Slashdot Mirror
Best Way To Get Back a Stolen Computer?
davidphogan74 writes "I have some stolen computers checking in with a server we have (software pre-loaded), and I have full access to the systems. What's the best way to deal with this situation? The local police (to the theft) have been contacted several times and seem to be clueless. I personally have no financial interest in these computers, I just don't like atom-thieves. What's the best way to handle knowing the IPs, email addresses, MySpace sites, the Google login, etc. when working with law enforcement? The officer I spoke with (who genuinely seemed to care) didn't know an IP address from a mailing address, so I called others. Nobody cared. Anyone have any ideas?"
You need Snake Plissken.
http://twitter.com/OLDTELEGRAM
to Goatse?
Timo's Audio Software http://www.esseraudio.com
First, I would check the airport.
I Heart Sorting Networks
The ISP can tell you who is at an IP address, and from that, you can find your computers.
If they don't matter just give them up perhaps? Or make a loop to toggle the CD tray repeatedly - just to annoy the hell out of em - trigger the internal speaker too. If they don't matter you'd be better off having some fun irritating the thieves than putting in the effort of tracking em down.
Become a cop and solve it yourself.
Then call the FBI, they do have some experience in this sort of thing.
---- Booth was a patriot ----
See what this guy did with his irrigation controller:
http://mobile.slashdot.org/article.pl?sid=08/07/04/1228208
- Ismo
Speak with a lawyer that has knowledge and interest in this situation. The fact that a successful prosecution may bring a lot of publicity to the guy may be enough to help him work for free, or the company that is losing the computers may post his retainer.
What is your relation to all of this? As with any civil case, the police are not going to be a driving force to pursue the theft; your company or the people that lost it should be making sure things get done.
I wouldn't expect police to know anything about IP, MAC addresses, login tracing, etc., but a lawyer would. Then, what a lawyer can do is go to a judge saying, "We have solid evidence that person at IP x.x.x.x which is Verizon ISP registered to address ___ main street., also cross confirming with name at myspace profile _____, is using stolen property."
A warrant will then be issued, and the police can go to the house and retrieve the laptop, and interview the guy, who will doubtlessly say "I bought it from _____ on the street, I thought it was legit." You will surely get your computer back, and if you find a motherlode of computers, he will surely go to jail.
Slashdotter, ID #101. UIDs are in binary, right?
That's a sound idea. It might be a good bit of preventive maintenance to use a dynamic DNS client like No-IP to map the computer's current IP, whatever it may be, to a unique domain name. If your PC goes missing just ping the domain and if it's plugged in you're that much closer to finding it.
Disable volume control, load up a wav that screams "I'm stolen" in a loop, then after a couple of minutes trigger a program that reformats the hard drive and puts a garbled GRUB loader in the boot sector.
Essentially, brick it after letting the thieves know you know they stole it.
This is a sig. It is like every other sig in the world, except that it is mine, and it is different.
First you go get a gun, then you run around shooting complete strangers (don't worry - they'll respawn eventually), and make your way toward any glowing switches you happen to find. For no apparent reason, this will advance you toward your goal of getting your computer back.
OH! Don't forget to find a good spot to spawn camp to get your frag numbers up! I hear the nursery ward at the hospital tends to be a good camping spot...
Karma: Chameleon (mostly due to the fact that you come and go).
Try explaining it to a cop as being like a stolen phone? You have the equivalent of its phone number and need police to ask the phone company to look up the location of the stolen property?
My advice is to find out where the gear is physically, then call the sympathetic cop back.
If you cannot find that out, you cannot expect them to. I would take the IP address and contact the ISP that serves it. If they won't help you, get the cop to do it.
An obvious question is, do these computers have built in cameras that can be turned on remotely ? That might produce useful info.
You might also be able to read the thieves' email. If you do that long enough, I bet you will get their names and addresses.
confidential data such as that can only be obtained with a court order ... unless you're sneaky and can somehow convince tech support or a CSR to give you the information.
Have you tried filing a police report to report the laptops as stolen? At that point they are required to investigate. Then hand over your information about the whereabouts of the laptops.
You may want to escalate the matter to a different law enforcement agency, such as the FBI. They should be more responsive to this sort of thing, especially if you describe it as data theft, rather than property theft, as surely your company's computers that were stolen were loaded with company data.
If you live in a small county with elected/appointed law enforcement agents, perhaps you should raise this issue the next time they're up for re-election. If you live in a larger city, perhaps you should contact your city councilor about the issue and request that your city's police force be modernized for the 21st century.
You should avoid doing anything yourself, as you can land yourself in legal trouble. If you insist on doing something yourself, get legal advice first to ensure you aren't going to cause more trouble for yourself in the process.
If the computer has a conencted webcam, try to take pictures. There was a /. story about someone who did this with a Mac. I'm just too lazy to search for the link.
Slashdot. Unreadable news to annoy nerds. - wonkey_monkey
Tell the police that since they were stolen, people keep sending you notices that you have signed up for child porn websites.... bet they can find the IP then, and subsequently the location and thief.
Support NYCountryLawyer RIAA vs People
If they hook up a modem, have it call 911 and hang up. Have it do this over and over.. they will get a visit! If you can figure out how, have the computer place the call and play back a synthesized speech explaining that this computer belongs to you and is stolen.
Have you fscked your local propeller head today?
if you have access to the new "owner's" social-networking and private information, this may be a perfect opportunity for vigilante justice or, failing that, pure entertainment value. haunt that box .. ( insert scary ghost sounds here )
If you have full access t to the system, start logging EVERYTHING. I'm sure eventually you'll find someone going to a myspace, facebook or checking email.
Write down the IP address, find the ISP and call them and ask them to log that you called with the date and time, and the IP address. I wouldn't expect you to tell you who it is, but have them log the user at that time so you can reference it later.
Something similiar to: http://www.xkcd.com/440/
Genesis 1:32 And God typed
The ISP isn't going to give you the addresses just like that... You'll need the police, with a warrant, but since they are clueless...
A few thoughts...
- Work with either local law enforcement (based on the IP) and / or the FBI.
- You may be able to get the ISP to reveal the user's identity be working with the authorities.
- You may be able socially engineer the billing information from the ISP, by acting on behalf of this person.
- With full access to the machine, you may be able to find other revealing information on their network.
- Try to email them a link to a free something, that they won. Make it enticing, but not too over-the-top.
Flash the bios with something unusable.......
If they want stolen stuff, then break it.....
Good luck fixing that!
If you have the IP addresses, you should be able to contact the ISP to determine where they might be. The ISP might even have a contact with the local police who does have a clue, since they have to deal with people stealing equipment too.
Also, if you have email addresses and similar information, you may be able to use some "social engineering" to get the thieves to give you their address or a land line number you can use to do a reverse lookup.
It will take some work either way. Unfortunately, there seems to be an attitude that has developed over the past couple of decades that property crimes aren't a big deal, just let the insurance pay for it. I disagree. It *is* a big deal. Thieves need to be caught, stopped and punished.
You have no financial interest in these things? Then of course the cops have more important things to be dealing with. They can't prosecute every single breach of the law so they have to prioritize and some worthless old PCs are not a priority. Hell, that's almost recycling.
Go find some kiddie pr0n, download it on these machines remotely, then file an anonymous tip. Problem solved.
Sig? What sig? Do I have to have a sig!?!?
talk to the police chief in the town, talk with the local sheriff. If you can't get satisfaction, talk with the local newspaper. Also try the county judge, they may give you some insight on how to motivate the law on that area.
Be sure to keep meticulous records on IP addresses, dates, times, etc. Find out what ISP they are using and contact them. They will very likely tell you they cannot give YOU information, but they probably will give this information to the police/sheriff. Make sure that happens before their records are rotated and wiped. It may be necessary for them to fax the ISP a request or get it in writing, again make sure this process moves forward, keep tabs on progress and that it doesn't be come a "we didn't have time to bother".
There are other creative ideas you could employ. Put a script on the laptop that emails the county judge once an hour saying "hello from stolen laptop located in your district. Just a reminder for you that your law enforcement has yet to recover this identified stolen property after having been notified of its location." Be sure it CCs the local sheriff/police chief. If you know the mayor or governor's email address, that makes a good CC also.
If they ask you to stop the emails, refuse. Sorry that laptop's been stolen. Maybe you should go get it for me and I'll turn off the script?
I work for the Department of Redundancy Department.
If the police will not help you then set it to up/download dubious content. They will be round like a shot. You might get nicked visiting a FBI kiddie-porn honey trap during your research for this though...
Maybe try the RIAA. Claim that it has downloaded an Amy Winehouse track or something like that.
Record their credit card details then charge them for the computer they "bought". :)
My brother's desktop computer was stolen in NYC. He started showing up on Instant Messenger, and some young kids were using the computer and accepted a video chat request! From there I had their IP address. The detective handling the case had no idea what I was talking about, but it turns out NYC (and maybe your municipality) has a computer crimes squad. My brother contacted them directly with the IP address I retrieved, and they were able to recover the computer pretty quickly! So try and find if there is a department that handles electronic fraud, computer crimes, that sort of thing.
Well, if you've got full control, you have a lot of options. How vindictive are you? Once you've exhausted all avenues or enquiry, you could connect in, set up a massive raging ravenous bittorrent seed of lots of rubbish pop music and wait for the RIAA to nail the guy for you.
Got them moderator blues I blieve I walk out the do', With these mod-points I been gettin', I 'most never post no mo'
I really would second that. But you should ring up and (whilst trying to, as much as possible, avoid being condescending) talk the nice guy at the police through what he will have to do stage by stage to get the people who've robbed you.
Basically saying "I have this data which can be varified in these ways, which will give you reasonable suspicion that these people are thieves. If you ring up the number and say you are with the police they will give you their physical address, which you can then make a quick warrant application for permission to go in, and then you have the criminals"... of course, as someone else mentioned, if you can get the FBI involved it would be better for you - probably.
*''I can't believe it's not a hyperlink.''
Call the cops back, tell them not to worry about following up the theft, as you just went around and shot the thief.
See how fast they scuttle ;)
If you have monitoring software on the computer, just wait until they do some sort of financial transaction using the company machine.
Then just use the info to order a few dozen more PC's at their expense, and send them an email saying you won't tell if they won't.
Forgot to wipe it before selling it to that guy outside the 7/11.
:D
Thanks for the heads up! You're a good man
Finally had enough. Come see us over at https://soylentnews.org/
If you have a problem, if no one else can help, and if you can find them, maybe you can hire... The A-Team.
www.timcoleman.com is a total waste of your time. Never go there.
eBay!
Maybe Computers will never be as intelligent as Humans.
For sure they won't ever become so stupid. [VR-1988]
In fact, recently a crooked Australian cop by the name of Mark Standen working as "NSW Crime Commission investigator" was spied on by way of hacking his computer and recording the webcam output. What was ironic was that the guys job as said investigator meant that he was that he knew (almost) every surveillances tactic in the book! It was a case of a (police anti-corruption) watcher being watched by an inner circle of the same watchers...
And we handle this regularly. The department local to where the thefts occurred should have been notified in the first place and a police report filed. If you've done that, there will be an officer associated with that report. Get in touch with him/her directly with the information you have. If you can't, find out who the detectives are for that PD and get in touch with them. If you can gather any and all information you've got regarding IP addresses, etc., put it all together before getting in touch.
/. stories regarding people in your situation tracking down stolen computers. You might try searching for those or Google articles and blogs about the steps folks have taken when facing lackluster police response.
Unfortunately, if they're not remotely tech savvy and/or simply afraid of technology, it may take some prodding. Most state police agencies have teams specifically tasked with this sort of thing, so it may be that you have to contact your state's police for help.
When you bring any documentation, also make sure you have estimated costs of all the hardware. That will sometimes help get people's attention, being able to say it's X number of dollars. Not saying it's right, but much of the time you run into departments who won't pay much attention to "petty" thefts, but will take notice of $2000 or more. There have been a number of
Upload terrorism plans against US targets to the machines (along with a bunch of child porn just for good measure), and set the wheels in motion to have the theives disappeared in Gitmo.
Baseball bat ?
-------------------------------------------- Se você consegue ler aqui então fala português. Óbvio
My mentor at a university told me an interesting story. He once had an active attack, called the FBI as the attack originated overseas and their first question was "Is the computer worth more than $10k?"
It is damned sad, and whats more frustrating is there is no way to put a dollar value on data. You would think that this would be a no brainer if personally identifiable information is involved.
This was several years ago, so I do not know if the threshhold has increased, but with power to cost decreasing few places have single machines worth more than $20k nowadays.
Either give it away or get top dollar, but never sell yourself cheap.
A lady nabbed people that stole her MAC by connecting back to it and snapping pictures with a webcam. If you know the IP address, go to http://www.ip-adress.com/ and it will tell you the city / county it is in. Go to that city / county police department and file a report. Call the ISP they are using and get the physical address. Have the cops go pick it up.
The FBI won't care unless the theft is over
$250,000 or something like that.
Forget the local police, contact the local SHERIFF
as he will have the ability to do the arrests,
and most will have some kind of internet crimes
officer (mostly for child porn).
Visit the man in person. Bring a copy of thepolice report. Tell him about getting a subpoena
from the courts to get the info. Call him every single day. Call the mayor.
These people won't want to do anything. Believe
me I have been there. You're going to have to
do a lot of work.
Be prepared for the end result: some 11 yearold's mother being arrested for buying a stolen pc
off some neighborhood guy or off craigslist because
they are poor. I doubt you will get the original thief.
Good luck
I'll tell you what worked for me when my laptop was stolen in grad school with my thesis on it and my laptop "phoned home" with screen shots of the desktop and the ip addresses it was connecting from.
Setup a fake myspace page with pictures of a cute girl. Friend the dumbass thief, flirt awhile, and then get them to come out on a "date". When you finally meet up with them, bring a few of your own friends with any weapon you deem necessary. Once you meet them and they figure out what is going on, tell them how you found them and let them know if you don't get your property back you will do damage with whatever weapon you chose to bring.
In my case the guy who stole my laptop passed out when he was confronted (very pathetic) and we had to wait for him to wake up. When he woke back up he was still so confused and frightened by how we tracked him down that he gave me twice what the laptop was worth just so we wouldn't call the cops on him because it would ruin his chances at becoming a doctor (apparently he was a med student).
Some people don't like vigilante justice but from what I've seen in the past from my own experience and the experience of my friends and acquaintances, the cops aren't very good at recovering stolen property and I'm not rolling in enough money to be robbed and just shrug it off.
Posted anonymous for the obvious reasons.
There is a Swiss company that makes a CD you can put in your PC and you have to periodically type a security code else the CD actually bursts into flames a-la Mission Impossible.
What you need to do here is to contact a specialist computer crimes department. This will not be a new situation to them and they will recognize the fact that there is a very high probability of an arrest and recovery of the stolen goods.
The first thing to do would be to find out if the computers were officially reported stolen. If so you need to report the development to the police force where the theft was reported. Otherwise make out a report.
Once a report is made it counts on their local statistics and the police have to take it seriously - we are talking about several thousand dollars here.
There may not be a computer crimes dept on your local force but they should certainly have access to those resources. Find out which force is responsible for investigating kiddie porn - those guys would usually pretty much prefer to be doing anything else for a change, after a short while its like shooting fish in a barrel.
You can certainly help by collecting as much information as possible. For example, log the IP addresses that the machines are using. Then use reverse DNS lookup to find the ISP.
If you still can't get anywhere, contact me at hallam@dotfuturemanifesto.com and I can pass the issue on to folk I know. They may not be able to help you direct but they will know someone who can.
The reason that so much time and effort is poured into investigating kiddie porn rather than bank fraud is not simply the nature of the crime. Its the fact that they have a defined process that delivers highly predictable results. If we could design a process for delivering collars in phishing fraud we would have no difficulty making it a higher police priority.
It seems to me that this is an area where we can easily set up a predictable recovery process that delivers collars.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
...if you can do that. If you're in the state of Texas, then you might want to make sure you have a P.I. license first.
You have the thief's myspace and google logins? All kinds of mischief spring to mind.
First and foremost, You should be able to discern quite a bit about who and where the thief is by looking through their emails, myspace messages, profiles, friends etc. Look through web browser histories etc to see if they use any mapping websites, in which case you can probably grab their address. Does the laptop have a webcam? Grab a picture of the thief, that and their general location might be enough for the police (they may well be familiar with this thief already, most police forces know their local troublemakers pretty well.)
At the very least you should be able to fuck up the thief's relationships: use his login to send pictures of (unimpressive) penises pulled from the internet, along with crude and suggestive remarks, to any females in his address book. Make sure to CC their boyfriends. Email porn to his mother. Make sure everyone in his address book knows he is a thief. And a Britney Spears fan. And a kiddie fiddler.
Set up a keylogger and screencap software, and hope he does some online ordering/ banking. Once you have his bank details, order him some first class plane tickets to Bhagdad, or a few sets of those lovely $499 ethernet cables we saw on /. the other week.
Sounds like fun...
Personally if they were my machines and the police won't act on the IP then I would remotely install a root kit and should your devices have web cams I would photograph the thieving perpetrators. Then maybe the police will respond to an actual image. Also this would allow you to log all activity should they try to use email or any social sites suchas myspace or facebook.
Find out what ISP they are going through and report this to the FBI/Police/Lawyer (like everyone else says). Then disable the system... if you have access to the system (remote control) take all of the permissions off of the HD. Once this is done, the system won't even boot up, as the system won't have access to it (if it is windows that is).
Call your district attorney's office. They love this kind of stuff, honestly - and they'll be happy to track down thieves with the assistance of law enforcement.
If the computers have been taken across state lines - you may be able to contact the FBI as well.
If they can get on the front page with a table full of stolen gear - they'll be really happy.
I said no... but I missed and it came out yes.
Unless you are extremely lucky (which you aren't, since you tried), you will not get police who cares or knows - one of either, but both is highly unlikely. Not to put them down - most officers with the know-how simply have more important things to deal with than some theft.
If your machines are brand-machines, and registered to your name or company, my suggestion would be to remotely disable them to the point where they need to be brought in for repairs, clue in the manufacturer, and they just might return them to the owner they have on record, i.e. you.
And even if not, you probably made sure the thieves can't use them any longer, which according to your words you'd also judge as a victory.
Make sure it's something a non-geek can't solve, like with a re-install. Setting a BIOS or EFI password and then pointing the boot device to a non-existant one could work great.
Assorted stuff I do sometimes: Lemuria.org
Phone analogy? This is Slashdot. It's car analogy or GTFO.
Where does the school board find them and why do they keep sending them to ME?
and get another one.
You're not smarter than thieves, and neither are cops. If you were, you wouldn't have been robbed.
Dilbert? Is that the other you???
> You're telling him to not bother the police before
> you have an address, and then you say that you should
> ask the cops to help you get the address.
The IP address is only going to be a very rough guide to the physical location. To get the exact location the ISP will almost certainly ask for a subpoena, which you won't have unless you file a civil suit with the attendant costs or the police are involved with a criminal investigation.
sPh
Then befriend the thief over a couple weeks and get all the personal info you can (phone #, maybe even address, etc..)
Then just call the cops with a physical address and tell them the person committed grand theft of company property, and that you suspect they have the stolen property at their residence.
To dial 911 and play a GSM file stating that this call is originating from a stolen computer and would the dispatcher kindly dispatch the police this location and arrest the people at it.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
You could always ask RIAA/MPAA to help you ;)
"It would be wrong to refuse to face the fact that everything is fundamentally sick and sad."
If you have full access to the computer remotely, follow the lead of the phishers... Setup a fake web-site that is sure to get their contact information and make it the home page of their web browser:
You just won a brand new big screen TV. Enter your mailing address here and we'll ship it to you immediately!
Pass the address on to the police.
Open Source Time and Attendance, Job Costing a
I'd use their myspace and gmail logins to ruin their lives but I'm Anonyous, so this might not suit you.
if you have remote access .. its too easy to get them caught .. just install your favorite P2P client, and start downloading illegal materials :)
Once a report is made it counts on their local statistics and the police have to take it seriously - we are talking about several thousand dollars here
A stolen computer is way low on their priority list. The only real reason to file a police report is for insurance and to cover any liability down the road (i.e. No, we did not commit that computer crime. See from our police report; our computers were stolen.)
Go to the pawn shop and buy it back?
scott
I don't see how this post is helpful, you are just regurgitating what they said they have already done.
Call your local secret service office. I found that they usually don't have much work to do and they're more than happy to help. I used them to recover some PDAs I sold off ebay that I got ripped off on....my local police said to just file a police report and claim it on my insurace and the FBI told me to be more careful next time.
Not an advertisement, but Undercover from Orbicule (http://www.orbicule.com/undercover/) really does the job well, and will disable the machine at least, if it isn't recoverable.
I hope you posted here after making sure he doesn't read slashdot.
Working to work less.
As I've mentioned here in the past, I've been a victim twice of financial crimes -- both times made financially whole thanks to the financial institutions but no thanks to the FBI, which had jurisdiction since like most things in today's networked world, parties involved were across state lines. Both cases involved under $10,000, so the FBI told me they had no interest in pursuing the cases -- they said they were too busy chasing terrorists.
Passing identity theft laws is a way for politicians to grandstand -- what they really need to do is fund law enforcement to enforce the laws on the books. But they would rather fund the war in Iraq -- Republicans to fund defense contractors and establish world empire, and Democrats to use the Hegelian Dialectic to Obama elected.
You need to find the address of the property. Then you can contact the police to claim the property back. If you have proof of ownership (purchase order, receipts, serial numbers), then this shouldn't be a problem.
As others have posted, don't disable the system - that might tip the crooks off.
Try and access the internet communications to get usernames and ISP accounts. Maybe you can use the webcam/microphone to identify the owners.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
The police are really clueless when it comnes to this as well as cyber crime.
A few years ago a had a debit card number stolen from a site where I purchased a CD. All of a sudden we started seeing odd charges (for body piercing jewelery). Within 24 hours, I had contacted the places where the purchases were made and had the person's name, home address, and home phone number. I did nothing illegal since he had put my name on the orders as the person paying the bill. I managed to get most of the money refunded to my account in a day but the police did NOTHING.
The bank still insisted that I fill out a theft report - which the cops did even they didn't quite understand why. I gave them the information when I filled out the report and they were kinda stumped what to actually do about it.
So this seems to be the norm (not having cops understand what to do with technology).
UPS Sucks
...would be a Remington 870. Just that sound is enough to give most badguys pause. They'll hand your computer back to you %^)
You could submit the case anonymously to the Freenet Crime Tips Site.
Unselfish actions pay back better
Search the HD for a home address, there must be one somewhere. Failing that, look for names and then look them up in a phone book.
Once you have an address, drop over and open up a big can of Whop Ass.
What could be simpler?
Ed
http://www.geobytes.com/ipLocator.htm You can find the rough (city/state) location by going to that site and entering their Public IP address.
Maybe he can run traceroute - some head-end systems of cable networks are named after their location. Some even name the cable modems after their postcode.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
He'll solva da problem
http://upload.wikimedia.org/wikipedia/en/thumb/d/d5/Father_Guido_Sarducci.jpg/200px-
Dats da one
Police have two criteria in setting their priorities. The first and least important is the priority placed on the crime itself. Theft of goods worth $1000 or more ranks pretty highly, second only to violent crime.
The second criteria is the probability of an arrest. Here speeding and parking tickets rate at the top of the list.
Computer crime is only low on the list because the probability of an arrest is very low. But these circumstances make an arrest very likely and that changes the priority.
Why so many AC's wanting to diss this particular advice? They couldn't be like computer thieves upset about the risk to their careers?
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Good suggestions.
Here's something simple I did for a client before two of their computers got stolen:
I wrote my company name and phone number on their computers(in pencil.) And I assigned them a name, in this case it was something like, "J.C.C.11" and "J.C.C.12." When they got robbed, they thought all was lost. Then they got a call from a nearby police department, asking if they had computers stolen. They asked them to come and pick them up. They called me to go with them to ID anything else that I might recognize as being theirs. If someone steals once, they'll probably steal twice.
Just get in touch with your local news reporter that covers City Hall and give them the story of public servants not doing their job. Just make sure to give them all the information, in fact you may want to write the story for them to make if ultra easy for them to use.
Undetectable Steganography? Yep, there's an app fo
Tech support doesn't have access to that info.
I help train law enforcement officers from around the country regarding cyber crimes. I'm not surprised no one knew what an IP address was.
I would suggest contacting the ISP if these computers are out of your jurisdiction in addition to contacting the FBI. Unfortunately the FBI is often slow in responding to these types of matters. You might what to claim this is data theft of personal & private information (PPI).
If this doesn't work you could always to the low road and claim they have child porn stored on them. They would get raided so fast it would be unbelievable.
Since you have full access, I might dummy up a "automatic update" application and put it on the machine. First, have it configured to send you IP address, local peers, associated wireless SSIDs etc, all of which could be useful in localizing the system. Second, you can have it pop up a "free upgrade" window where they can get a replacement webcam/keyboard/whatever due to a manufacturing defect. All they have to do is fill out the "registration card" form the application offers them. Hopefully, they will give you all the information you need to track them down.
Would be really nice to get a mug shot of the person using the PC? If you have access and full control as the admin, get a snapshot of the user and send that to the Police. That would definately peak their interest.
How about turning on the Mic or web cam and start taking recordings and sending them back to your computer, or better yet, email them directly to the police.
"Knowledge is the only instrument of production that is not subject to diminishing returns" -Journal of Political Econom
I just read an article about the irrigation controller on /. being found after being stolen. Just do what they did, or give them a call. :)
http://mobile.slashdot.org/mobile/08/07/04/1228208.shtml
Check this with an actual lawyer first (I'm not one). Since you (by being an employee of the rightful owner) presumably have a right to install anything you want on the machines, install keyloggers and other spyware.
If a webcam is available on the laptop, by all means take some snapshots!
Read the new user's em,ail to find hints as to who and where they are. If they admit to further crimes in email or ICQ, turn the information over to the police. Even if they have been resold, a person who buys a hot laptop might well receive other stolen goods as well. Email would help you (and polike/courts) to decide how knowingly they bought stolen goods.
Do not do anything that could tip them off that you are there or they might get someone to do a reload and you lose them.
If the police still show no ability to deal with it, copy all personal info on the machines and pop a note yup on the desktop stating that you have it and will publish it (including a nice email to everyone in their address book) if you don't get your machines back. (REALLY check with a lawyer here!!!). Note that the last one would be bad news even if the person is the thief and everyone they know is a thief or a fence. Who wants hot merchandise from someone who's being watched over the net?
THEN, mess with them. Crank up the volume and play audio files that say things like "POLICE, FREEZE!!" at 3AM.
"The officer I spoke with (who genuinely seemed to care) didn't know an IP address from a mailing address, so I called others."
Isn't that a good thing? He should know exactly where they are then.
Install a keylogger or something, like they said before, get their credit cards, and buy new laptops to replace the stolen ones :)
Comment removed based on user account deletion
Easy. You just set a laptop up with internet from your mobile phone and do an infinite ping to his ip address. Watch as the latency goes up/down and you'll be there in no time!
I was able to retrieve a stolen computer using the MAC address once it was activated on another ISP. Book' em Dano
Sadly, that requires a court order - which would require a police department (and DA) who understands the matter well enough to initiate such proceedings. (it is interesting that when "big money" is involved - such as in RIAA proceedings - suddenly everyone involved on the enforcement side becomes far more knowledgable).
On that note, you may wish to see if your local PD has a dedicated "Internet Crimes Division" - you may just be talking to the wrong people in your local PD. Failing that, try contacting the state police (who should have such a division), explaining to them that your local PD is not equipped or sufficiently knowledgable to assist you.
Failing that (and this one is a remote one), if it was purchased with a credit card that has loss/theft coverage, contact your credit card company and explain both the situation and the information you have to assist them in tracking the laptop...
StarTrekPhase2 - The Five Year Mission Continues!
The ISP can tell you who is at an IP address
Uhh, no the ISP can not tell OP who is at an IP address and I would hope that you don't really expect that would really happen under any circumstances. An ISP isn't going to turn over personally identifying information with out a judges (or at least a sworn Law Enforcement Officers's) signature.
To answer the question: You found a guy who cares, you just need to get him to understand the evidence you have and how to follow the trail the point that he's willing to take action. Giving up in talking to him won't solve your problem. Calling him clueless won't either.
'cause otherwise they know you are onto them...
If you have the information for their accounts (MySpace, Google) log in to the sites as them and see if they filled out any profile information
I've yet to encounter a technical support function at an ISP that couldn't at least at second level match an active IP address to the customer using it.
Turn on the microphone. Turn on the webcam. If you already have their myspace, you probably know what they look like and what town they're in, but this will help you locate them in real time if they are out using the machine at a coffee shop or something. If not, then get the info on the wifi nodes around them and you might be able to pinpoint them with the help of WiGLE.net. Hell, read all their gmail. If you can get a phone number google it to see if you can get a home address. Are you in the states? If you get their name, try their voter database. If they're registered, there will be an address. In a lot of cases, all you'll need to get that info is a birthdate or something similar that you could glean from their myspace page or their emails. If they're stealing laptops, the ner-do-wells may be in the criminal database already, so search there while you're at it. Of course, you could always try phishing as a low grade approach. Pop up a window while they are browsing and tell them they've won a prize and need to enter their mailing address to have it mailed to them. Something believable like a gift card to a local restaurant chain. If they don't buy the scam, you've lost nothing. Either way, there's so many phishers out there online these days they'll never suspect anything... You have their email. Impersonate them. Send out an email to their friend asking for a mailing address so you can send that friend a neat gift. When you get it, send the Spanish Inquisition. Nobody expects the Spanish Inquisition... And if they aren't available, send the local law enforcement to ask the questions.
You have no evidence that they were stolen from a locked storage unit under his control. Anyway, it would be far more impressive if he had a clever story on how he recovered his stolen laptops rather than asking about how to go about it..
which is totally what she said
But, watch out. Doing investigation yourself may get you into very big trouble if you don't have a P.I. licence in the appropriate jurisdiction. YMMV so check with a lawyer.
Andy
You do what you would do if you lost your wallet. Cancel everything and start fresh. The damage is already done and nothing your doing to do about it at this point. Cancel it all, tell everyone and move on. Unless you want the laptop back... I presume if you have something to worry about in your identity then you won't get the laptop back. However, knowing you can get to the systems etc... I think your fine either way. I would have wiped the systems after gathering the information and putting the image on a separate disk.
Overclock em and hope the house burns down...
Sounds like a great plan to me ;)
- http://www.milkme.co.uk
I got this to recover a stolen laptop. Works great so far. Basically it sits in your bios and police can find it when the theives turn on your computer. If they dont recover it, they give you $1000
http://www.brickhousesecurity.com/lo-jack-for-laptops-anti-theft.html
Wire fraud. Swift. Enjoy the jail time. Banks do have the power (and, the requisite number of losses) to have a $2k theft with wire fraud/identity theft prosecuted.
Just call.... Dr. Tran!
Find some child porn and/or terrorist plans on the boxes. The former often interests FBI; the latter might interest DHS. Of course, putting such on there would be wrong...and you do NOT want such stuff on the server or anywhere you'd find it...
Let's Pray the thief hasn't read this /. article yet.... although if it was a person who was an avid Slashdot reader then they would probably have the common sense to format the hdd before plugin in the broadband.
On the off chance that it does, and the even off-er chance that it's plugged in... have it call your telephone and read the Caller ID back.
How about a microphone? Turn it on and spy on them.
How about a camera? Ditto.
Wifi card? Sniff the area and see if you can't figure out who his neighbours are. Hotels, Starbucks, etc.
Or, put a squid box on the 'net and send all his HTTP through it. Then trolls through his HTTP traffic and try and figure who he is.
Do daemons dream of electric sleep()?
http://www.liveipmap.com/
Then, call your state's cyber-crime bureau. The local police do not care about non-violent property crimes except for car theft.
The police will be able to contact the ISP who owns the IP addresses... it's pretty simple.
An irrigation system as that seems to get a system recovered.
Some drink at the fountain of knowledge. Others just gargle.
Or send a threatening note to the white house along with pictures of swarthy people in turbans. Fast track them to Guantanamo.
Some drink at the fountain of knowledge. Others just gargle.
I may have overlooked it, but how do you know that these computers have been stolen? If you're certain of that, shouldn't you try to contact the respective owners and forward them the information you have, then they can press charges? I assume you or your company do not own the computers, since you said you have no financial interest in them.
Set the machines to pop up some spam with some attractive offer, such as a free two-week vacation at a Pacific island. They just need to redeem their offer on a specific day and place. Have the police with you at that location on that day. The police have done this sort of thing with snail mail offers.
now we need to go OSS in diesel cars
atomic theft=bad
electronic theft=ok
right? that's the only reason i can think of that you had to throw in the phrase "atom thieves"
So, pretend to call as the RIAA.
How are sites slashdotted when nobody reads TFAs?
"brick" refers to a state where a device has been made useless AND CANNOT BE FIXED. All anyone would need to fix what you suggest is a Windows or Linux install CD.
I don't even know that it is an issue of technology. Cops don't seem interested in investigating theft of any sort. They certainly don't try to track down thieves. They are used to filling out theft reports in situations where they know an insurance company want to see it, but otherwise they don't even bother with that.
I'd be more willing to say that the cost/benefit ratio of investigating that sort of crime was too low, if they didn't waste so much time and money on even smaller crimes.
If the stole the laptop, they are likely to be using a stolen credit card too. It would be a better idea to have a sheriff follow the UPS guy to the door; most officers would love to bust someone for an online purchase (especially crossing state lines) with stolen credit card.
Have you considered Divination? Robert Fludd used astrology to locate a thief in 17th London.
This is a good puzzle, but here is what I would do:
Go through the gmail account and see if it was used as the email address for any receipts for transactions where the person purchased goods or services. This would give you a delivery address and a name.
Analyzing the other email should lead to somebody somewhere mentioning a name, an event the person attended or a group or club or school or something they belong to which could lead to their identity.
Look for instant messaging accounts and gather all of the contacts. You may be able to use either skype or the myspace contact to become a "friend" and social engineer the person into showing up somewhere, or agreeing to do something that lets you get to them. Maybe you'll find in chat that they routinely buy stolen goods or sell stolen goods. Set them up for a buy, then get the police involved.
Keylogger idea somebody mentioned is excellent.
There's a lot police cannot do without a warrant. However, so long as they have not in any way instructed or guided you, they can use evidence which falls in their lap. And of course, you don't need a warrant to do whatever you want.
Somebody else mentioned don't do anything that tips them off becaue they'll either get spooked and stop using the machine or they will reformat if they're smart enough.
I'd also put a really good rootkit on the machines now before anybody does anything to prevent your access.
People from "law enforcement" usually are dumb, corrupted, drunk, and so on. If you call them yourself they won't be able to help you.
Well just ssh to the machine and commit as many cyber crimes as possible. In particular try udp-flooding commercial sites. Guys at the commercial sites will call people in the cops' "management" and *then* the cops will do something about it. They'll prolly find the address related with the IP and nail the bastard within hours.
It seems there are 2 options:
After you collect all the data you can, either
(1) turn them in
or
(2) get even
am I the only one who would log into their gmail account and set an auto-reply explaining that the person is using a stolen PC, and that there is a reward for it's return, then change the gmail password?
Andy Out!
Go back to the police officer who wanted to help you. You can teach someone who cares.
You cannot make someone care.
Explain to him that it's kind of like LoJack - but you need some court orders to get the physical location information broken loose.
Walk him through the information you have, and what business entities can turn that information into physical-space addresses.
If you have IP addresses, MySpace and Google logins, you probably have enough information to identify the people in current possession of the laptop.
He can work with the DA to get appropriate court orders to turn logins into names and addresses without fully understanding any of it.
The preferred solution is to not have a problem.
People, you cannot resolve a geographic address from an IP, and you cannot determine who owns an IP (in Canada) because the ISP will not provide this information. (Thank christ)
If you have full access to the machine, I would install a keylogger and get the bastards email password and you could probably deduce who owned it (first name, last name in settings in hotmail, gmail, WHATEVER). You could then cross-reference this in the phone book, or at this time, since you have done some legwork, get the police involved. I would not confront these individuals. And worse comes to worse, wipe the box, make it unusable.
Hi, I Boris. Hear fix bear, yes?
Good luck getting the FBI interested unless large values (well over $10,000) is involved. However, you might have good luck contacting the relevant state's State Bureau of Investigation (the state equivalent of the FBI). They almost definitely would have a cyber-crime department which would have the knowledge to locate the computer with the info you have.
Edward Burr
Having a smoking section in a restaurant is like having a peeing section in a swimming pool.
I agree with parent poster, but on another issue. Have you stopped to think that the people that is using the computers are not the ones who stole it?
Usually thieves steal computers just to sell them. I know becuase I have seen people around my University which approach to you to sell you *very* cheap used computers.
If you go ahead and attempt to destroy the life of the person who is using the computer, you very well may be getting into trouble.
I think the most reasonable thing to do is, as other people has posted, to get the ISP which they are accessing and proceed (with the police) to get the ID information. After you know who they are, you can then push for charges if you want.
Ubuntu is an African word meaning 'I can't configure Debian'
Perhaps a variation on this:
http://www.evanwashere.com/StolenSidekick/
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Who said the ISP would tell the submitter the information? Perhaps you missed the part of the comment about the police being the ones to obtain the information?
Uhm, there has been a crime committed you don't need to be sneaky. Arguably the crime was a felony, Grand Theft. Figure out which ISP hosts that IP, goto the cops and tell them to get a warrant to require the ISP to give up their data on the IP. Then have them serve a warrant on that home. Then they go get your PC and throw the thieves in jail.
-- QED
Write a script to send a "I'm stolen" email to the FBI and the FCC. Execute the script in a endless loop. At some point, someone will notice...
lucm, indeed.
IMHO (and this is very cynical) the cops don't seem to figure its their job to retrieve "your" stolen property. We supplied equipment to a public company and it was worth 10's of thousands. We are not talking small potatoes here. The equipment was not paid for. The company claimed it didn't exist and we hadn't delivered it (of course we had signed courier receipts). The cops claimed "where's the fraud"?
Well its called fraudulent concealment. This is where they claim something they have doesn't exist (ie they conceal it).
We could not convince the cops to do their jobs.
I am left with the impression they are only useful for collecting traffic tickets and eating doughnuts.
Needless to say, now when they call up asking for donations to their policemen's fund they are told to please don't call back.
I assure you that on RCN's network at least, they do. As tech support, I could find out who had an IP at a given time. I can't help but imagine that it's the same at other ISP's.
I sing the doggie electric!
Have you tried the FBI? I'm sure they have a cybercrime division or something.
Considering the fact that the thief didn't wipe the drive to begin with, I'd say it's safe to assume they know next-to-nothing about how computers work.
That considered, my course of action would be to somehow make the computer "break" and also put some kind of message in saying "this computer is stolen property, if found please dial 911 or contact the owner at ______." Your best case would be somewhere that the moron user wouldn't see it but the tech-savvy person who tries to fix it would find it. If you completely brick the OS, they'll probably wipe the disk and your message will be gone... so that's probably not a good choice.
Assuming a pretty high level of user stupidity, you could try changing the hosts file so all the websites they visit (and maybe google and wikipedia too, in case they get smart and try to research what's going on) are mapped to 127.0.0.1 (better yet, make them all point to goatse!). Put your comment in the hosts file so the person who diagnoses the problem will find it. If you want to be really obvious you could also change the Home page to http://www.hosts-file.net/support/docs/corrupt-host-file.asp (just making something up, but you get the idea). Block that domain in the hosts file, too, of course. The tech who works on it should immediately get a clue, but the dumb user will remain clueless.
You could also change the "Registered to" info in System Properties (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner and RegisteredOrganization) to "Stolen Property", "Dial xxx-xxx-xxxx"; any tech who's working on the PC will probably check that just to get an idea of what they're working on. You can't change it with Registry Editor since that prompts the user, but you can do it easily with scripting if you can get a remote shell. Save this as a .js and execute it on the remote machine:
var shell = new ActiveXObject("WScript.Shell");
var reg_path = "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\";
shell.regWrite(reg_path + "RegisteredOwner", "Stolen Property");
shell.regWrite(reg_path + "RegisteredOrganization", "Dial xxx-xxx-xxxx");
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
I have a dynamic ip update client installed on all my computers, which works great, but I was wondering if anyone had any suggestions as far as rootkit/klogger/whatnot solutions without ending up potentially (compromising or) weakening the security of your own hosts (before the loss), especially something avail. on various OSes?
After you retrieve your stolen computers (using one of the many fine techniques suggested by Slashdot readers), please share your story with us.
http://www.gpsdaily.com/reports/Rain_Master_Smart_Controller_Outsmarts_The_Thief_999.html Good story of how a guy got his stuff back.... Follow his example.... All thieves need to be caught and punished....
Just plug in their IP address here and get a map. Then contact local police in that area and give them the map and tell them someone in that area stole your computers and has the email and myspace page of the ones you noticed.
These are dumb thieves, if they where smart the first thing they would have done is wipe the hard drive and install a new OS to eliminate any tracking software.
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
great so you are going after they guy that bought in on ebay.
The ISP can tell you who is at an IP address, and from that, you can find your computers.
Of course they can, but they won't. In my experience, they are even loathe to disclose this information to the police without a search warrant.
That's not bricking. REAL bricking would be using root access to install a faulty firmware update to screw the machine up.
All your solution does is to let the thieves know that "Hey, I know I'm a stolen laptop!" and then upon formatting and installing a corrupt GRUB you lose your ability to track them.
That is not smart at all. Ninja don't let their victims know when they're about to strike.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
First thing would be to dd the disk to an file on another volume so you can comb through it later at your leisure. Then wipe it and install a new OS.
You stole the hardware, and maybe more if there's anything useful in the data.
Trace them via the physical layer, and then contact me. 3K USD for the laptop, or 90K for the laptop and their head in a cooler.
PC moderators can suck my White pierced, tattooed dick. If you think pride == hate, s/dick/Aryan meat mallet/g.
This is a bad idea for many reasons, but most obviously because the people using the computers may not be the thieves. For example, the thieves may have sold the computers on eBay. The buyers would have no particular way of knowing that the computers are stolen, and so your vigilante justice would involve attacking the wrong people.
.. find out where they are, then install some shit on the pcs to basically run the first bit of The Matrix, you know, knock knock...
Then you burst in with the law.
Since when has the SS duties involved computer theft? I know it's been almost a decade since high school for me but I clearly recall the two things the SS was meant to do was protect the nation's money(e.g. stop counterfeiters) and protect the President and their family.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Apart from the actual theft, they are performing unauthorized access to the user accounts and data stored on the computer, which is a federal crime. Plus they are more computer-literate.
Move along, sir.
Literalism isn't a form of humor, it's you being irritating.
I would run the server IP access against your database of current employee's accessing IP's. You should be able to follow the trail from there.
9 times out of 10 its usually a current employee who uses it as an extra PC for kids around the house or relatives.
Not really worth the time of following the path because these PC's are usually worthless to company operations due to them being sooo slow. Any time wasted on this is not going to pay back.
...and then you'll realize that the computer was resold, the thief is long gone, and you've been harassing and invading the privacy of an innocent person.
Uhh, no the ISP can not tell OP who is at an IP address
Just because they shouldn't doesn't mean they can't or won't. They may at least be able to more tech savy officer or DA that they've dealt with in the past.
I don't know what jurisdiction you are in but if you email me directly I can get in touch with the high tech crime investigators in your area. I would even be willing to gather all the info they would need to make an arrest for the stolen computers or receiving stolen property. chiefdetld@gmail.com
If you're tracking several of these things, I'm assuming they belong to a company you work for or support. Usually the two main concerns with stolen company-owned computers aren't the hardware, they're recovering the data on the machine (if it's not backed up) and making sure the thieves can't use it. So do a remote backup if that makes sense, and wipe the files you don't want a thief accessing.
Of course, if the thief sold the hardware to some unsuspecting kid on eBay, he may have already deleted anything proprietary (to make it less obvious) and just left the software installed. So you may not want to send Dog the Bounty Hunter out to collect the machine with extreme prejudice. On the other hand, you could easily set up the machine to have popups about "[MachineBrandName] Warranty Repair Department 1-800-blah-blah - Hardware Problem 31337 detected, send in for preventative maintenance" and maybe they'll fall for that.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
rj
Another true story: I had a neighbor of my sister that was getting beaten pretty bad,she had a restraining order,but when she would call the cops they would take an average of FOUR HOURS to get there. So I told her to tell the cops when she dialed 911 that she believed he had drugs on him. The cops were there in under THREE MINUTES and then proceeded to get VERY nasty with the guy when they tore his truck apart and didn't find any dope. So I guess the moral of the story is unless it is a crime they want to deal with,you can pretty much forget it. Hey,that might work for you! Tell the cops you have remote access to the box and the suspect was talking about drugs! I bet they go out of their way to get him for you! Have fun! And as always this is my 02c,YMMV
ACs don't waste your time replying, your posts are never seen by me.
Might be easier to get the CSR to contact the officer with the information. That way it doesn't look like you're just trying to stalk an old girlfriend.
Mind the frickin' laser...
Assuming the people you catch aren't the actual criminals who stole it in the first place, they'd better be prepared to tell you where they got the gear. Accepting stolen property is a crime, too... there's a difference between buying something in a small computer store (where you'll get a receipt, etc) and a guy who's got some machines in a van.
512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
Finding stuff someone put up on the tubes about themselves is not "harassing and invading privacy". Also, buying stolen goods is not exactly "innocent", either.
Bonus points if they can lead to the real thief.
Load up some processor/bandwidth-intensive tasks and make use of the free resources!
Watch the laptops until they reveal enough information about themselves to drop them a friendly call (make sure to state their name and address) to inform them that they have stolen property, and that if they'd like to avoid being arrested they should perform a blind drop of all the stolen equipment at a location you're familiar with. Maybe just have them come in to your business (if it's large enough and public) and drop them in an empty conference room or turn it in to lost and found, saving you a lot of trouble. If they never reveal their phone number, an email would probably suffice as well.
The FBI might not have jurisdiction, unless the laptops have crossed state lines; however, they might be willing to act as an advisor to the local yokel cop who doesn't know what to do. Then again, they may not really care. But, you never know unless you ask.
Second option. Educate Barney Fife in what to do yourself. If you have the IP, you can get the ISP. If you have the ISP, you can tell Barney to get a warrant for the user info for that IP for a specific time period, since it is probably a dynamic IP. Then have Barney get a search warrant for that user's home, car, and person, for your laptop. Once he finds the laptop, he can arrest the person who has it, unless that perp is inside his home at the time, in which case Barney is going to need an arrest warrant (that whole pesky 4th amendment thing).
You get the laptop back and a resume stuffer about being a police computer consultant, Barney gets a promotion. All is right with the world again.
Setting his threshold to 5, Sparky eliminated most of the trolls on /.
You said you didn't care about the money, so install kiddie porn/dirty bomb plans/some other terorist shit on their machines.
Then send from their email some death threats to the worlds most loved politician(s).
That should get them some heat.
"The local police (to the theft) have been contacted several times and seem to be clueless."
You don't mention how you contacted them. Maybe it would be worth going to the local police station and lodging a report in person. Bring as much information about the computers as possible, especially their value. Heck, if they have a public network at the station perhaps you can show them on the spot how you can connect to the stolen property. That ought to pique their interest.
wait... but didn't they steal your credit card?
Sadly, it's about the cost/benefit to the police not the community. They'd much rather be fighting the war on drugs so they can legally steal people's money.
I am no expert at federal/state statute for crime investigation, but if the crime is committed across state lines then I believe the FBI has to be involved.
No Sig for you.!
Accepting stolen property is only a crime if you know its stolen. For example, if the thief turned around and sold it on craigslist, contacted you only by email, and delivered it to you you would have no reason to suspect a thing, nor would the law expect you to.
Accepting stolen property is only a crime if you know its stolen.
Nope. Possessing stolen property is a crime regardless of if you know it's stolen or not. Sounds ridiculous but its true. The sane part of this whole deal is that you wont be probably wont be prosecuted as long as you cooperate. There is no guarantee of this although its your best chance.
unzip; strip; touch; finger; mount; fsck; more; yes; unmount; sleep
For chrissakes, man! Post the MySpace URLs. Let's Slashdot their asses!
oO0Oo
...and what happens halfway across the Atlantic when you find you've forgotten the password?
...and then you'll realize that the computer was resold, the thief is long gone, and you've been harassing and invading the privacy of an innocent person.
Innocent my ass, in this case:
1) they bought stolen property without checking for proof it was legit.
2) They didn't care to clean the personal data on the machine
3) They didn't care to re-install a software suite they have a licence for.
They are fuking guilty in my eyes. Burn down their houses or in alternative report them to the BSA (Business Software Alliance) for the licenses stuff which is pretty much the same thing.
That's not true everywhere. In many places, the key condition is that the receiver had a reasonable suspicion that the property was stolen. For example, if the receiver unknowingly bought a stolen computer at a garage sale, he committed no crime. Things like used computers -- small appliances and electronics -- are routinely sold at garage sales. On the other hand, they are not routinely sold in back alleys. In this example, location would be one possible tip-off that the property might be stolen.
After all, I am strangely colored.
try contacting the state police
Do people get prosecuted for theft of a person's sense of humour too?
But just get caught with an ounce of pot or a gram of cocaine and see how interested they suddenly become.
While I don't advocate using drugs (and I come to this from my own personal experience doing it), I think the authorities in the U.S. have their priorities way out of whack with reality.
This ain't rocket surgery.
"The reason that so much time and effort is poured into investigating kiddie porn rather than bank fraud is not simply the nature of the crime. Its the fact that they have a defined process that delivers highly predictable results."
Wait a minute. Are saying kiddie porn is investigated not because it is illegal, heinous, etc., but simply because it's *easy* for the cops? Cops only do their job when it's fscking easy?
Maybe you should move to Bavaria?
I have no problem with your religion until you decide it's reason to deprive others of the truth.
Setup one guest account on the machine, with a fake skype/msn/gtalk account with autologin enabled and some random contacts (including you), and if the laptop is stolen, send a chat: "Sorry my friend about all the delay. And really, thanks for the help. I'll paypal you the 2 grand as soon as you send me the your paypal email. You thought you'd never see that money again, ha.. :)"
if you can log in remotely to the machine you could run tracert from a command prompt, it would at least tell you what area of town the computers are in. then contact the isp for a specific location. The ipod touch uses something like that and gets my location within about a mile on google maps.
You seem to believe the police are there to investigate and solve crimes. In reality, their primary mission is to file police reports for insurance companies to pay claims against. Most investigations involve filing reports and sealing the files. Unless it's a high profile (friend of the captain or made the news) case, that's all effort involved. Sometimes they'll trip over a crime in progress and manage to make an arrest. Bottom line, you have a police report, take the insurance money and buy some new laptops.
You could drag in a private investigator for a few buck, he may be willing to take your money and track down the location. (See friend of captain). Of course you'll have to give back the insurance money. Bottom line, it's not worth the police time to track this. The users probably bought the laptop from craigslist or a friend of Jim's at AA.
Honestly, I googled and didn't find anything respectable looking that works for Powerbooks.
Can the author let us know what software he uses?
Doug
Take off every 'sig' !!
Innocent? I don't think anyone who buys a stolen computer is innocent. If the server still has access to the computer I think that means that the computer disk was not erased, so only someone stupid would not notice that there were some crap installed that should not be.(or is the software used independent from the OS?)
Better way to identify is like someone said turn on the camera take pictures of the idiot who is using it, and violate their privacy at will.(I think that using a stolen computer to see your stuff is not only stupid as it ensures that you have lost your right to privacy, you can only have privacy in services and goods that are owned by you).
Maybe some guy from the insurance company who pays for your stolen computers will help you?
I've been dealing with "clueless" law enforcement on online law breaking for 15 years. When it comes to breaking a law, ignorance is no excuse. Same with enforcing it. As much as you'll let them, law enforcement will drag its feet when it comes to things they're not comfortable with. Tough shit. Provide them with what they need as far as the laws broken, and the summary of what they need that they don't understand (what's an IP and how do I know it's at X location, etc.) and tell them to do the job. Let them know that police departments don't exist in a vacuum, and that states attorneys offices oversee both online law breaking and police activities. If they don't know something they need to know in order to do their job, it's their responsibility to learn it or obtain the information and have it verified. Their states attorney's office will get it verified it for them as well tell them to get off their ass and do their jobs. Note this is a summary of long experience phrased in terms easy to grasp. Handling the cops in such a way that they don't drag their feet even more requires approaching them in a more politic manner, although the substance of the approach outlines above should remain intact. An alternative to states attorneys is the FBI's and similar electronic crimes departments, who are glad to "assist" (read: educate) the "sadly underfunded and therefore unable to obtain the training necessary for the modern world" (there's a nice, politic phrase as an example). It's half politic and half pressure, though thoroughly proper, to ask the foot dragger for their "chain of command" (up to, say, state command level) so that the concern can be raised in proper form as far up their food chain as necessary to get the job done. Simply asking for this does wonders. Even if they are well meaning and entirely blameless for the cluelessness, they can and should pursue their own chain of command assistance, and will if given sufficient cause. Being brought to the attention if superiors for less than stellar performance is usually sufficient cause.
"I may be synthetic, but I'm not stupid." -- Bishop 341-B
Thanks to RICO, prosecuting drug dealers and drug users has become very profitable for the police.
It's quite clear that their priorities are very much in tune with reality, the reality of green.
If you have full control over the computer, it can't be too hard to trick the person to give up their address.
Someone who buys stolen goods is likely NOT an innocent person. I agree they shouldn't be harassed as if they were the actual thief but the OP still reserves the right to mess with them. It is his (or his company's) property, after all.
For computer crimes, try contacting your regional FBI office, which are located around the country. If you have the evidence, especially if the theft is worth more than $5,000, they will at least point you to the right resource (county, state police) or provide expertise to the local police.
They can simply request the addresses of each of the IP addresses from the ISP. Be sure that you want to press charges, as they should ask up front.
The local FBI has a partnership called Infraguard, and they work very well with local industry, and get assistance from the community as well. Each office should have at least one computer crime expert, I believe.
Also, make sure that you have a police report4!
Why don't cops report stolen computers' MAC to local ISPs?
So if you're installing keystroke loggers to take over their bank account, or configuring the machine to eject your Led Zeppelin CD at lethal speeds, keep in mind the person sitting at the computer *might* be clueless to the foul play.
Login to your machine, delete or upload your confidential data to somewhere you can get at it, and make sure all traces of your business are off the machine.
Once that is done, interrupt them working by typing things on the screen. Have them return it to a neutral location without harm, otherwise, set a boot password and corrupt the home directory so they can't get back in without some serious help. Even better if you can code a nice "this is a stolen laptop" message, displaying their photo and/or other details along with.
Have fun.
1) Have your laptop insured. If you have renter's insurance, this can be a rider.
2) Encrypt your hard drive. Use a strong password.
3) Keep current backups
If you ever have your laptop stolen, buy a new one. Recover the hard disk from your backup. Don't worry about stolen data, because your drive is encrypted. Done.
it's a felony. Call the FBI
The Kruger Dunning explains most post on
Freedom is just another word for knowing what you have to lose where, and for being having the will to sacrifice one thing for another.
Freedom does not mean you can have it all, have it now, and have it without paying the price.
You are free when you know the real costs and are willing to pay them.
But, when selfish and arbitrary humans decide to claim dibs on the right to force you to pay costs that have nothing to do with reality, freedom is the ability to tell them to go take a long hike off a short pier.
When the surrounding society supports those who attempt to assess such unreal costs against members of the society, that society is not free. Individuals who are willing to be martyrs are still free within that society, but the society is not free.
"Commercial" software tends to hide a huge component of the real cost of software. It always builds on things that have been built before, and it almost never pays its dues to those who have laid the foundations on which it is built. The value of the contribution cannot be assessed because the contribution itself cannot be legally and freely inspected. And it usually claims rights to be paid well in excess of the value of its contribution.
Free software, whether BSD/MIT persuasion or GPL persuasion, recognizes that its roots are in the common body of technology, and it returns value to the surrounding society in two ways. One is that it forestalls attempts to make unreal claims. The other is that it explicitly declares the rights of individuals to modify the software according to the individual's use.
One of the real costs is the effort and time to understand the software enough to modify it yourself. Another is the willingness to walk alone when the main projects want to do things differently from the way you want to.
What does any of that have to do with the police?
If you want to imply or infer that laws and source code are similar, you had better be able to explain why the current overburden of (unConstitutional) US law is somehow legitimate.
If you can't do that, you'd better be willing to go to the law yourself. Take bad laws to the courts, support candidates who actually work for the real freedoms, become a candidate yourself.
And, yes, that is a lot like the free software communities.
Computer memory is just fancy paper, CPUs just fancy pens with fancy erasers; the 'net is just a fancy backyard fence.
Only if you have reason to believe it's been stolen.
You know what else is a crime? harassment. So if the victim starts harassing someone who unwittingly bought some stolen merchandise, he can be sued.
And should be.
The Kruger Dunning explains most post on
Just wait until they are off the system. Get their info and start visiting jihadi websites through the stolen PCs.. Then post a bunch of stuff on anti us forums about how they are going to launch an attack.. Send the police an email from their google account with the same kinds of stuff.. Download a bunch of terrorist junk to the HDD.
Start sniffing around government networks.. Get their IP in as many actively monitored government firewalls as possible...
THEN turn on the webcam and microphone to see the CIA and FBI come barging through the doors and windows..
Yeah, you've got a point there. I was thinking, however, more along lines of the ratio between law enforcement effort applied to and public safety achieved.
This ain't rocket surgery.
There have been a few suggestions to find another department who specializes in computer crimes. I have a spin-off idea. Ask the Cops IT guy! He's bound to know a competent department to refer you to. He has probably been given a contact number to call if he sees something fishy. This might not be the first line to follow, but you can use it before you throw in the towel.
I won't join Slashcott. OTOH, If Beta goes live, I just won't be back until it's fixed. Sorry Dice.
For starters, I'm absolutely NO fan of our country's zeal to prosecute drug users. Our prisons are bloated with people who are mostly there because they chose illicit narcotics to self-medicate psychiatric illnesses.
As for beat-cops, their careers progress based on their metrics. Every arrest they make resulting in conviction boosts their stats and they get closer to promotion. Drug crimes are the low-hanging fruit. Possession is difficult evidence to refute in court. And a bunch of states have mandatory sentencing laws focused on putting people in prison for possessing small quantities of narcotics.
In this environment, a car search can easily escalate into a possession / trafficking charge, and the defendant is likely to roll on other people to avoid hard time, which will result in further arrests and convictions for the cops & detectives involved with VERY little legwork. Compare that to a breaking & entering case where the culprit stole just barely enough loot to make it a felony. Lots of legwork and the judge is likely going to let the guy walk with probation because the jails are filled with all the drug convictions. Since it was wholly conceived and executed by the perpetrator, there's not even much chance the guy will roll on accomplices, etc.
I don't use drugs, and I wish our country would lay off those who do. It kills me that my taxes are going to pay for the 20-year incarceration of this guy who got busted with seven grams of cocaine in Hays County. That's the equivalent to the weight of seven paperclips. Meanwhile, spouse abusers and burglars get probation...
Seth
$5 / month hosted VPS on linux = awesome!
How many craigslist, kijiji or eBay purchases do you trace back to make sure the thing wasn't stolen?
Use Vista, then they'd probably send it back to you with a sympathy card
A positive attitude may not solve all your problems, but it will annoy enough people to make it worth the effort.
If the machines were reported as stolen, and the cops don't want to do anything with strong evidence about where the machines are located, I'm sure that your local media outlets would have a few ideas on what to do with such a story. Hell, it may even get picked up by CNN if you are in a large enough city.
Just let them know that you are going to take the evidence, police reports, etc... to an investigative journalist in the area to see if they have any good ideas on how to proceed. If one of your local TV station regularly reports on negligence/abuse by local authorities, you will probably get quick action from the cops on recovering your goods without calling the media. Granted, they will expect you to be the grateful citizen who is thankful that they did such a good job when they make their own media circus of the events.
Newsflash - Local cops ignore evidence in criminal case, Film at 11!!!
Or even better, you can set up a cron job to ping a url that you monitor, that is unique and nobody but your computer would be pinging.
That way every time they plug in the network, it'll immediately shout out to you "I'm here and my IP is"
Simple, do as the RIAA does and file a civil lawsuit for damages including the lost work on the PC, the cost of the PC, legal expenses and also lost productivity for the time needed to replace the computer and its data.
Just as the RIAA you sue "John Doe" identified by the IP address and subpoena the ISP.
Let's say one is travelling out of USA, and lost his/her laptop/notebook in a foreign country like Spain. Is it still a good idea to contact police departments over there?
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
In Calgary most of the stolen computers are stolen by the Calgary Police Service.
After paying for a high price lawyer, your best bet is to waiting until they return them on their own.
They like to take PSP, laptops and other items out of cars they pull over.
Simple: all. Firstly I don't buy used laptops from the internet. All the other items I might get there I ask for proof of purchase and/or original boxing (that also comes useful for warranty). Convenience of ebay ends there, no proof and it's better to buy a brand new item from a real shop and get a full warranty in the process...
Also by my standards the hypotetical ass who handles those STOLEN computers deserves electrocution. If you don't agree I hope yours get nicked soon and sold on ebay.
Depends on the ISP, but the one I work for we do. Of course to give that out without a warrant would mean pretty much instant dismissal and possibly charges.
Here in Milwaukee we have "Contact 6" where reporters will go investigate stories that are very newsworthy but not prioritized by law enforcement. Funny though, usually the police become a little more responsive after the story airs.
This is easily the worst response (and I mean the thread as a whole) on this sort of issue I have ever seen from this community.
If you are an uninsured individual you may have to run around and pull all these strings yourself, but as a company employee dealing with insured assets you simply provide the information to your insurance company. They have an army of lawyers and often even ex-law enforcement types that are familiar with the correct points of contact for each kind of case they may need to deal with. They are interested in protecting themselves from repeated payouts, and they have experience in dealing with the varation in education in the law enforcement community. You may still end up doing a bit of paperwork here and there, but let them advocate for you and make all the explinations to the police department and follow up to make sure that provided information is acted on.
Let those people do their jobs, and you can go back about the business of doing yours.
With great power comes ....
Maybe they just bought them from the crook, and are working poor trying to raise their education with the interweb.
What would Spidey do ?
No, turn on your webcam so the thieves can see you getting busted by the FBI entering your place to capture the terrorist who broke into the innocent laptop.
I had to deal with this myself once (tracked down a stolen laptop). The local ordinance is called "receipt of stolen property" and is a crime, but it requires knowledge that that the property is stolen or a preponderance of evidence that the individual should have reasonably known that the property was stolen.
But being in possession of stolen property is enough to give an officer probable cause and you'll probably be charged with something.
That would be about the worst thing you could do to them =P. However, it would also probibly be the worst thing you could do for yourself as well. In all seriousness, collect all the data that you have with the assistance of a lawyer, go down to the station and file a complaint. The police will have to act on it, essicially if it comes from a lawyer as the lawyer is an officer of the court.
That would be my advice.
Yeah, that's the way it's supposed to work. I have had the FBI actually tell me my case was not big enough to concern them; they wouldn't even open an official report. Contacting an organization more local to where the criminal was got the problem taken care of. For me, it was the police (it wasn't computer-related). For the OP's case, the SBI would probably be a good place to start. He could always try the FBI, I'm not saying don't; I'm just saying I wouldn't expect much to come of that.
Edward Burr
Having a smoking section in a restaurant is like having a peeing section in a swimming pool.
You file a lawsuit, for conversion (theft) ... you versus "John Does 1 through 10."
Then you send a subpoena to the ISP(s) and get the ID of the account holder.
This is one of the better suggestions I've heard on this subject. Just for kicks, you might also rename the processes, folders, etc, so it's a little harder to notice that you've done it.
First, record a .wav file that says, in a firm and official sounding voice, "This is a stolen computer and is equipped with a tracking system that can not be disabled. Through your use of this computer, your identity and location is now known and this information has been recorded as evidence. You may still avoid prosecution by returning this computer immediately... etc.. If you do not comply, you may expect to be contacted by your local authorities tomorrow."
Then set the .wav file to play every time the computer boots.. and schedule it to play every 5 minutes after that.
Even if they ignore the warning and drop the computer in the lake, they will certainly need to change their underwear.
chown -R us
This is actually an all in one desktop that had many peripherals removed/replaced, as well as was relabeled for shipping more than once.
It also would be running some non-standard programs, it wouldn't seem like a standard legit computer.
Call police to request investigation and suggest they take thw IP you have to subpeona the ISP for an address. The info will be useful once they know what to do with it.
This is 2008. Why in the world do not laptops have a GPS chip with a "deadman" switch that phones the police if unauthorized people do not turn off that timer after, say 72 hours? Officers then can go get the evildoers.
It ain't about the $500 laptop. What about the $400,000 information? Or the personal stuff? Make this an opt-in program.
After a while, people would bend over backwards to get your laptop back to you!
If you can control the desktop, perhaps you could browse to a few child porn sites and then drop an anonymous dime. The police may be interested in that.
Nope. Possessing stolen property is a crime regardless of if you know it's stolen or not.
That all depends. If the property got sold at auction, say the police confiscated it from the thief, and sold it at police auction, it now belongs to the buyer.
And the former owner most likely has no legal recourse to recover the item after it has been auctioned: even if they figure out who now legally possesses the item.
How about installing "Lojack"'s laptop recovery software remotely, then immediately reporting the laptop stolen to lojack? THEY have all the partnerships with the police to find the PC quickly...
Of course, we slashdotters, over long years of rigorous training, have built an immunity to goatse. - But what if the thief isn't immune himself? Perhaps being a fellow slashdotter, or, god forbid - even a slashdot moderator??!? ;)
And when you gaze long enough into the code, the code will also gaze into you.
Not an innocent person, a person guilty of reset.
It might not be a crime in your jurisdiction, but buying stolen property is a crime in mine.
To be more precise, knowingly buying (or taking possession of) stolen property is a crime. And the courts do take "I brought it for a fiver from a guy I don't know, in the pub" as evidence of mens rea - guilty knowledge.
Just possibly the person in possession of the stolen property is personally innocent, and will be able to convince the court of that. Which will have nasty repercussions for whoever gave/ sold them the stolen property. There was an amusing case a while back of a man who stole various jewellery, including an engagement ring. The bulk he sold, but the engagement ring he used to propose to his floozy. Who was unimpressed when she was arrested and charged with reset not long before the wedding.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
1) If you have a Mac, and want to be mischevious and blow your cover, the "say" command may be entertaining for a while.
2) If you are able to scan wireless networks, there are some services out there that will give you a rough geolocation (Skyhook, for starters). Once you have an idea, a little wardriving may help you zero in without getting warrants. Then either you can handle the situation mano-a-mano or you can visit the local police with what you know.
Call me Snake...
It sounds like you're referencing laws against "handling stolen property" - that is, being a fence. In most jurisdictions, you can only be found guilty of that if you knew it was stolen, or should've suspected it was stolen. To prove you guilty of handling the People have to prove that you suspected, or should've suspected. If they can't prove that, the original owner can only sue the thief for the value of the item stolen.
Then again, in some states there is no such requirement, and anyone in possession of stolen goods can be found guilty of handling. Personally, I find that kinda scary.
Moral of the story: get insurance, back up your data. That's really all you can do. The police, in most cases, will not care.
I dont know about you guys; but I would probably lowlevel format the stolen laptop. Reinstall windows after, then connect the laptop to the internet through my IP. Theres not that many ways to get around older stolen laptops. Today though there are ways to retrieve stolen laptops, iPods etc. Call the manufacturer. This is true for Apple at least. You know when you install itunes, it displays the serial number of the ipod. When you connect to the internet it phones home to Apple. As long as you know the serial number you can retrieve your goods... So as long as they are not at an internet cafe :P
F*** with them a lot, put the process on a webcam store-forward system, sell the passwords from "your" computer to the highest bidder(s), and generally treat your own property any which way you feel like, or bloggers suggest you feel like. :)
Contact your local FBI Office you might find a bored agent who is willing to help you out.
I can tell you local agents are typicaly more willing to help then the larger offices.
Besides if they stole from you it's likely they have other stolen equipment and it could turn into a big bust
He says "I have some stolen computers checking in with a server we have"
You have to first ask him this question to clarify...
Was it you who stole the computers or is it your computers that were stolen.
Only after this question is properly answered can we go to the next step!
If the computer has a modem hooked up and you have control over the computer have it dial 911. If you have control and no modem, then have it e-mail a few death threads to the president of the US. Enough of the 911 calls will put them on the police radar, especially if you can redirect a VOIP call though the modem you can call 911 via the modem and explain things to the nice operator who will have a physical address. If you e-mail the death threats, then you just have to wait for the Secret Service to show up on your door step after they have recovered the system and traced your network connection to it.
I dunno, when my roommate stole a bunch of computer equipment, I went to the police, told him his name and current address, and they still didn't care.
I didn't get my stuff back until my Palestinian friend ran into my former roommate at the local grocery store and proceeded to scare the living shit out of him. Got all my stuff back the next day.
Sometimes... it's nice having swarthy friends who joke about blowing stuff up.
Be aware, that, just because someone stole something of yours, stealing something of theirs is not legal.
So, keyloggers, trojans, stealing their CC number etc, all illegal. Even though it's your computer, it's their data, their privacy being infringed.
isent it posible to over clock it by software to a level thet the procesor vill fry?
I don't know about federal, but I think the mens rea, for recipt of stolen property varies state to state. IANAL but my guess is that it would be negligently in most places. That is you are guilty if you failed to take usually precautions or ignored obvious signs something was wrong.
If you bought the computer from sold out of the trunk of someones car, who insisted on cash and gave no recipt, you are in trouble.
If it was more carefully fenced and you purchased it at shop, got recipt etc etc, you have done nothing wrong although you are still not going to get to keep it and are not likely to be compensated. Even if the mens rea is lower someplace I doubt very much in that situation any local prosecutor is going to come after you even if the poilice investigating filed a complaint. People would be pretty uncomfortable trying to punish you for something most people do everyday buy things in stores...
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
Taking resources from a kiddie porn investigaton to find a laptop?
That's highly immoral in my eyes.
Mens rea... It's not illegal in the UK at least unless you have reason to think it was stolen or should have realised.
Put a keylogger on and have all the keystrokes emailed to you, at some point they are going to order something and will have to put in their address.
CM www.cometenergysystems.com Blog: http://caribbeanrenewable.blogspot.com/
Innocent? The last time I checked, buying stolen property was still a crime. True, the person who now has the computer may not know that it was stolen. He may be able to identify the thief and may have to give the computer back to the rightful owner.
This was exactly what I was told by local police officers.
When the thieves used my personal information to get free tech support and replacement parts for the computer they stole from me (they conned Gateway into giving them my personal information, yay me!), I attempted to contact the FBI for Identity Theft.
Nothing was done about it. When I contacted the FBI to inquire about why my case was dropped, they politely informed me that my case could not be considered a priority because there was no monetary damages.
So its ok to steal someone's identity as long as you do not incur any monetary damages.
I have completely lost faith in the law and court system. But I bet if I decided to take the law into my own hands and retrieve my goods for myself, poof....instant jail time for me.
So, all in all, there is no legal avenue other than suing the people for your computers (which is what the lawyer I hired told me to do). I thought it was absurd that I have to sue to get my stuff back.
Even after all this, the lawyer told me it was a 50/50 chance I would get the stuff back even if I won. Plus, how do you justify $2000 in legal fees to recover a $600 computer.
Fucking, cops, feds, lawyers, judges and courts. To hell with them all.
It may not be so difficult to find the geographical are where the thief's address by means of the IP. I mean, you can trace the last router he/she is currently connected to, find it's location, connect to an open wireless close to that, and even calculate the distance within some error factor depending on the quality of the connection.
If the area is not too big and not too populated, and the wireless is activated, you can search for your laptop searching for its MAC in that area. Also, you can try finding out the MAC of the wireless device in the thief's router (if any), and ask others to search for it in their area.
Of course, in case the thief DOES read slashdot, he or she will most likely provide you false information,...
In case it's not too far away from where you live, you will have it back in a day or two.
I posted it originally as the AC :/
C'est la vie.
Cops only do their job when it's fscking easy?
In a word... Yes!
Comment removed based on user account deletion
Now you know how the *IAA's feel.
Be careful out there...
Seriously. A significant % of cops can't be told anything by a civilian. Find one that can.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
Any data you put on your employers computer becomes their property. They can read it etc.
I don't see why a thief is any different. The computer is yours. Ergo any data on the computer is yours.
Using their CC# would still be a crime. Posting it however?
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
If the machine retains its web history, check out common map sites like mapquest and google maps. See where they're trying to get directions from, might get lucky and get their home address.
The felony threshold varies by state. Try $150 in Illinois, or a mere $100 in Vermont.
See here: http://www.rlpx.com/Felonies.htm
You probably aren't going to prison for $100, but you still get all of the rest of the garbage that goes with being a convicted felon.
It doesn't always work that way. In New York I left my Amex card at a Radio Shack and $1,200 of charges showed up within a couple of days at the mid-town Bloomingdales and Diesel stores. The NYPD investigated, interviewed the staff at the Radio Shack store (I knew I had left it there), reviewed the security cameras during the times the card was illegaly used and recognized both a Radio Shack employee and her manager using my card. Arrested them both. The moral of the story is that if you can provide enough information to really identify the thieves the police will act.
actually made me laugh out loud.
First off, you HAVE monetary damages unless you got those computers for free, and it they were insured your insurers could be interested in recovery. Secondly, your question to law enforcement should be if they would be so kind to confirm that they have no interest in solving a crime and apprehend those responsible. Don't get technical, just say the systems have called home and there is a way to find where they are.
Do that IN WRITING, like "could you please confirm by return post that you have no interest in pursuing this case, even though new evidence has come to light that will assist in apprehending those responsible. If I don't receive an answer from you bx (14 days ahead) I will assume your answer into the affirmative".
Once you have this in writing your options are going to the press (will not make you popular with the fuzz, and you still live there), going to the insurers or go back to whoever you found friendliest at your police station and explain to them (patiently) that they would get the glory, you jut want your systems and you can help.
I personally would start with the last option. There's plenty of time to get into a fight later but ideally you want the police on your side.
What you do NOT want to do is hack your own systems because you'll zap your changes of obtaining untainted forensics, and may even be accused of hacking. You don't know if someone has bought these systems as secondhand..
Good luck.
Insert
Wasn't there a story about Canadian homeowners losing their houses because someone impersonating them sold it? And the courts said the new owners would get to keep houses since they paid for them?
(Please score as funny, instead of insightful)
My 80's guitar hero Ted Nugent will perform live in my hometown this sunday, so I looked him up on Youtube, but I found more movies of his political views than musical work. He should really stick to music.
Disclaimer: this was a joke. Don't commit a big crime to solve a small crime.
Hmmm. Wasn't there an article on here about the guy who did all that stuff you mentioned and was sentenced to over 15 years in jail???
With advice like that... The prosecutor's will be offering the thief/ thieves deals (two days community service) to help prosecute you (evil, twisted hacker menace). LOL.
Cops will always respond to reported meth labs... physical location and a little evidence will do wonders...
contact the NSA tell them what has been going on then tell them you just read about a new law coming out of the senate.(http://rss.slashdot.org/~r/Slashdot/slashdot/~3/331095448/article.pl) tell them how they could get this setup on all new computers in the US. Then collect your medal for being a good citizan spy, keeping america safe from those commie reds, err... I mean terrorist scum.
So, to solve this thread just over a week later, last night I got an email from a Special Agent with the FBI:
We have both of your computers back...
I'm leaving out a lot because I don't know where we're at yet, and like Google I observe a simple rule: Don't F*** S*** Up.
I also don't want anyone getting in trouble, but since I already posted publicly I'd love for you to have a follow-up. I'm really, really grateful that the FBI and other agencies were willing to help. (If ya'll see this, Thanks!)
To clarify things a bit, this was a pair of high end desktops (along with many, many costs that can't quickly be typed up) and other hardware that was stolen from a building under construction. Basically, we put computers in public places, and other than mice and keyboards rarely equipment walks.
It's a great thing to get systems back using just technology. There was no camera, witness, or fingerprints. We had just IP and MAC addresses, cookies and metadata, license plates and MySpace, and good efforts by the government we all bitch about to help out the little guy.
Partially, these computers were sold and I and my employer had no real financial interest in these, other than we don't like people to steal from our customers. They had our proprietary software on them, but very limited portions of it. They also wasted an assload of my time, which obviously was at least a little motivation for me.
I really, really appreciate all the advice, but if you ever have a PC stolen remember that computer thieves aren't usually that technical. Install remote access (FTP or PC Anywhere) and dynamic DNS, if nothing else. If possible, use a remote monitoring software or a silent VPN connection to keep an eye on your system.
Thanks to everyone, /. especially, as well as those with the law enforcement agencies that helped, and everyone who responded by email as well. I haven't had time yet to respond to all of you yet, but thanks.
Dave Hogan
A few months back. Lojack had phoned home from companies network. Figured out who it was, and employee walked out with silver jewelry on. He may have only purchased from another source, I don't know and don't care. Probably helped that motovate local law that there were some projectile devices stolen along with the Lojacked laptop. Part of company has a retail componet and a wireless hotspot. Could have been much more difficult to find, but from what I remember local law had internal IP so that would have let me know it was the wireless hotspot (seperate subnet and firewalled off, etc..) Messy, not fun. Hope I never see a piece of paper from RIAA due to wireless hotspot. JohnsIsland