

Ask HN: Recovering a stolen laptop - peterzakin

Hi HN,<p>My house was recently broken into and among other things my brand new macbook pro was stolen. Since dropbox is always running on my computer, I was able to use my account's "last activity" info to discover the ip address of my thief.<p>Any suggestions for some next steps?<p>Thanks!
======
custominstall
Is this possible (maybe a business idea here esp. for macs since they don't
have virus scanners generally running) :

A phone home virus which you can drop into your dropbox and give it your sudo
password. It can do funky stuff like install preyproject silently.

~~~
peterzakin
this is exactly the type of thing i was thinking about. Basically a file that
you place in your dropbox which autoruns...

------
kinkora
The police is a good place to start. :)

Also, since you know the IP, do a ns-lookup of the IP and identify which
internet provider owns that IP and follow it up with them. They would be
should be able to let you know which customer was using that IP address.

Note it is not as simple as it sounds cause due to privacy laws, you can't
just call up a service provider and demand the identity of a user behind an ip
address. Usually, only the police have the right to investigate this hence why
you should start with them.

Sorry to hear about your bad luck. Hope this helps.

------
sim0n
You could try to map the IP address to a street location (using some ip-to-geo
tool, e.g. <http://www.maxmind.com/app/locate_demo_ip>). This isn't always
reliable but it may be good to know if the laptop was accessed in a different
state/etc or from somewhere near you.

~~~
peterzakin
ah well here he is. though who knows how accurate this is (or if the police
will even follow up with it):

[http://maps.google.com/maps?q=41.3820+%09-72.9171&oe=utf...](http://maps.google.com/maps?q=41.3820+%09-72.9171&oe=utf-8&rls=org.mozilla:en-
US:official&client=firefox-a&um=1&ie=UTF-8&hq=&hnear=0x89e7da61e9311dfd:0x2640406c230c35,%2B41%C2%B0+22%27+55.37%22,+-72%C2%B0+55%27+1.50%22&gl=us&ei=iUwUTqTXKIa40AH2xZCkDg&sa=X&oi=geocode_result&ct=image&resnum=1&ved=0CBYQ8gEwAA)

------
shii
Check your gmail ip records (at bottom of page in gmail) for latest access and
useragent string.

Do you have a persistent connection to a vpn or something you can check?

In the future, make sure to use something like Prey[1] and _test_ it.

[1] <http://preyproject.com/>

------
angryasian
not much unfortunately. Its in the hands of the police and probably unlikely
anything will happen.

For everyone else the bare minimal thing you can do is install something like
Prey Project <http://preyproject.com/> . Good luck

~~~
pasbesoin
I found that with the police, particularly in these strapped times (at least,
in my jurisdiction), it's a matter of prioritization. If yours was a
relatively low value property crime, with no injuries, you may just be too low
on the list to get significant resources. The less resources your case
demands, the more likely it may be to get action.

For example, I'm _not_ recommending confronting them yourself, but if you had
credible documentation that turned that IP address into a street address, with
a demonstrated continued presence of the stolen property, this might get acted
on if the detective thought a judge would readily generate a warrant, and/or
the suspect might be a source of other/continued criminal activity, and/or
whatever else.

I don't know whether this has any merit, but if you're on good terms with your
insurance company, you might mention the situation. Although, again, for a low
value crime (from their perspective), it may be more cost effective to simply
pay what the policy says is your due, rather than to "solve" the crime.

Part of the problem for you and other people in this situation: Unless you
have an insurance policy far different from the typical homeowner's policy,
there is no coverage of the value of your data and so no financial incentive
to foster its recovery.

(Even from an identity theft perspective, it's cheaper to sign you up for
monitoring than to recover the stolen data.)

This all is just my interpretation of such situations, for whatever value it
has. I may be wrong, but this is how I see it, in general.

