Slashdot Mirror
The Khaki Bandit Strikes At IT - 130 Stolen Laptops
destinyland writes "'The khaki bandit' posed as an office worker at several corporations and successfully stole over 130 laptops which he later sold on eBay. The ease of theft from the corporate offices (including FedEx and Burger King) shows just how bad corporate security can be. In some cases, the career thief just walked into the office behind an employee with a security badge. Two million laptops were stolen just in 2004, and of those 97 percent were never recovered. Ultimately it was the corporate headquarters of Outback Steakhouse who caught the thief with a bugged laptop that notified them when he re-connected it to the internet."
From the article "Over the years he'd pocketed at least $20,000", which comes to a mere $153.85.
No wonder eBay shoppers were happy with the deals they got.
God: An invisible friend for grown-ups.
...I work in a shop on occasion, and the number of stolen laptops that come through with people trying to sell them to us is simply mind-boggling. I'm not talking about pissy little Pentiums, either, these are the latest, greatest in portable number crunching. Some have passwords on them as their only real identifying feature (the serial numbers and Microsoft licenses are usually scratched off), which I tell the seller is not possible to circumvent (in some cases they're not, being on the BIOS rather than the OS). Other tricks they have is coming in claiming they've lost or wrecked the power adapter (how convenient) and need a cheapo universal one. Sure, I'll sell them the universal brick but they're not testing the thing in the store.
Net bugs are a good thing to have, I think (got one on here), particularly given the plentiful supply of open wireless points in most large cities now. Turn on machine, bug sends data burst, thief is cornered. Hell, he doesn't even need to physically connect to a network these days.
Operation Guillotine is in effect.
I believe most tracking software creates a separate partition that would survive a standard reinstall, but not a complete reformatting of the disk.
What I think would be very effective would be a laptop, created explicitly for businesses, that would implement the tracking system in hardware. If you added it to the integrated wireless networking, you wouldn't be able to shut it off, and you could track it whenever you needed to. If you are concerned about battery life, you could allow someone to shut it off, but have it wake-up every few hours just to check in. When it checks in, if it's labeled as stolen, the networking stays on, allowing for constant tracking.
There are some privacy concerns with a tracking device that can't be turned off, but that's why I said it would be explicitly for businesses, (or people who want that feature explicitly). For many businesses, the loss of privacy is less important that the ability to track their assets.
Reading code is like reading the dictionary - you have to read half of it before you can go back and understand it.
...are really not enough for security. I work at a building that I need keycard access to, but cards eventually become worn and some break so that they cannot be displayed anymore, and the company won't pay for a new one every time that happens. So there are two results: People don't wear them explicitly, and people don't question who they are letting into the front door behind them. I'm personally in favor of having a guard stationed at a single entry, at least for larger buildings; someone who can recognize people's faces and can be held responsible for stopping people he doesn't know. ...There's the danger of him being an asshole, but I'd be willing to take that chance.
Ehm.... I have a work laptop. I would have preferred a desktop, but I got a laptop. Why exactly would I need to pack up my laptop every night, and take it with me or even lock it in a closet if it is in the office? I mean, if my coworkers are going to steal it, then the company has bigger problems than me leaving the laptop unattended overnight and during my holidays.
The office is only accessible with a keycard in the first place, so that leaves the cleaning ladies as possible thieves.
I don't know, but unlike so many of my coworkers, I feel no need at all to take a work laptop home. I've got plenty computers at home, the work one isn't going to make a difference to me.
We must keep paper towels out of the hands of terrorists. Even the janitor's closet has better security than most offices.
Seriously though, companies will take you to court over stealing a few hundred bucks worth of equipment but if you rob the company blind with sleazy accounting, incompetence, and outright robbery as an executive you get let go with millions in severance.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
A few years ago I was working in IT for a university. One of the professors didn't like the buttons by the touchpad because he would bump it with his palms while typing and end focus would change to some other app. So instead of disabling the touchpad, he just broke the buttons off. That was fun to explain to the Dell rep when he had some other hardware problems that needed to be replaced.
Stop Global Warming!
Just say no to irreversible processes!
Ultimately it was the corporate headquarters of Outback Steakhouse who caught the thief with a bugged laptop that notified them when he re-connected it to the internet.
Which is funny as hell, because I've read several times on Slashdot (sorry, no time to search) about people who have their laptops set to do just that, but when they inform the police that their laptop is in use by a customer of this ISP with that IP address, they're told to go pound sand, that the police don't have time to go catch criminals that you can lead them to. It's trivial--especially with MacBooks--to have it send you not only the IP address but a picture of the theif if you want--but it seems to do no good.
Maybe the thing to do would be to get laptop insurance and then have the info emailed to the insurance company.
Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
Somehow I have a hard time believing 2,000,000 laptops were stolen in a single year. That's nearly 5,500 per DAY. I don't think Dell even move than many laptops in a day. And I don't know a single person, personally, who had their laptop stolen. Ever. Where do these numbers come from? Are people just reporting stolen laptops for insurance claims? And now they have two laptops?
No sig for you. YOU GET NO SIG!
What this guy did I've done many times. Sure I didn't steal anything but using this tactic to get the advantage over others is dead easy. for example... long line in front of a store selling the new Wii "sorry, passing trough - sorry i work here." and 5 minutes later I walked out with my wii while others spend hours waiting. It just takes a certain aura really when people see you walk by they have to think "he belongs here" you'd be surprised how easily I can cut a line in a attraction park wearing a old repair company jacket I got for a spare time job. Why wait a hour or more if you can just walk past everyone... I'm pretty sure I could walk in most large companies take almost anything I want and walk out without anyone questioning it. As mentioned above just stick a big sticker "RMA" or "repair" on a 30" monitor and walk outlike you're just doing your job. I wonder if this falls under social engineering.. I mean you're basically (ab)using the people around you to believe you're someone else.
Speaking of being "the IT guy", I am so very rarely stopped when wandering around strange floors in my company, or when leaving with equipment. I could see why someone with a criminal mind would find it trivially easy to steal equipment from a large corporation. Asking questions is the easiest, easiest way to discourage theft. Start with, "Can I help you?" and go from there.
psmylie's dictionary: Godzillion (noun) Any number large enough to destroy Tokyo
I knew a woman who was a researcher at MIT in a biochem lab. Before MIT refurbished its biochem labs they were wide open. Anyone could walk into almost any room. Grad students were notorious for being lax about security. The local bums and thieves also knew this and would wander in and steal student's purses, wallets, laptops, etc. One day she came in and found that someone had rifled through a fridge full of bacteria in liquid media. Good thing for them they didn't think it was free Hi-C and guzzle it down or they would've spent the next week or so clutching thier stomachs on the toilet. If they'd played with the enzymes for running the electrophoresis gels they wouldn't have lasted much longer.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
It is required for proper sanitation for them to be locked up.
The university I work for requires that all devices used on campus have their MAC addresses registered. If a device is reported stolen we can then find out which switch port or AP the thing is connected to. I've recovered several notebooks this way for users who had been ripped off by someone on campus.
I'd rather have a full bottle in front of me than a full frontal lobotomy.
Now while I wouldn't every check mine, due to concerns over damage/rough handling, and the fact that I like to 'play' with my laptop while flying....I'd not automatically think it would be quickly stolen as checked luggage.
I'm hoping stolen luggage is a fairly rare thing? I've had luggage lost, but, never had anything permanently taken from me.
This is a pretty sad day in age when you can't trust anyone to transport your stuff when you travel if what you seem to assume is true. When exactly did thievery become accepted as the 'norm'?
Light travels faster than sound. This is why some people appear bright until you hear them speak.........