The Khaki Bandit Strikes At IT - 130 Stolen Laptops

destinyland writes "'The khaki bandit' posed as an office worker at several corporations and successfully stole over 130 laptops which he later sold on eBay. The ease of theft from the corporate offices (including FedEx and Burger King) shows just how bad corporate security can be. In some cases, the career thief just walked into the office behind an employee with a security badge. Two million laptops were stolen just in 2004, and of those 97 percent were never recovered. Ultimately it was the corporate headquarters of Outback Steakhouse who caught the thief with a bugged laptop that notified them when he re-connected it to the internet."

Look at the way many people treat their laptops

[elrous0]

Considering the cavalier way many people treat laptops and projectors, I'm not surprised. No one would think of leaving $3000-$4000 in cash just laying around in the open. But I've seen plenty of people where I work leave brand new laptops and projectors sitting out in the open, unattended for long periods.

In fact, just a couple of weeks ago, one of our directors went on vacation and left his laptop and projector just sitting on the conference room where he had last used it (a large, wide-open conference room used by hundreds of outside people each week). They sat there for several days before anyone noticed.

Re:Look at the way many people treat their laptops

[tommeke100]

people don't care when they don't have to pay for it.
It's the same at our company. You wouldn't believe the state some of our laptops are after just a couple of months. cracked screens, missing keyboard keys, full of spyware, coffee spilled all over it, ....
I don't think ppl would treat their laptops that poorly if they had to pay for it.

Re:

[Chosen Reject]

A few years ago I was working in IT for a university. One of the professors didn't like the buttons by the touchpad because he would bump it with his palms while typing and end focus would change to some other app. So instead of disabling the touchpad, he just broke the buttons off. That was fun to explain to the Dell rep when he had some other hardware problems that needed to be replaced.

Re:

[Nimey]

Gods know that either understanding & fixing the problem or asking someone knowledgeable would be too hard or make him look weak.

I hope you got his supervisor to LART him well.

Re:

[Anonymous Coward]

Gods know that either understanding & fixing the problem or asking someone knowledgeable would be too hard or make him look weak.

He did fix the problem in a way that was suitable to him. And he's the guy who uses the laptop and must've been happy with his cheap fix. I'm sure that in whatever field he's a professor in, he probably doesn't make fun of you for not understanding something. He probably wouldn't even make fun of your poor choice of words with "Gods know".

Yours is a problem that many people

Re:Look at the way many people treat their laptops

[beef curtains]

He did fix the problem in a way that was suitable to him. And he's the guy who uses the laptop and must've been happy with his cheap fix.

In this scenario, it doesn't matter that his solution was "suitable to him", or that "he's the guy who uses the laptop"...the fact of the matter is that he doesn't OWN the laptop, the university does. So basically he borrowed the laptop and broke it to suit his whims. That's generally not acceptable.

If you lent your laptop to a friend, and he brought it back with buttons crudely torn out because they were getting in his way, would you commend him on his clever workaround? Likely not (unless you have very little regard for your valuable belongings).

I'm sure that in whatever field he's a professor in, he probably doesn't make fun of you for not understanding something.

It sounds like the GP understands quite clearly: this professor damaged university property. If I was a student in this professor's class, and decided one day to demolish his overhead projector because it was blocking my view of the whiteboard (assuming professors still use overhead projectors & whiteboards...if not, substitute your own analogy ;) ), would he be wrong to be upset with me? Or would his displeasure merely demonstrate his lack of understanding?

He probably wouldn't even make fun of your poor choice of words with "Gods know".

Ah, the ad hominem attack...I now feel that I might be feeding a troll. Oh well, I've typed too much to delete it all, so I soldier on....

Yours is a problem that many people have. Once you understand something, you can't understand how someone else doesn't understand that problem. Different strokes for different folks.

Once again, I fail to see the GP's "problem"...he's stating that this professor damaged university property. Are either one of us missing something? "Different strokes for different folks" is completely invalid in this situation; the professor's "strokes" violated the ownership rights (and probably the terms of use) of the "folks" who owned the laptop.

Re:

[mikael]

I feel like that about the power switch on my laptop when it runs Linux. An ordinary user can no longer power down the system by typing "shutdown", but the slightest tap to the power button, and shut down mode is activated automatically. No grace period, no "Are you sure, please confirm", no "System is shutting down in 10 seconds, press [XX] to cancel". It's just "The system is shutting down now" and the desktop just disappears , goes back to the command line and that's it - system is off.

Re:

[vivian]

Mabey you want to consider changing the powerdown options n your laptop's BIOS.

Re:

[hodet]

We had a user check it with her luggage on a flight. She was shocked when it didn't come around on the conveyor belt with her suitcase. :-)

Re:

[cayenne8]

"We had a user check it with her luggage on a flight. She was shocked when it didn't come around on the conveyor belt with her suitcase. :-)"

Now while I wouldn't every check mine, due to concerns over damage/rough handling, and the fact that I like to 'play' with my laptop while flying....I'd not automatically think it would be quickly stolen as checked luggage.

I'm hoping stolen luggage is a fairly rare thing? I've had luggage lost, but, never had anything permanently taken from me.

This is a pretty sad

Re:Look at the way many people treat their laptops

[Four_One_Nine]

Apparently in most business we trust most people to not steal laptops, projectors, LCD monitors, etc.

However it seems that NOWHERE in corporate America does any company trust it's employees (at least the male ones) to not steal the paper towels out of the mens room. The dispenser is ALWAYS locked up !

Re:

[j-pimp]

It seems that NOWHERE in corporate America does any company trust it's employees (at least the male ones) to not steal the paper towels out of the mens room. The dispenser is ALWAYS locked up !

It really comes down to the fact that paper towel technology has reached the point that the right balance of security and usability has been achieved. In IT we have to pick an extreme.

Re:Look at the way many people treat their laptops

[Hoi Polloi]

We must keep paper towels out of the hands of terrorists. Even the janitor's closet has better security than most offices.

Seriously though, companies will take you to court over stealing a few hundred bucks worth of equipment but if you rob the company blind with sleazy accounting, incompetence, and outright robbery as an executive you get let go with millions in severance.

Re:

[metlin]

Seriously though, companies will take you to court over stealing a few hundred bucks worth of equipment but if you rob the company blind with sleazy accounting, incompetence, and outright robbery as an executive you get let go with millions in severance.

Hey. Be nice to Stan O'Neal.

Re:

[Bodrius]

Yeah, it's amazing how people have different expectations about the vulnerability of property vs untraceable cash.

I've even seen 30K+ vehicles parked on the street for HOURS, where anyone could pick them up with some minimal effort!

Re:

[Buran]

At least it's gotten a lot harder to just make a wax key impression. My car won't start up without the right chip from the right key, but of course you could still drag it onto a flatbed truck and steal it that way. Sad thing these days is that people are so jaded to screaming alarms that they don't call 911 if they see a car, alarm screaming, being hauled on a flatbed. We see crime right under our noses and we're too lazy to care.

Re:

[TooMuchToDo]

s/lazy/desensitized

Re:

[Buran]

I'm not sure what's with that weird syntax, but I really think laziness is a big part of the problem. We can't be bothered to expend any effort on anyone other than ourselves. 'it's not my car, why should I go to the effort to give a damn what someone is going to have to go through now?'

Re:

[Psmylie]

Get a laptop lock, one of those cable locks. You loop it around part of your desk, lock it to the laptop, and you're done. A lot of extra security for a very low cost and maybe 5 minutes to install (unless you don't have anything to loop it around and you need to attach an anchor to your desk). If you ever do need to take your laptop, just unlock and go. It's corporate policy where I work, and we're in a secure building as well.

Re:

[Buran]

We had a laptop stolen out of a research lab here that WAS locked down with one of those. It was a Mac (most of the laptops here are) but I don't recall if it was an Al/Ti Powerbook/Macbook Pro (metal case) or older Powerbook/Macbook (plastic case).

The thief somehow either cut the lock or ripped the lock out of the case, and got away with the laptop within five minutes.

I'm pretty sure that lab doesn't leave laptops on desks in line of sight of the door anymore.

Re:

[Psmylie]

Absolutely true, the main point of it is to add some extra difficulty to stealing it. It's hard to pretend to be "the IT guy" when you actually have to physically damage the laptop's case to remove it. Also, you can tell your insurance company that it was locked to the desk, and the thief must have broken the case to remove it, so you might get a break there (We do... our company premiums have gone down more than enough to cover the cost of the locks)

Speaking of being "the IT guy", I am so very rarely stopp

Re:

[CFTM]

Yeah I am also an "IT guy" and I routinely leave the premises with faxes, printers, brand new desktops and 30 inch LCD flat panel monitors and no one ever says a thing...granted I'm leaving to delivery these things to the Chairman's house but just adding my anecdotal experiences...

When someone appearing to a PC guy grabs equipment people don't ask questions.

Re:

[eln]

At my one true "dot com" job, they issued laptops to everyone. My first day, I got a new laptop, and was told that there had been a rash of laptop thefts in the company, so all employees needed to take them home or lock them in a drawer before they left. Of course, I got distracted by the whole "new job" experience and forgot all about it, leaving it on the desk when I went home.

Sure enough, when I came back the next morning, the laptop was not on the desk. Visions of being fired after my first day on th

Re:

[cayenne8]

"Since then, I always take my computer home with me, even though now I work in an extremely secure facility (Tier IV data center)."

Wow!!

I am dumbfounded...just barely into reading this thread, and I see so many people that have to worry about having laptops and other items stolen from their offices/cubes?!?!

Where do ya'll work? What part of the country? I've never really experienced this before....except once, and they caught a cleaning lady stealing some CD's and spare money left in desks. But, other t

Re:

[eln]

I don't know that I would have been fired, and in truth I probably wouldn't have been, but these are the things you think about when you screw up like that on your first day on the job.

Also, you may be right that the laptop would be safer at the office then it would be at home, but I do work from home on occasion, so it makes sense for me to take it home even when I don't plan on working that night. Plus, even though we know it's not really safer, it feels safer to have these things in our possession or cl

$150 a laptop?

[andy.ruddock]

From the article "Over the years he'd pocketed at least $20,000", which comes to a mere $153.85.
No wonder eBay shoppers were happy with the deals they got.

Re:$150 a laptop?

[Funkcikle]

Oh dear. Who will lead the OLPC initiative now that Nicholas Negroponte is in jail?

His eBay profile

[ackthpt]

Can be seen here [ebay.com]

Ironic someone said they didn't trust him, he was a fraud. At least one bidder got the scoop.

Re:$150 a laptop?

[Artifakt]

I like it: "Stealization". Let's spredulate this meme.
 

Re:

[mrslacker]

memeization?

Re:

[Alzheimers]

It's a perfectly cromulent word.

Laptops are easy

[necro81]

For the bold and motivated thief, walking in and then out with a laptop is easy. Just look like you are supposed to be there. Slipping it into a briefcase helps with the illusion.

On the other hand, someone waltzed off with a 24" LCD monitor from the desk of a co-worker not long ago. His office was the furthest in from the door, so someone needed to be particularly bold to go all the way in, disconnect the monitor, and walk back out. No one saw him either, which is impressive considering the size of the load he was carrying. It's a lot harder to look and act natural about carrying a large monitor than a laptop.

Re:

[crafton]

are you sure it wasn't the co-worker that stole it?

Re:Laptops are easy

[oyenstikker]

Walk in, slap a big yellow sticker on it that says "Repair Ticket" in big letters, and carry it out.

Re:

[Paradigm_Complex]

I've had to move in and out of various dorms on campus where I go to school at odd times throughout the year, and never once has anyone questionsed the 24" Monitor or ATX box I carried out. I helped friends carry large TVs in or out of their doors before/after videogame tournmanets I'd set up. No one even gave a second look. If one could just access the equipment without the origional owner knowning it'd be trivial to walk out of the dorm and throw it in the back of a car. Now add the fact that many RA'

Try airport mainframes

[Simon]

Laptops are for pussies. Try mainframes from international airports:

The brazen airport computer theft that has Australia's anti-terror fighters up in arms [smh.com.au]

--
Simon

Re:

[skiingyac]

At business park where the startup I used to work at was located, there was a guy going around swiping all kinds of stuff using the "look like you belong" tactic. He walked into our place in a fancy suit talking on a cell phone by following an employee thru the door. A few of us, not knowing about the other thefts but standing there in shorts & t-shirts, looked at each other like "who the heck is this guy?". A few of the biggest/scariest guys in the office helped him to the door after he mumbled some

Re:

[eth1]

Just use a wheeled cart like a deskside support guy might... throw some mice & keyboards on it, a few cables, and you can get away with walking off with all sorts of things

Thieves aren't that smart...

[Tastecicles]

...I work in a shop on occasion, and the number of stolen laptops that come through with people trying to sell them to us is simply mind-boggling. I'm not talking about pissy little Pentiums, either, these are the latest, greatest in portable number crunching. Some have passwords on them as their only real identifying feature (the serial numbers and Microsoft licenses are usually scratched off), which I tell the seller is not possible to circumvent (in some cases they're not, being on the BIOS rather than the OS). Other tricks they have is coming in claiming they've lost or wrecked the power adapter (how convenient) and need a cheapo universal one. Sure, I'll sell them the universal brick but they're not testing the thing in the store.

Net bugs are a good thing to have, I think (got one on here), particularly given the plentiful supply of open wireless points in most large cities now. Turn on machine, bug sends data burst, thief is cornered. Hell, he doesn't even need to physically connect to a network these days.

Re:

[deftcoder]

Other people who aren't smart: those who don't realize it's possible to bypass "BIOS passwords".

Re:Thieves aren't that smart...

[dintech]

It's a bit unfair to see he's not smart. It's just a piece of knowledge you have that he doesn't. And yes, I know knowledge is power...

Re:

[Hoi Polloi]

He also has no qualms about breaking social rules we take for granted. We assume everyone in our nice, cozy workspace is friendly and professional and that everyone we meet in business attire must be ok. He just took advantage of that trust and those assumptions people make. It wasn't just smarts he had but a lack of shame and empathy for others.

Re:

[idontgno]

It wasn't just smarts he had but a lack of shame and empathy for others.

There's a phrase that's rattled around in my (mostly empty) head. It was used in some piece of literature I read a mammal's age ago, describing the nature of such a person. In lieu of, or in addition to, what we've been calling "smarts".

That phrase seemed to perfectly capture the essence of such a person.

"Low animal cunning."

I like it.

Re:

[antifoidulus]

Is the real money nowadays even in just pawning the computer as quick as you can? I would guess that nowadays, esp. in the corporate world, the data is often worth more than the device itself. I'm surprised more enterprising thieves haven't either held the data ransom or sold it to someone else. But then again, as you point out, thieves aren't necessarily the brightest bulbs in the box....

Re:

[Ours]

They are smart. Image the complexity of ransom. How do you get paid without getting traced? Who do you contact (1800-OUTBACKRAMSON)? How do you know what's important and what's not?
It's probably safer to steal bigger volume for a small profit. People watch too much TV.

absolute crap

[RMH101]

...this is categorically NOT possible on any significant number of laptops manufactured in the last 10 years. Modern BIOS passwords are secure enough to effectively brick any device where the password is lost, without significant expertise or specialist kit to bypass. Ric

Re:

[Ravenscall]

Actually, if you open up the laptop, there is still a reset button, not to mention a factory override password.

Re:

[Anonymous Coward]

Brick the device? Oh please. A Dell laptop I once serviced had this aforementioned "modern BIOS password" security feature. I couldn't enter the laptop's setup utility because of it. There was no battery on the motherboard to remove and I read on many forums that the only solution was to call Dell support and ask them for a "master code" to unlock the laptop. A quick check on Google brought up the BIOS password remover utility. -1 for Dell security. It could even null the asset tag and serial numbers and re

Re:

[antifoidulus]

Or you could set your wallpaper to the goatse man, get a custom goatse case mod, goatse keyboard...Nobody will want to touch that laptop!

Re:

[Calinous]

CMOS battery on a laptop? I haven't seen one (but on the other side, I haven't opened a laptop until all his internals were visible)

Re:

[G Fab]

at least on that thinkpad, the password is stored on a special security chip. Removing the clock battery would not clear. You can use the ship to manage encrypting the hdd and for power on password.

There is almost certainly an override password, and you can replace this chip. I think that's all you can do.

Re:

[d3ac0n]

Actually, it is indicated in the article, the second one linked.

Larry Brass, the Tampa Police detective who arrested Eric Almly this spring, says he's not permitted to endorse a particular product. But he says if Outback's laptops were not outfitted with software called Computrace LoJack for Laptops, made by Absolute Software, there is "no question" Almly would be walking free today.

So it's just some software. Which shows how incredibly stupid a thief he was. He wasn't even willing (or able) to formate th

Re:

[TheLink]

Well look at it this way, he's stupid because that's a stupid way to make money.

Seems he didn't make very much per laptop. How long does it take to reformat and reinstall the different types of laptops he steals AND be sure the snitchware is really gone?

AFAIK if you're trying to install a vanilla Windows XP on some of these laptops it's a pain - drivers etc. Heck installing XP from scratch is a bigger pain than installing Linux. Most people don't know that since Windows usually comes preinstalled.

Where are

Re:

[d3ac0n]

AFAIK if you're trying to install a vanilla Windows XP on some of these laptops it's a pain - drivers etc. Heck installing XP from scratch is a bigger pain than installing Linux. Most people don't know that since Windows usually comes preinstalled.

Well, not that I want to help out any thieves, but it's not really THAT hard. Keep in mind that many of the large corporations (the kinds he was stealing from) use a standardized image whenever possible on their machines. Usually (if using XP) utilizing a corpor

LoJack for laptops

[Fezmid]

The article says it's Computrace's LoJack for Laptops. We looked into the corporate version awhile ago due to the remote-wipe feature.

If the laptop has the proper version of TPM, it will even automatically re-install itself if the thief reinstalls Windows. Not sure if that's a good thing or a bad thing, having the BIOS infecting the machine... If it's stolen though, it's a good thing.

Re:

[AeroIllini]

Why would you pay for a program like that? Couldn't IT just hack up a perl script that pings a company server with a bunch of relevant data (traceroute, dns lookup results, whois data, whatever)? The script would run on network start and the server just logs the info somewhere until you grep for the stolen laptop id. Make it part of the standard company disk images.

Seems pretty simple to me.

Re:

[Kamineko]

To the IP address, of course!

Re:

[Ihlosi]

~ Remove any devices in the card bus slots and identify. If such are NICs, dispose (MAC addresses are unique therefore traceable)

Actually ... they're "kinda" unique, but not "really" unique (they do get reused after a couple of years or whatever the "design life" of NICs is). That should make for some interesting false accusation scenarios.

Re:

[Ihlosi]

~ Disable any and all integrated NICs because there may exist BIOS level 'rat code'.

How (apart from physically separating the NIC from the rest of the system, i.e. rip the chip off the board or cut the relevant PCB traces) would you go about that ?

Re:

[Zenaku]

To disable ethernet, just don't plug a cable into it. To disable 802.11, physically move the machine to anyplace that is NOT in a wireless hotspot.

To quote discworld...

[Tacobowl8]

"If the theives guild invested in blue overalls with Al on them, they could get away with anything." Social engineering IS one of the easiest to exploit security holes. It isn't much of a surpise that laptops were stolen using this technique.

check sunnyvale

[pak9rabid]

This sounds like something Ricky and Julian, er, I mean Cory and Trevor would pull

Not limited to technology

[hellfire]

Obviously laptops and similar technology are the most desirable things to snatch in the workplace, but this is by far a new story, and old fashion thieves still steal old fashioned things.

We had a thief walk in one day and snatch a purse right off a desk 3 feet from me. I wasn't at my desk at the time. The thief walked right out the front door and even nodded to the receptionist, who noticed him as unusual and didn't recognize him but didn't see the purse. She did remember it was a man and that's about

Re:

[Hoi Polloi]

I knew a woman who was a researcher at MIT in a biochem lab. Before MIT refurbished its biochem labs they were wide open. Anyone could walk into almost any room. Grad students were notorious for being lax about security. The local bums and thieves also knew this and would wander in and steal student's purses, wallets, laptops, etc. One day she came in and found that someone had rifled through a fridge full of bacteria in liquid media. Good thing for them they didn't think it was free Hi-C and guzzle i

ID cards...

[Veetox]

...are really not enough for security. I work at a building that I need keycard access to, but cards eventually become worn and some break so that they cannot be displayed anymore, and the company won't pay for a new one every time that happens. So there are two results: People don't wear them explicitly, and people don't question who they are letting into the front door behind them. I'm personally in favor of having a guard stationed at a single entry, at least for larger buildings; someone who can recognize people's faces and can be held responsible for stopping people he doesn't know. ...There's the danger of him being an asshole, but I'd be willing to take that chance.

Re:

[itsdapead]

There's the danger of him being an asshole

...there's also the danger of the guy he doesn't recognize and challenges being an asshole that goes to the same golf club at the CEO. It only takes a few SIPs* to throw a hissy fit after being rightly denied entry and the security staff, unless adequately defended by the management, will stop bothering and/or just hassle anybody that doesn't look like a big shot.

(* Self-Important-Persons)

Re:

[jellomizer]

There is the case where there are a thrid party person to fix whatever... There have been cases where I was to fix a printer and I realized that I needed to bring it to the office for more diagonostics (aka I don't know what is wrong and have the experts take a look at it) So I tell the manager and walk out with the printer and no one stops to ask me or checks with managers I just walk right our without having an ID Card Becase I just sign the guest list going in. And the security guard asks me if I know wh

Re:

[un1xl0ser]

The problem here may be the technology (if the card wear or failure rate is very high). In the end your company just has to suck up the costs and deal with it. The idea of having someone who recognizes everyone doesn't scale, doesn't work when you have many entrances and doesn't work well when you terminate someone.

Not really news

[Opportunist]

I was working in a high security environment. You know, the whole thing with magnetic cards, guards sitting there and watching people going in and out of the building, timestamps everywhere, in short, the company knew down to a second where you've been all day.

Or rather, where your key card has been.

You guess what happened? Exactly. One of those cards was stolen, one of the high level IT cards to boot, and the thief just waltzed in and went out with 2 servers. Nobody bothered to ask him what he's doing there. He has access to highly sensitive areas, so why bother asking why he's hauling around servers. That's his job, you know?

When nobody is supposed to do something, nobody expects anything's wrong when someone does what isn't supposed to be done. Especially in a high rotation hire and fire environment. Do you think anyone would question it when you put on a uniform and a trainee button and just go behind the counter of some fast food restaurant? Just tell everyone you're the new guy and avoid the manager.

It works.

Re:

[everphilski]

I was working in a high security environment. You know, the whole thing with magnetic cards, guards sitting there and watching people going in and out of the building, timestamps everywhere, in short, the company knew down to a second where you've been all day.

A couple of things:
1) add a photo.
2) add name, company affiliation and division.
2) add personal information on the flipside. My badge has my height / eye color / hair color.
(Back when I worked for the Army, it also had things like the contract

Re:

[Opportunist]

1) Only helps if someone actually cares to look at said picture.
2) Only helps the thief knowing where to go and what security level he has.
2 (the other 2) See 1.

I agree with you that some physical inspection by a person is the ONLY way this can be avoided. But try to convince a suit that they should hire new people for something a machine can do. Well, the machine can't, but it's good enough for standard situations.

What suits don't seem to get is that security ONLY deals with non-standard situations. As lon

Re:

[everphilski]

Only helps the thief knowing where to go and what security level he has.

Not really, in my case anyways, I'm a contractor so I work in a mixed facility with a bunch of other companies on several projects. It's easy for a guard to flip over the badge and interrogate you. Knowing the contract and company name will not help you find my desk :) In a smaller company setting, which I guess you were percieving, you would have more limited data. to work with, but there is still data to be had. Title, tenure, etc.

And here's how he was caught:

[farker haiku]

I couldn't find the post asking how the guy was caught (i.e. what software), but here you go.
FTA:
Larry Brass, the Tampa Police detective who arrested Eric Almly this spring, says he's not permitted to endorse a particular product. But he says if Outback's laptops were not outfitted with software called Computrace LoJack for Laptops, made by Absolute Software, there is "no question" Almly would be walking free today.

Here is how it works: after a computer is stolen, the victim notifies Absolute's recovery team. When the thief accesses the Internet via that computer, the Computrace software on his computer silently broadcasts information that allows the team to determine his physical location.

With a street address in hand, police can make an arrest. The corporate version of the software gives subscribers the ability to remotely delete sensitive information from a computer.

Re:And here's how he was caught:

[Anne_Nonymous]

>> how the guy was caught

It was an Outback Steak-Out.

Re:

[madigan82]

We have Computrace installed on over 5,000 laptops in the field. It is installed in the BIOS so a simple format won't get rid of it. In fact, if they format it, the BIOS agent actually reinstalls the OS agent. One thing they don't mention is that you need to file a police report on the stolen laptop first before you can track it. But it works nice. We've had several that were "stolen" to wind up at the user's house or a friend's house. Not sure if any were actually ever stolen though since I don't han

Re:And here's how he was caught:

[jollyreaper]

With a street address in hand, police can make an arrest. The corporate version of the software gives subscribers the ability to remotely delete sensitive information from a computer.

Laptops are only worth a few thousand bucks, a reputation is priceless. I say put Sony batteries in the fuckers. Once you have the thief pegged, send a remote command to detonate. Nobody but nobody is going to steal from you after you blow up a thief. And if you've got a webcam built into the thing, put his final moments on youtube.

Ahh... the power of money

[sootman]

Ultimately it was the corporate headquarters of Outback Steakhouse who caught the thief with a bugged laptop that notified them when he re-connected it to the internet.

Which is funny as hell, because I've read several times on Slashdot (sorry, no time to search) about people who have their laptops set to do just that, but when they inform the police that their laptop is in use by a customer of this ISP with that IP address, they're told to go pound sand, that the police don't have time to go catch criminals that you can lead them to. It's trivial--especially with MacBooks--to have it send you not only the IP address but a picture of the theif if you want--but it seems to do no good.

Maybe the thing to do would be to get laptop insurance and then have the info emailed to the insurance company.

Re:

[anticypher]

Which goes to show the difference in professionalism between an individual with l33t hacking skills and a corporation that does bugging/tracking as a business model.

The tracking companies hire ex-police detectives to speak "cop" when asking for an investigation to be opened with a police force. They are experienced in providing testimony before a court, filing paperwork, and saying the right thing to the right person to start a case. You, and all of slashdot, really, REALLY, want to maintain the current sit

Security at my company is good!

[internetcommie]

It consists of never buying new equipment unless it is absolutely necessary, and then buying second-hand if at all possible.
If a thief made it into the building and walked out with all the computers here, he might make $150 on ebay if lucky.
But he'd be more likely to just get a hernia.

Two million in one year?

[LoudMusic]

Somehow I have a hard time believing 2,000,000 laptops were stolen in a single year. That's nearly 5,500 per DAY. I don't think Dell even move than many laptops in a day. And I don't know a single person, personally, who had their laptop stolen. Ever. Where do these numbers come from? Are people just reporting stolen laptops for insurance claims? And now they have two laptops?

Re:

[Joe the Lesser]

My bad. My friend and I have a competition to see how many times we steal this one laptop from each other. Everytime he goes to the bathroom I grab it from his cubicle...that's probably throwing the numbers off.

I can tell you this works

[Sait-kun]

What this guy did I've done many times. Sure I didn't steal anything but using this tactic to get the advantage over others is dead easy. for example... long line in front of a store selling the new Wii "sorry, passing trough - sorry i work here." and 5 minutes later I walked out with my wii while others spend hours waiting. It just takes a certain aura really when people see you walk by they have to think "he belongs here" you'd be surprised how easily I can cut a line in a attraction park wearing a old

Re:

[Buran]

So you're the asshole who flies down the lane that's closing and forces me to slam on my brakes as I pass the huge flashing LED arrow and the orange and white construction barrels. Thanks, prick.

Re:

[account_deleted]

Comment removed based on user account deletion

Illegal wiretap

[SnarfQuest]

This is another case of an illegal wiretap of American citizens! They did not get a warrent from the FISA court before installing the software on his laptop, making it completely illegal. This is an abuse of private citizens by an overzealous government! This poor fellow should be immediately freed, his criminal history cleared, and an apology with monetary reimbursements for his trouble! The owners of the Outback Steakhouse should immediately be imprisoned for casuing this travesty of justice!

MAC address registration

[InsMonkey]

The university I work for requires that all devices used on campus have their MAC addresses registered. If a device is reported stolen we can then find out which switch port or AP the thing is connected to. I've recovered several notebooks this way for users who had been ripped off by someone on campus.

Re:if he was so smart

[$RANDOMLUSER]

...after taunting his victim from a payphone, the victim dialed *69, and Almly was arrested...

Yeah, smart.

Re:if he was so smart

[eldavojohn]

why did he not blow away the HDD and reload before putting the thing on the internet?

Well, I believe he was doing that, from the article:

Later, at his $1,800-a-month apartment along Miami Beach, the burglar erased the laptops' hard drives and began selling them via services like eBay, where he had earned a 99.4 percent customer-satisfaction rating and tens of thousands of dollars in profit.

And then later:

Thanks in part to the company's use of a clever antitheft device...

They don't really go into details about it, but this might be something in the NIC chip or something else ingeniously specific to the hardware. They probably don't want to give out details as this was the only way to catch and stop this kind of outfit.

Re:

[Anonymous Coward]

They don't really go into details about it, but this might be something in the NIC chip or something else ingeniously specific to the hardware.

I doubt it. Most likely they got lazy and just cleaned XP without reinstalling leaving the rooted snitchkit to do it's thing. I guess if large access provider like T-Mobile's Hotspot had the MAC Address of a taken machine and a process to report to the right person it's presence on the network it could be traced. I also don't think MS is checking MAC addresses gather

Re:

[TooMuchToDo]

It would actually be easy to do.

1) Have BIOS boot using NIC every X boots.
2) Have NIC grab IP using DHCP (something that can be done on almost any network) and call home over HTTP (something almost never filtered).
3) If NIC calls home, and laptop is marked as stolen by HQ, wipe the hard disk and generate a support ticket for the IT department to pass along network info gathered to law enforcement.

All of this could be done in the background as well, masqueraded as an NTFS disk check. As Homer Simpson

Re:

[wangmaster]

The article states that outback used computrace lojack, which is software based antitheft. You connect online, it provides computrace with a bunch of info about your network connection and if you're stupid, they eventually trace you. i.e. the guy may have been good at social engineering to get the laptops, but definitely no good at the technical details.

Re:if he was so smart

[Bender0x7D1]

I believe most tracking software creates a separate partition that would survive a standard reinstall, but not a complete reformatting of the disk.

What I think would be very effective would be a laptop, created explicitly for businesses, that would implement the tracking system in hardware. If you added it to the integrated wireless networking, you wouldn't be able to shut it off, and you could track it whenever you needed to. If you are concerned about battery life, you could allow someone to shut it off, but have it wake-up every few hours just to check in. When it checks in, if it's labeled as stolen, the networking stays on, allowing for constant tracking.

There are some privacy concerns with a tracking device that can't be turned off, but that's why I said it would be explicitly for businesses, (or people who want that feature explicitly). For many businesses, the loss of privacy is less important that the ability to track their assets.

Re:

[HugePedlar]

On a slight variation, my friend's father works for a British security firm which deals with the Government. He told me I shouldn't pass this on, but I can't see the harm in sharing with a handful of slashdotters...

Anyway, they needed a way of determining where a seized laptop had travelled in the past. Many esoteric technical tracking methods were discussed, most involving network log analysis.

My friend's father suggested scraping the pollen off of the case fan.

Re:

[CCFreak2K]

They don't really go into details about it, but this might be something in the NIC chip or something else ingeniously specific to the hardware. They probably don't want to give out details as this was the only way to catch and stop this kind of outfit.

When I got my Dell laptop in 2005, it was loaded with a little thing called Computrace. In the BIOS, it can be set either "permenantly" disabled or enabled (the default is a disable value in between); no software required. AFAIK, I needed to actually subscribe

Re:

[arpwatch]

Right.
We use Computrace here at work. We have x amount of licenses. The company gives us a custom build executable that latches itself into the BIOS along with setting up shop in the OS applications/programs. The only way to remove it is by using the custom executable to contact the local webserver that starts up on the machine. I guess you could reflash the BIOS as well. I haven't bothered trying to break it.
Supposedly all you have to do is "hit a button" and Computrace will take care of everything.(C

Re:

[QuantumRiff]

just an FYI, most newer Dells (I'm assuming other brands have something similar) have the computrace software in a chip on the motherboard.. they can even format the hard drive to delete sensitive data.

Re:

[mlts]

HP and Dell laptops have the ability to have CompuTrace be permanently installed in the BIOS, where even a full reformat of the hard disks or a reflash of the BIOS will not remove it. If I were betting, I'd lay odds on this being the way Outback's IT department got their man.

Re:

[cayenne8]

"HP and Dell laptops have the ability to have CompuTrace be permanently installed in the BIOS, where even a full reformat of the hard disks or a reflash of the BIOS will not remove it. If I were betting, I'd lay odds on this being the way Outback's IT department got their man."

Do you have any links to this about Dell and HP computers? Is this an option or do they install it without you knowing or wanting this?!?!

Re:It's in the BIOS

[InvisiBill]

http://news.thomasnet.com/companystory/471725 [thomasnet.com]

VANCOUVER, Dec. 13 /PRNewswire-FirstCall/ -- Absolute(R) Software ("Absolute") (TSX: ABT), the leading provider of computer theft protection and secure asset tracking solutions, today announced a milestone in the company's efforts to drive the standard for PC theft recovery and Secure Asset Tracking(TM) - the availability of Computrace support in the BIOS across all four of the top tier PC manufacturers' commercial notebook lines.

Absolute first announced BIOS support for its theft protection technology with IBM/Lenovo on February 1, 2005; followed by announcements with Gateway on August 9th and HP on October 4th. Today, Dell announced a set of customer solutions that leverages Dell's embedded BIOS support for Computrace allowing customers to address issues of regulatory compliance, data protection and PC theft recovery.

We don't use it here, but I believe once you enable it in the BIOS, it can't be disabled. Obviously, there's always a way to disable everything, but it's not a matter of formatting a drive or changing a BIOS setting. It comes down to hex-editing the BIOS data or replacing the BIOS chip or something.

Wrong P

[stomv]

United Parcel Service [wikipedia.org].