Slashdot Mirror

← Back to Stories (view on slashdot.org)

Man Uses Remote Logon To Help Find Laptop Thief

Posted by samzenpus on from the cyber-bloodhound dept.

After his computer was stolen, Jose Caceres used a remote access program to log on every day and watch it being used. The laptop was stolen on Sept. 4, when he left it on top of his car while carrying other things into his home. "It was kind of frustrating because he was mostly using it to watch porn," Caceres said. "I couldn't get any information about him." Last week the thief messed up and registered on a web site with his name and address. Jose alerted the police, who arrested a suspect a few hours later. The moral of the story: never go to a porn site where you have to register.

54 of 251 comments (clear)

  1. Makes sense by Kr4u53 · · Score: 5, Funny

    What else would someone use a stolen laptop for?

    1. Re:Makes sense by dexmachina · · Score: 5, Funny

      What else would someone use a laptop for, period?

    2. Re:Makes sense by William+Robinson · · Score: 5, Insightful

      Note to self: Remove remote access after stealing laptop!!!!

      --
      hilarious
    3. Re:Makes sense by Harmonious+Botch · · Score: 4, Funny

      What else would someone use a laptop for, period?

      Laptops get in the way...

    4. Re:Makes sense by Tubal-Cain · · Score: 5, Insightful

      If not reformat completely.

    5. Re:Makes sense by negRo_slim · · Score: 3, Funny

      Laptops get in the way...

      Yes but the thermal stimulation is well worth it on a cold winter's eve as you watch your favorite bukkake vid by the light of an open fire.

      --
      On the Oregon Cost born and raised, On the beach is where I spent most of my days
    6. Re:Makes sense by rugatero · · Score: 5, Funny

      Someone's dreaming of a white Christmas....

      --
      This comment is for entertainment purposes only. Any similarity to real insight or information is purely coincidental.
    7. Re:Makes sense by Anonymous Coward · · Score: 2, Funny

      Yes but the thermal stimulation is well worth it on a cold winter's eve as you watch your favorite bukkake vid by the light of an open fire.

      ...I can't believe you got modded insightful for that.

    8. Re:Makes sense by fm6 · · Score: 2, Funny

      Tablet computers are better. They leave a hand free...

  2. The moral of the story by Korbeau · · Score: 5, Informative

    Never leave your laptop on top of your car when carrying other things home!

    What, did you think this thing was portable?

  3. Pft by inKubus · · Score: 5, Funny

    Talk about getting caught with your dick in your hand...

    --
    Cool! Amazing Toys.
  4. What remote access technology? by Max_W · · Score: 5, Interesting
    How could be this done? How could he connect to his laptop without knowing the IP address?

    I use remote access, but I have to type in the IP address to connect. How could he knew the I address?

    I read this story several times but nowhere the software name is mentioned.

    1. Re:What remote access technology? by Anonymous Coward · · Score: 4, Informative

      He was probably running a dynamic DNS client.

    2. Re:What remote access technology? by jswigart · · Score: 5, Informative

      Prob running something like dyndns or something that would automatically notify the server of the ip address when online, so he simply had to use his registered dyndns name.

    3. Re:What remote access technology? by Schemat1c · · Score: 4, Informative

      How could be this done? How could he connect to his laptop without knowing the IP address?

      One word, DynDNS.

      --

      "Nobody knows the age of the human race, but everybody agrees that it is old enough to know better." - Unknown
    4. Re:What remote access technology? by Spad · · Score: 2, Informative

      Several remote access apps have an option to notify via email when your IP address changes.

  5. Re:This is not the first... by shbazjinkens · · Score: 5, Funny

    This is hardly the first time this has ever happened. Why is this on slashdot? Heck there are even better stories of this, such as a woman who used the laptop's webcam to !

    I wonder why he didn't just tap into the webcam on his computer while the perpetrator was... oh wait.

  6. Plans within plans? by TiberSeptm · · Score: 2, Interesting

    Doesn't this mean that the guy who had his laptop stolen also didn't bother to set a login or boot password? One might argue that he deduced that a boot password or login password might just get his drive wiped by a clever thief. He may have even st up the remote access partly to act as a way to catch thieves and get it back if it was ever lost. He could have even used fairly strong encrpytion to protect most of his data. Of course anyone arguing for the assumption that his sercurity plans were a series of complex plans within plans must have missed the part where he left it on and in his unlocked car.

  7. Hey, that guy in the ski mask! by pizzach · · Score: 4, Funny

    CmdrTaco? Is that you?

    --
    Once you start despising the jerks, you become one.
  8. Re:I'm surprised that the thief was so dumb. by darkonc · · Score: 3, Insightful
    We're talking about a thief here -- and a thief of opportunity, at that. This is no braniac master-criminal. They guy probably didn't know enough to create a new account, much less reformat the machine. Hell, even slightly above-average users might have a problem with that idea.

    I've seen a thief who was so stupid, that he stole a kid's bike from (directly!) across the back alley, and then left the stolen bike by the back door.
    He was, apparently, both surprised and indignant when the father of the child whose bike was stolen came over for a visit.... wielding a baseball bat.

    --
    Sometimes boldness is in fashion. Sometimes only the brave will be bold.
  9. TISM! by Director+of+Acronyms · · Score: 5, Funny

    For those in Australia : looks like his laptop was stolen by TISM. Especially considering the lyrics to this TISM song :

    http://www.stlyrics.com/songs/t/tism10923/beencaughtwankin434144.html

    --
    Never look back at the carnage.
  10. So frustrated.. by superdave80 · · Score: 4, Funny

    Yeah, it must have been sooooo frustrating to have to sit there and watch that porn. Poor bastard!

  11. You think you've seen stupid? by mcrbids · · Score: 3, Interesting

    In nearby Oroville, CA, a thief robbed a bank at gunpoint, took off with several thousand dollars in cash, and then returned later in the day - to the same bank - to deposit the cash into his own bank account.

    no, I'm not kidding.

    (And this text box for idle just teh suxorz)

    --
    I have no problem with your religion until you decide it's reason to deprive others of the truth.
  12. article icon by v1 · · Score: 2, Interesting

    They did a poor job of airbrushing the apple off the back of that macbook.

    --
    I work for the Department of Redundancy Department.
  13. Re:automatic login? by maglor_83 · · Score: 2, Insightful

    So the moral of the story is to not have passwords or you won't get your computer back.

  14. Why not just use the WAN IP? by Rick+Bentley · · Score: 2, Insightful

    Wait, shouldn't it go like this:

    1) get WAN IP of computer being used at thief's house(e.g. 66.245.54.53)
    2) do reverse DNS IP lookup, see that it belongs to Earthlink or whatever ISP
    3a) if it's a fixed IP then we're done, have the Police ask the ISP to whom they assigned the IP (or get a warrant if we're good monkeys)
    3b) if it's a dynamic IP then the ISP has to check their logs to see to whom they gave the IP at the time, but they should have that
    4) Police show up at the door as above.

    Why do you need to be able to remote login and wait for the thief to type his address? I guess the webcam could be useful because you can get a picture of the guy actually using it (instead of the police showing up and the guy saying "I have an open wifi access point, so the real thief must have logged onto my router, which has no logging enabled, w/o my knowledge with the stolen laptop"). But, seriously, shouldn't the WAN IP be enough?

    --
    My favorite quote doesn't fit into 120 characters. Now no one will like me.
    1. Re:Why not just use the WAN IP? by Zenaku · · Score: 2, Insightful

      3a and 3b aren't all that difficult. My Macbook Pro was stolen back in April and once I had the IP address, all it took was a 15 minute conversation with the investigating officer, who then got a subpoena to get the address from Comcast. How is driving around to triangulate the signal and narrow it down to a few locations easier than that?

      I'm pretty sure if I had gone to the cops with "Here's the house I traced my laptop's radio transmissions to!" instead of "Here's the IP address that he is using, please subpoena Comcast to find out his name and address," they'd have just thought I was some crackpot.

      --
      If fate makes you a motorcycle, you become a motorcycle.
  15. Re:It is not a trivial task. by Anonymous Coward · · Score: 2, Informative

    Not to advertise, but try www.logmein.com, its free, and the you can log in to the computer as if you where sitting in front of it.

  16. They want easy by TheLink · · Score: 4, Insightful

    Yeah. Thieves who steal laptops want _easy_.

    If they didn't mind hard they'd have got a job or started their own companies, or stolen something more challenging and rewarding ;).

    So what you do on your laptop is to create an account specially for thieves to use. Call it Honey if you like - with no password, or the password hint = instructions on how to get in.

    Then your own account has a password, to keep the thief out, from deleting your encrypted stuff etc.

    This way when the thief steals the laptop, they turn it on, click on "Your Account", get password prompt, click on Honey, get in straight - whoopee.

    Immediately the stuff is launched to log data about the thief and his surroundings - webcam, microphone set to record, and then the data is uploaded.

    --
    1. Re:They want easy by heteromonomer · · Score: 2, Interesting

      Is there a software that has a 1-step procedure to activate all the stuff you mentioned? Activate the camera, mic, monitor his internet movements and even capture keystrokes?

  17. Does he really wanna have his laptop back by bjoeg · · Score: 2, Funny

    The ending of the story is missing.

    "After police got hold of the thief and the laptop. Jose Caceres now has his laptop back at home..........with sticky buttons."

  18. Not all reformats help by apankrat · · Score: 4, Interesting

    Q. Can ComputracePlus be detected?

    A. .. snip .. The Agent can survive a hard drive re-format, F-disk command and hard drive re-partitioning.

    http://www.absolute.com/computraceplus/faqs.asp

    --
    3.243F6A8885A308D313
    1. Re:Not all reformats help by setagllib · · Score: 4, Insightful

      Let's see it survive a Linux LiveCD.

      --
      Sam ty sig.
    2. Re:Not all reformats help by lhaeh · · Score: 3, Insightful

      I always found this hard to believe, someone wanna explain how that would work without custom hardware.Do they assume the bootloader will be left behind?

    3. Re:Not all reformats help by jibjibjib · · Score: 2, Informative

      I'm not entirely sure, in general. Some laptops (including mine) have part of CompuTrace built into the BIOS, so it can persist across hard drive reformats and replacements. I have no idea how it actually manages to integrate with the newly installed OS and access the internet to continue tracking the computer after a hard drive replacement, though. http://www.absolute.com/products-bios-enabled-computers.asp I discovered this by accident a few months ago when I was looking at a hex dump of my BIOS for fun and was quite surprised to see a "CompuTrace" message in there.

    4. Re:Not all reformats help by deek · · Score: 2, Insightful

      Well, I don't know precisely how it works, but the bootloader is the only possible way it could survive a repartition. The code is definitely stored on the hard drive, as the FAQ mentions.

    5. Re:Not all reformats help by William+Robinson · · Score: 2, Interesting

      The same page say something like...

      The Computrace Agent communicates with modems through the Microsoft TAPI interface.

      So, probably it works only if you reinstall Windows (though I would love to know how do they do it).

      I would doubt if it survives after booting Livecd, make hard disk complete ext3fs, and then reinstall Windows.

      --
      hilarious
    6. Re:Not all reformats help by Anonymous Coward · · Score: 2, Interesting

      An Option ROM is loaded into the BIOS that checks for the existence of the application. I can attest to the fact that it does get reinstalled and installed on a new Windows OS even if a different drive is used. This can be removed, however, with some BIOS editing apps.

      We had a user's laptop stolen from an airport security check with Computrace installed fairly recently. The problem is that Absolute Software claim the system is out of their jurisdiction and, once reported stolen, you cannot see the IP address that a system reports in. This leaves no way to verify that the system isn't actually being used at your local Starbucks. Even though we're out of an investment, we can still see username changes as the tool continues to report in. It is like someone stealing your car and driving it by your house at 8PM each night. It's pretty frustrating to know that we have serial numbers associated to every component and have a 3 year warranty only to be told that "we'll let you know if something comes up".

    7. Re:Not all reformats help by jimicus · · Score: 3, Interesting

      There is custom hardware. It's built into the BIOS on most modern Dell laptops.

    8. Re:Not all reformats help by cp.tar · · Score: 4, Funny

      Linux: the laptop thief's choice.

      --
      Ignore this signature. By order.
    9. Re:Not all reformats help by knifeNINJA · · Score: 3, Insightful
      From the FAQ:
      Computrace Agent Hardware & Operating System Requirements:
      ...
      Microsoft Windows 95, 98, ME, NT and the 32-bit versions of Windows 2000, XP, Windows Server 2003 and all 32 and 64 bit editions of Windows Vista
      ...
      Mac OS X version 10.2
      Looks like you're right. As to how it works, here's my guess:
      • When booting up, BIOS ensures program is properly installed on hard drive
      • If program is missing, BIOS reinstalls program + rootkit to cloak its presence
      • BIOS can only reinstall program + rootkit on OS's for which they have been compiled/configured
      • Program runs as a hidden service
    10. Re:Not all reformats help by dave420 · · Score: 2, Informative

      It uses the hard drive's Host Protected Area to store the software, so you need special software to remove it.

    11. Re:Not all reformats help by Soruk · · Score: 5, Informative

      Probably not actually. From TFA:

      Q. What happens if a computer's hard drive is removed?

      A. The Computrace Agent resides on a computer's hard drive so if the drive is removed and installed on another computer, the Agent will initiate contact with the Monitoring Center at its next scheduled call. It will then report its new location. The original computer will no longer be protected.

      If your scenario was correct then it would reinstall the trace software on the new hard disc.

      --
      -- Soruk
    12. Re:Not all reformats help by caluml · · Score: 4, Funny

      .... when I was looking at a hex dump of my BIOS for fun

      Do tell us more about your hobbies and pastimes!

      --
      Get your own free personal location tracker
    13. Re:Not all reformats help by Anonymous Coward · · Score: 4, Funny

      Let's see the thief get online when the LiveCD cannot recognize the laptop's WiFi.

      (*Ducks*)

    14. Re:Not all reformats help by Sobrique · · Score: 2, Insightful

      Well, the ones that get caught are :).

    15. Re:Not all reformats help by ikkonoishi · · Score: 3, Informative

      Looks like this is the answer.
      http://en.wikipedia.org/wiki/Host_Protected_Area

    16. Re:Not all reformats help by ironwill96 · · Score: 5, Informative

      We have CompuTrace on many of our laptops here at work. Only certain manufacturers have the agent pre-loaded but it is embedded in the BIOS. If you flash the BIOS and put different firmware on it you can wipe it out. CompuTrace won't work if you formatted the machine and put Linux on it since they don't (currently) have a Linux version of their agent.

      CompuTrace is really not a great service though because some of their promise is that they'll recover your laptop in X days or pay you $1000, guaranteed! What they don't tell you is that to keep this "warranty" active you have to make sure that your laptops check in at least once every few weeks or else they call you and demand that you check-in the laptop within a week or lose your warranty.

      This is a real pain when you have laptops that are being taken home by your users and they don't have internet at home or just leave it sitting in a desk drawer for weeks at a time. Trying to track down all of the machines to make sure they are hooked up to the internet to check-in at least once every few weeks is a total mess.

      --
      "To strive, to seek, to find, and not to yield." - Tennyson
  19. Re:This hits close to home.. by Chrisq · · Score: 3, Funny

    Three days later, the entire town I live in was flooded with several feet of water from hurricane Ike.

    I really wish I had the foresight to install this kind of software on my laptop. Might have helped...

    I think protection from hurricanes is beyond its capabilities.

  20. Re:Who is more clever by Anonymous Coward · · Score: 2, Interesting

    Those who are smart enough to extract private files from a swap partition have better things to do than stealing unattended laptops.

  21. Re:This is not the first... by utnapistim · · Score: 5, Funny

    In other words:

    1. get your laptop stolen by hot chick (or somebody else, according to your tastes).
    2. remote logon.
    3. wait for them to look at porn and activate camera
    4. ???
    5. profit!

    --
    Tie two birds together: although they have four wings, they cannot fly. (The blind man)
  22. Re:automatic login? by Simon+Brooke · · Score: 2, Informative

    I agree that having physical access to the disk allows anyone to read it, and that sensitive data should be encrypted. But that doesn't mean it isn't worth making things complicated. Set good passwords. Use BIOS/OpenFirmware/other pre-boot environment passwords to prevent non-standard booting. Lock/screw the case closed.

    This really doesn't help you in the case that the thief has stolen your machine and has it physically in his own workshop with his own set of screwdrivers.

    If you're paranoid about your security (and in some jobs you should be), then for portable machines you want to encrypt the whole disk - and, ideally, have something that scrubs the disk after N successive failed login attempts, where N is some small number. Yes, of course it's backed up. You're competent aren't you?

    --
    I'm old enough to remember when discussions on Slashdot were well informed.
  23. You can definitely remove it by... by GameboyRMH · · Score: 2

    Removing all sectors and the wiping the MBR. If it can survive a reformat, it hides in the boot sector like those viruses from way back when. No partitions, no MBR, no place for it to hide.

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  24. oblig fail by Joe+the+Lesser · · Score: 4, Funny

    http://failblog.org/2008/10/01/christmas-candle-fail/

    --
    "I only speak the truth"
    Karma: null(Mostly affected by an unassigned variable)