Filed under: Odds and ends, MobileMe
World's dumbest crooks: the saga continues
Yesterday we told you about some crooks that broke into a house and made off with a couple of Macs and a PC. We recounted how the victim used his replacement MacBook Pro to screen share with the stolen device, and even watch as someone filled out an online form to find a job, displaying an address, social security number and phone number. It's kind of amazing that the crooks would know enough to grab a pic from the camera, but not realize they have left the Mac wide open to the features of Back to My Mac.
Hopefully, the police will get in gear, and rescue the stolen computers, and grab the perps. Meanwhile, 'Jim' is cautiously considering getting back into his Mac and erasing any files with personal info on them. He just doesn't want to get caught and spook the thieves.
We'll keep you posted.
Get a WordPress.com Blog
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 3)
Brian Allen said 2:44PM on 9-01-2009
I thought someone was on the used computer I bought last week.
;)
Reply
hebejebelus said 2:46PM on 9-01-2009
He ought to use ssh, so he isn't noticed, but I'm not sure if that can work through back to my mac.
Reply
artifex said 2:58PM on 9-01-2009
If your user account is using File Vault, you can't log into it via ssh. Which is a real pain.
owenmhv said 2:53PM on 9-01-2009
hopefully the 'crook' doesn't read TUAW
Reply
Michael said 2:55PM on 9-01-2009
Really!
artifex said 2:55PM on 9-01-2009
Is every person with a stolen Mac tracking story leaving him or herself automatically logged in, or something? Because I don't see how a thief stupid enough to just power up a stolen computer and connect to the internet would easily get in past the username/password prompt. Sure, there are ways to do it, but really... isn't your first line of defense in the protection of your data to require a login? And even if they do break that, if you're running the built in File Vault, your personal data in your home directory should be secure.
Reply
iPhoneGuy said 3:11PM on 9-01-2009
Actually, a good practice is to create two accounts. One is a 'guest' account that is simply a highly restricted account with practically no capabilities but with the ability to log in without a password.
Then create your REAL account and password it. That way, a thief finds at least ONE account they can log into - and that hopefully stops them from simply wiping the drive clean right off the bat. That also gives you time to find them, etc.
artifex said 3:28PM on 9-01-2009
iphoneguy: Thing is, if the guest account is just the default guest account you can enable from the accounts menu, all of the thief's data gets erased every time he logs out. But yeah, I could see that being a good thing, if it makes him stay logged in all the time :) You'd also want to re-enable the selectable user login menu, if you disabled it, of course.
iPhoneGuy said 5:40PM on 9-01-2009
No, not the default guest account. You need to create your own and set it up as you need (for example, you would want to turn on certain remote access, shared screen, etc options, so you can actually get in and view it).
Sorry, didn't mean to imply the default one setup by apple (actually, forgot about it because the first thing I do is disable it :)
R2B2 said 2:56PM on 9-01-2009
If 'Jim' can ssh into his machine, he can delete anything he wants without being noticed. This assumes 'Jim' has Remote Login turned on in his sharing prefs and knows how to get around at a UNIX prompt though. He may have to risk controlling the screen one more time if it's off, and a little Googling would show him the basic commands he needs once he's in – ls, cd, rm, etc.
Reply
Mike said 11:33PM on 9-01-2009
Well, the whole ssh thing assumes that the person port forwarded port 22 on their router to the stolen mac, or has it directly connected to the Internet with no external firewall.
mario said 1:24AM on 9-02-2009
You guys are funny. You don't need to have ssh to log in to file access with back to my mac. Back to my mac handles all boring stuff of remote access and remote file access.
Wheels said 3:06PM on 9-01-2009
Would he be able to go into system preferences through screen sharing and tell the computer to ask for his password at login? I mean, he has the dumb@#$#@ name, address, and phone # (I'm assuming this because he watched the perp fill out a job application) and picture, so I doubt any more useful information could be gleamed from spying on him. If he's really concerned about personal info being compromised, I'd say lock the thing up, if he can.
Reply
Duncan said 3:31PM on 9-01-2009
But then the criminal might ditch it with no hope of our dear Jim getting it back again
Wheels said 4:16PM on 9-01-2009
If he got the replacement, he wasn't expecting to get thing back, anyway, or, at the very least, he covered himself in case he didn't get the thing back. The fact that he may get it back is just gravy (unless his insurance decides that, since Jim did get his computer back, they want the money for the replacement back). But, on the chance that he doesn't get it back, why be happy with just deleting some files and leaving the crooks with what they want: a functioning computer? Crime shouldn't pay.
Jeff said 12:48PM on 9-02-2009
I'm sure he'd still want the stolen goods back. It's called paying a deductible.
brad said 3:17PM on 9-01-2009
Jim should simply copy and paste his private info (ie, accnts etc) to his remote computer, and than change the numbers on the stolen computer. This wouldn't freak the thieves out, because the documents wouldn't be missing altogether. This is a great story! Can't wait for the updates. After they're busted, I do hope to see pictures!!
Reply
Fin said 3:18PM on 9-01-2009
If he's confident they're not about, he could run photo booth while he deletes stuff, it'll mean he can keep an eye out! =)
Reply
sircastor said 3:32PM on 9-01-2009
FWIW, there's no guarantee that this person is the thief. It could be a hapless purchaser. I would guess though that it is the thief. What's funny is the strange psychology that follows:
Thief steals computer
Then looks up lottery numbers
Then looks for a job...
It's like he's doing it out of order. You should look for the job first, then when you've given up hope of legitimately earning your money, try to gamble. When that fails, fall on theft...
Reply
Who? said 3:51PM on 9-01-2009
Why not just go directly to jail, not pass go, and pay me $200 (or whatever you'd have wasted gambling)?