Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The Khaki Bandit Strikes At IT - 130 Stolen Laptops

Zonk posted more than 6 years ago | from the not-my-portable-device dept.

Security 249

destinyland writes "'The khaki bandit' posed as an office worker at several corporations and successfully stole over 130 laptops which he later sold on eBay. The ease of theft from the corporate offices (including FedEx and Burger King) shows just how bad corporate security can be. In some cases, the career thief just walked into the office behind an employee with a security badge. Two million laptops were stolen just in 2004, and of those 97 percent were never recovered. Ultimately it was the corporate headquarters of Outback Steakhouse who caught the thief with a bugged laptop that notified them when he re-connected it to the internet."

cancel ×

249 comments

Sorry! There are no comments related to the filter you selected.

What? (-1, Troll)

Anonymous Coward | more than 6 years ago | (#21169611)

Is this some kind of light skinned negro?

Is he from the bario?

Is he white trash from the South? Which racial epithets apply?

Inquiring minds want to know!

Look at the way many people treat their laptops (5, Insightful)

elrous0 (869638) | more than 6 years ago | (#21169627)

Considering the cavalier way many people treat laptops and projectors, I'm not surprised. No one would think of leaving $3000-$4000 in cash just laying around in the open. But I've seen plenty of people where I work leave brand new laptops and projectors sitting out in the open, unattended for long periods.

In fact, just a couple of weeks ago, one of our directors went on vacation and left his laptop and projector just sitting on the conference room where he had last used it (a large, wide-open conference room used by hundreds of outside people each week). They sat there for several days before anyone noticed.

Re:Look at the way many people treat their laptops (5, Insightful)

tommeke100 (755660) | more than 6 years ago | (#21169679)

people don't care when they don't have to pay for it.
It's the same at our company. You wouldn't believe the state some of our laptops are after just a couple of months. cracked screens, missing keyboard keys, full of spyware, coffee spilled all over it, ....
I don't think ppl would treat their laptops that poorly if they had to pay for it.

Re:Look at the way many people treat their laptops (2, Interesting)

Chosen Reject (842143) | more than 6 years ago | (#21170529)

A few years ago I was working in IT for a university. One of the professors didn't like the buttons by the touchpad because he would bump it with his palms while typing and end focus would change to some other app. So instead of disabling the touchpad, he just broke the buttons off. That was fun to explain to the Dell rep when he had some other hardware problems that needed to be replaced.

Re:Look at the way many people treat their laptops (1)

Nimey (114278) | more than 6 years ago | (#21170759)

Gods know that either understanding & fixing the problem or asking someone knowledgeable would be too hard or make him look weak.

I hope you got his supervisor to LART him well.

Re:Look at the way many people treat their laptops (1)

mikael (484) | more than 6 years ago | (#21171155)

I feel like that about the power switch on my laptop when it runs Linux. An ordinary user can no longer power down the system by typing "shutdown", but the slightest tap to the power button, and shut down mode is activated automatically. No grace period, no "Are you sure, please confirm", no "System is shutting down in 10 seconds, press [XX] to cancel". It's just "The system is shutting down now" and the desktop just disappears , goes back to the command line and that's it - system is off.

Re:Look at the way many people treat their laptops (2, Informative)

vivian (156520) | more than 6 years ago | (#21171547)

Mabey you want to consider changing the powerdown options n your laptop's BIOS.

Re:Look at the way many people treat their laptops (1)

hodet (620484) | more than 6 years ago | (#21171125)

We had a user check it with her luggage on a flight. She was shocked when it didn't come around on the conveyor belt with her suitcase. :-)

Re:Look at the way many people treat their laptops (5, Funny)

Four_One_Nine (997288) | more than 6 years ago | (#21169689)

Apparently in most business we trust most people to not steal laptops, projectors, LCD monitors, etc.

However it seems that NOWHERE in corporate America does any company trust it's employees (at least the male ones) to not steal the paper towels out of the mens room. The dispenser is ALWAYS locked up !

Re:Look at the way many people treat their laptops (2, Funny)

j-pimp (177072) | more than 6 years ago | (#21169903)

It seems that NOWHERE in corporate America does any company trust it's employees (at least the male ones) to not steal the paper towels out of the mens room. The dispenser is ALWAYS locked up !

It really comes down to the fact that paper towel technology has reached the point that the right balance of security and usability has been achieved. In IT we have to pick an extreme.

Re:Look at the way many people treat their laptops (4, Interesting)

Hoi Polloi (522990) | more than 6 years ago | (#21170447)

We must keep paper towels out of the hands of terrorists. Even the janitor's closet has better security than most offices.

Seriously though, companies will take you to court over stealing a few hundred bucks worth of equipment but if you rob the company blind with sleazy accounting, incompetence, and outright robbery as an executive you get let go with millions in severance.

Re:Look at the way many people treat their laptops (1)

Liquid Len (739188) | more than 6 years ago | (#21171601)

Seinfeld, is that you ?

Re:Look at the way many people treat their laptops (1, Interesting)

Corporate Troll (537873) | more than 6 years ago | (#21170325)

Ehm.... I have a work laptop. I would have preferred a desktop, but I got a laptop. Why exactly would I need to pack up my laptop every night, and take it with me or even lock it in a closet if it is in the office? I mean, if my coworkers are going to steal it, then the company has bigger problems than me leaving the laptop unattended overnight and during my holidays.

The office is only accessible with a keycard in the first place, so that leaves the cleaning ladies as possible thieves.

I don't know, but unlike so many of my coworkers, I feel no need at all to take a work laptop home. I've got plenty computers at home, the work one isn't going to make a difference to me.

Re:Look at the way many people treat their laptops (1)

Psmylie (169236) | more than 6 years ago | (#21170875)

Get a laptop lock, one of those cable locks. You loop it around part of your desk, lock it to the laptop, and you're done. A lot of extra security for a very low cost and maybe 5 minutes to install (unless you don't have anything to loop it around and you need to attach an anchor to your desk). If you ever do need to take your laptop, just unlock and go. It's corporate policy where I work, and we're in a secure building as well.

Re:Look at the way many people treat their laptops (1)

jkroll (32063) | more than 6 years ago | (#21171477)

Take a hard look at your laptop case before you think this is any real security.

Many laptop shells are just simple plastic and the cable locks can snap out with only barely noticeable damage to the laptop shell.

Discovered this when a coworker caught their chair in the laptop cable lock one day and "disconnected" it from his Dell laptop.

Re:Look at the way many people treat their laptops (1)

eln (21727) | more than 6 years ago | (#21171211)

At my one true "dot com" job, they issued laptops to everyone. My first day, I got a new laptop, and was told that there had been a rash of laptop thefts in the company, so all employees needed to take them home or lock them in a drawer before they left. Of course, I got distracted by the whole "new job" experience and forgot all about it, leaving it on the desk when I went home.

Sure enough, when I came back the next morning, the laptop was not on the desk. Visions of being fired after my first day on the job, and after moving my family halfway across the country for the job, danced in my head. Luckily, it turned out that my supervisor had seen the laptop and locked it in my desk drawer for me. Since then, I always take my computer home with me, even though now I work in an extremely secure facility (Tier IV data center).

if he was so smart (1)

loafula (1080631) | more than 6 years ago | (#21169657)

why did he not blow away the HDD and reload before putting the thing on the internet?

Re:if he was so smart (3, Insightful)

$RANDOMLUSER (804576) | more than 6 years ago | (#21169711)

...after taunting his victim from a payphone, the victim dialed *69, and Almly was arrested...
Yeah, smart.

No genius (1)

homey of my owney (975234) | more than 6 years ago | (#21169905)

Admittedly no genius. But what about the state of our corporate security, when it takes a mega corporation like Outback to catch a idiot, and the meager FedEx et al just write it off.

Re:if he was so smart (4, Informative)

eldavojohn (898314) | more than 6 years ago | (#21169733)

why did he not blow away the HDD and reload before putting the thing on the internet?
Well, I believe he was doing that, from the article:

Later, at his $1,800-a-month apartment along Miami Beach, the burglar erased the laptops' hard drives and began selling them via services like eBay, where he had earned a 99.4 percent customer-satisfaction rating and tens of thousands of dollars in profit.
And then later:

Thanks in part to the company's use of a clever antitheft device...
They don't really go into details about it, but this might be something in the NIC chip or something else ingeniously specific to the hardware. They probably don't want to give out details as this was the only way to catch and stop this kind of outfit.

Re:if he was so smart (3, Insightful)

Anonymous Coward | more than 6 years ago | (#21170025)

They don't really go into details about it, but this might be something in the NIC chip or something else ingeniously specific to the hardware.

I doubt it. Most likely they got lazy and just cleaned XP without reinstalling leaving the rooted snitchkit to do it's thing. I guess if large access provider like T-Mobile's Hotspot had the MAC Address of a taken machine and a process to report to the right person it's presence on the network it could be traced. I also don't think MS is checking MAC addresses gathered from WGA against any criminal databases. Maybe an app on a separate, untouched partition and autorun but a simple drive wipe would've taken that out.

If you did devise a way for a MAC device to "call home" without user action then it would be easy to take the next step and turn it into a kick ass DDOS bot, something I don't think most device companies would risk.

Re:if he was so smart (2, Informative)

wangmaster (760932) | more than 6 years ago | (#21170067)

The article states that outback used computrace lojack, which is software based antitheft. You connect online, it provides computrace with a bunch of info about your network connection and if you're stupid, they eventually trace you. i.e. the guy may have been good at social engineering to get the laptops, but definitely no good at the technical details.

Re:if he was so smart (4, Interesting)

Bender0x7D1 (536254) | more than 6 years ago | (#21170115)

I believe most tracking software creates a separate partition that would survive a standard reinstall, but not a complete reformatting of the disk.

What I think would be very effective would be a laptop, created explicitly for businesses, that would implement the tracking system in hardware. If you added it to the integrated wireless networking, you wouldn't be able to shut it off, and you could track it whenever you needed to. If you are concerned about battery life, you could allow someone to shut it off, but have it wake-up every few hours just to check in. When it checks in, if it's labeled as stolen, the networking stays on, allowing for constant tracking.

There are some privacy concerns with a tracking device that can't be turned off, but that's why I said it would be explicitly for businesses, (or people who want that feature explicitly). For many businesses, the loss of privacy is less important that the ability to track their assets.

Re:if he was so smart (1)

HugePedlar (900427) | more than 6 years ago | (#21171089)

On a slight variation, my friend's father works for a British security firm which deals with the Government. He told me I shouldn't pass this on, but I can't see the harm in sharing with a handful of slashdotters...

Anyway, they needed a way of determining where a seized laptop had travelled in the past. Many esoteric technical tracking methods were discussed, most involving network log analysis.

My friend's father suggested scraping the pollen off of the case fan.

Re:if he was so smart (1)

CCFreak2K (930973) | more than 6 years ago | (#21170971)

They don't really go into details about it, but this might be something in the NIC chip or something else ingeniously specific to the hardware. They probably don't want to give out details as this was the only way to catch and stop this kind of outfit.
When I got my Dell laptop in 2005, it was loaded with a little thing called Computrace. In the BIOS, it can be set either "permenantly" disabled or enabled (the default is a disable value in between); no software required. AFAIK, I needed to actually subscribe to the service for it to work, but it was there nonetheless as a kind of "computer lojack", if you will.

Re:if he was so smart (2, Informative)

arpwatch (264178) | more than 6 years ago | (#21171255)

Right.
We use Computrace here at work. We have x amount of licenses. The company gives us a custom build executable that latches itself into the BIOS along with setting up shop in the OS applications/programs. The only way to remove it is by using the custom executable to contact the local webserver that starts up on the machine. I guess you could reflash the BIOS as well. I haven't bothered trying to break it.
Supposedly all you have to do is "hit a button" and Computrace will take care of everything.(Contacting local and state authorities, ISPs, telling them approximate location based on IP address when computrace phones home, etc)

And yes, all the techs are itching for someone to steal one of our laptops so we can try the system out.

-arp

Re:It's in the BIOS (3, Informative)

InvisiBill (706958) | more than 6 years ago | (#21171265)

http://news.thomasnet.com/companystory/471725 [thomasnet.com]

VANCOUVER, Dec. 13 /PRNewswire-FirstCall/ -- Absolute(R) Software ("Absolute") (TSX: ABT), the leading provider of computer theft protection and secure asset tracking solutions, today announced a milestone in the company's efforts to drive the standard for PC theft recovery and Secure Asset Tracking(TM) - the availability of Computrace support in the BIOS across all four of the top tier PC manufacturers' commercial notebook lines.

Absolute first announced BIOS support for its theft protection technology with IBM/Lenovo on February 1, 2005; followed by announcements with Gateway on August 9th and HP on October 4th. Today, Dell announced a set of customer solutions that leverages Dell's embedded BIOS support for Computrace allowing customers to address issues of regulatory compliance, data protection and PC theft recovery.

We don't use it here, but I believe once you enable it in the BIOS, it can't be disabled. Obviously, there's always a way to disable everything, but it's not a matter of formatting a drive or changing a BIOS setting. It comes down to hex-editing the BIOS data or replacing the BIOS chip or something.

Next time... (0)

Anonymous Coward | more than 6 years ago | (#21169659)

from the article

"Larry Brass, the Tampa Police detective who arrested Eric Almly this spring, says he's not permitted to endorse a particular product. But he says if Outback's laptops were not outfitted with software called Computrace LoJack for Laptops, made by Absolute Software, there is "no question" Almly would be walking free today."

He will learn a valuable lesson out of this once he's out of jail: Wipe the laptop BEFORE connecting it to a network connection...

Re:Next time... (0)

Anonymous Coward | more than 6 years ago | (#21171579)

>He will learn a valuable lesson out of this once he's out of jail:
>Wipe the laptop BEFORE connecting it to a network connection...

If the laptop has Computrace / Lojack for Laptops this won't work. Once you 'wipe' it the software re-installs itself from the BIOS. It will even survive a hard-drive swap. The only way to disable it is to install Linux, which most theives dont' do.

$150 a laptop? (2, Interesting)

andy.ruddock (821066) | more than 6 years ago | (#21169705)

From the article "Over the years he'd pocketed at least $20,000", which comes to a mere $153.85.
No wonder eBay shoppers were happy with the deals they got.

Re:$150 a laptop? (4, Funny)

Funkcikle (630170) | more than 6 years ago | (#21169821)

Oh dear. Who will lead the OLPC initiative now that Nicholas Negroponte is in jail?

Re:$150 a laptop? (1)

omfglearntoplay (1163771) | more than 6 years ago | (#21169865)

This is a good example of that old saying from that old movie about old thieves. If you want to be a thief, do it once, do it big, and retire. Making 20 grand from 100+ minor stealizations is pure dumb (as is buying lottery tickets). I guess this also illustrates the fact that most criminals have low IQ. Good ole lead gasoline. ;)

Re:$150 a laptop? (1)

mrslacker (1122161) | more than 6 years ago | (#21171171)

Almost as dumb as "stealizations". Is that a friend of colorization?

Re:$150 a laptop? (4, Funny)

Artifakt (700173) | more than 6 years ago | (#21171335)

I like it: "Stealization". Let's spredulate this meme.
 

Re:$150 a laptop? (2, Funny)

mrslacker (1122161) | more than 6 years ago | (#21171427)

memeization?

Re:$150 a laptop? (1)

Alzheimers (467217) | more than 6 years ago | (#21171495)

It's a perfectly cromulent word.

Laptops are easy (4, Insightful)

necro81 (917438) | more than 6 years ago | (#21169741)

For the bold and motivated thief, walking in and then out with a laptop is easy. Just look like you are supposed to be there. Slipping it into a briefcase helps with the illusion.

On the other hand, someone waltzed off with a 24" LCD monitor from the desk of a co-worker not long ago. His office was the furthest in from the door, so someone needed to be particularly bold to go all the way in, disconnect the monitor, and walk back out. No one saw him either, which is impressive considering the size of the load he was carrying. It's a lot harder to look and act natural about carrying a large monitor than a laptop.

Re:Laptops are easy (3, Insightful)

crafton (1166353) | more than 6 years ago | (#21169845)

are you sure it wasn't the co-worker that stole it?

Re:Laptops are easy (0)

Anonymous Coward | more than 6 years ago | (#21169951)

Exactly. A lot of computer thefts are inside jobs. Of course, many employers don't want to hear about it when you mention that you have strong reason to believe that "Joe" may have taken that missing piece of equipment. This despite "Joe's" own allusions to having taken it.

Re:Laptops are easy (4, Funny)

oyenstikker (536040) | more than 6 years ago | (#21169907)

Walk in, slap a big yellow sticker on it that says "Repair Ticket" in big letters, and carry it out.

Re:Laptops are easy (2, Informative)

Bee1zebub (1161221) | more than 6 years ago | (#21170209)

That has been reported in England with roofing slates. The thief simply drives up with a van painted as a roofing contractor, sets up a ladder and some scaffolding, and removes the tiles (this was some years ago, when health and safety regulations were less strict). When a home owner caught them, they simply presented fake documents for the house net door, put up a tarpaulin, and drove off.

People have also stolen the granite setts of of public roads with a digger, lorry, and a few cones.

Re:Laptops are easy (1)

Paradigm_Complex (968558) | more than 6 years ago | (#21170889)

I've had to move in and out of various dorms on campus where I go to school at odd times throughout the year, and never once has anyone questionsed the 24" Monitor or ATX box I carried out. I helped friends carry large TVs in or out of their doors before/after videogame tournmanets I'd set up. No one even gave a second look. If one could just access the equipment without the origional owner knowning it'd be trivial to walk out of the dorm and throw it in the back of a car. Now add the fact that many RA's encourage students to post their schedual in a public area to help people from the same classes in the dorm to study together. I'm shocked at how rarely electronics are stolen, where as bikes on campus (which are chained up) go missing more often then not.

Thieves aren't that smart... (4, Interesting)

Tastecicles (1153671) | more than 6 years ago | (#21169759)

...I work in a shop on occasion, and the number of stolen laptops that come through with people trying to sell them to us is simply mind-boggling. I'm not talking about pissy little Pentiums, either, these are the latest, greatest in portable number crunching. Some have passwords on them as their only real identifying feature (the serial numbers and Microsoft licenses are usually scratched off), which I tell the seller is not possible to circumvent (in some cases they're not, being on the BIOS rather than the OS). Other tricks they have is coming in claiming they've lost or wrecked the power adapter (how convenient) and need a cheapo universal one. Sure, I'll sell them the universal brick but they're not testing the thing in the store.

Net bugs are a good thing to have, I think (got one on here), particularly given the plentiful supply of open wireless points in most large cities now. Turn on machine, bug sends data burst, thief is cornered. Hell, he doesn't even need to physically connect to a network these days.

Re:Thieves aren't that smart... (1)

deftcoder (1090261) | more than 6 years ago | (#21169825)

Other people who aren't smart: those who don't realize it's possible to bypass "BIOS passwords".

Re:Thieves aren't that smart... (3, Interesting)

dintech (998802) | more than 6 years ago | (#21170033)

It's a bit unfair to see he's not smart. It's just a piece of knowledge you have that he doesn't. And yes, I know knowledge is power...

Re:Thieves aren't that smart... (0)

Anonymous Coward | more than 6 years ago | (#21170419)

Many laptops put the BIOS password on the harddrive via a special ATA command. Depending on the methode choosen these can not be bypassed short of replacing the harddrive or using an expensive cracking tool.

Re:Thieves aren't that smart... (0)

Anonymous Coward | more than 6 years ago | (#21170739)

>Other people who aren't smart: those who don't realize it's possible to bypass "BIOS passwords".

Not always - try it on any ThinkPad since the T40 series, for example.

Re:Thieves aren't that smart... (0)

Anonymous Coward | more than 6 years ago | (#21169829)

Not for nothing, but BIOS passwords are usually really easy to circumvent, often requiring nothing more complex than popping out the CMOS battery for a second. I can understand you telling different to a probable thief, but you should know better.

absolute crap (1)

RMH101 (636144) | more than 6 years ago | (#21169861)

...this is categorically NOT possible on any significant number of laptops manufactured in the last 10 years. Modern BIOS passwords are secure enough to effectively brick any device where the password is lost, without significant expertise or specialist kit to bypass. Ric

Re:absolute crap (0)

Anonymous Coward | more than 6 years ago | (#21169959)

Modern BIOS passwords are secure enough to effectively brick any device where the password is lost, without significant expertise or specialist kit to bypass.
Open computer, flip the jumper to the clear CMOS setting, put the jumper back, wipe and load your OS.

Re:absolute crap (0)

Anonymous Coward | more than 6 years ago | (#21169999)

I've got a tablet here that has no jumper to flip. Pull the battery isn't going to work either. You HAVE to call into the manufacturer to get a special code to type in or you have a brick and that's it.

Re:absolute crap (2, Informative)

Anonymous Coward | more than 6 years ago | (#21170095)

Brick the device? Oh please. A Dell laptop I once serviced had this aforementioned "modern BIOS password" security feature. I couldn't enter the laptop's setup utility because of it. There was no battery on the motherboard to remove and I read on many forums that the only solution was to call Dell support and ask them for a "master code" to unlock the laptop. A quick check on Google brought up the BIOS password remover utility. -1 for Dell security. It could even null the asset tag and serial numbers and replace them with my own. The only problem with this procedure: my BIOS settings had to go back to default. Considering that I can only change the time and boot priority of devices, this wasn't a big deal to begin with (not like I have to write down the block, sector and cylinders of the hard drive, and whether it's in LBA mode or not).

Finding online videos on metacafe.com telling me how to bypass finger print security modules found on the latest laptops isn't that promising either. Best laptop security: keep the damn thing with you AT ALL TIMES. Never leave it in the car, even if you're running in and out of someplace for two minutes. It takes a thief five seconds to smash your car windows, grab the bag with your laptop and drive off in his car. I've witnessed it and it's horrifying.

Re:absolute crap (2, Funny)

antifoidulus (807088) | more than 6 years ago | (#21171005)

Or you could set your wallpaper to the goatse man, get a custom goatse case mod, goatse keyboard...Nobody will want to touch that laptop!

Re:absolute crap (0)

Anonymous Coward | more than 6 years ago | (#21170403)

care to back that up with a model number? or maybe mr fancy pants is afraid to get proven wrong?

Re:absolute crap (1)

Ravenscall (12240) | more than 6 years ago | (#21169971)

Actually, if you open up the laptop, there is still a reset button, not to mention a factory override password.

Re:absolute crap (0)

Anonymous Coward | more than 6 years ago | (#21170083)

without significant expertise or precision screwdriver kit to bypass.


I fixed your post for you. Even on the latest laptops, there is a button cell used for the BIOS password as well as the clock. HTH!

Re:Thieves aren't that smart... (1)

Calinous (985536) | more than 6 years ago | (#21170023)

CMOS battery on a laptop? I haven't seen one (but on the other side, I haven't opened a laptop until all his internals were visible)

Re:Thieves aren't that smart... (1)

Vindicator9000 (672761) | more than 6 years ago | (#21170621)

On the Thinkpad T43 I opened yesterday, it's right under the palm rest. You can get to it by removing about 8 easily accessible screws. I'd imagine most laptops have one.

Re:Thieves aren't that smart... (1)

G Fab (1142219) | more than 6 years ago | (#21171069)

at least on that thinkpad, the password is stored on a special security chip. Removing the clock battery would not clear. You can use the ship to manage encrypting the hdd and for power on password.

There is almost certainly an override password, and you can replace this chip. I think that's all you can do.

Re:Thieves aren't that smart... (1)

TheRealBurKaZoiD (920500) | more than 6 years ago | (#21169857)

So, the little device that caught this guy, the one that phoned home, is that strictly a standalone hardware device living inside the laptop with it's own embedded programming, or was this some software that phoned home the first time it booted up and found a network connection? I'm sure it's probably the former, but I didn't see it indicated anywhere in the article, and I'm afraid I don't have any experience with those types of laptop features.

Re:Thieves aren't that smart... (1)

d3ac0n (715594) | more than 6 years ago | (#21170241)

Actually, it is indicated in the article, the second one linked.

Larry Brass, the Tampa Police detective who arrested Eric Almly this spring, says he's not permitted to endorse a particular product. But he says if Outback's laptops were not outfitted with software called Computrace LoJack for Laptops, made by Absolute Software, there is "no question" Almly would be walking free today.


So it's just some software. Which shows how incredibly stupid a thief he was. He wasn't even willing (or able) to formate the laptop with a fresh OS install. Basically he was just doing a data cleanup and software update, and then selling them as-is. No wonder the dumbass got caught. Ugh.

Frankly, the only reason he got away with it for as long as he did is due to the complete lack of any physical security that corporate types exercise with their laptops. And I would imagine that the lack of security will continue, until a major theft happens that ends up in the exposing of critical corporate data which brings down a company. Corporations ONLY change policy when they have to due to law, or they are scared into it. This story isn't big enough, but I'm guessing that there will be another one, and soon.

Re:Thieves aren't that smart... (1)

TheLink (130905) | more than 6 years ago | (#21171041)

Well look at it this way, he's stupid because that's a stupid way to make money.

Seems he didn't make very much per laptop. How long does it take to reformat and reinstall the different types of laptops he steals AND be sure the snitchware is really gone?

AFAIK if you're trying to install a vanilla Windows XP on some of these laptops it's a pain - drivers etc. Heck installing XP from scratch is a bigger pain than installing Linux. Most people don't know that since Windows usually comes preinstalled.

Where are you going to get the license key from? If you use the original "hidden/rescue partition" to reinstall, the snitchware might be bundled and slipstreamed into the final OS.

Reselling laptops with Ubuntu on them probably cuts into profits too and it still takes time to install Ubuntu on them.

He could have just sold the ram and parts from the notebooks he steals. Or got a proper job instead, work his way to the top and legally steal money big time ;).

Lastly, you can often report your computer as stolen to the manufacturer and they can help cause problems for the final user when they call up for support. It doesn't necessarily mean you'll get it back easily though - there's all that legal stuff that the manufacturer may not want to get involved with.

Re:Thieves aren't that smart... (1)

d3ac0n (715594) | more than 6 years ago | (#21171389)

AFAIK if you're trying to install a vanilla Windows XP on some of these laptops it's a pain - drivers etc. Heck installing XP from scratch is a bigger pain than installing Linux. Most people don't know that since Windows usually comes preinstalled.


Well, not that I want to help out any thieves, but it's not really THAT hard. Keep in mind that many of the large corporations (the kinds he was stealing from) use a standardized image whenever possible on their machines. Usually (if using XP) utilizing a corporate XP key. Since he has several PC's already, all he needs is:

1) A Pirated copy of a Corporate Version XPSP2 install CD. (easy to get)
2) A copy of Magic Jellybean Keyfinder on a USB stick to pull the corporate key off the laptop BEFORE hooking it to an Internet connection. (easy to get)
3) Drivers and software for various laptop types downloaded from the laptop company websites (easy to get)
4) An external laptop HD case, for pulling laptop HD's and FULLY wiping them (using a secure-erase utility on a lab-PC) (easy to get)
5) A little time and care.

Ultimately, the total cost for this setup is no more than the cost of a Lab PC, the external drive case and a set of small drivers for pulling the laptop drives. If you want to really go hog-wild, you could setup a Ghosting station too, but that's not really necessary.

Now, if the system uses one of the Hardware-based Lojack setups, you're pretty much screwed, just part out the laptop and junk what you can't sell. But for any software system, it's cheap and easy to bypass for anyone with even the tiniest bit of IT know-how.

However, I do agree, just going and getting a real job is a MUCH better way of going about making an income. Less of an adrenaline jolt, perhaps, but much more reliable.

LoJack for laptops (3, Informative)

Fezmid (774255) | more than 6 years ago | (#21170303)

The article says it's Computrace's LoJack for Laptops. We looked into the corporate version awhile ago due to the remote-wipe feature.

If the laptop has the proper version of TPM, it will even automatically re-install itself if the thief reinstalls Windows. Not sure if that's a good thing or a bad thing, having the BIOS infecting the machine... If it's stolen though, it's a good thing.

Re:Thieves aren't that smart... (1)

tomz16 (992375) | more than 6 years ago | (#21169893)

Net bugs are a good thing to have, I think (got one on here), particularly given the plentiful supply of open wireless points in most large cities now. Turn on machine, bug sends data burst, thief is cornered. Hell, he doesn't even need to physically connect to a network these days.
Haven't really thought this through, have you? Where do you send the police?

Re:Thieves aren't that smart... (1)

Kamineko (851857) | more than 6 years ago | (#21170823)

To the IP address, of course!

Re:Thieves aren't that smart...? (0)

Anonymous Coward | more than 6 years ago | (#21170723)

Disclaimer:

Educational purposes only - submission as evidence by prosecution and/or plaintiff constitutes mistral, dismissal with utmost prejudice and/or overturn on appeal.

~ Gloves first
~ Use Isopropanol wipes to remove fingerprints
~ use hydrogen peroxide wipes to destroy DNA residue; don't use bleach for it is a corrosive.
~ Research make and model for security features, such as BIOS level wireless ID broadcasting (such info may not be published due to public policy reasons).
~ Do NOT power up laptop as is.
~ Remove NVRAM battery to clear NVRAM.
~ Remove any devices in the card bus slots and identify. If such are NICs, dispose (MAC addresses are unique therefore traceable)
~ Remove hard drive and copy contents thereof onto desktop system (dd if=/dev/hd? of=/home/spy/hdimage)
~ Wipe laptop hard drive clean (dd bs=256k if=/dev/zero of=/dev/hd?)
~ Disable any and all integrated NICs because there may exist BIOS level 'rat code'.
~ With all NICs disabled, copy and reverse assemble BIOS to check for any such code.
~ For those with $$$, build a copper RF shielding box (NSA, anyone?) with a WAP inside tied to a PC running tcpdump (isolated subnet) to see if it is trying to 'phone home'.

As for the net bug feature, that has some false incrimination potential.

Re:Thieves aren't that smart...? (1)

Ihlosi (895663) | more than 6 years ago | (#21170839)

~ Remove any devices in the card bus slots and identify. If such are NICs, dispose (MAC addresses are unique therefore traceable)



Actually ... they're "kinda" unique, but not "really" unique (they do get reused after a couple of years or whatever the "design life" of NICs is). That should make for some interesting false accusation scenarios.

Re:Thieves aren't that smart...? (1)

Ihlosi (895663) | more than 6 years ago | (#21170921)

~ Disable any and all integrated NICs because there may exist BIOS level 'rat code'.

How (apart from physically separating the NIC from the rest of the system, i.e. rip the chip off the board or cut the relevant PCB traces) would you go about that ?

Re:Thieves aren't that smart... (2, Insightful)

antifoidulus (807088) | more than 6 years ago | (#21170915)

Is the real money nowadays even in just pawning the computer as quick as you can? I would guess that nowadays, esp. in the corporate world, the data is often worth more than the device itself. I'm surprised more enterprising thieves haven't either held the data ransom or sold it to someone else. But then again, as you point out, thieves aren't necessarily the brightest bulbs in the box....

Sweet Christ (0)

Anonymous Coward | more than 6 years ago | (#21169765)

Ultimately it was the corporate headquarters of Outback Steakhouse who caught the thief with a bugged laptop that notified them when he re-connected it to the internet."

Do I really need to write up a how-to for would-be criminals?

Virtualize the hard drive! [rtfm-ed.co.uk]
Remove networking from the VM.
Look for whatever goodies you're looking for on the HD.
Blow away the HD [sourceforge.net]
Profit!

To quote discworld... (3, Insightful)

Tacobowl8 (1175465) | more than 6 years ago | (#21169791)

"If the theives guild invested in blue overalls with Al on them, they could get away with anything." Social engineering IS one of the easiest to exploit security holes. It isn't much of a surpise that laptops were stolen using this technique.

Khaki Bandit...? (0)

Anonymous Coward | more than 6 years ago | (#21169809)

seems like UPS means "Unidentified PC Stealer" as well as United Postal Service.

Wrong P (1)

stomv (80392) | more than 6 years ago | (#21169943)

United Parcel Service [wikipedia.org] .

check sunnyvale (2, Funny)

pak9rabid (1011935) | more than 6 years ago | (#21169901)

This sounds like something Ricky and Julian, er, I mean Cory and Trevor would pull

Re:check sunnyvale (1)

HalifaxRage (640242) | more than 6 years ago | (#21170711)

No, they would just steal the power cables and try to sell them back to the owners.

Outback Steakhouse (0)

Anonymous Coward | more than 6 years ago | (#21169915)

"No rules.* Just right."

* Except "Don't steal our laptops, mate."

No, not so smart.... (1)

mmullings (1142559) | more than 6 years ago | (#21170019)

FTA: "outfitted with software called Computrace LoJack for Laptops, made by Absolute Software"
It really is just a piece of software running in the background.
I was hoping it would be some sort of BIOS level code, but it looks like a system wipe would do the trick.

Not limited to technology (1)

hellfire (86129) | more than 6 years ago | (#21170071)

Obviously laptops and similar technology are the most desirable things to snatch in the workplace, but this is by far a new story, and old fashion thieves still steal old fashioned things.

We had a thief walk in one day and snatch a purse right off a desk 3 feet from me. I wasn't at my desk at the time. The thief walked right out the front door and even nodded to the receptionist, who noticed him as unusual and didn't recognize him but didn't see the purse. She did remember it was a man and that's about it.

She quickly cancelled her cards and got a replacement cell phone and the thief fortunately only got away with a few bucks in cash. Since then I never leave my desk without my cell phone or my wallet (which I used to leave in my coat in the winter).

We all want to be trusting of everyone around us, because it makes us feel good, and we don't know absolutely everyone, even in a business of 300 people. We implemented security since this and other incidents around the building. The company's been around since the 1960s and it's the first time we felt we needed security.

ID cards... (3, Interesting)

Veetox (931340) | more than 6 years ago | (#21170163)

...are really not enough for security. I work at a building that I need keycard access to, but cards eventually become worn and some break so that they cannot be displayed anymore, and the company won't pay for a new one every time that happens. So there are two results: People don't wear them explicitly, and people don't question who they are letting into the front door behind them. I'm personally in favor of having a guard stationed at a single entry, at least for larger buildings; someone who can recognize people's faces and can be held responsible for stopping people he doesn't know. ...There's the danger of him being an asshole, but I'd be willing to take that chance.

Re:ID cards... (1)

itsdapead (734413) | more than 6 years ago | (#21170321)

There's the danger of him being an asshole

...there's also the danger of the guy he doesn't recognize and challenges being an asshole that goes to the same golf club at the CEO. It only takes a few SIPs* to throw a hissy fit after being rightly denied entry and the security staff, unless adequately defended by the management, will stop bothering and/or just hassle anybody that doesn't look like a big shot.

(* Self-Important-Persons)

Re:ID cards... (1)

jellomizer (103300) | more than 6 years ago | (#21170613)

There is the case where there are a thrid party person to fix whatever... There have been cases where I was to fix a printer and I realized that I needed to bring it to the office for more diagonostics (aka I don't know what is wrong and have the experts take a look at it) So I tell the manager and walk out with the printer and no one stops to ask me or checks with managers I just walk right our without having an ID Card Becase I just sign the guest list going in. And the security guard asks me if I know where I am going (if I do) I go yes and walk straight there, and out with a $3,000 printer... The problem is people don't want to be jerks all the time and they feel better if they help people out.

Re:ID cards... (1)

un1xl0ser (575642) | more than 6 years ago | (#21171559)

The problem here may be the technology (if the card wear or failure rate is very high). In the end your company just has to suck up the costs and deal with it. The idea of having someone who recognizes everyone doesn't scale, doesn't work when you have many entrances and doesn't work well when you terminate someone.

Bugged Laptops? (1)

scorpiowulf (1181651) | more than 6 years ago | (#21170289)

http://www.wulfram.com?mkid=31257 [wulfram.com] - Sounds like this is going to start a wave of corporations bugging their laptops to ensure employees don't steal them and reconnect to the net! What fool didn't format the bloody thing anyway?

Not really news (4, Insightful)

Opportunist (166417) | more than 6 years ago | (#21170305)

I was working in a high security environment. You know, the whole thing with magnetic cards, guards sitting there and watching people going in and out of the building, timestamps everywhere, in short, the company knew down to a second where you've been all day.

Or rather, where your key card has been.

You guess what happened? Exactly. One of those cards was stolen, one of the high level IT cards to boot, and the thief just waltzed in and went out with 2 servers. Nobody bothered to ask him what he's doing there. He has access to highly sensitive areas, so why bother asking why he's hauling around servers. That's his job, you know?

When nobody is supposed to do something, nobody expects anything's wrong when someone does what isn't supposed to be done. Especially in a high rotation hire and fire environment. Do you think anyone would question it when you put on a uniform and a trainee button and just go behind the counter of some fast food restaurant? Just tell everyone you're the new guy and avoid the manager.

It works.

Re:Not really news (2, Insightful)

everphilski (877346) | more than 6 years ago | (#21170545)

I was working in a high security environment. You know, the whole thing with magnetic cards, guards sitting there and watching people going in and out of the building, timestamps everywhere, in short, the company knew down to a second where you've been all day.

A couple of things:
1) add a photo.
2) add name, company affiliation and division.
2) add personal information on the flipside. My badge has my height / eye color / hair color.
(Back when I worked for the Army, it also had things like the contract I was on, weight, etc.)
This requires either (a) modification of the card or (b) the thief to pick off someone very similar, and dress the part. Not to mention rote memorization. When I enter and leave where I work, I don't just have to wave the RFID over the door, there is a guard who physically inspects my badge, seeing if I look like the guy and match the description on the back.

That, IMO, is about as good as you can get, short of a DNA sample every time you come to work. You need to be able to match a keycard to a person, you need multiple facets to make a unique match.

Re:Not really news (1)

Opportunist (166417) | more than 6 years ago | (#21170983)

1) Only helps if someone actually cares to look at said picture.
2) Only helps the thief knowing where to go and what security level he has.
2 (the other 2) See 1.

I agree with you that some physical inspection by a person is the ONLY way this can be avoided. But try to convince a suit that they should hire new people for something a machine can do. Well, the machine can't, but it's good enough for standard situations.

What suits don't seem to get is that security ONLY deals with non-standard situations. As long as it's just a standard situation, you don't need security at all. But don't say it too loudly, or they just hear that they could cut costs by eliminating security altogether.

And here's how he was caught: (3, Informative)

farker haiku (883529) | more than 6 years ago | (#21170315)

I couldn't find the post asking how the guy was caught (i.e. what software), but here you go.
FTA:
Larry Brass, the Tampa Police detective who arrested Eric Almly this spring, says he's not permitted to endorse a particular product. But he says if Outback's laptops were not outfitted with software called Computrace LoJack for Laptops, made by Absolute Software, there is "no question" Almly would be walking free today.

Here is how it works: after a computer is stolen, the victim notifies Absolute's recovery team. When the thief accesses the Internet via that computer, the Computrace software on his computer silently broadcasts information that allows the team to determine his physical location.

With a street address in hand, police can make an arrest. The corporate version of the software gives subscribers the ability to remotely delete sensitive information from a computer.

Re:And here's how he was caught: (5, Funny)

Anne_Nonymous (313852) | more than 6 years ago | (#21170591)

>> how the guy was caught

It was an Outback Steak-Out.

Re:And here's how he was caught: (1)

Isaac-Lew (623) | more than 6 years ago | (#21170639)

Will this work if the thief wipes the drive & re-installs the OS? On my new laptop, I did notice a BIOS setting for some type of tracking system (which I enabled - I'm sure the powers-that-be would have other means of tracking me if they really wanted).

Re:And here's how he was caught: (3, Informative)

madigan82 (1179493) | more than 6 years ago | (#21170881)

We have Computrace installed on over 5,000 laptops in the field. It is installed in the BIOS so a simple format won't get rid of it. In fact, if they format it, the BIOS agent actually reinstalls the OS agent. One thing they don't mention is that you need to file a police report on the stolen laptop first before you can track it. But it works nice. We've had several that were "stolen" to wind up at the user's house or a friend's house. Not sure if any were actually ever stolen though since I don't handle that stuff.

y.ou 7ail it. (-1, Troll)

Anonymous Coward | more than 6 years ago | (#21170417)

Ebay enables this (1)

Jeff1946 (944062) | more than 6 years ago | (#21170463)

As the article says Ebay doesn't require listing laptops' serial #s. I would want to know the serial # of a laptop as a buyer to be sure it wasn't stolen.

Re:Ebay enables this (1)

PTBarnum (233319) | more than 6 years ago | (#21170957)

How would you as an individual know that the serial # was clean? Are there websites that maintain lists of stolen laptops?

Computrace (0)

Anonymous Coward | more than 6 years ago | (#21170465)

From what I've heard, the piece of software in question (Computrace) works by installing itself to the Windows partition (so it will auto-reinstall when Windows is wiped and reinstalled). Of course, it will not work if the thief simply installs Linux.

Ahh... the power of money (4, Interesting)

sootman (158191) | more than 6 years ago | (#21170683)

Ultimately it was the corporate headquarters of Outback Steakhouse who caught the thief with a bugged laptop that notified them when he re-connected it to the internet.

Which is funny as hell, because I've read several times on Slashdot (sorry, no time to search) about people who have their laptops set to do just that, but when they inform the police that their laptop is in use by a customer of this ISP with that IP address, they're told to go pound sand, that the police don't have time to go catch criminals that you can lead them to. It's trivial--especially with MacBooks--to have it send you not only the IP address but a picture of the theif if you want--but it seems to do no good.

Maybe the thing to do would be to get laptop insurance and then have the info emailed to the insurance company.

Security at my company is good! (4, Funny)

internetcommie (945194) | more than 6 years ago | (#21171007)

It consists of never buying new equipment unless it is absolutely necessary, and then buying second-hand if at all possible.
If a thief made it into the building and walked out with all the computers here, he might make $150 on ebay if lucky.
But he'd be more likely to just get a hernia.

Two million in one year? (2, Interesting)

LoudMusic (199347) | more than 6 years ago | (#21171095)

Somehow I have a hard time believing 2,000,000 laptops were stolen in a single year. That's nearly 5,500 per DAY. I don't think Dell even move than many laptops in a day. And I don't know a single person, personally, who had their laptop stolen. Ever. Where do these numbers come from? Are people just reporting stolen laptops for insurance claims? And now they have two laptops?

97% not recovered, you say (0)

Anonymous Coward | more than 6 years ago | (#21171313)

Right. My question is:

What percent of ALL stolen property is ever recovered. I bet it is no different than laptops. Heck, laptops seems likely to have a BETTER rate of return.

My experience is that if you get robbed, the cops fill out a report so you can send it to your insurance but otherwise have important speeding tickets to give out.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?