Man Uses Remote Logon To Help Find Laptop Thief 251
After his computer was stolen, Jose Caceres used a remote access program to log on every day and watch it being used. The laptop was stolen on Sept. 4, when he left it on top of his car while carrying other things into his home. "It was kind of frustrating because he was mostly using it to watch porn," Caceres said. "I couldn't get any information about him." Last week the thief messed up and registered on a web site with his name and address. Jose alerted the police, who arrested a suspect a few hours later. The moral of the story: never go to a porn site where you have to register.
Makes sense (Score:5, Funny)
Re:Makes sense (Score:5, Funny)
Re:Makes sense (Score:5, Funny)
What else would someone use a laptop for, period?
Laptops get in the way...
Re:Makes sense (Score:4, Funny)
Laptops get in the way...
Yes but the thermal stimulation is well worth it on a cold winter's eve as you watch your favorite bukkake vid by the light of an open fire.
Re:Makes sense (Score:5, Funny)
Re: (Score:2)
oblig fail (Score:5, Funny)
http://failblog.org/2008/10/01/christmas-candle-fail/ [failblog.org]
Re: (Score:2, Funny)
Yes but the thermal stimulation is well worth it on a cold winter's eve as you watch your favorite bukkake vid by the light of an open fire.
...I can't believe you got modded insightful for that.
Re: (Score:2)
...I can't believe you got modded insightful for that.
I can.
This is Idle, after all
Re: (Score:3, Funny)
Tablet computers are better. They leave a hand free...
Re:Makes sense (Score:5, Insightful)
Re:Makes sense (Score:5, Insightful)
If not reformat completely.
Not all reformats help (Score:5, Interesting)
Q. Can ComputracePlus be detected?
A. .. snip .. The Agent can survive a hard drive re-format, F-disk command and hard drive re-partitioning.
http://www.absolute.com/computraceplus/faqs.asp [absolute.com]
Re:Not all reformats help (Score:5, Insightful)
Let's see it survive a Linux LiveCD.
Re: (Score:2, Interesting)
The same page say something like...
The Computrace Agent communicates with modems through the Microsoft TAPI interface.
So, probably it works only if you reinstall Windows (though I would love to know how do they do it).
I would doubt if it survives after booting Livecd, make hard disk complete ext3fs, and then reinstall Windows.
Re:Not all reformats help (Score:5, Funny)
Linux: the laptop thief's choice.
Re: (Score:2)
I don't expect anyone sinking so low as to steal a laptop to be (computer-)smart enough to use linux.
Sorry, all you thieves out there, you're all morons, no matter what IQ you have.....
Re: (Score:2, Insightful)
You can definitely remove it by... (Score:3)
Removing all sectors and the wiping the MBR. If it can survive a reformat, it hides in the boot sector like those viruses from way back when. No partitions, no MBR, no place for it to hide.
Re: (Score:3, Insightful)
Computrace Agent Hardware & Operating System Requirements:
Microsoft Windows 95, 98, ME, NT and the 32-bit versions of Windows 2000, XP, Windows Server 2003 and all 32 and 64 bit editions of Windows Vista
Mac OS X version 10.2
Looks like you're right. As to how it works, here's my guess:
Re:Not all reformats help (Score:5, Informative)
Probably not actually. From TFA:
Q. What happens if a computer's hard drive is removed?
A. The Computrace Agent resides on a computer's hard drive so if the drive is removed and installed on another computer, the Agent will initiate contact with the Monitoring Center at its next scheduled call. It will then report its new location. The original computer will no longer be protected.
If your scenario was correct then it would reinstall the trace software on the new hard disc.
Re: (Score:2)
Re:Not all reformats help (Score:5, Informative)
We have CompuTrace on many of our laptops here at work. Only certain manufacturers have the agent pre-loaded but it is embedded in the BIOS. If you flash the BIOS and put different firmware on it you can wipe it out. CompuTrace won't work if you formatted the machine and put Linux on it since they don't (currently) have a Linux version of their agent.
CompuTrace is really not a great service though because some of their promise is that they'll recover your laptop in X days or pay you $1000, guaranteed! What they don't tell you is that to keep this "warranty" active you have to make sure that your laptops check in at least once every few weeks or else they call you and demand that you check-in the laptop within a week or lose your warranty.
This is a real pain when you have laptops that are being taken home by your users and they don't have internet at home or just leave it sitting in a desk drawer for weeks at a time. Trying to track down all of the machines to make sure they are hooked up to the internet to check-in at least once every few weeks is a total mess.
Re:Not all reformats help (Score:4, Funny)
Let's see the thief get online when the LiveCD cannot recognize the laptop's WiFi.
(*Ducks*)
Re: (Score:3, Insightful)
I always found this hard to believe, someone wanna explain how that would work without custom hardware.Do they assume the bootloader will be left behind?
Re: (Score:3, Informative)
Re:Not all reformats help (Score:5, Funny)
.... when I was looking at a hex dump of my BIOS for fun
Do tell us more about your hobbies and pastimes!
Re:Not all reformats help (Score:4, Informative)
Looks like this is the answer.
http://en.wikipedia.org/wiki/Host_Protected_Area [wikipedia.org]
Re: (Score:3, Insightful)
Well, I don't know precisely how it works, but the bootloader is the only possible way it could survive a repartition. The code is definitely stored on the hard drive, as the FAQ mentions.
Re: (Score:2, Interesting)
An Option ROM is loaded into the BIOS that checks for the existence of the application. I can attest to the fact that it does get reinstalled and installed on a new Windows OS even if a different drive is used. This can be removed, however, with some BIOS editing apps.
We had a user's laptop stolen from an airport security check with Computrace installed fairly recently. The problem is that Absolute Software claim the system is out of their jurisdiction and, once reported stolen, you cannot see the IP addres
Re:Not all reformats help (Score:4, Interesting)
There is custom hardware. It's built into the BIOS on most modern Dell laptops.
Re: (Score:2)
Partitions begin on cylinder boundaries not the next sector. You've got the whole rest of the first cylinder to use too.
DIG DUG IS THE BEST GAME EVER (Score:2)
The Agent can survive a hard drive re-format, F-disk command and hard drive re-partitioning.
dban.org How it Works :) [absolute.com]
Them ten dollar words sure do make it sound like much more then glorified software over protective parents would use after they install on a governer on little snow flakes 93 civic....
What... where... am i?
Re: (Score:2)
Most Computer manufacturers also provide embedded support for Computrace in the BIOS or Firmware of the notebook computer.
Re: (Score:3, Informative)
Re: (Score:2)
Re: (Score:2)
A simple format might not remove it, as a simple format just wipes the tables, and not the entire drive. But a utility like KillDisk would absolutely wipe it, and you can get KillDisk for free with the Ultimate Boot CD [ultimatebootcd.com].
Somehow I doubt the computrace software would survive being overwritten 12 times with random ones and zeros.
The moral of the story (Score:5, Informative)
Never leave your laptop on top of your car when carrying other things home!
What, did you think this thing was portable?
Re: (Score:2)
Never plug in a laptop, or a usb memory stick, that you just found lying somewhere in a parking lot (or on top of some car). Aside from the normal legal risks of taking something that is not yours. A perv could be watching your every move. Your identity could get stolen the next time you buy something online. And last, but not least, you could be unwittingly letting a known trojan getting inside your home-network (or your work-networ
Re: (Score:2)
Pft (Score:5, Funny)
Talk about getting caught with your dick in your hand...
What remote access technology? (Score:5, Interesting)
I use remote access, but I have to type in the IP address to connect. How could he knew the I address?
I read this story several times but nowhere the software name is mentioned.
Re:What remote access technology? (Score:4, Informative)
He was probably running a dynamic DNS client.
Re:What remote access technology? (Score:5, Informative)
Prob running something like dyndns or something that would automatically notify the server of the ip address when online, so he simply had to use his registered dyndns name.
Re:What remote access technology? (Score:5, Informative)
How could be this done? How could he connect to his laptop without knowing the IP address?
One word, DynDNS.
Re: (Score:2)
GoToMyComputer creates an outgoing connection to the GoToMyComputer server. When you want to log in, you log on to the central GoToMyComputer server and click connect. The server contacts the laptop and logs you in.
This bypasses the need to know the IP personally since the laptop creates the outgoing connection to the central server. This also bypasses 99% of all home firewalls since an outgoing connection session is established, enabling the session and allowing for data to p
Re: (Score:3, Informative)
Several remote access apps have an option to notify via email when your IP address changes.
Re: (Score:2)
How could be this done? How could he connect to his laptop without knowing the IP address?
Odds are pretty good we're talking about a dynamic dns client. I know I install one on laptops for the purpose of remote login.
Even if not a dynamic DNS client, then the gent might have his e-mail being checked on his own domain. If not his own, then he "could" get this information from his mail provider. There is so much software being run the demands updates it's impossible to tell from the story how the person was able to narrow down the IP address.
But regardless once you narrow down which ISP the thi
Re: (Score:2)
Sure they do, or they know someone who does, it's just that those thieves never get caught... It's only the extremely incompetent ones, as described in this story who get caught... It sounds like he was just an opportunist who found an easy target.
Any slightly more competent thief will research the crime he intends to commit, like a car thief will look into how to gain access to the types of car he wants to target, how to disable any alarm or immobiliser, how to bypass the radio code etc.
Re: (Score:2)
I use GTMPC for troubleshooting my wife's personal machine while she's away on business - helps with all the weird firewalls, etc.
Anyway, unless this guy was worse than a complete idiot (which he was already proven to qualify as), GTMPC wouldn't help due to the fact that it displays an alert saying that someone is connected - just like Dameware...
Plans within plans? (Score:2, Interesting)
Hey, that guy in the ski mask! (Score:5, Funny)
Re: (Score:2)
CmdrTaco? Is that you?
I don't think it is Taco. That guy is wearing a tie. Unless it's a clip-on.
TISM! (Score:5, Funny)
For those in Australia : looks like his laptop was stolen by TISM. Especially considering the lyrics to this TISM song :
http://www.stlyrics.com/songs/t/tism10923/beencaughtwankin434144.html [stlyrics.com]
So frustrated.. (Score:5, Funny)
Yeah, it must have been sooooo frustrating to have to sit there and watch that porn. Poor bastard!
article icon (Score:3, Interesting)
They did a poor job of airbrushing the apple off the back of that macbook.
Why not just use the WAN IP? (Score:2, Insightful)
1) get WAN IP of computer being used at thief's house(e.g. 66.245.54.53)
2) do reverse DNS IP lookup, see that it belongs to Earthlink or whatever ISP
3a) if it's a fixed IP then we're done, have the Police ask the ISP to whom they assigned the IP (or get a warrant if we're good monkeys)
3b) if it's a dynamic IP then the ISP has to check their logs to see to whom they gave the IP at the time, but they should have that
4) Police show up at the door as above.
Why do you ne
Re: (Score:2)
Because both 3a and 3b require the cops to bestir themselves a lot more than giving them a picture of the guy so their computer can just do a matching on the database of prior-record thefts. You have to make it as easy as possible for them to track down the bad guys unless you have an angry investigative reporter or DA on your side. Which stolen laptop cases usually do not.
Re: (Score:2)
As another person pointed out, 3a and 3b are difficult. However, if you have remote access, a list of nearby APs/SSIDs would be useful. If the folks are near any open APs that are listed in many DBs online, then you can go war driving and triangulate your laptop (since you'll already know where to start near the open AP).
Once you can show the cops "I have the signal coming from there, and it's got to be one of these 3 locations" then I'm sure as the other person posted, they'll just check out the address
Re: (Score:3, Insightful)
3a and 3b aren't all that difficult. My Macbook Pro was stolen back in April and once I had the IP address, all it took was a 15 minute conversation with the investigating officer, who then got a subpoena to get the address from Comcast. How is driving around to triangulate the signal and narrow it down to a few locations easier than that?
I'm pretty sure if I had gone to the cops with "Here's the house I traced my laptop's radio transmissions to!" instead of "Here's the IP address that he is using, please
Incompetent thief... (Score:2)
Chances are this guy was just a casual thief who got lucky seeing an unattended laptop...
Either that, or he bought the laptop from the real thief.
There are people who regularly steal laptops, and most of them either sell the machine on immediately without using it, or they wipe the machine first and then sell it on with a clean install. Anyone so incompetent as to steal the machine, and then go on to actually use it online without erasing any of the data won't have a very long career of stealing laptops.
Thief changed hostname to beatbox01 (Score:2)
Couldn't help myself.
Does he really wanna have his laptop back (Score:2, Funny)
"After police got hold of the thief and the laptop. Jose Caceres now has his laptop back at home..........with sticky buttons."
Re: (Score:2)
But.. will insurance (if he has any) pay for a new one if the laptop is recovered?
This hits close to home.. (Score:2)
I recently had something like this happen to me, except quite a bit worse.. While I was at work in the mid-afternoon, someone pryed open the door to my apartment, breaking out the doorframe out around the deadbolt. They grabbed my laptop bag with lots of goodies inside, and another bag containing a Wii, PSP, Nintendo DS, etc. Police came but did not dust for fingerprints or anything. An investigator was assigned to my case but he said he had 70 other cases to investigate. Three days later, the entire t
Re:This hits close to home.. (Score:4, Funny)
Three days later, the entire town I live in was flooded with several feet of water from hurricane Ike.
I really wish I had the foresight to install this kind of software on my laptop. Might have helped...
I think protection from hurricanes is beyond its capabilities.
Authenicated logins? (Score:2)
Maybe I'm missing something here, but don't people use authentication to access their machines? If anyone stole my laptop they would have to either re-install the OS or spend time hacking into it to get anywhere. I'm not saying that's necessarily that difficult, but I would be extremely surprised if a thief stole my laptop, cracked my password, and then used the machine to surf porn. It would be easier for him just to put a fresh OS on it.
Maybe I should create a guest account just for this purpose....
Don't trust a computer system you didn't setup (Score:2)
the moral of the story is: 'Don't trust a computer system you didn't setup yourself. '
This kind of thing isn't going to work for long. Smart thieves will learn to wipe the laptop and re-install before connecting it to a network.
Re: (Score:2)
Ummm, thieves (particularly smash & grab style thieves) aren't generally known to fall into the "smart" category very often. "Learn to wipe the laptop", eh? If they knew how to do that, they're more knowledgeable than 95% of the computer-using population, and therefore more than likely not going to be a petty thief. I'm sure more and more idiot thieves will be caught this way as time goes on.
Quick, I want the list... (Score:2)
Re:This is not the first... (Score:5, Funny)
I wonder why he didn't just tap into the webcam on his computer while the perpetrator was... oh wait.
Re:This is not the first... (Score:5, Funny)
In other words:
1. get your laptop stolen by hot chick (or somebody else, according to your tastes).
2. remote logon.
3. wait for them to look at porn and activate camera
4. ???
5. profit!
Re:I'm surprised that the thief was so dumb. (Score:4, Insightful)
I've seen a thief who was so stupid, that he stole a kid's bike from (directly!) across the back alley, and then left the stolen bike by the back door.
He was, apparently, both surprised and indignant when the father of the child whose bike was stolen came over for a visit.... wielding a baseball bat.
You think you've seen stupid? (Score:4, Interesting)
In nearby Oroville, CA, a thief robbed a bank at gunpoint, took off with several thousand dollars in cash, and then returned later in the day - to the same bank - to deposit the cash into his own bank account.
no, I'm not kidding.
(And this text box for idle just teh suxorz)
Re: (Score:2)
Marysville... still fun to laugh at!
Re: (Score:2)
It sounds like the owner of the laptop was no genius either.
They want easy (Score:5, Insightful)
If they didn't mind hard they'd have got a job or started their own companies, or stolen something more challenging and rewarding
So what you do on your laptop is to create an account specially for thieves to use. Call it Honey if you like - with no password, or the password hint = instructions on how to get in.
Then your own account has a password, to keep the thief out, from deleting your encrypted stuff etc.
This way when the thief steals the laptop, they turn it on, click on "Your Account", get password prompt, click on Honey, get in straight - whoopee.
Immediately the stuff is launched to log data about the thief and his surroundings - webcam, microphone set to record, and then the data is uploaded.
Re: (Score:2, Interesting)
Re: (Score:2)
log into VNC, don't touch the mouse
Re: (Score:2)
Re: (Score:2)
Although I fully agree about VNC/RDP not being 'noticable' when running in observer mode, having the background disappear tends to be a bit of a give-away ... (**)
Then again, if you don't know about VNC/RDP, it's unlikely to raise more than an eyebrow...
(**: yes, you can switch this feature off in the options, but I prefer to have it on as I tend to use the feature mostly for non-'stolen_laptop_recovery' purposes, and it makes loading quite a bit faster on slow connections.)
Re: (Score:2)
If it's a stolen laptop the thief isn't familiar with, he won't know there should be a background.
Who is more clever (Score:2)
I don't get it... if my laptop were stolen the thief wouldn't be able to login without my credentials. They'd have to reinstall the OS which would erase any remote connectivity function.
So in other words, you are admitting that if your laptop gets stolen you are never seeing it again, vs. this guy who got his back and got a thief arrested.
Yours is a better plan why again? If you go to that effort, why not focus instead on encrypting key files instead of locking down a system to which a thief has physical a
Re: (Score:2)
Re: (Score:2, Interesting)
Those who are smart enough to extract private files from a swap partition have better things to do than stealing unattended laptops.
Re: (Score:2)
I have to agree with the parent .. if computer is useless then it well get wiped and reinstalled (losing your data if you don't have a proper backup) or just destroyed and dumped. If you can switch it on and use it then he can sell it straight away "down the pub".
Re: (Score:3, Insightful)
So the moral of the story is to not have passwords or you won't get your computer back.
Re: (Score:2)
Here's a hint - have a guest account listed with the password in the description of the account. Make it non-admin/root (no user should have that access anyway, you're just asking for trouble).
Physical security is really everything anyway.
If someone steals my laptop, I want them to log in as my guest user. My PC is going to phone home and let me catch the thief.
Re: (Score:2)
Re: (Score:2)
What this might mean is if you set a password you are less likely to recover your computer from the typical idiot thief.
Perhaps what you could do is create a special account and provide an obvious password hint.
This way the thief might not be able to get into your normal account, but if he figures out he can easily get into the Thief account (which is clearly visible in the Logon screen - and probably not called thief
You set the Thief
Re: Account Called Thief! (Score:2)
Heck, just make an account called Thief! No one will see it anyway ... unless it's stolen! ... that require logins!. A selection of games ... that send info outbound!
Invite him in! Set up lots of juicy Pr0n for him
Meanwhile there's a hardware locator built in that's independent of what OS is on there.
Drop by! Chat! Bring your Undercover BlueSuits.
Re: (Score:2)
I agree that having physical access to the disk allows anyone to read it, and that sensitive data should be encrypted. But that doesn't mean it isn't worth making things complicated. Set good passwords. Use BIOS/OpenFirmware/other pre-boot environment passwords to prevent non-standard booting. Lock/screw the case closed.
Now instead of having instant, one-click access they need a password for the OS, a password for the pre-boot environment, or to physically open the case (bypassing any locks the case may inc
Re: (Score:3, Informative)
This really doesn't help you in the case that the thief has stolen your machine and has it physically in his own workshop with his own set of screwdrivers.
If you're paranoid about your secu
Re: (Score:2)
Most remote desktop programs have an observe-only mode (alternately, just don't move the mouse or type), and it's not likely that many thieves would realize what's stealing their bandwidth.
He probably didn't have a login password or set his system to auto log-in. It's pretty typical for home users.
Re: (Score:2)
Which, for the record, is just a flaky version* of DynDNS + VNC (specifying the vnc:// protocol in the OS X Connect To Server dialog box uses the same built-in "Screen Sharing" client). You do have to explicitly turn on Back To My Mac access in System Prefs though, it's not automatic.
*Typically the router's fault, but opening the ports manually always works better than UPNP/NAT-PMP anyways.
Re: (Score:2, Informative)
Not to advertise, but try www.logmein.com, its free, and the you can log in to the computer as if you where sitting in front of it.
Re: (Score:2)
Install the IP monitor software provided by your DDNS provider, and you are done.
The only short-coming is you cannot remotely turn on the computer unless you spend thousands on IP KVM+power equipments.
Re: (Score:2)
It is goofy, but you can use XP home's remote administration tool without knowing the IP address, if you connect using MSN messenger, and the request is generated from your father's side.
Inside MSN messenger there is an option for "Ask for remote assistance." Doing it this way works even if he is behind NAT or doesn't have a publicly accessible ip address.
Re: (Score:2)
No, he just doesn't know what he's talking about.
Re: (Score:2)
The other moral of the story is "don't leave your expensive laptop unattended on the roof of your car."