A webcam and Apple's .Mac subscription service resulted in the arrest of two thieves and the recovery of Kait Dupalga's Mac laptop. Dupalga, an employee at the Apple Store in White Plains, N.Y., lost her Mac when thieves broke into an apartment she shares with two roommates. The thieves took the computer along with televisions, DVDs, iPods, a box of liquor, and even a set of car rims.
But thanks to some high-tech sleuthing by Dupalga -- plus the fact that the thieves were known to the victims -- police were able to nab the alleged perpetrators: Edmon Shahikian, 23, and Ian Frias, 20.
Back to My Mac
Dupalga's career as a digital private eye started when a friend messaged her congratulations on recovering her computer. The friend said Dupalga had "popped up as being online," in the words of Daniel Jackson, deputy director of public safety for White Plains.
Dupalga immediately got onto another Mac and signed on to her .Mac account, which includes a feature called Back to My Mac. Apple promotes the feature on its Web site this way: "Access and control your Mac running Mac OS X Leopard from any other Leopard-based Mac over the Internet."
So that's what Dupalga did. She turned on the laptop's webcam, which soon enough revealed a man sitting in front of the machine. She snapped a photo, which displayed a countdown on the screen. "It all clicks for him, and he puts his hand up to cover the lens, but it was too late. She had already taken the picture," Jackson told The New York Times.
Lessons for Enterprise?
A photo of a suspect is a "great lead," Jackson said, but wouldn't be enough to identify the person -- at least not without a lot of additional work. But this case came to a rapid close once Dupalga described the man to her roommate, who replied, "Oh, I know exactly who that is -- it's Ian." Dupalga also snapped a photo of Shahikian with the computer.
When police went to the men's homes they found virtually all of the gear that had been stolen from Dupalga's apartment. The two were arrested and face charges for burglary and possession of stolen goods. Shahikian was released on $3,500 bail and Frias is still being held on $7,500 bail.
A fascinating story, but does it mean remote-access technology now provides a new means of protecting computer assets? If this had been an enterprise computer with sensitive data, couldn't an administrator remotely wipe the machine? A nice idea, but unfortunately most data thieves are not as unsophisticated as these two, said Andrew Storms, director of security operations at nCircle Network Security.
Encryption a Better Solution
"This asset-recovery method, along with so many other ideas, assumes that the perpetrator will be naive enough to boot up and plug the device into a network with Internet access," Storms said in an e-mail. "However, the persons in the business to steal laptops for private or confidential information are generally more astute than this."
Still, a few vendors have products along these lines. One product alters the computer BIOS, Storms said, so "even if the thief deletes the data and reinstalls the operating system, they still claim to be able to find the stolen laptop."
Another vendor claims it can do remote data wipes of laptops. But this approach has largely been "trumped" by data-encryption features available on Windows and Mac, Storms said. Anyone who owns a laptop "ought to be turning these features on and using a strong password," Storms said.
Data wipe is a standard feature on devices like Research in Motion's BlackBerry. "If your corporate Blackberry is lost or stolen, your IT team can initiate a remote signal which will instruct the device to self-destruct," Storms noted. This feature will be available on Apple's iPhone as well when support for Microsoft Exchange becomes available.
"Of course, the more intelligent smartphone-nabbers know about this feature and will generally know to immediately disable the network connectivity on the device, thus disabling its ability to receive the remote kill signal," Storms said. Aware of this countermeasure, RIM has developed a "unique method to still ensure the device will delete itself," Storms said.