Slashdot Mirror
Proposed MAC Sniffing Dongle Intended To Help Recover Stolen Electronics
An anonymous reader writes to say that an Iowa City police officer is developing a new concept to help police find more stolen property. The Gazette has a short report that officer David Schwindt, inspired by a forensics class, is working on L8NT, a specialized wireless dongle to help police officers locate stolen electronics (any of them with wireless capabilities and a MAC address, at least) by scanning for MAC addresses associated with stolen goods. The idea is to have police scan as they drive for these MAC entries, and match them against a database. The article notes a few shortcomings in this concept, but does not point out an even bigger one: MAC addresses are usually mutable, anyhow, in a way that's not as obvious as an obscured serial number, and thieves could refine their business model by automating the change.
What a waste of time
Of course you can change a MAC address. However, your average 90 IQ bag snatcher can't do that. As with much policing, this is aimed at the low hanging criminal fruit - which is OK, because I imagine petty crime is the majority of crime.
If some master hacker wants to steal your laptop and hide it, they could - however they could just buy their own seeing as how anyone with the skills likely can just get a decent job that is more rewarding that pinching electronics.
I've got a machine here (Genesi pegasos1 g3 power pc) that comes without a mac address in its ethernet hardware, you have to assign a mac to it before the network card starts working under the os of your choice.
So, VERY mutable. Lets take this changeable item and pretend its a fixed entity to trace things by.
Are going to get in trouble because they discussed dongle-sniffing?
Since the use of dogs is getting push-back in courts, this is the new police invention to sidestep probable cause. Especially considering how easy it is to have a discrete device to create on-demand red flag.
OMG how innovative!
While it is trivial for a well-informed thief to change their business model by swapping their mac address, you have to remember that most thieves have no idea what a mac address is. Even thieves in the business of stealing iPhones may not read slashdot, shocking as that may be to believe.
Criminals regularly get caught every day because they left fingerprints behind, despite the fact that we've known for something like a century that the cops will try to track you by your fingerprints so you should wear gloves or otherwise obscure your fingerprints if you are going to touch anything at a crime scene.
Criminals regularly get caught every day because their faces are visible on security cameras, despite everyone having seen news reports, crime dramas, etc that let you know that there are a lot of security cameras in the world and cops will use them to track who was at a crime scene; lots of people don't bother to wear a mask or disable security cams or delete the video.
So, cops can and should use tools to catch criminals, even if Moriarty can avoid those tools, because they'll catch a lot of the non-masterminds out there, and even the serious well-informed criminal might screw up on occasion.
For this to work wouldn't it assume that wireless devices are registered with some authority by the 'legal' owner of the device? Sounds like just another way for police and government agencies to track citizens to me.
I just had a friend who had their house broken into, and the person who bought their laptop actually contacted them after realizing it was stolen. They had bought it at a gas station from a guy 'selling his stuff to get gas money'. Yeah, the guy should have realized this was a scam. So basically the guys who stole it probably never even turn the thing on. They just sell it for cash and get out of dodge. You will just find a bunch of suckers who couldn't turn down a good deal, and what kind of prosecution rate do we have on those? The thief already go his money, so no deterrent there. Never mind the obvious fact you can change those, but the thief won't bother as he is just going to sell it. So again, for all of this effort exactly what is going to be accomplished?
You can only find MAC addresses to check against the "stolen/missing" list if you gather EVERYTHING all the time. So now, just like tracking all of our phone calls and vehicle movements, it's a "safety" idea to track every single wifi device. It sounds so helpful . . . and if only there were some way to add "think of the children!" it would be perfect . . .
I know we like to whine here about patent stuff, so let us start whining! Because scanning a network in order to find a specific set of MAC addresses has never been done before...
I've been war driving for years using software that collects, among other interesting things, the MAC addresses of every device it hears. Google got in trouble doing this kind of thing too.
This is NOT new, nor should he get a patent on this....
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Why is it the idiotic response of law enforcement when confronted with dealing with a small problem always to create a big problem.
So, if the problem is there are a small amount of people who are breaking the law ... we should constantly surveil all people at all times to find that small amount of people.
Yes, there exist people who rob banks. That doesn't mean you stop everybody and fingerprint and interrogate them in case they robbed a bank. If you have no probable cause, you shut the fuck up and don't do that. And yet time and time again law enforcement rushes to enact the totally fucking stupid "let's just stop everybody just in case".
And, in a digital world, since you already have that information for one purpose, then you really should use it for other purposes ... you know, in case we need to protect children, or enforce copyright, or ensure nobody has called the police fucking idiots and fascists.
And when they say bullshit like ""The rest of the packet is ignored," he said. "We have no idea who it is registered to." this will either change over time, or get proven to have never been true.
Give us your fucking papers, comrade.
Honestly, I swear the police are either all fucking morons, or all actively trying to find ways to bypass laws which say "you can't fucking do that assholes".
Lost at C:>. Found at C.
I've used find-my-phone type things a few times... the police don't care even if you can literally give them the thief's address. Every time it has been up to me and/or friends to enforce property rights, not the police.
Liberty - Security - Laziness - Pick any two.
I met a mac-sniffing dongle once. He finally got his dream job working the Genius Bar.
You are welcome on my lawn.
This would work for finding most stolen laptops, only if the police weren't apathetic. My brother had his macbook stolen, and with software he had installed, he was able to track down the location of his laptop. But, alas, the police weren't interested in tracking down such a low-grade criminal. They wouldn't do anything.
The community Wi-Fi MAC database is already built.
There's a map done by wardrivers that can be used.
http://noquest.com/network/locating-stolen-ap/
just buy a mini pci express WLAN card from ebay (cheap cheaper extreme cheap) - hopefully it's not a stolen one!
Replace "mini pci express" card and do what you like with your old card.
And you have a new mac adress.
Bad people could throw these in the garbage or the electronics dumps, or sell them at flea markets, so you should not dumpster dive and flea market for those cheap cards there!
I used to be a Sprint Wireless customer. They used to, and probably still do blacklist phones, based on ESN of the phone. The ideas was that stolen phones or phones that were not off contract could not be easily sold. The general concept is sound. And I want something like that for my expensive electronics as well.
My fully loaded Macbook Pro cost a little more than $3K. If it gets stolen, I would like to be able to get it back. I understand that police may only recover it from an idiot who bought it from a thief. That does not make the original idea invalid. The buying idiot still has to return it to me.
There still are questions about how the stolen MACs are reported, searched for etc. But I can see how a central database of stolen equipment could be used to look for it. Perhaps coffee shops and other public spots could help identify stolen equipment as well.
Those of you looking for a perfect solution that handles every case flawlessly will not like anything being proposed here. You should move on. The rest of us will be happy with something that does help with this menace.
So he wants to build a license plate reader for technocrap. As most gear is set in WiFi whore mode by default, you could build a decent database of "who, where, when" the same way LPRs work. Stick these up on lamposts, or even better at the entrance and exit routes of your town and start building your database. What could go wrong?
SD
âoeWho knew something as harmless as willful ignorance could end up having real consequences?â
How long will these be stored? Would they track MAC proximities to track movements of anything with a MAC address. Smacks of the whole license plate reader issue.
What the hell do they mean "wireless dongle"? At first I thought they were talking about something that you attach to your devices that you don't want stolen. But that makes no sense at all, as the thieves would quickly learn to remove it. Then, after rereading the disclaimer " (any of them with wireless capabilities and a MAC address, at least) " I think that I realize that the "dongle" is some device that the cops would use to intercept wifi signals. Wouldn't make any sense to add a dongle to a wireless device anyway, since the new "dongle" would have to have it's own MAC address (although it would allow for finding stolen items that were not themselves wireless devices). But then it isn't really a "dongle", it is clearly a wifi port and antenna attached to some sort of computer (most cop cars already have laptops and I suspect that most or all have wifi anyway) and special MAC collecting software, similar to what got Google in trouble (although they were even more invasive about it).
Obviously the police want to collect more invasive information on people too, and they have a damn poor record of ever attempting to return stolen property. (A local news story here told of one person who kept getting bills month after month as his stolen car was driven past toll road license plate scanners almost daily, but they never caught the thief or recovered the car). And what percent of the population is going to be able to help the police when asked "Your Tablet was stolen? Great! What was the MAC address?" ? I would be a lot less skeptical if the police ever expressed interest and were willing to track down stolen cell phones, which clearly have a much greater range and could easily lead police to thieves with just a little effort. But they show no interest in that. Why believe that they want to find stolen items based on a much weaker less reliable wifi signal?
I'm an American. I love this country and the freedoms that we used to have.
Doors at 9pm. First set at 10.
Sure, some crooks might change the MAC but in many devices a hard reset will return it to the default. But a typical burglar kicks in your door, ransacks the house, grabs anything they think will make them a quick buck for next fix and runs.
I found my camera on Craigslist a couple days after it was stolen in just such a burglary. The cops called him up to "buy" it back and busted him. When I got my camera back it not only had the original configuration settings including my name as the author and copyright holder but also photos of the thief himself taken at the camera store where he tried to sell it.
Finding the manual and learning how to clear configurations and set MAC addresses is simply not in your average crook's play-book.
~~~~~~~
"You are not remembered for doing what is expected of you." - Atul Chitnis
This is nothing but the equivalent of scanning the license plate of cars parked on the street. I don't have a tinfoil hat handy, but why are such blatant violations of privacy to track people through their goods given the same excuse to protect the victims of what can only be described as state surveillance?
keep the good stuff at home, buy cheap junk for going out and about. stop worrying about theft, enjoy life.
Theft Victim: I would like to report my laptop stolen
Police Officer: Okay, could I have the MAC number of your laptop?
Theft Victim: It’s not a Mac, it’s a PC.
Police Officer: I mean the unique number associated with your network card.
Theft Victim: I don’t have a network card, but would my library card work?
Police Officer: Nevermind.
Of course we won't be using this to track the movements of every single citizen via their devices. Really we won't. Trust us.
So the cops want to drive around, scanning for mutable MACs, and if one matches up with a database they control, then they'll have probable cause to enter a dwelling. Yup, no way to abuse that!
This is even worse than license plate scanners. I do not want law enforcement driving around recording the locations of WiFi equipment and building databases of where my iPad is between 6pm and 8pm on Saturday nights for 20 years.
Without mandatory deletion of unrelated (non-stolen equipment) records and mandatory minimal retention periods, this is just another excuse for the state to vacuum up records they should not be permitted to keep.
Especially in this day of smart mobile devices, all with WiFi interfaces, this is virtual tracking of innocent people, without any legal limitiations.
This is another Stingray variant, for acquiring information without warrants, and isn't about stolen goods. It just has a better cover story, and a developer who's not insisting on NDAs to cover illegal mobile phone wiretapping because sucking up publicly broadcast information like SSIDs and MACs isn't explicitly illegal.
Your average 90 IQ police department isn't going to search for stolen iPhones even if the user comes to them and says"My phone got stolen, '$Get-My-Phone-Back-App' says it's located at 766 Valencia St, here's the picture of the user, Facebook says he's Pat Smith, mugshots-online.sf.ca.gov shows a matching picture and his record of petty theft and fencing, and the app shows he's been there for 3 hours, yes, I know that address is the Central Police Station, he's in Room 243. Can you walk upstairs and ask him to give my phone back?"
Your average police department also doesn't have a list of MAC addresses for stolen goods, nor do most theft victims - if my work laptop gets stolen, maybe the IT department has that somewhere, but if my home PC gets stolen, I don't, unless possibly my router's NAT table or my ISP has the MAC cached, but it's pretty unlikely.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Having held two 3c509B's in my hands with identical MAC address I can attest two this. They're unique enough for hosts on a subnet... Most of the time.
This article is flamebait anyway, nothing to see here..
It won't work for exactly the same reason. Your average laptop owner doesn't know their device's MAC address.
There's an app for that! (Or easily could be.)
It would be trivial to build an application that would squirrel this info away for the user - like onto a database on various services (paid or free) that he subscribes to or registers for. (A good one would be the registration for the manufacturer's warranty.)
It would also be trivial to include the various device MAC addresses along with the serial number, on the label, in the databases that print the reciept at the electronics store, and in the manufacturer's records (even without warranty registration). Give the manufacturer the serial number (and your own identification or a police report number if he doesn't know you) and he gives you (or the cops) the MAC addresses of interest.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Contrary to popular believe, MAC addresses are not unique. There's just 24 bits for the NIC one you remove the OUI (16.7M unique addresses). However worse, many manufacturers will only use a sub-set of the available range, often using the first 4-8 bits as a product identifier. For example, Samsung made 73M mobile phones, in 3Q2014. There's a lot of duplicate MAC addresses out there.
Is that the Police can locate anybody, by reporting his device as stolen.