Slashdot Mirror
Mac Thief Caught Thanks To Applescript & Timbuktu
el.cerrito.slasher sent in an amusing bit found on MacSlash. This story
is a tale of a stolen iMac that just happened to be running Timbuktu (a remote
control program like VNC I believe). Well the stolen box kept getting
used, and the owner was able to track it down through
a variety of amusing Timbuktu Fu. Funny story.
Personally, I'm slightly security paranoid, but I don't believe that anyone who steals my machine is going to care what's on it, but more likely swap drives. Ok, that's what I'd do, at least.
But, looking at this, I'd love to have something like this running. Are they any current security programs that do things like this? I would need it for Windows and Linux.
Now if only I could have it run in the BIOS. Imagine if on the bios level, without a proper key or password or whatever, if the hard drive was removed and replaced, it would then call a panic number whenever connected. That'd be neat.
The power of accurate observation is commonly called cynicism by those who have not got it. - G.B. Shaw
All it would take to permanently disable this sort of thing would be to format the hard drive and reinstall the OS. And that would be very likely to happen on a Linux box. I mean seriously, how many thieves are going to be willing to sit and work at a Linux box till they come up with a valid Username/Password combo?
With a Windows box, on the other hand, you could easily write a program to verify the computer's IP address at boot time, and if it doesn't match, send an email to you reporting the unusual IP address and any other useful info you can think of. At each boot thereafter (common with Windows, of course) it checks a particular file on a particular server for instructions on what else to do, such as activating auto-destruct. That way you never auto-destruct your own computer by accident, since it requires permission first.
If you were particularly ambitious, you could have it activate a keystroke logger and email the recorded info to you each time it boots.
Wired Article on how d.net helped someone track down their stolen computer.
Since AppleScript was invented, obviously. (90-91?)
IIRC, set text item delimiters of AppleScript to {":"} works just as well. It's the versatility and its way of knowing where to put parentheses that makes AppleScript easy.
Recovering the iMac at all is very cool. Every PC and Mac should have some "phone home" program installed; I bet most stolen computers aren't wiped. Anyone buying a Mac/PC on the super-cheap, is unlikely to buy or dig up a copy of the OS to start fresh.
:-)
:-)
:-)
The lack of a prosecution for the theft is disappointing. (As someone who has had their place robbed twice in the past two years, I find the low capture/prosecution rates depressing; it just doesn't seem to be a priority with law enforcement. Sigh. Oh well, if anyone tries to hit me again, they'll be on candid camera
What might also have been cool, would be to use AppleScript to flip on the microphone, record the sound in the room, and send the recordings now and then, when connected. (Or use AppleScript to download a program that does the same; I don't know AppleScript.) That would potentially allow more "evidence" to be collected. If the lady didn't steal it, there's a chance you'd record something that would be useful. (Her thanking her brother-in-law for the Mac, or the like.) Having the Mac copy you on all incoming and outgoing mail may also be useful. (Not sure if the Mac could do it; Outlook almost does this by itself, with all the viruses it accepts
Probably not admissible in court, I guess. Although using a stolen device for surveillance really *should* be a legal means of admissible evidence, in a perfect world
-me
Love many, trust a few, do harm to none.