Remote access programs are good security for laptops

Don’t be [Gabriel Meija], the criminal pictured above. He stole [Jose Caceres]‘ laptop, but didn’t realize that [Caceres] had installed a remote access program to track the activity on the laptop. Although the first few days were frustrating, as [Meija] didn’t seem to be using the laptop for anything but porn, [Caceres]‘ luck turned when he noticed that an address was being typed in. [Caceres] turned the information over to police, who were able to find [Meija] and charge him with fourth-degree grand larceny. It’s not the first time that tech-savvy consumers have relied on remote access programs to capture the criminals who’ve stolen their computer equipment, and it certainly won’t be the last, as the technology becomes more readily available to consumers.

[via Obscure Store and Reading Room]

Comments

  1. jermsmit says:

    All my systems have some form of dial home, remote ware so I can track and gain access to them once more. However, if the criminal in this case was smart; he would have reinstalled the operating system of that notebook before using it for anything personal. Also one should also check for other (hint hint) tracking methods on hardware such as pc’s and notebooks. Software installed to the system isn’t the only way to gain remote access to a stolen machine.

  2. Kaos says:

    Thank God for stupid criminals. I would had disconnected the internet but added it to the local LAN. Activate the remote sharing of the entire “C:” or other drives and copied away. Once done, return it to the company as found for possible reward or recognition. @jermsmit suggestion is even simpler but how many thieves have a pirate copy of Windows laying around.

  3. mt_maui says:

    What remote software would you use to do this? I have VNC on my computer, but it requires knowing the IP address of the computer in order to log in.

  4. Kaos says:

    maybe the attacker clicked on terminal service or vnc to connect to the last known pc. When victim saw a request to allow access, went to the commandline to view all remote connections revealing the IP. This assuming the laptop was directly connected to the internet with victims saved profile. Maybe the attacker placed the laptop into his router’s demilitary zone thinking he was smart or doing something.

  5. cde says:

    A.k.a. Note to thieves, fencing without use is less risky.

  6. klokop says:

    This story’s all over teh internets, but nowhere does it say how he got hold of the IP address of the thief… all it says is that the owner used some sort of ‘remote access’, but for that to work he’d have to have an address to access to. Prob. had some sort of curl/wget script running on the machine?

  7. MS says:

    If u have some type of DDNS service such as TZO.com, you can install their client and have it start up as a service. No matter where you are at it will report on your WAN IP address every x minutes, depending on how you set it up. If you ping xx.tzo.com it will return the current IP address.

  8. byohazrd says:

    In before poison ivy.

  9. Kaos says:

    that’s why people like me own u and ur project.

  10. Kaos says:

    those high profile people you seek are smoking pot right now. They are also more worried abuout their shares than you. Under $15,000, kiss my as$

  11. nubie says:

    Pffft, boot it in a Faraday cage with external mouse/KB screen. No hardware tracking.

    The only real reason to steal a laptop if you are a petty criminal is to fence it or use it.

    PS real information thieves can pull the HDD and clone it, and replace it. Or just pull the HDD. With today’s “laptops” (hah, the average size of a laptop screen is 150% that of the average color TV in 1985) you really don’t want to be seen smuggling it, so pull the HDD and leave the laptop.

    Now what would be neat is hardware that runs on a separate processor and uploads a small log of IP addresses stripped from the network hardware.

  12. Cheesetoast says:

    That guy had his stolen and actually chatted with the guy who bought it, knowing it was stolen. Happened to be a 14 year old kid

    >requires registration.

  13. Cheesetoast says:

    http://dubberz.com/forum/index.php?topic=18096.0

    That guy had his stolen and actually chatted with the guy who bought it, knowing it was stolen. Happened to be a 14 year old kid

    >requires registration.

  14. Wwhat says:

    Now people that install rootkits or trojans can claim they were helping people with security by making their system remotely accessible, or even sell their trojans as security programs.

  15. googlehood says:

    Why no using google to pinpoint the location of machine. Iphone and itouch does this without need of gps tracking. Mechanism is related to location of found wireless networks in neigbourhood.

  16. k0usi says:

    Well, even with the IP address of the thief you would most likely be out of luck. This person is still likely behind a router, *without* ports forwarded, so it wouldn’t be as simple as connecting to their IP.

    The easiest way to implement this is with an automatic VPN connection back home, preferably in the background. In that case, from home, you can just connect to the IP showing up in your VPN connections. Alternatively you can use Hamachi VPN for even more simplification.

    If you weren’t planning on using a VPN, you would have to schedule outbound connections via SSH or VNC to a set IP or dynamic DNS service. Again, knowing the IP of the thief is very little help besides general location and/or getting info from an ISP.

    tl;dr Scheduled connections out, or auto VPN to access your computer when it is stolen.

  17. Strofcon says:

    Even though you’d only get a router’s IP in most cases and the ports would obviously not be forwarded, the router will typically not be protected in any way. Easy enough to log in with defaults, forward ports, and be on your merry way.

    Assuming, of course, that the router can forward ports… though I’m not aware of many that can’t.

  18. The Poolshark says:

    If he had Teamviewer installed and set up on the pc to start with windows. All he would need is the ID that is assigned to the laptop and the password. I have used it for over a year and the ID number has never changed. It works through firewalls, proxy, and routers with no problem. Best of all, it is free to use in a non-commercial application.

  19. Lupin says:

    I format all my stolen laptops before i use them.

  20. m2oore says:

    The tool used was probably something like go to my pc or something very similar.

    These programs call to the home server often to identify IP address and are also firewall friendly because they all run through port 80.

  21. k0usi says:

    @ Strofcon – Most routers don’t allow login from the WAN for security reasons, you would be hitting the deaf end of the router.

  22. kt says:

    i use logmein.com to keep track of all my computers, it has a web based interface so you can login anywhere. The best part is that it will work through just about any firewall.

  23. Hax0r says:

    Some of you are just stupid, a NAT router does not typically disallow “outgoing” connections.

    In this case, the user could have setup a daemon/service that connected back to his home system.

    Also, UPnP, people dumb enough to use a SOHO router typically leave it enabled.

    BTW, NOT A HACK!!
    EOF

  24. paul says:

    logmein wont work as well for accessing your stolen laptop, it pops up a message saying that the computer is being remote controlled when you access it.

  25. Jose says:

    Hello Everyone.
    The one thing I did first is to close the message saying “this computer is being access remotely.”

  26. Jose says:

    I used LogMeIn.

  27. Woody says:

    Lovely story. I did not realize that you could track a laptop that way.

  28. nisa says:

    Tracking laptop activity is pretty interesting but what will happen if the thief didn’t use the laptop to do anything personal?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 96,687 other followers