Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
It's funny.  Laugh. Apple

"Back To My Mac" Catches a Thief 329

robipilot writes "Mac stolen, Mac comes online, owner connects using 'Back to My Mac,' owner takes picture of culprit, and voila, criminal caught. OK, it wasn't quite that simple, but here's an interesting story of using some built-in technology on the Mac to recover a stolen laptop."
This discussion has been archived. No new comments can be posted.

"Back To My Mac" Catches a Thief

Comments Filter:
  • Imagine (Score:4, Insightful)

    by iminplaya ( 723125 ) on Saturday May 10, 2008 @10:49PM (#23366444) Journal
    Thousands of peepholes for the guys in Cupertino to look through...
    • Re:Imagine (Score:4, Insightful)

      by niteice ( 793961 ) <icefragment@gmail.com> on Saturday May 10, 2008 @10:52PM (#23366470) Journal
      Presumably one must use a password.
      • Re:Imagine (Score:4, Informative)

        by iminplaya ( 723125 ) on Saturday May 10, 2008 @11:07PM (#23366522) Journal
        Ah, yes. Very secure [slashdot.org] the Macintosh is.
      • Re:Imagine (Score:5, Interesting)

        by Culture20 ( 968837 ) on Sunday May 11, 2008 @06:24AM (#23368064)

        Presumably one must use a password.
        You could write a cronjob on the laptop to check an https "website" for a boolean value, and send pictures to the site if the boolean is set to true. Make it look like a weather applet for extra points.
        • Re:Imagine (Score:5, Informative)

          by kesuki ( 321456 ) on Sunday May 11, 2008 @10:45PM (#23374222) Journal
          in this case, the 'victim' had her IM automatically sign in whenever the laptop went online, and she got a call from a good friend, congratulating her on getting her laptop back. But the thing is, the laptop owner was paying '$99 a year' for the 'ability' from any 'mac' to sign in and control the computer from anywhere (including, taking a photo and sending it over IM)

          now, you could have a an automatic program to upload to a web server, but in this case, the owner used a subscription service from apple to gain control of the camera remotely, and snap a picture, ironically, the laptop starts a timer , and he tried to raise his hand to obscure the camera, but apparently, the picture is taken too fast for a person to realize what's going on.

          just the picture the cops said would have been useful in catching the crook (they would have given copies to the places that fence stolen stuff, and they'd call the cops while 'figuring out the value' of the goods before they knew what was happening... it's a crime to purchase stolen goods after all) but in this case, the person was an acquaintance of their roommate, so they went to the cops to tell then who had the stuff, before they had even fenced the goods.

          so apparently, you should fence your stolen laptops without hooking them to the internet. (and with automatic wireless networking and people with open networks, that might be hard in some cities if you even turn it on)
    • Re:Imagine (Score:5, Interesting)

      by Anonymous Coward on Saturday May 10, 2008 @11:09PM (#23366544)
      How long before the paparazzi start arranging for Macs to be "won" by celebrities or "given" to them as "thanks". For that matter how long before a stalker arranges such a prize/gift?

      With this having been posted to Slashdot, Natalie Portman is going to wonder where all those Macs and cases of instant grits came from. ;P
    • Re: (Score:3, Funny)

      by iminplaya ( 723125 )
      (Score:0, Flamebait)

      Ohhh, Okay... The girls can look, too.
    • Re:Imagine (Score:5, Informative)

      by Niten ( 201835 ) on Sunday May 11, 2008 @02:18AM (#23367368)

      Like most computers with built-in webcams, the MacBooks feature a prominent green LED that lights up when the camera is in use. This LED cannot be disabled in software. If Apple were actually spying on people with their computers' built-in cameras, someone would have noticed, fast.

      • Of course, if Apple actually wanted to spy on people they would have written a backdoor that allows them (and only them) to disable the LED in software.
      • -1 Naivety

        Even if you don't believe in conspiracy theories, your "hard fact" makes no sense at all. If it were an optical mouse, where the laser is needed for its functioning, I would agree, but the camera can work just fine without the LED on, so which power of nature or world-wide law forces it to be on every time the camera is on?

    • Re:Imagine (Score:5, Funny)

      by Anonymous Coward on Sunday May 11, 2008 @03:42AM (#23367662)
      here's a little poem i wrote entitled
      "WHEN I STEAL YOUR LAPTOP"

      When i steal your laptop
      i'm going to use it offline
      so i can harvest your personal info
      with a data miner i have on my usb keychain
      then i'm going to wipe the os clean
      and change the mac address on your network card
      and sell the fucker on kijiji
      i'll meet you in the arby's parking lot
      to sell you back your own machine
      that you no longer recognize
      because I put hello kitty decals on it.
  • by Anonymous Coward on Saturday May 10, 2008 @10:54PM (#23366478)
    I'm curious to know how would taking a picture of a musical instrument help in this matter...
  • by Anonymous Coward on Saturday May 10, 2008 @11:08PM (#23366530)

    Mr. Jackson said that Mr. Frias and Mr. Shahikian were arrested last year on a felony marijuana possession charge, but are not career criminals.
    No, just career idiots.
  • by LoverOfJoy ( 820058 ) on Saturday May 10, 2008 @11:08PM (#23366540) Homepage

    At first, the photo application revealed only a smoky room and an empty chair, Mr. Jackson said, but then a man sat down. Ms. Duplaga, again using remote technology, typed in the command to snap a photo. When you take a picture with that computer, it shows a countdown, and when it does, this guy figures out whats going on, Mr. Jackson said. It all clicks for him, and he puts his hand up to cover the lens, but it was too late. She had already taken the picture.
    If she could see him, why would she need to use the software to take a snapshot? Don't apple computers have Prnt Scrn or an equivalent button?
    • Re: (Score:2, Interesting)

      for that matter, why is it showing a countdown at all??
      • Because it's sexy.

        (Disclosure: I own a Mac.)
        • Well no offense, but the "sexiness" of the Mac seems to have given the heads up, if it were not for the fact that the photo had already been taken [it counted down after it took the shot???]
          • No, it counted down before it took the shot, but the guy didn't realize what was going on until the time between "1" and "0". By the time he covered the camera, the picture was taken.

            I'd think the length of the countdown could be used a measure of the thief's idiocy.
      • by Dana W ( 1281070 ) on Saturday May 10, 2008 @11:50PM (#23366770)
        Its part of Photobooth, its to warn you its going to take a "flash" picture for icons or whatever. It flashes by turning the screen brightness up all the way and turning it white for a second. The countdown is an an aid to compose your pictures, I don't think stealth photos is quite what Photobooth is meant for.
    • Good question. I'm not sure how the Back To My Mac application works, but yes, she could easily have used Grab to do a screen capture on the remote end if she already had a video connection going. It seems like a part of the story is missing.
      • It seems like a part of the story is missing.
        The part that talks about people's varying levels of familiarity with not-really-advertised features of the OS they use?
        • by Concerned Onlooker ( 473481 ) on Sunday May 11, 2008 @12:49AM (#23367012) Homepage Journal
          Actually, no. I did a little reading on Back To My Mac and it has nothing to do with the OS. It's an application that works through .Mac and uses IPv6, UPnP and one or two other technologies. It allows you to connect to your Mac no matter where it is located, but from the sound of it it is a finicky application. It only worked because the thieves had left the computer signed in to its .Mac account and had UPnP on their local router. It also means she either hadn't logged out or the computer was set to automatically log in, something that generally seems like a bad idea but in this case worked to her advantage.
  • Privacy concerns (Score:2, Insightful)

    by Anonymous Coward
    Anyone else a little concerned that this could be used to spy on you if it becomes compromised?
    • If my computer (also mac) were compromised, a picture is least of my worries compared to the data on it...
    • by GeffDE ( 712146 ) on Saturday May 10, 2008 @11:54PM (#23366790)
      This is no different than any webcam. The fact that it is built-in and constantly connected physically is a problem, but it can easily be disabled [macobserver.com].

      A short applescript could be make that would enable/disable the iSight with the click of a button. Hella easier than having to unplug a USB cable...less wasted motion and lord knows I hate having to do anything physical because I post on slashdot.

      Step away from the tinfoil, man. Are you a little concerned that people can study your online habits because you broadcast that information over the World Wide Web? A webcam is a useful thing, and all useful things can be used or abused; that's a fact of life and there's no getting around it. So either put up with some security concerns or live your life in a padded room (though, admittedly, this will only mitigate security risks, not eliminate them...)
      • by Poppler ( 822173 )

        The fact that it is built-in and constantly connected physically is a problem, but it can easily be disabled.
        If your system were compromised, that wouldn't help. All the attacker would have to do is find the file and put it back.

        Yeah, I read your last paragraph too. Just saying ;-)
  • did something like this in 2000. See p. 15 of this 3 MB zipped Powerpoint [honeynet.org].

    See also P-p-p-Powerbook! [encycloped...matica.com] for a possible laugh.
  • Poetic Justice (Score:5, Insightful)

    by beadfulthings ( 975812 ) on Sunday May 11, 2008 @12:12AM (#23366872) Journal

    I know, this being Slashdot we have to worry about the privacy issues, compare the Mac to somebody's Vista laptop, disparage the cops, fret about security in general, and not fail to point out that a viola is indeed a stringed instrument.

    But there's just something so damned satisfying about imagining these two thugs being caught red-handed with the loot. There's the impression of the victim realizing that she may be onto something. Her "Now I've got you, you son of a bitch!" as the fatal snap takes place. The "Oh, shit" realization of the thief, probably followed by frantic thoughts of how he might go about flushing two widescreen TV's and assorted recreational electronics. The genuine gratification of being able to walk into the police station and say, "Here are photographs of the guys who ripped off our stuff, actually using some of our stuff, and we know who they are..." Perhaps then the THUD THUD THUD at the malefactors' door.

    It's got all the elements of the classic cautionary tale, and just reading it should bring at least a brief and sarcastic smile to the face of anybody who's ever been robbed.

  • Mug shots (Score:3, Funny)

    by xPsi ( 851544 ) * on Sunday May 11, 2008 @12:23AM (#23366898)
    It was nice of those guys to stand in front of her computer and pose for her like they were in mug shots. It's almost like they knew they did something wrong! Oh wait...
  • This has been done several times before, on Mac and other platforms. Does anyone remember the original backdoor software for windows 10 years ago?

    This just looks like a bunch of Apple marketing hype. Nothing new here folks.
  • Comment removed (Score:3, Interesting)

    by account_deleted ( 4530225 ) on Sunday May 11, 2008 @02:32AM (#23367426)
    Comment removed based on user account deletion
    • Re: (Score:3, Informative)

      by dn15 ( 735502 )
      The thing is, most people haven't enabled a password to log into their computer or to wake it from sleep mode. It certainly is smart to have a login password, but the vast vast majority don't, and most also don't even realize that you [i]can[/i] have one.
      • Re: (Score:3, Informative)

        by vaporland ( 713337 )
        A Mac doesn't have a traditional PC-style BIOS. Instead what it has is called an EFI. EFI stands for Extensible Firmware Interface. This does essentially the same thing as BIOS.

        Unless the owner has disabled alternate booting through the EFI, you can change anyone's Mac OS user password by booting with a Mac OS installer DVD and using a standard password utility to change the root password or any user password.

        A program called Undercover will transmit pictures using the built-in iSight camera (with t
  • It is for this reason that i have OpenVPN and a running SSH server on my laptop.

    And yes, the endpoint is firewalled off...so thieves shall not be sneaking into my network over it.
  • In the early days of webcams I used to work for this tech company, the bos (a techofile) had just set up a webcam from his computer in the London office to his computer in the New York office. He then flow to New York, a cople of guys and I where working quite late, when I see this other junior guy sat in the boss's chair saying with his legs on the boss's desk imitating the boss's voice "I am the boss and I am gay". When suddenly the computer screen turned on and he saw the boss telling him "YOU ARE FIRED"
  • Undercover (Score:3, Informative)

    by merdaccia ( 695940 ) on Sunday May 11, 2008 @04:16AM (#23367734)
    Undercover does this sort of thing. It transmits network information, screenshots, and pictures from Macs with iSights. http://www.orbicule.com/undercover/ [orbicule.com]
  • by mlwmohawk ( 801821 ) on Sunday May 11, 2008 @06:27AM (#23368070)
    I was thinking about something like this for a while, and this is a practical example, albeit, with different technology.

    Did anyone see the movie, with Patrick Stewart, "Safe House?" To make a long story short, he has to enter a password every day to ensure an automated system does not activate. If he ever fails to enter that password, the system assumes he's dead and will let loose damaging blackmail that keeps him alive.

    Anyway, a system like that would be very cool for home users. A small "safe house" program that gets run at startup that prompts for a password and gives you a number of tries. If the password is unsuccessful, the camera is activated, and web cam photos are sent to a known server when the network comes up, along with sound as well. Possibly key strokes and new documents web traffic and sites. All this happens quietly, in fact, there is no feedback as to the password being unsuccessful after the second try.

    This information, along with the IP address, can be used to identify the thief and recover the property.
  • Home Version (Score:5, Interesting)

    by DeanFox ( 729620 ) * <spam,myname&gmail,com> on Sunday May 11, 2008 @07:21AM (#23368262)

    I run Ubuntu on my home PCs and changed the default login screen to list the users. I created a 'Guest' account and in it's description I put 'Password = 123qwe' (not the real password). The assumption is that a burglar , not knowing much about OS'es, will want to use the PC and will choose the easiest path to gain access. When they turn the PC on the login screen gives them a list of users and an option of choosing "Guest Account with the Password shown. All household users have been told to *never* use this account and why.

    This 'Guest' account is CharRooted and has Firefox, IM and other Internet clients all on the desktop but that's about it. Under the hood it opens up SSH, VNC, Terminal Server and every other conceivable way of gaining access. It starts a script that every 30 minutes emails my Gmail account with IP address and connection information. Also, logging on to this account invokes a 'Nuke' scrip that will DBAN type wipe the system if I don't deactivate it within 7 days.

    It's not a perfect solution but it has all the capabilities and features of the subscription tracking services that can cost hundreds a year and it's all pretty easy to setup. If any thief steals my PC and uses it to connect to the Internet I will know everything about their connection and have full access to the machine. If it's truly lost and I can't regain control after they login, it self destructs.

    Now that I thinks about it, this should be a Ubuntu package or at least a HowTO.

    -[d]-
  • by An Onerous Coward ( 222037 ) on Sunday May 11, 2008 @12:02PM (#23369904) Homepage
    I've already got my laptop making hourly requests to a non-existent image on a website I control. So if it ever goes walking, I might get an IP address from that. As someone pointed out, I might want to create a guest account, so that the thief would be willing to use the laptop as-is.

    But what other sensory information does my laptop have? One thought: Wifi. Even before it connects, it can give you the names of wireless networks nearby. If you could somehow upload that list to a server you control, there is a small chance you might be able to wardrive your way to victory. But command-line wifi utilities seem to be rare. Any ideas?
  • by ubrgeek ( 679399 ) on Monday May 12, 2008 @06:39AM (#23376232)
    (Too lazy to lower my comment threshold) but if you're interested in setting up Back to My Mac without a .Mac subscription, check our this article [lifehacker.com].

One picture is worth 128K words.

Working...