Slashdot Mirror
Retrieving a Stolen Laptop By IP Address Alone?
CorporalKlinger writes "My vehicle was recently burglarized while parked in a university parking lot in a midwestern state. My new Dell laptop was stolen from the car, along with several other items. I have no idea who might have done this, and the police say that without any idea of a suspect, the best they can do is enter the serial number from my laptop in a national stolen goods database in case it is ever pawned or recovered in another investigation. I had Thunderbird set up on the laptop, configured to check my Gmail through IMAP. Luckily, Gmail logs and displays the last 6 or 7 IP addresses that have logged into your account. I immediately stopped using that email account, cleared it out, and left the password unchanged — creating my own honeypot in case the criminal loaded Thunderbird on my laptop. Sure enough, last week Gmail reported 4 accesses via IMAP from the same IP address in a state just to the east of mine. I know that this must be the criminal who took my property, since I've disabled IMAP access to the account on all of my own computers. The municipal police say they can't intervene in the case since university police have jurisdiction over crimes that take place on their land. The university police department — about 10 officers and 2 detectives — don't even know what an IP address is. I even contacted the local FBI office and they said they're 'not interested' in the case despite it now crossing state lines. Am I chasing my own tail here? How can I get someone to pay attention to the fact that all the police need to do is file some RIAA-style paperwork to find the name associated with this IP address and knock on the right door to nab a criminal and recover my property? How can I get my laptop back — and more importantly — stop this criminal in his tracks?"
See if you can file a civil replevin action against John Doe to recover the laptop. That will give you the ability to issue subpoenas to trace the IP address. Once you have the identity of the thief, report the information to both the campus police (for the theft) and to the local police (for possession of stolen property). Good luck!
Laws affecting technology will always be bad until enough techies become lawyers.
Make sure you call Dell and report it and give them the case number, they can flag it in their system as stolen and if anyone calls in on that system's tag...they'll obtain as much info as they can and act like nothings wrong.
I'm a cybercrimes detective and computer forensics examiner in a Sheriff's Department and do this all the time. It simply requires a subpoena to the ISP that the IP address returns to. If the campus police and city police won't do it, try your county or state police agencies (both which also have jurisdiction). In my state, all police officers have power anywhere in the state and I could "technically" investigate and/or charge anyone with a crime anywhere in the state. We just don't typically do this because it's stepping on each other's toes. As a county officer though, I frequently investigate crimes involving cases inside city or town limits if that agency doesn't have the capability. If the IP address ends up being from another state, we just contact the local police there to ask for their assistance.
Keep asking and ask to talk to a supervisor if they are not helping as much as you would like. While there is no obligation from a police agency to necessarily do everything they can on a property crime, most department heads will do what they can to keep the public happy.
Like others have said though, you may simply get a return to a campus, business, or open wireless network.
Good luck.
OK, I'm going to post the IP since it's been requested. According to Gmail, it was last accessed 3 hours ago from this IP. The IP address has been the same EVERY time it's been accessed, starting June 28, 2010. It traces to Cincinnati Bell's Fuse Network (a home internet service). I can't get anywhere with Cincinnati Bell's customer service. "Customer privacy rules," they say.
Here's the IP: 208.102 (DOT) 223.137
I split it up so auto-filters and bots wouldn't find it.
Thank you everyone and anyone who may be on the inside of 'Ma Bell who can help me track this thief down. I apologize if this is a TOS violation for Slashdot, but I am really at wit's end and have PROOF that this is the IP that's violating my account. I need your help.
Maybe I'm paranoid. Or maybe I just really want to reign hell down on whom ever steals my laptop.
First, most thieves are dumb, they're not going to wipe it. They're going to sell it as fast as possible to get cash.
All of this is free and open source and should work on Mac and Linux, not sure how to create services in Windows.
1) Prey Project. An OSS theft recovery tool. Uses google geo location, web camera if it comes installed.
2) AutoSSH. I have an autossh run as a service that creates a link between my home router and my laptop. ssh -R 2222:127.0.0.1:22 home.example.com. So no matter where I leave my laptop, if it can get out to the internet, I can ssh into it from my home router.
3) OpenVPN. AutoSSH * 10. No matter where my laptop is, it IS no my home network. Leave it at a friend's house.
4) Keylogger. . I have a launchd (cron) set up to sftp me the log every day and then restart the log.
So now I know: 1) Where my laptop is and possibly have a photo of who is using it. 2 & 3) Can access my laptop and play fun tricks 4) Know exactly what said person is up to and when they login to gmail, facebook, etc. I have their passwords.
Sadly my laptop hasn't been stolen yet.
There are multiple jurisdictions involved, any of which could choose to pursue the case if they wanted to. They include:
The best revenge is that which you can obtain for yourself. Find out what ISP has the IP address. Contact the local police where that ISP is and ask that they contact the ISP to get the subscriber data for that IP. If that doesn't work, you can sue John Doe from your own jurisdiction and force the ISP to provide the information you seek. The police may be more willing to take up the case if you do the legwork.
Another option too is to contact the prosecuting attorney who handles the university polices cases. They might be able to pressure the police to take action, considering the ease with which the criminal can be identified.
Lastly, but certainly not leastly, post the IP address to 4chan. They have more than enough unscrupulous individuals that could find the person for you. If nothing else, they will at least DDOS the IP for you.
You can't legislate goodness. Let each to his own destiny, by will of his freely made choices.
I have talked to ISP's before about legal issues (specifically, a hacking incident). I said "hey, there's a hacking incident coming from one of your IP addresses, and I need all the information that you have on the person."
Their questions: "Are the police involved?" and "Are you a network administrator?"
Since I answered the questions right ("No" and "Yes"), they gave me all the information. Had the police been involved, their instructions were to only provide information with a warrant.
The moral of the story is to ask for the information first, prior to getting the police involved. Mod me up, so the guy sees this critical piece of information!
That person was tracked down to his location - he lives in New Richmond and uses ISP Fuse Internet Access.
Please contact Rick Wagner by email at wagner@fuse.net or hostmaster@fuse.net , or phone at +1-513-397-6598 or +1-800-387-3638.
I talked to Dick and he said he will be happy to assist you.