard, picking a computer off the porch, and walking back, in plain daylight with neighbors and all! But, no, the logs plainly show that people try this all the time. he should design a camera triggered by the case's movement to get the look on their faces when they try to pick it up >:).

    --
    I would like some milk from the milkman's wife's tits