back to article Remote access tech nabs smut-fan laptop theft suspect

A US victim of a laptop theft was able to recover his laptop after using remote access software to log in and monitor what the thief was doing. A thief pinched Jose Caceres's laptop on 4 September after he left it on top of his car roof while carrying goods into his home in White Plains, a town in New York state about 40km …

COMMENTS

This topic is closed for new posts.
  1. Raymond Wilson

    Top tips..

    Briliant lateral thinking nabbed the crooks! I love it when the victim helps in solving the crime committed against them with a little help from technology and a "can do" attitude!. A bit like CSi meets B&Q!

    On the flipside, any semi-tech savvy thief who has read this here report will now know that he she/it should reinstall the OS on the illegaly acquired laptop - if the stolen warez came with an Installation Disk, of course..

    A bit like the news report that claimed watching programmes like CSi makes criminals smarter...

    Right let me watch Johnny Mnemonic just one more time before I stash my life savings into my Irish Setter's head during this phase of global economic uncertainty

  2. Anonymous Coward
    Happy

    Clever...

    way of tracking a laptop stolen in such a blindingly easy way.....

    10/10 for retrieval

    0/10 for prevention.

  3. Martin Klefas-Stennett

    Daft question alert

    This is probably a stupid question, but don't you need to know the address of a computer to log into the remote access program? How do you locate your computer to log in if it's been stolen?

  4. Anonymous Coward
    Coat

    I wouldn't have bragged about it i I were him ...

    How could the theif manage to boot up the PC and log in so as to start the remote viewing software ?

    Only if the original owner had written his password (assuming he had set one :-) ) down on the actual machine somewhere. Which makes him a bit of a numpty.

    Mines the one with the TruCrypt recovery CD in the pocket.

  5. Dave
    Flame

    Police checks

    I wonder if the Police checked what kind of pr0n was on the laptop when it was discovered?

    If this had happened in Blighty, there is little doubt that the original owner would have ended up getting nicked too...

  6. Anonymous Coward
    Anonymous Coward

    White Plains

    White Plains is obviously not the place to be with a laptop. Have they got any of those pen drives or cds that have gone missing recently?

  7. Paul Stephenson
    Thumb Up

    Like it

    Nice bit of ingenuity there.

  8. Gavin Pearce

    Track the IP address of PCs

    " variety of anti-theft software packages that track the IP address of PCs"

    What's the point in that. As soon as they nick it and plug it in somewhere else it would have a new IP surely!

    Maybe the MAC address, but you know .... Not that simple.

  9. Anonymous Coward
    Happy

    RE: Track the IP

    Or maybe the laptop service installed pings a central service with its new IP and owners ID so it can be traced, kind of obvious maybe ?

  10. Anonymous Coward
    Boffin

    DynDNS anyone ?

    I mean, come on .....

  11. Anonymous Coward
    Thumb Up

    Software

    The software was likely something like LogMeIn which doesn't require firewall/ip config.

  12. Ceiling Cat
    Linux

    Stupid criminals...

    @ Daft Questin Alert : he must have had the machine set to update his dyndns entry and load the remote admin software automatically on boot. Not difficult.

    @Software : That, TweakXP, or half a dozen other utils that eliminate the need to type your pass. Or maybe he was one of those folks who uses a completely unprotected copy of WinXP (although it doesn't sound likely). Also, very few petty thieves are savvy enough to use a router/firewall.

    Tux, because even fewer petty crims could even start up my HD-Less Knoppix-based laptop.

  13. Tim Jenkins
    Coat

    Hygene

    "fourth-degree grand larceny" plus first degree friction burns?

    Hope the owner's planning to give it a good clean when it arrives back...

    Mine's the one with the packet of Flash Wipes in the pocket

  14. Richard Bishop
    Gates Halo

    Software that does this

    One of the Universities wrote some software that would automatically ping a central service, together with trace routes and similar (it might have been MIT).

    Edit:

    It was the University of Washington - http://adeona.cs.washington.edu/ It's running on my lappy and it's not been stolen yet.

    <-- Bill, since if the laptop was running Vista I'd probably want rid of it anyway!

  15. Richard Bishop
    Gates Halo

    Software that does this

    One of the Universities wrote some software that would automatically ping a central service, together with trace routes and similar (it might have been MIT).

    Edit:

    It was the University of Washington - http://adeona.cs.washington.edu/ it's running on my lappy and it's not be stolen yet.

    <-- Bill, since if the laptop was running Vista I'd probably want rid of it anyway!

  16. Jesse
    Boffin

    RE: Daft question alert

    Actually that is a great question, which I assume is related to why the writer mentioned OS and remote access software was not known.

    But if you want a wild guess probably the simplest I can give is that perhaps the laptop was able to aquire the same DHCP IP because it was plugged back in to the same network that it was originally on? That is a wild guess of course because wouldn't the laptop be given a 192 address using WIFI?

    There just isn't enough information to answer your not-too-daft question.

  17. Mad Hacker

    Login without password is a setting in XP if you don't belong to a domain

    Just FYI, a setting in XP without any additional hacking or software is to auto login a specific account.

    You might not be aware of that because this setting goes away if you join your laptop to a domain. But a home user may not be part of a domain, and has their default account set to auto log in.

    Safe? No. Built into XP? Yes.

  18. Anonymous Coward
    Anonymous Coward

    Built-in WWAN

    It occurs to me that since I have a built-in wireless 3G datacard (the SIM is embedded under the keyboard) that even an OS re-install might make the unit traceable if a theif were to flick the wireless switch, not realising the WWAN capability.

    That said, I don't recall how accurate GSM SIM card tracking really is, but maybe I should enable one of those locator services on it.

    Certainly any "ping home" capability is wasted, since I have pretty secure BIOS passwords etc.

    Has anyone successfully used this?

  19. Peter Gold badge

    @ Daft question alert

    Not a daft question, but the answer lies in not relying on an IP address to make the connection.

    Most remote control products use a central server to which the remote software reports, and picks up any remote control requests from there. You will find that approach when you start looking at how to get VNC to work past a firewall, and the whole approach is neatly wrapped up in a product called "Teamviewer" (add .com for the website) which is (AFAIK) from the authors of one of the many VNC implementations.

    You can install the product as "resident" which means it has a fixed password, or in "on demand" mode (which obviously wouldn't have helped here :-) which is a bit safer as you need to give permission and the password changes per session - I'm personally not too keen on someone gaining access to my screen when I'm using my bank account ..

    I can recommend it - it's free for personal use and it's the first program I have been able to let loose on total non-tech parents without there being a problem..

    So there - not that daft, and an answer :-)

  20. Anonymous Coward
    Happy

    I would rather have

    The remote command console which allows me to detonate the c4 inside the pc while i watch the wanker go up in smoke.

  21. Anonymous Coward
    Paris Hilton

    @Martin Klefas-Stennett

    A simple thing like dyndns.org, if you have an application installed that automatically updates your registered hostname, would be the easiest way to do it.

    Paris as she's fairly simple. Also easy.

  22. Jason Togneri
    Flame

    Remote access/IP question

    Or... and here's a really wild guess... he could have been using web-based remote admin software, such as LogMeIn (which is actually pretty good - logmein.com) so he wouldn't have to know the IP address he was connecting from, since it's remote machine <-> LMI server <-> remote user. It's really not a difficult concept, people, so stop giving yourself hernias about it.

  23. Anonymous Coward
    Jobs Halo

    Too many people here have never used a Mac

    This stuff is built into every Mac courtesy of OS-X and .Mac. No you don't need to know the computers new IP address because it tells you when it is connected.

    Also the file security aspect is taken care of. OS-X has a guest account that let the computer be used but prevents the sticky fingered miscreant from accessing your porn, which can also be encrypted. Oh yeh there is also password protection on being able to boot from an external drive and reinstalling the OS.

    So all you tech savy naysayers out there. Go get yourself a little more savy.

  24. Rick Leeming

    @ Martin

    Probably Log Me In, or GoToMy PC to be honest. LMI is free, and I even managed to teach my 70-odd year old grandmother how to use it for when she is on holiday. Forget the really clever ways, they may have factored in, but when you dig on these types of stories you'll usually find something like LMI or GTMPC have been used.

    If anyone nicks my laptop it's encrypted and insured, so I'm too bothered about it. Also being a normal human being with more sense than money I don't leave it sat in my car, or on my car roof.

  25. jay margo
    Black Helicopters

    I did this last month, didn't get any publicity.

    A client's computer, one that I had previously configured with LogMeIn, was stolen last month.

    The stupid thief didn't reformat anything, and within a matter of days the machine was showing up on my LogMeIn dashboard. I don't need to know the IP address for this to happen [even though LogMeIn tells me what it is] because LMI connects to the main server whenever it has an internet connection

    [@anonymous coward: it doesn't even need to be logged into XP for this, no password at the machine is needed]

    But at this point it got even more interesting, because the detective investigating the theft asked me to install Computrace/Lojack for Laptops on it - through my remote connection -- because that gives them more prosecutable information than just the IP addy [screen grabs, chat logs, pics from the camera, etc.]

    Then I had to watch the connection for several days before I got a chance because the thief kept turning the machine off when he wasn't using it. A week or so later, they raided the place and recovered not only the computer but other items stolen from my client at the same time.

    All you techies should know this: there's a large number of new machines from Dell, HP, Toshiba etc, that have the Lojack app on the motherboard. All you need is the service tag number and they can switch it on. And since it's on the BIOS, reformatting the HD, or even putting in another one, doesn't help.

    See here: http://www.absolute.com/products-bios-enabled-computers.asp

    I am not hawking Lojack here, because it seems to me this app is a HUGE security problem as it allows virtually invisible monitoring of a machine, you just need someone at Lojack to turn it on. It is a wide open backdoor and now its on many motherboards. I sure don't want it on my machine.

    But the client was happy.

This topic is closed for new posts.