Thieves who stole my iMac left a trail...
March 16, 2010 3:21 PM   Subscribe

My house was broken into and among other things, I had my iMac stolen, but I was able to get the burglar's IP address... What can I do with this info?

All residents of the house had left around 9AM for work on Friday the 12th, and upon returning around 6PM noticed the front door open. Noticed property missing, and broken back basement entrance.

One item that was stolen, a 27" iMac has file syncing service called Dropbox installed, and computer has synced in since being stolen:

Logged in to Dropbox:
3/12/2010 10:00PM 67.169.115.85, deleted files on the service.
3/13/2010 9:11AM 67.169.115.85
3/13/2010 10:11AM 67.169.115.85
There have been no further logins since then.

A free online trace indicated the IP address belongs to a Comcast subscriber in the Bay Area.

Incident was reported to Oakland PD, but I'm not sure if they will take action with this info.

What is the best step I should take? I talked to some private investigators and one is offering to trace the IP for $160. Is it worth it? Even if I do get an ID, what can I do with that information?
posted by mwang1028 to Computers & Internet (9 answers total) 12 users marked this as a favorite
 
The PI is just going to take your money, you aren't going to get any more than what you have without a subpoena against Comcast for subscriber information. You'll probably need a lawyer to help you with that.
posted by rhizome at 4:13 PM on March 16, 2010 [1 favorite]


Well, ethics aside (since it is a burglar we're talking about), why not use dropbox to send over a nifty little file titled something tempting, like tax_backup or bank_info.

Of course, this file should really just be a vector for a payload that will help you get some more info. Not being anything more than a “user” on a Mac, I couldn’t tell you what to use, but maybe someon else could recommend an easily installed program that acts as a keylogger, then emails updates. Pretty soon you’ll have facebook, bank, or other login details that you can use to figure out the identity and location of the computer.
http://www.google.com/search?q=mac+keylogger

Maybe a shortcut file (applescript?) that snaps a picture and saves it to your dropbox folder while opening a webpage that you or a friend have control over (and can view log files for ip addresses).

If you do get an actual address for your $160 (and make damn sure you do if you spend the money), you can walk down to the police and tell them your computer was stolen, and it is here: _____. Then request help retrieving it.
posted by terpia at 4:35 PM on March 16, 2010


I would be careful here. What if the burglar(s) already sold the iMac to some innocent unsuspecting party? Some of these scumbags sell off the goods pretty fast. I assume you gave the cops the IP addresses already? If not, do so. If the theft involved enough monetary value, perhaps this could be bumped up in crime category and the cops would be more likely to pursue the IP thing? Sorry - this sucks. You may also want to inform Apple.
posted by VikingSword at 4:36 PM on March 16, 2010 [1 favorite]


Put your energy into changing CC accounts, contacting your bank, changing user names and passwords.

Let the insurance company pay you for the computer...

Let the cops do what they will (probably nothing)...

And get whatever help you need for the feeling of being violated.....

And, what VikingSword said...
posted by HuronBob at 5:01 PM on March 16, 2010


Oakland PD? Goooood luck with that. What a sucky, powerless feeling, though...hope you didn't lose too much precious data.
posted by circular at 5:09 PM on March 16, 2010


Did you leave any services running on it? SSH login, Apple remote desktop?
posted by floam at 7:16 PM on March 16, 2010


I talked to some private investigators and one is offering to trace the IP for $160.

That's interesting; I would have (like rhizome) thought that it'd take a subpoena to get the information. If the PI is able to do this, then it raises the question of how and if you could do whatever it is he'd be doing.

You might try asking pressing him a little about what that is, and how reliable he's found whatever his method is in the past.

My guess is that the PI either knows what kind of person (or a specific person) he can call at Comcast, or if he's ex-law-enforcement, he knows people still in it who know this. Or there's a quasi-public utility database out there that includes Comcast subscribers. Particularly in the latter case, I would be wary of how effective your option might be, given some of my past experience with database-based services for reverse phone lookup.

If it's the former... it might be interesting to see how far you can get yourself just by calling Comcast and explaining the situation.
posted by weston at 7:35 PM on March 16, 2010


According to ip2location, the IP address traces back to a head end in the south bay. Now, this won't narrow down to an address, but you now have another jurisdiction's police force to ask. (I tested with my Comcast IP address and it put me within 2 miles of where I live.)

Can't hurt, right?
posted by aberrant at 9:23 PM on March 16, 2010


When I provided the police with an IP address for my stolen laptop, it took them a few weeks to get the subpoena for the IP address, but they did do it. This was in Chicago. They went in and arrested the guy living at that address, although by that point they didn't find my computer. They had me do a line-up -- he wasn't the one who mugged me, unfortunately -- but they said they'd found an illegal gun in the apartment, so they kept him in jail.

All of which is to say that the police may indeed act on your information, but I wouldn't keep your hopes up for them doing it fast enough for you to get your stuff back.
posted by wyzewoman at 8:45 PM on March 17, 2010


« Older What can you tell me about the...   |  Please direct me to interestin... Newer »
This thread is closed to new comments.