Terrific video of exactly what I said in the title here:
To those too lazy to watch, it's a video of a 'hacker' (I have my doubts about people who openly call themselves hackers, hence the quotation marks), making a presentation at DefCon re how he caught a thief using his desktop Mac 2 years after it was stolen. After realizing that DynDNS, which he ran on the computer, suddenly started to get active again, he found the dial-up IP, ssh'd into it, and pilfered incriminating data (images, browser cookies, and credit card info from Paypal visits) to get the thief's name and address.
What makes it fun is that not only does he get those, he also manages to collect incriminating images, the guy's dating attempts via various dating sites and even pics of girls who responded (which I think he really should've left out. You could feel how the crowd got uneasy at that part).
- The Aussie 'hacker' guy is honest enough to admit he should not have allowed his desktop to boot into single user mode directly, something I implement myself as a 'at the very least' type of security measure and as a way of enfocing multiple users (aside from a security measure, double or more user modes allow people to login to their own desktops which helps keep them from messing up one another's desktops). But he's also right wchen he says that if he had not done that, the thief would've been forced to reformat the computer, erasing DynDNS, VNC and all the passwords the hacker needed to re - login via ssh.
- The thief is such a stereotypical loser it's almost comical. Everything he does, from not reformatting the stolen computer, to using a shotgun method in scanning for women on dating sites and leaving incriminating data behind, not to mention ridiculous pics of himself on the desktop is so exactly the sort of thing a loser would do. That's what makes this video extra fun. It'd not have been so much interesting to watch if it turns out the desktop ended up with a 5 yr. old or used for office clerical work for sure.
- Again, the 'hacker' guy really should have left out images of the girl the thief managed to pick up. I honestly think that if the girl decides to sue she may have a good privacy case against him. Hacker guy was putting up her pics purely for laughs and not to fortify any security points he was trying to make. That was low.
- The fact the police were so open and ready to use the data he provided spoke well of Australian police. And now here's the part where I complain / question our own situation in the Phils. when I wonder aloud: If that happened to me and I did the same thing, would that data I got from the thief be used or even acknowledged by local authorities? I'm not going to directly say the local police would've just scratched their heads or probably thrown me in jail for hacking as I'd still like to give them the benefit of the doubt. But I'd still wonder aloud if the authorities would have the facility to understand this stuff and be guided accordingly.
Two things most impressive to me was firstly, the 'hacker's' two year strong resolve to get his computer back. I'd have found a way to block the negativity off my mind if that were me, but this guy didn't lose hope. That's pretty amazing. The next is his taking the time out to record his computer's serial number. I should start doing that.
In the end I don't think this is an interesting online security story as much as it is a 'interesting random turn of events' story. A proper security conscious 'hacker' would've definitely issued log in passwords to any computer they own (he does daily backups but doesn't do login passwords?), and a proper thief would at least reformat the stolen PC. In fact, he should've sold it off right away after reformatting it.
Neither of those happened however, which allowed for this to happen, so it became an entertaining story worth telling per se as opposed to something that involved security measures we can learn from.