Forgot your password?
typodupeerror
Crime Portables

Retrieving a Stolen Laptop By IP Address Alone? 765

Posted by kdawson
from the schooling-the-law dept.
CorporalKlinger writes "My vehicle was recently burglarized while parked in a university parking lot in a midwestern state. My new Dell laptop was stolen from the car, along with several other items. I have no idea who might have done this, and the police say that without any idea of a suspect, the best they can do is enter the serial number from my laptop in a national stolen goods database in case it is ever pawned or recovered in another investigation. I had Thunderbird set up on the laptop, configured to check my Gmail through IMAP. Luckily, Gmail logs and displays the last 6 or 7 IP addresses that have logged into your account. I immediately stopped using that email account, cleared it out, and left the password unchanged — creating my own honeypot in case the criminal loaded Thunderbird on my laptop. Sure enough, last week Gmail reported 4 accesses via IMAP from the same IP address in a state just to the east of mine. I know that this must be the criminal who took my property, since I've disabled IMAP access to the account on all of my own computers. The municipal police say they can't intervene in the case since university police have jurisdiction over crimes that take place on their land. The university police department — about 10 officers and 2 detectives — don't even know what an IP address is. I even contacted the local FBI office and they said they're 'not interested' in the case despite it now crossing state lines. Am I chasing my own tail here? How can I get someone to pay attention to the fact that all the police need to do is file some RIAA-style paperwork to find the name associated with this IP address and knock on the right door to nab a criminal and recover my property? How can I get my laptop back — and more importantly — stop this criminal in his tracks?"
This discussion has been archived. No new comments can be posted.

Retrieving a Stolen Laptop By IP Address Alone?

Comments Filter:
  • by LostCluster (625375) * on Monday July 12, 2010 @09:37PM (#32881912)

    University cops do the bidding of the school... they're more into securing physical spaces and crowd control than anything in the tech sphere. But there's some part of the school that handles the misbehaving students, and they're the ones to contact. You've got your $1000 laptop missing, they get to threaten his $30,000-$120,000 investment in education.

    This is the threat the RIAA/MPAA loves to use, they don't have the school police raid the computer, they just get the school admins to hammer the kid.

    • by Fluffeh (1273756) on Monday July 12, 2010 @09:42PM (#32881964)

      University cops do the bidding of the school...

      Just call the RIAA and tell them that IP downloaded a song. They seem to be able to do all the John Doe stuff through the courts to find out who it was...

      • Come on CorporalKlinger - you know they're reading your mail - work with it. Do I have to get Radar to bail you out?

        1. Create email account hotchick2010@gmail.com
        2. Email your old email account saying something along the lines of how hotchick2010 misses "you", but hotchick2010 is glad that "you" found someone else, and btw - remember that friend of hotchick2010 who lives in $TARGET_AREA who you thought was so hot ... she's single now, and wants to know if you know anyone from $TARGET_AREA who might be interested.
        3. Thief will email hot chick2010 to set up a meet with "your" friemd.

        Bonus points if you pull a real Corporal Klinger and go in a dress. Either way, bring a camera. And a few friends. Make him wish he was in Toledo.

      • by julesh (229690) on Tuesday July 13, 2010 @03:37AM (#32884258)

        Just call the RIAA and tell them that IP downloaded a song. They seem to be able to do all the John Doe stuff through the courts to find out who it was...

        Actually, you can do that stuff yourself. File a claim with the courts for recovery of your possession, send a subpoena to the ISP, get the address, then either serve papers to continue the possession claim or hand the address to the state police.

        • by paeanblack (191171) on Tuesday July 13, 2010 @07:17AM (#32885168)

          Actually, you can do that stuff yourself. File a claim with the courts for recovery of your possession, send a subpoena to the ISP, get the address, then either serve papers to continue the possession claim or hand the address to the state police.

          Another option is to visit your local congresscritter's office. If you can get a staffer to send a "yo, what's the holdup here?" letter on behalf of your representative, that usually greases the wheels just enough to get them moving again. This is also a good way to restock on pens, buttons, and bumper stickers if you happen to be running low.

    • Re: (Score:3, Insightful)

      by Compulawyer (318018)
      Ummm.. and what if the thief is not a student?
      • There are multiple jurisdictions involved, any of which could choose to pursue the case if they wanted to. They include:

        • University police where laptop was stolen from
        • Local police where the laptop is now
        • State AG from both states
        • FBI, because laptop traveled state lines

        The best revenge is that which you can obtain for yourself. Find out what ISP has the IP address. Contact the local police where that ISP is and ask that they contact the ISP to get the subscriber data for that IP. If that doesn't work, you can sue John Doe from your own jurisdiction and force the ISP to provide the information you seek. The police may be more willing to take up the case if you do the legwork.

        Another option too is to contact the prosecuting attorney who handles the university polices cases. They might be able to pressure the police to take action, considering the ease with which the criminal can be identified.

        Lastly, but certainly not leastly, post the IP address to 4chan. They have more than enough unscrupulous individuals that could find the person for you. If nothing else, they will at least DDOS the IP for you.

        • by MarcQuadra (129430) on Tuesday July 13, 2010 @12:00AM (#32883160)

          Have you tried calling your insurance company and telling this to them?

          First, file a claim. You have renter's insurance, right?

          Assuming you haven't...

          Do an nslookup on the IP address to find out what you can glean about which ISP/node the user is at. You might be able to do some sort of geographical IP lookup, I know mine narrows it down to about three houses.

          Call the local police in -that- area and tell them that you've identified your stolen property, conference a police detective in with the ISP and see if the ISP folks fold and give an address/account that's actionable. There's still no warrant, so the officer will likely stop by and 'ask politely' (especially if you offer to ride-along). Failing that (meaning that the thief knows their rights), you'll have to ask the officer to get a warrant, which he will bitch and moan about, and it likely won't happen.

          By this time, that insurance deductible is looking mighty reasonable, and you should get a policy.

          If you're dead-serious about justice and you know the address/account... Take the person to small claims. You won't need a lawyer if you have everything written down and articulated, and have friendly municipal workers in your area. I'm not entirely sure, but I think that those judges have an easier path (a fellow judges' number) to get a warrant issued, and then you're back to the cops.

          Now... In the future... Keep a better eye on your stuff, get an insurance policy, and -always- stash enough money to pay the deductible somewhere where you won't spend it. I guarantee the $12/month and $250 in your 'unlinked' savings account would be more than worth this kind of effort. Plus, acting like a fat-cat and having a new laptop paid for is much more rewarding than rarely-served justice.

          • Re: (Score:3, Insightful)

            by shermo (1284310)

            Are the condescending 'you should have had insurance' comments necessary?

            Insurance is a really fucking good idea if you drive and could face effectively unlimited liability if you kill or, worse, injure someone. It's also a good idea in some other situations where $replacement_cost >> $personal_liquidity.

            This doesn't look like one of those situations. It sounds more like this guy wants to catch the criminal than that he wants reimbursement for his $1000 laptop.

            • by KingSkippus (799657) on Tuesday July 13, 2010 @01:08AM (#32883586) Homepage Journal

              Insurance is a really fucking good idea if you drive and could face effectively unlimited liability if you kill or, worse, injure someone.

              Actually, if you do something to be liable for killing or seriously injuring someone, it's pretty damn likely that insurance won't help you.

              Get out your policy. Go ahead, I'll wait. Now read it carefully. Somewhere buried in there is the maximum amount of money the insurance company will pay for such a claim. Now go look up how much plaintiffs win when you're held liable for someone dying or getting maimed, and compare it to the first number. If you kill or main someone, you're pretty much going to declare bankruptcy unless you're Bill Gates, pure and simple, and there's not a damn thing having insurance will do for you.

              What insurance is good for is one thing and one thing only: To handle things between minor fender benders up to totaling a car and/or covering relatively minor injuries to others or major ones to yourself. Anything past that and you're screwed. Anything less than that, and you're better off simply paying out of your own pocket because of how much higher your premiums will be.

              In case you don't know this yet, insurance is a scam. It sounds nice in theory, but it's legalized gambling with a twist--you're betting money on something bad happening instead of something good. Just like in a casino, in which the house always comes out ahead, the insurance companies will always come out ahead, too. There's actually a special word for people who make sure this stays true, they're called actuaries [wiktionary.org]. Add up all of the money you--and your employer, on your behalf--have paid over the years for insurance, and imagine how far that money would have gone had you paid it into, I dunno, a mutual fund or something instead of paying for actuaries and marble-halled buildings. You might actually be able to pay off a large liability claim if you had.

              And now, a lot of states have mandatory automobile insurance laws on the books. Do you live in one? I do, and I remember when it went into effect. If you do, have your premiums gone down because so many more people are now paying into the system and because there are so fewer uninsured motorists on the roads now? Yeah, mine haven't either. Funny how that works, isn't it? Again, it sounds nice in theory, but in reality, these laws are just a blatant money grab by insurance companies to use police power to force you to pay them money. Like I said, the industry as a whole is a scam.

              • by shermo (1284310) on Tuesday July 13, 2010 @01:21AM (#32883658)

                I totally agree with you. I had a similar rant typed in about expensive yachts and skyscrapers, but I've posted such here before and it doesn't generally go anywhere productive.

                With regards to the third party insurance issue I thank you for correcting me. I was writing on the assumption of an American audience and it's not too surprising I got it wrong.

                In my country of residence we can't be sued into bankruptcy, due to a government department that pays for injuries arising from accidents. We are still liable for actual damages, but million dollar lawsuits for pain and suffering don't happen. As a result my yearly premium on a V6 sedan is 127 dollars.

                PS - My father is in fact an actuary. Your expected return on most policies is 50 - 70 cents on the dollar.

              • Re: (Score:3, Insightful)

                by Spazztastic (814296)

                Like I said, the industry as a whole is a scam.

                Same thing with the surge in DUI arrests in the past decade (or a little more). The insurance companies pressured the police into actually charging people with DUIs instead of making them walk home or dropping them off in the drunk tank because they realized that they can charge otherwise very safe drivers who had a little too much at a cocktail party with insane premiums.

          • Re: (Score:3, Insightful)

            by tehcyder (746570)

            Now... In the future... Keep a better eye on your stuff, get an insurance policy

            Yes, because it's the victim's fault. Thanks for that.

          • by Chapter80 (926879) on Tuesday July 13, 2010 @10:41AM (#32887248)
            I have talked to ISP's before about legal issues (specifically, a hacking incident). I said "hey, there's a hacking incident coming from one of your IP addresses, and I need all the information that you have on the person."

            Their questions: "Are the police involved?" and "Are you a network administrator?"

            Since I answered the questions right ("No" and "Yes"), they gave me all the information. Had the police been involved, their instructions were to only provide information with a warrant.

            The moral of the story is to ask for the information first, prior to getting the police involved. Mod me up, so the guy sees this critical piece of information!
        • Lastly, but certainly not leastly, post the IP address to 4chan. They have more than enough unscrupulous individuals that could find the person for you. If nothing else, they will at least DDOS the IP for you.

          That is the last thing you should ever do for a number of reasons. DDOS violates the computer crimes act here in the US (and using an illegal method to regain your property is never a good idea as you will end up in court charged with a crime yourself).

          Filing a claim in your local state court is not all that expensive (and with the help of the local free law association, you might actually get it done properly).

          One rule to remember when going up the 'food chain" at your University: always be nice. explain your situation in a clear and logical form and request that they help you. if they can't, get referred further up the chain. you will eventually get to someone who can say yes or take action (usually at the university presidents level). also, do follow up with the local police and send a certified letter to the local FBI office asking for help (send a fax and an e-mail as well). If you need to, get the local news media involved (beauracracies don't like negative public exposure). In all these cases, BE NICE! Stick to the point and don't embellish.

          The more of a paper trail you can establish, the better your chances of regaining your property expeditiously.

        • Good advice (Score:4, Informative)

          by epseps (39675) on Tuesday July 13, 2010 @01:07AM (#32883582)

          Except for the 4chan part. The IP they DDoS might not be assigned to the thief when they get it. (also illegal blah blah)

          To add to the IP address part:

          When you find the ISP, call them. Wait on the phone, get transfered to people. Always be nice and polite and say stuff like "I understand you are really busy.." and "I know this is an unusual request but..." and patiently wait, acknowledging their apologies and asking advice like "what can you do for me?" and "is there anyone else I can talk to?"

          Doing this will get you far.

          Now, tell the person who you finally get on the phone with the IP address and the TIME it was accessed. If the IPs were of the same ISP then ask if each one used the same MAC address at the time it was accessed. Then ask "Can you give me the information on that account or do I have to do something else?" You might get someone who does, you might get transferred to someone who can give it to you or you might be told that it might have to be done with more formal measures.

          Then get the address of where the company receives subpoenas, get the person's name who you talked to. Ask them who to ask for next time if you have any more questions. Thank them for their time and their help and then call the cops with the information you got.

          This works. I have done it before (but not with a stolen laptop). Sometimes the information you get is astounding. Sometimes they blow you off (Verizon will do both but they have big call centers so try many times)

          Good luck.

               

          • Re: (Score:3, Informative)

            by guyminuslife (1349809)

            I used to work at a Verizon call center. I didn't even realize there were other centers that wouldn't blow you off. We weren't able to access that kind of information; if you got me on the line when I worked there with that question, I almost certainly would have ended up bouncing you around.

            Believe me, it's not that I'm not sympathetic to the issue, or that I get off on screwing someone, it's that Verizon's call centers (or at least, the one I was at) are so amazingly fucked up that, in that situation, I w

    • by icebike (68054) on Monday July 12, 2010 @09:50PM (#32882070)

      As I read it, it was stolen FROM a university, and is now located one state away.

      So neither the local Muni's or the local Uni's are the right jurisdiction.

      Where the machine is NOW is what matters. Those are the only cops who can go knocking on doors in that jurisdiction.

      • by Runaway1956 (1322357) on Monday July 12, 2010 @10:28PM (#32882458) Homepage Journal

        Icebike gives the answer that matters. You send a copy of the original police report to the police WHERE THE IP IS LOCATED, and ask them to pick up your computer. The cops in your state cannot do anything, but the cops in the state where the computer is located certainly can. IF they are tech savvy enough to understand your evidence, and to subpoena the ISP for the address.

        • by pyronordicman (1639489) on Tuesday July 13, 2010 @12:05AM (#32883200)
          I have a friend who was in a similar situation a while ago. Luckily, he had sshd running and the thief wasn't behind NAT, so we had ssh access to the machine once we found its IP address. The local police didn't know about IP addresses, so we were unsuccessful in motivating them to subpoena the ISP. However, we were able to remotely install Undercover [orbicule.com], which used nearby SSIDs to give an approximate location of the laptop. Based on our work with Kismet and a directional wifi antenna, we were able to localize the thief to a single apartment building. With this information, the thief's name (gleaned from monitoring the thief's visits to myspace), and a multitude of webcam photos of the thief, the police managed to just walk in to the front office, get an apartment number, and retrieve the laptop. Unfortunately, none of this will help if you don't have remote access...
          • Re: (Score:3, Informative)

            by Barny (103770)

            Yeah, you were lucky in that instance, pretty much all internet connections here are behind a NAT firewall.

            I know if my laptop is stolen its game over, so I just make sure its insured for full value, has a bios password and the drive is truecrypted and fully backed up every night, if the thing gets stolen, I get a free upgrade :)

      • Re: (Score:3, Interesting)

        by digitalunity (19107)

        I'm not sure where you're getting your legal theories from but it isn't right.

        If I steal a car in Minnesota, the state doesn't lose jurisdiction because I go to Wisconsin. Both states can prosecute me, but only Wisconsin can arrest me. Minnesota has to ask Wisconsin nicely(via extradition) to hand me back to them. The charges aren't necessarily the same though.

        In this hypothetical, Wisconsin could prosecute me for probably a variety of misdemeanors or maybe even felonies. Likely, they would prefer to extrad

      • by irving47 (73147) on Tuesday July 13, 2010 @12:12AM (#32883258) Homepage

        I suggest calling the ISP yourself if you haven't already and BEG them to get you to their 2nd or 3rd level support guys that can get to someone that can at LEAST preserve the IP lease information for you. Just in case it takes a while to educate or motivate the cops.

    • by Anonymous Coward on Monday July 12, 2010 @10:21PM (#32882392)

      Talk to the dean of your college. Call up and setup a meeting. Remember HIS time is important. So make it quick.

      "I recently had my laptop stolen. The police say it is the campus police jurisdiction. They refuse to help. I have an IP which uniquely identifies who it is. However I need their help getting the proper warrants to find my laptop. Please help me I need my laptop to continue my education here.'

      You would be amazed the reaction you get. The campus police have people *THEY* answer to. The dean will pick up a phone and make it happen.

      If the dean refuses to help. Your next stop should be your local college newspaper and the local city newspaper laying out the story. Embarrass them into helping you. However, remember you are now flaming out a bridge over a 1k laptop. Be prepared for that.

      Now another response is to go back to the local campus police and lay it out for them. What is an IP? How to get an search warrant for an address. Make it STUPID easy for them, (in many cases you are dealing with ex jocks/military grunts who really couldnt cut it at any other job). I used this approach a few times with other stolen items over the years. Cops can be lazy. Remember you are dealing with basically babysitters here. They are not exactly having rocking cases and have been relegated to babysitting the 'rich brats'. A hard night for them is when there is a major game on. So lay the whole case out for them. Show them how for a few hours of work they can do the good thing. Be personable. 'hey hows it goin' 'looks like you had a rough night last night...' etc... Its cheesy but it works. It shows you are not looking for them to run forms for you but want help and hey they can help right? If you go in with phone numbers and address instead of an IP that could help too. It shows you are interested in getting your property back and have run into legal black holes that only they can help with. Show them you are willing to help them out. Cops are notoriously 'you scratch my back I scratch yours'.

      Another place you could go is the mayor of the city you live in. "The police are giving me the run around in recovering my property even though we have enough information to find the criminal". The MAYOR runs the police... You can also get a civil judgment to compel them to help you. This could make your life really uncomfortable in the future MAKE SURE YOU ARE WILLING to do it. You need to ask yourself what are you willing to do to recover your property?

    • by Ungrounded Lightning (62228) on Monday July 12, 2010 @10:49PM (#32882656) Journal

      OK, so the laptop was stolen on school grounds. But the problem is now to locate and recover it from another state. The school cops have jurisdiction on school grounds and keep the peace there. So if the laptop turns out to be on another campus you could try the cops in THAT school (though it seems unlikely, since the person holding the laptop is using a service). Don't expect the cops at the school where it was lifted to go out of their way to chase down stolen property in another state, outside their jurisdiction. Once you have a specific thing to ask for (like trying to get the location from the ISP and forward that info to the cops of local jurisdiction there) maybe they'll do it - and maybe not.

      Got the report number? You (or a lawyer) might be able to get the ISP to cough up the info with that, or get started on getting a court order if they're reticent.

      (You might also try the county sheriff. In some states they have overriding jurisdiction on school grounds. File a crime report with them, too.)

      = = = =

      The laptop is phoning home from an apparently static IP address - or a long-duration connection. Can you remotely log into it? If so you might be able to do things like turn on the microphone, look at files the new user is taking notes in, or follow his browsing. Does it have a built-in camera? Does it have any remote administration or monitoring software installed - or could you install some remotely?

      Does it have built-in WiFi and if so do you have the MAC address of it? (You could probably get it by that hypothetical remote login if you don't have it recorded.) If the WiFi is on or can be turned on and if you can get the neighborhood information you could then sniff the location when nearby. (That would also help the cops with jurisdiction in the area if you go along with them to sniff it when they want to bust it. Gives 'em probable cause.)

      Note that IANAL. So I could be talking through my Stetson.

      Check with a lawyer if you can find one with the appropriate specialization. If you're a student at that university you might have legal advice resources available through them. Or if they have a law school ask who among the faculty is expert on this and talk to that prof. Academics sometimes like to help, especially where the law is squishy. B-)

  • Post the IP address (Score:5, Interesting)

    by MichaelSmith (789609) on Monday July 12, 2010 @09:41PM (#32881952) Homepage Journal

    Then maybe somebody here will have something close enough for you to be able to identify the ISP.

    • by CorporalKlinger (871715) on Monday July 12, 2010 @10:04PM (#32882218)
      OK, I'm going to post the IP since it's been requested. According to Gmail, it was last accessed 3 hours ago from this IP. The IP address has been the same EVERY time it's been accessed, starting June 28, 2010. It traces to Cincinnati Bell's Fuse Network (a home internet service). I can't get anywhere with Cincinnati Bell's customer service. "Customer privacy rules," they say.

      Here's the IP: 208.102 (DOT) 223.137
      I split it up so auto-filters and bots wouldn't find it.

      Thank you everyone and anyone who may be on the inside of 'Ma Bell who can help me track this thief down. I apologize if this is a TOS violation for Slashdot, but I am really at wit's end and have PROOF that this is the IP that's violating my account. I need your help.
      • Re: (Score:3, Informative)

        by CyberBill (526285)

        208.102.223.137 resolves to
        "MW-ESR1-208-102-223-137.fuse.net"

        Administrative Contact, Technical Contact:
        Hostmaster, Fuse hostmaster@fuse.net
        Fuse Internet Access
        Cincinnati Bell Telephone
        209 W. Seventh St., 121-550
        Cincinnati, OH 45202
        US

        • by SailorSpork (1080153) on Monday July 12, 2010 @10:49PM (#32882658) Homepage

          Post his IP address on 4chan, not here. Within minutes, they'll have his name, address, mother's maiden name, his high school yearbook picture photoshopped onto longcat, 50 pizza delivery guys on the way to his place, and the FBI at this guy's door to search his (your) laptop for child animal porn. ...or maybe that's not such a good idea.

          • Re: (Score:3, Insightful)

            by Anonymous Coward

            Don't do this. I know of a few chans that could definitely get dox on that guy: I've seen them social engineer contact, even billing, information out of ISPs. Heck, during the opening days of the Anon vs Scientology thing, before the protesters took over, I saw people obtain secret Scientology documents through a combination of hacking and social engineering. They could definitely get that info. However, in your case, you want something that's permissible in a court of law. So you can't go with any illegal

      • by Anonymous Coward on Monday July 12, 2010 @10:16PM (#32882344)

        OMG, we tracerouted the IP address and it's coming from upstairs!

      • by ffohwx (1434637) on Monday July 12, 2010 @10:28PM (#32882448)
        Well...I know they should be able to easily figure out who it is. I have fuse myself, and they use a static lease on their IP addresses which should make it all that much easier for them. lol. According to http://geotool.flagfox.net/ [flagfox.net] that IP seems to be in New Richmond, OH. Give the LEOs there a call and see what they can do.
      • by Low Ranked Craig (1327799) on Monday July 12, 2010 @10:56PM (#32882734)

        OK, That IP address resolves to New Richmond outside CIncinatti. http://geotool.flagfox.net/ [flagfox.net]

        Call the New RIchmond Police: 102 Willow Street New Richmond, OH 45157-1354 (513) 553-2001

        You're welcome

      • ping! it's online. (Score:3, Informative)

        by goombah99 (560566)

        ping 208.102.223.137
        PING 208.102.223.137 (208.102.223.137): 56 data bytes
        64 bytes from 208.102.223.137: icmp_seq=0 ttl=49 time=91.270 ms
        64 bytes from 208.102.223.137: icmp_seq=1 ttl=49 time=102.547 ms
        64 bytes from 208.102.223.137: icmp_seq=2 ttl=49 time=85.332 ms
        64 bytes from 208.102.223.137: icmp_seq=3 ttl=49 time=91.327 ms

        traceroute to 208.102.223.137 (208.102.223.137), 64 hops max, 52 byte packets

        7 pos-0-10-0-0-cr01.denver.co.ibone.comcast.net (68.86.86.22) 44.308 ms 36.699 ms 26.050 ms

  • by teshuvah (831969) on Monday July 12, 2010 @09:41PM (#32881954)
    We saw that the police bent over backwards and ransacked a man's home when he possessed a missing iPhone of Apple's. But when a normal person loses an item and has a lead for the police to go on, they aren't interested. Just further proof that the justice system is bought and paid for by corporations, and they exist only to ensure that corporations make money. Sickening.
    • by Anonymous Coward on Monday July 12, 2010 @10:34PM (#32882504)

      You don't know the half of it.

      A couple years back, I worked at a place once that dealt in video games and consoles and an older customer came in and stole an X-Box. This guy was about 6ft 8 inches and pretty big. We let him get away cause hell, we had his name, we had his phone number, we had witnesses, and we even had him on camera. You can't get more open and shut than that.

      Well, I was calling the cops once every couple of days after I reported him to see if they had got started on it. After about 2 weeks, they told me that they weren't going to do anything about it. They said that unless he stole over a thousand dollars worth of stuff it wasn't even worth it to assign it to an officer regardless of how much information we had. I actually did a reverse phone number search of his cell phone number and told them the provider so they could use it for his address if the fact we had his name, description and photo wasn't enough.

      After that, from that point on, the cops became the last people I call unless I can get the media involved. I call friends and family first now otherwise, street justice is about the only justice you can get without having cash or influence.

      • Re: (Score:3, Insightful)

        by MikeFM (12491)

        I once worked somewhere that we had the networks attacked, phone lines cut, and other kinds of harassment by a competitor. The local cops said they wouldn't do anything because it involved technology. The FBI said they wouldn't do anything because the damages weren't over a million dollars.

      • Re: (Score:3, Insightful)

        by mrjb (547783)
        "After about 2 weeks, they told me that they weren't going to do anything about it."

        If the police don't do anything when given all the info needed to bust someone, they're not going to do anything at all, ever. If you ask them why, they answer you that they're "too busy". As a result, cases go unsolved. The crooks know it; so they get away with it. As a result, crime rises, and the police are now *even busier*. So basically the police are simply letting crime spiral out of control.

        We seriously need Batm
  • by icebike (68054) on Monday July 12, 2010 @09:44PM (#32881984)

    That IP could be behind a router at a School or Library with thousands of computers behind it.

    There is no way to determine who is leasing that IP without forcing ip block owner to cough up records. That will probably take a court order, and they won't tell you, (fearing you will show up gun in hand).

    If you get a court order they will tell the local authorities in the jurisdiction where the IP resides. That could be any one of 20 different police departments if it is in an urban area.

    But if you can track it to a specific area, (traceroute is your friend), you might get a cop from an small not too busy department to go out and check the address.

    I say MIGHT.

    Busy departments will laugh you off and tell you to file an insurance claim.

  • Replevin (Score:5, Informative)

    by Compulawyer (318018) on Monday July 12, 2010 @09:44PM (#32881986)
    Go to your University's legal aid office and talk to an attorney. If your University doesn't have a legal aid/legal affairs office that helps students, go to the community's legal aid office to see if you qualify for free legal services. Even if you do not, you may still be able to get the name of an attorney who will be willing to help.

    See if you can file a civil replevin action against John Doe to recover the laptop. That will give you the ability to issue subpoenas to trace the IP address. Once you have the identity of the thief, report the information to both the campus police (for the theft) and to the local police (for possession of stolen property). Good luck!

  • Use your email (Score:5, Insightful)

    by Dan East (318230) on Monday July 12, 2010 @09:45PM (#32881994) Homepage Journal

    Obviously they've launched Thunderbird, so they are possibly interested in gleaning whatever information they can in that way. You could try sending a trojan to your account in the hopes that they run it, in order to open some remote access to your machine. Perhaps based on their web browsing history, etc, you can determine more specifically who they are.

    Also note that the person may have purchased your laptop unaware that it was stolen.

  • by drsmack1 (698392) on Monday July 12, 2010 @09:46PM (#32882006)
    Post the IP here and the s/n of the laptop. Then sit back and wait. All *you* did was post some info - just cannot be held responsible for the life-altering ass-beating that the person found with the laptop will most certainly receive.

    Sometimes you just have to let the system work.
    • Re: (Score:3, Funny)

      by Anonymous Coward

      Because you should trust a story written on the Internet enough to assault a stranger.

  • by garyisabusyguy (732330) on Monday July 12, 2010 @09:47PM (#32882018)

    the school cops may be more willing to help

    This site claims to get it down to the ISP or provider:
    http://www.ip-adress.com/ip_tracer/ [ip-adress.com]

    SO, then you would have to look up your local laws and what is needed to identify the person or block that the IP is assigned to. Next, you have to start "kicking down doors" (it might take a few) and recover your property in a stunning raid.

    Probably not, get an encrypted hard drive on your next laptop so that it just becomes a brick for anybody that takes it

    • by CorporalKlinger (871715) on Monday July 12, 2010 @09:57PM (#32882152)
      I got the IP tracked down to Fuse Network on Cincinnati Bell's home internet service. I'm not going to post the IP address here since that probably violates the TOS of Slashdot or something. I will try calling Cincinnati's police tomorrow, but with the size of the city - and the fact the crime took place in Indiana - i doubt I'll get anywhere.
      • Re: (Score:3, Funny)

        by L4t3r4lu5 (1216702)

        I'm not going to post the IP address here since that probably violates the TOS of Slashdot or something...

        Uhhh... wut? [slashdot.org] You have a real short memory, bud.

  • Easy as Pi (Score:5, Funny)

    by Willtor (147206) on Monday July 12, 2010 @09:48PM (#32882048) Journal
  • Report it to Dell (Score:5, Informative)

    by novafluxx (1089189) on Monday July 12, 2010 @09:53PM (#32882102)
    Make sure you call Dell and report it and give them the case number, they can flag it in their system as stolen and if anyone calls in on that system's tag...they'll obtain as much info as they can and act like nothings wrong.
    • by nmos (25822) on Tuesday July 13, 2010 @01:48AM (#32883800)

      Make sure you call Dell and report it and give them the case number, they can flag it in their system as stolen and if anyone calls in on that system's tag...they'll obtain as much info as they can and act like nothings wrong.

      And that's different from how they'll act if you don't report it exactly how?

  • by barnyjr (1259608) on Monday July 12, 2010 @09:55PM (#32882120)

    I'm a cybercrimes detective and computer forensics examiner in a Sheriff's Department and do this all the time. It simply requires a subpoena to the ISP that the IP address returns to. If the campus police and city police won't do it, try your county or state police agencies (both which also have jurisdiction). In my state, all police officers have power anywhere in the state and I could "technically" investigate and/or charge anyone with a crime anywhere in the state. We just don't typically do this because it's stepping on each other's toes. As a county officer though, I frequently investigate crimes involving cases inside city or town limits if that agency doesn't have the capability. If the IP address ends up being from another state, we just contact the local police there to ask for their assistance.

    Keep asking and ask to talk to a supervisor if they are not helping as much as you would like. While there is no obligation from a police agency to necessarily do everything they can on a property crime, most department heads will do what they can to keep the public happy.

    Like others have said though, you may simply get a return to a campus, business, or open wireless network.
    Good luck.

  • Civil action (Score:5, Interesting)

    by KiahZero (610862) on Monday July 12, 2010 @09:56PM (#32882136)

    Not legal advice, but you might consider that there is not only a criminal case against the thief, but also a civil case. If you want it back badly enough, you may be able to get a local lawyer to initiate a civil action against the John Doe and subpoena the university to get the identity of the person in possession of the laptop (you could also do this yourself, but it could be very easy for a non-lawyer to make a fatal mistake when going up against the general counsel of a university to enforce the subpoena, assuming they don't just give in, so I don't really think I'd recommend it). That not only identifies who it is so that you could potentially get it returned through the civil court system, it also may increase the likelihood of the police doing something.

    • Re: (Score:3, Insightful)

      by b0r0din (304712)

      Btw, the police doing something is not always the best option. Half the time they will try to nail YOU for something you did on that laptop, be that having some hacked software or pornography. It's an unfortunate state of affairs in this country.

  • by mysidia (191772) on Monday July 12, 2010 @10:00PM (#32882182)

    It's not just theft of the laptop,

    They have illegally used Thunderbird to gain access to your e-mail account.

    That means they have gained access to both the laptop and your e-mail account without authorization.

    Maybe you don't need to stop with the police. File a suitable civil action, and get a court order to compel the ISP to reveal the information.

    Not just theft of property, but gaining access to 2 computer systems without authorization, aka 2 accounts of computer fraud and abuse, AND 1 count of theft/conversion.

  • by dilvish_the_damned (167205) on Monday July 12, 2010 @10:05PM (#32882228) Journal
    You don't care about the laptop, its just Hugh Hefner is going to be pissed if you don't get his pictures back. Won't work, but at least you and the cops will have more fun as they ignore you.
  • Threaten them (Score:4, Interesting)

    by psalm33 (117641) on Monday July 12, 2010 @10:12PM (#32882296)

    You have an IP, you have a vague location, and you have an e-mail address that the perp is likely reading. If you can't get law enforcement to do anything about it, and all else fails, they don't have to know that. Send an e-mail telling them that the laptop they are using is stolen property, you have the IP address, which can be used to track their exact location, then give them the location info that you have been able to track. Tell them that you are giving them one chance to respond personally and arrange for return of the stolen property before you contact the authorities to have them arrested. Remind them of the severe criminal penalties for such a theft, and you can even throw in some digital crime mumbo-jumbo (which may or may not actually be prosecutable), to trump up the charges to felony.

    The ability to communicate with the possible thief (or eventual owner) is a powerful thing, so if you can't find any other route, don't waste that chance. If it's already been resold, then the new owner may be more than willing to negotiate a return. I had my laptop stolen early last year, and after endlessly calling pawn shops, scouring Craigslist and Ebay for months, we finally gave up. I was perfectly willing to take matters in to my own hands if I saw it turn up on ebay or craigslist, knowing full well that the local Police as much as admitted there was little they could do about it.

  • step 1? (Score:3, Interesting)

    by v1 (525388) on Monday July 12, 2010 @10:15PM (#32882320) Homepage Journal

    what's the ip address? you could post it here and get some "help" in more ways than one.

    Setting that aside for the moment, the first thing you should be doing is tracerouting the ip address and doing a lookup on it also to see who owns it. That should get you a geographic location and a contact. Figure out who the ISP is and contact them directly. They are almost guaranteed to say they won't give you customer information, expect that. BUT, they are almost certainly used to these sorts of things already, and will know the name and number of their local police department or sheriff you need to contact to GET that request. (THEFT if a matter of jurisdiction, but possession of stolen property is a local matter) Sometimes the ISP requires a subpoena, sometimes they're used to it enough that a fax from the local sheriff on their letterhead will do the trick. Usually they won't give YOU the information, but they will give it to the law enforcement agent. Hopefully, if it was the one the isp recommended to you in the first place, that should be a person experienced in handing this sort of issue, knows what an IP address is etc, and can at least somewhat sympathize with your situation.

    All that considered, you may still be crap out of luck if it turns out to be the open wifi at Starbucks. But then again it may pull up a specific home address somewhere. (most thieves are less technical than the police you've been dealing with, and don't forget it's entirely possible your computer has already been sold and is in the hands of a soccer mom or a friend of the thief or through a pawn shop already) Be sure you have EXACT DATE AND TIME to go with the IP addresses, since DHCP leases on cable modems expire and change from time to time. The ISP SHOULD have record of who had what IP when, but don't bet the farm on them keeping that information indefinitely, so you need to act fast. It's very challenging, although possible, to track down a wifi user.

    Bonus info: nmap has a very nice OS fingerprint feature that can often guess what is at the end of an ip address. It may say something like "busybox linux vers xxx" indicating a router. or it may say "Mac OS X 10.5" or it may say "windows xp sp 1" etc. If it gives a computer and not a router, you can think more positive.

  • My laptop security (Score:5, Interesting)

    by Jack9 (11421) on Monday July 12, 2010 @10:27PM (#32882440)

    My Mac Powerbook takes a picture every time it wakes up or is rebooted, then stores the picture. If there is a network connection, (any stored) pics are emailed to me along with a text containing the IP and timestamp, then the pics are deleted from the Mac. While it's likely that someone may disable this feature, it's unlikely that it will be before it gives me what I need to find them. In other news, anyone want to buy a couple thousand candid pictures of me (and some other people) opening my laptop?

    • Re: (Score:3, Interesting)

      by Anonymous Coward

      just curious, how did you set this up?

      • Re: (Score:3, Informative)

        by Jack9 (11421)

        I have tried a number of utilities. The most effective daemon has been sleepwatcher from http://www.bernhard-baehr.de/ [bernhard-baehr.de]
        Which basically just runs a ~/.wakeup or ~/.sleep if it exists.
        // Process item looks like:
        /usr/local/sbin/sleepwatcher -d -V -s /etc/rc.sleep -w /etc/rc.wakeup

        That bash script ~/.wakeup is where I do data collection;this is a rough approximation:
        // Google iSightCapture
        /sbin/iSightCapture /output/file
        // This gets the OS to try all hardline/wifi networks, which it doesnt have after waking

  • You can handle this outside of the criminal justice process for a fair amount of the process.

    File a civil suit against "Joe Doe and Does 1 to N, etc." (just like the RIAA) for theft of private property and asking for a judgement ordering the return of the property, etc. In tandem with that, file a request for a subpoena with the ISP to whom this IP belongs for the associated address.

    Because the filing of the suit, getting the subpoena, etc., is going to take some time, you should send a letter to the ISP informing them that the subpoena will be coming shortly and that you are informing them of their responsibility to preserve evidence in a pending civil suit.

    Once you have the name and address of the party in question, you should do two things:

    First, file a formal criminal complaint with the local police and DA concerning stolen property which is being used in their jurisdiction. The original theft may not be their concern, but the receipt of stolen property is there concern.

    Second, file a request for in civil court for an order requiring the return of stolen property at address X. Once you have this court order, you can go and get a sheriff (usually at a cost to you) to accompany you to this address and force them to open up and show you it isn't there.

    Too often people forget their are parallel legal systems - civil and criminal - in this country and fail to realize that they have control. The RIAA does and takes advantage of it. Why shouldn't you?

  • by realmolo (574068) on Monday July 12, 2010 @11:02PM (#32882788)

    Frankly, the cops have better things to do.

    Buy a new laptop and move on. And don't leave it in your car, which is *unbelievably* stupid. Consider it a lesson.

  • by Fished (574624) <amphigory.gmail@com> on Monday July 12, 2010 @11:34PM (#32883014)
    I had a guy who was doing some work for me steal my wife's checkbook and forge several checks some years back. That would seem like pretty major crime to me... the police were entirely disinterested. Pretty much, the police aren't interested unless it involves a weapon or violence, from what I've been able to gather. The problem with this is that ignoring "minor" crimes leads to major crimes. That is... Why do we have major crime? Because we don't prosecute petty crime. It's called the "Broken Window Principle". The idea is that the reason neighborhoods degrade is because minor problems (broken windows) are allowed to go unfixed. Same thing here. If they would draw the line at petty crimes like breaking into someone's car or forging a check and deal with those, maybe the major crimes would never happen.
  • Its the FBI's Job (Score:3, Interesting)

    by nukem996 (624036) on Tuesday July 13, 2010 @12:16AM (#32883294)
    I'm pretty sure the FBI would have to handle the case. The crime happened in one state, the criminal is in another, and the ISP may be in a third. A judge would have to issue a warrant to get the physical address from the ISP. A judge would than have to issue a search warrant for that address. When you call the FBI again first ask the name, department and so on. Explain the situation and try to nicely convince them that this is an easy case for them to solve makes them look go etc. If they still refuse simply say you have no other alternative than to contact the media with what happened and how the FBI refused to investigate the case. Then make sure you contact as much media as you can. If a few reporters start asking them why they won't investigate a simple case they'll probably apologize and do it.
  • by Ilgaz (86384) on Tuesday July 13, 2010 @12:48AM (#32883490) Homepage

    This is for all portable stuff with connectivity getting stolen: Make sure the device serial number/IMEI (cell phones) is recorded somewhere officially.

    Those guys who doesn't have a slightest clue about IP address can get really smart if a crime (worse than stealing) takes place with that particular device.

    I know some people doesn't take their time reporting and it is like a time bomb waiting to happen. For example, what happens if that unreported cheap cell phone is used by a major drug dealer? It would really take time and money to explain the situation in that case.

  • by Zanth_ (157695) on Tuesday July 13, 2010 @01:34AM (#32883732)

    I actually just went through this exact situation a week ago. Here's my story and how I was able to get the computer back with the cops' help. My country (Canada) works very similar to most US states so hopefully this will help you.

    Our outfit is into tech in a big way. We are all scientists of some sort and up and up on O/S, security and the latest tech gizmos. When my boss wanted to upgrade his systems to dual Macbook Pros, we immediately setup s mirroring system where he could be perpetually synchronized between his office and home with automated backups to the university servers. We had a script I had written to do much of this along with posting an IP address every hour in 24 blocks. We also were using Log Me In so that he could remote control his systems. The server ran on startup and wasn't viewable in the taskbar as my boss hates clutter.

    Anyhow, we had two separate systems that were capable of posting IP addresses when online.

    Three days after the theft we started getting IP writes in the logs.

    The first and major things we both had to do was 1) restrain ourselves from doing absolutely anything to jeopardize the comp from going offline 2) contact the police immediately with the IP information.

    Before we contacted the police again, I had determined where the IP was coming from (a home account from a major ISP). We waited another three days, consistently getting the same IP posting. We then went back to the police. Like the OP, they view a computer theft as insignificant given their work load. They saw a wealthy scientist ($500k/year) who had lost out on a $5000 laptop (Macbook Pro 17" with all the fixins) containing $30k of specialized software (and we had the discs of course to reload) a digital project worth $1.5k and a few other smaller items. Even though this was over $5000 (which is like a felony in Canada), they simply weren't able to provide us with much help. They knew what a computer was and even an IP but after that they were deers in headlights. I requested to speak with someone in their cyber-crimes division and I was told that because of the G8 and G20, I was out of luck there.

    Not unlike research institutes and universities world-wide, this police department fought for funds internally and also internally, departments would "pay" other departments for work. In this case, because it would be a "special favour," during an immensely chaotic time for our police forces because of the heads of states well, they simply said no to all those requests.

    Here is where things got both fun and tricky but I think could work for the OP.

    A consistent IP can easily be traced to the ISP. If the IP is consistent over a select period of time, a motion can be filed before a judge and a warrant issued to get the personal information of the person owning said account. I happen to be a trained lawyer, so the detectives were really open to what I was suggesting, and since I also happen to be a computer scientist who does research into security as well as other things, they viewed me as an expert in the field. The first warrant was sought and granted within two days of us suggesting this avenue. This is your first MAJOR task and one that will be the most fruitful.

    Legally, I was able to log into the stolen computer without comprising any investigation because I was about to be "contracted" by the police department to do what their cyber-crime division wouldn't do but could: gain network access and collect as much data as possible.

    I did this and eventually worked around the router (a joke given the default settings that existed) and then the grey area began where we required another warrant: checking out the other comps on the network. While the search warrant was being issued for this, a SECOND warrant (and really the only other one we needed) was being issued to search the premises the cops received via the ISP. The IP had been consistently posting with the same address over 10 days and staying online for 6-10 hours at a time. I could hav

  • by bigfootchick (1855082) on Tuesday July 13, 2010 @03:15PM (#32891690)
    That person was tracked down to his location - he lives in New Richmond and uses ISP Fuse Internet Access [aruljohn.com].
    Please contact Rick Wagner by email at wagner@fuse.net or hostmaster@fuse.net , or phone at +1-513-397-6598 or +1-800-387-3638.
    I talked to Dick and he said he will be happy to assist you.

It is surely a great calamity for a human being to have no obsessions. - Robert Bly

Working...