PDA

View Full Version : House Break-in, Question re: Find My Device iCloud feature




jrlepage
Sep 5, 2012, 04:31 PM
Hello all,

Well, this sucks. My mother's house was broken into today. They kicked in the door and took a Sony flat-screen TV, her 11" MacBook Air w/Henge Dock, and her 27" LED Cinema Display. The silver lining is she wasn't home, the animals are unhurt and didn't run away, and they didn't ransack the place - those were the only items taken and everything was left neatly otherwise.

My questions are the following:

She has iCloud and the Find my Device option was enabled on her laptop. After logging in and tracking the device it currently says "offline." I'm not sure what to do at this point. I checked the "e-mail me when this device is found" box, which I assume will just send her iCloud an e-mail if/when the laptop connects to Wi-Fi.

However, I'm not sure whether to click the "Remote Wipe" button or "Remote Lock" button, because I don't want that to affect our ability to locate the device in the event that they do turn it on and connect to Wi-Fi. In other words, if I remote wipe, will I still be able to track its location after that?

I tried calling Apple, but the automated answering machine said "Apple does not have a system for reporting lost or stolen devices," so I got the impression that they don't want to be involved with helping recover something. I was hoping they could monitor it or trigger some super-duper stolen item recovery mode to help notify us if it was connected to Wi-Fi.

Anyway, I would greatly appreciate any advice on the matter... What happens if they connect and then disconnect when I'm not sitting there clicking "refresh" over and over on the Find my Device screen? Will I miss its last location??

Thanks in advance to anyone who can help...



Peace
Sep 5, 2012, 04:35 PM
Call the police ?

I wouldn't wipe it just lock it. If its locked you can still track it .

jrlepage
Sep 5, 2012, 04:38 PM
Call the police ?

I wouldn't wipe it just lock it. If its locked you can still track it .

Sorry forgot to mention police were contacted and came out, and devices were reported stolen. They said that if the items described came up at a pawn shop it would raise some flags and they might be able to recover it.

They tried locating fingerprints but said the burglars must've worn gloves because there were none to be found.

If the device is locked, do you think that will impede the robber's ability to login to Wi-Fi and thereby impede the chances of locating it?

My inclination is just to check the "e-mail me when the device is found" box and leave everything else as-is...

Does anyone know - When it sends the e-mail after the device connects to Wi-Fi, does it give the most recent location? Or do you then have to login while it's still connected, refresh, and hope you caught it in time to find the location?

plucky duck
Sep 5, 2012, 05:06 PM
Sorry to hear. Does the Air allow you to set a password at boot up? If it does, was one set? If it doesn't can one simply not just erase all security software by doing a simple reinstall of OSX?

jrlepage
Sep 5, 2012, 05:19 PM
Oh I'm sure there are ways around the remote lock feature... My concern is mainly 1) Locating it if at all possible so this ******* gets caught, or 2)If that's impossible, at least wipe my mother's data.

jrlepage
Sep 5, 2012, 05:35 PM
Update: They got on Wi-Fi. Have an exact location, took screenshot with Satellite view even showing the house where it is. Suprise, surprise, it's in a part of town known for drug dealers... Will update if it gets recovered. Called cops.

bearsalley34
Sep 5, 2012, 05:40 PM
Update: They got on Wi-Fi. Have an exact location, took screenshot with Satellite view even showing the house where it is. Suprise, surprise, it's in a part of town known for drug dealers... Will update if it gets recovered. Called cops.

Thats great. please update when you know more

Gav2k
Sep 5, 2012, 05:47 PM
If they only took certain items and didn't do anything else they have either been in the house or you know them or possibly everything is clearly on view from outside the property.

Anyway don't lock or wipe that causes suspicion on there part and you'll lose the ability to track if it moves. Good luck with the cops!!

jrlepage
Sep 5, 2012, 05:49 PM
Ugh, cops say they need serial number or proof of purchase to prove it's hers. Logged onto her Apple account but when she purchased at Apple Store she didn't have an Apple ID yet so it wasn't associated with her account for some reason... She also didn't have a receipt mailed to her. Is there any way for her to get her serial number another way?

Gav2k
Sep 5, 2012, 05:56 PM
Ugh, cops say they need serial number or proof of purchase to prove it's hers. Logged onto her Apple account but when she purchased at Apple Store she didn't have an Apple ID yet so it wasn't associated with her account for some reason... She also didn't have a receipt mailed to her. Is there any way for her to get her serial number another way?

On the box

sexiewasd
Sep 5, 2012, 06:11 PM
This hasn't been mentioned yet, and maybe it doesn't need to be, but have her change ALL of her passwords, right now. I really hope that you are able to get it back.

This won't help you this time, but if you get it back, consider more a more active solution than Find My Mac, I use Prey (http://preyproject.com), and DeepFreeze (http://www.faronics.com/enterprise/deep-freeze/) which prevents anyone from formatting the device, I tried myself by formatting the drive, loading linux from a usb key, formatting again, and installing Ubuntu. It booted back into lion just as I had left it (no idea how that works, must be magic because it didn't even take very long to boot). Undercover (http://www.orbicule.com/undercover/) is another program that is very similar (maybe better) than prey.

jrlepage
Sep 5, 2012, 06:22 PM
On the box

Thank you!!! I am praying she saved the box... She is digging through closets atm. One problem also is the location is not precise if I understand correctly - only gives a estimated location based on Wifi and the robbers may even be leeching off someone else's wifi... So I don't know how likely it is that cops can execute a search warrant based off this.

----------

She found the box! Calling police w/the serial number... My concern is whether they'll be able to search any houses in the area based solely off this location data given that it is based on Wi-Fi...

alphaod
Sep 5, 2012, 06:27 PM
Sorry to hear about this.

Good luck!

jrlepage
Sep 5, 2012, 06:57 PM
Wow, well as I suspected the police can't do anything right now based on this info. I just spoke w/a Sergeant who was very friendly and trying to be helpful, but legally there's just no way they can pinpoint which house to check - the most they could do would be a "knock and talk," but he said that he wouldn't want to tip them off and then it wind up being destroyed or what-not.

He said if it was at a Panera or something like that, they could easily walk up to the person using the MacBook Air and ask to check the serial number. So he said my best chance would be to keep watching the location and see if we locate it somewhere more "distinct" where they can see it. There was a car in the driveway with tinted windows - he was hoping it was somewhere clearly visible, but fat chance on that.

/sigh... So I guess we'll just keep watching the location. We changed all her passwords (thanks for the suggestion on that), but I'm still ambivalent about the remote wipe/lock. On one hand, it would be nice to send them a F-U (such as an on-screen pop-up message). On the other hand, we don't want to tip them off that we're onto them...

Suggestions?

...

Edit: Trying to think of some message to pop up that might actually trick them into going somewhere public with it... Like "The owner of this device has won a prize redeemable by showing the laptop to an Apple sales rep at location XYZ" or something lol. Any good suggestions? These may not be the brightest tools in the shed, so you never know...

jrlepage
Sep 5, 2012, 07:38 PM
Sorry one more question/suggestion - is there any possible way to activate the video camera next time the person logs in and take a snapshot of their face?

jkeekij
Sep 5, 2012, 07:51 PM
Sorry one more question/suggestion - is there any possible way to activate the video camera next time the person logs in and take a snapshot of their face?

Not with iCloud. With the right software it's possible. One example is Prey, and it takes photos when reported stolen.

TheRealDamager
Sep 5, 2012, 08:02 PM
You don't want to hear this, but my advice is to let it go - the likelihood of you getting that computer back in usable condition, or catching the bad guys, is very, very low. I'd wipe it to protect you data (it will also piss off whoever took it), and file a claim with your Mom's homeowners insurance. If the cops wont get more actively involved, it's very doubtful you'll have a "feel good" ending to this story...

Good luck...

jrlepage
Sep 5, 2012, 08:02 PM
Not with iCloud. With the right software it's possible. One example is Prey, and it takes photos when reported stolen.

Bah, if only... I can't remember if I enabled the remote login feature when I was setting up her laptop. I'm guessing that wouldn't really help anyway since I imagine it's *very* obvious to the person on the other side if I were taking over the computer remotely.

By the way, it just occurred to me that this probably belongs in the iCloud forum (if anywhere) based on the subject matter. If a mod wants to move it to that forum, by all means feel free.

I will continue to update if we make any progress. Unfortunately I'm not very optimistic. Hopefully homeowner's insurance will cover the losses. Let this be a lesson to everyone that while the Find my Mac feature is certainly very handy, it certainly does not give police the right to start smashing in doors looking for your computer...

You don't want to hear this, but my advice is to let it go - the likelihood of you getting that computer back in usable condition, or catching the bad guys, is very, very low. I'd wipe it to protect you data (it will also piss off whoever took it), and file a claim with your Mom's homeowners insurance. If the cops wont get more actively involved, it's very doubtful you'll have a "feel good" ending to this story...

Good luck...

Thanks, and I think you're probably right. It's just so frustrating knowing that it's out there in that one-block radius shown on this satellite picture I'm looking at, but that it's completely inaccessible. Amazing that someone can kick the door in on your house, take crap, and get off scott-free EVEN when you can pinpoint them within a one-block radius...

P.S. To the person earlier who mentioned about it probably being someone we know or things in clear view -- There have been a number of people out to the house recently which makes it even more confusing. My father passed away a couple of months ago, so there has been hospice, home health, oodles of guests, etc.

There has also been DirecTV repairmen, carpet installers, and furniture deliverymen. Also my mother lives in a relatively remote area, so her house is a good half-mile away from any other house. Being on a farm, she hires people to do farm work pretty regularly (weed-eating, handyman type jobs, etc.). So it's very difficult to know. :-/

The laptop made it from the town she lives to a neighboring city 45 minutes away, to a part of town known for drugs. Really sucks.

jrlepage
Sep 5, 2012, 08:46 PM
Well, the saga continues... My mother now got a warning that someone had signed into her Google account from a suspicious location. The IP address was a Verizon phone. So I don't know what's up with that,... someone tethering it to their phone? Would Verizon be able to identify the person assigned that IP or is that too CSI for the real world?

Edit: /sigh, I think that was just her phone (she has Verizon) signing onto her gmail account and it was marked as suspicious because for some strange reason that IP she was assigned is based in Kansas rather than the state we live in. False alarm I think...

Nonetheless, makes me wonder if there's a way to get the IP of her laptop. I wonder if Apple has access to any further information beyond what is available on iCloud...

rkdiddy
Sep 5, 2012, 10:56 PM
I don't have anything to add other than I'm sorry to hear about the break-in. I've been the victim of a car being broke into and I know it's a horrible experience. Hopefully she has homeowners insurance to take some of the sting out of this crime.

dbdynsty25
Sep 5, 2012, 11:49 PM
I don't have anything to add other than I'm sorry to hear about the break-in. I've been the victim of a car being broke into and I know it's a horrible experience. Hopefully she has homeowners insurance to take some of the sting out of this crime.

Yeah. We had our house broken into a few years back while we were at work and they got away with the wife's jewelry box and her crappy ready for an update laptop. So it wasn't all bad but still a horrible violation that makes you nervous just to be home by yourself even three years later. It's a horrible feeling. Best wishes to the OPs mom as the emotional scar will be way worse than the laptop. Good luck.

m.demian
Sep 6, 2012, 12:02 AM
OP, I'm sorry this happened to your mother and it's fortunate she didn't get hurt. If you have your machine's serial number or Apple UID saved, it may be worth it to check your local craigslist listings or ebay for any new listings. Keep us up to date if you find anything.
--
I didn't completely read each post until now: what information was given to you when you found out they "got on Wifi?"

Fairfax
Sep 6, 2012, 12:14 AM
Sorry for the bad experience, three years ago my car was stolen. Two ipods were lost, camera external flash and memory cards. Odds are, the people who broke into your mother's house will get caught committing another crime in the future and will go back to jail/prison, which is where they belong.

flynz4
Sep 6, 2012, 02:37 AM
Personally... If this happened to me, the very first thing I would do it wipe the drive. My rationale is that the "expensive" risk is identity theft. The "cheap" risk is the computer.

I always start with turning on FV2 on every computer as soon as I set it up. Then I turn on the "find my device" feature. I would not try to track a stollen device, nor would I try to find the thieves. I would just wipe it. Depending on the value of the computer, I might file a homeowner's claim.

/Jim

fireos
Sep 6, 2012, 03:12 AM
Have you tried zooming in and changing the view to satellite ,so that you can see the houses.

jrlepage
Sep 6, 2012, 05:41 AM
Hey all, good idea about checking Craigslist and I totally understand the person talking about identity theft being the "expensive" problem rather than the laptop. Our rationale was that they didn't have direct access to anything other than names & addresses under contacts that are in the phone book anyway,... Passwords have all been changed. Still, don't get me wrong, it's disconcerting and we may still wipe it.

One thing I forgot to mention is they didn't take the AC adapter - it was in a laptop bag on the other side of the house. So the cops were saying what's likely to happen is they play with it until the charge runs out and then trash it. He said you'd think they'd try to find a charger, but more than likely they aren't that resourceful/knowledgable about how to find a charger for a '09 MacBook Air.

To the last reply, yes I've zoomed way in and I have a pretty good guess on which house it is. However, even fully zoomed in, the radius covered by the grey circle (which shows where it *could* be) covers at least 5 houses since it's in a densely populated area. Plus that's just where the Wi-Fi is - the person using it could be a few houses away in any direction.

Thanks to all the well-wishers... If I don't see it come online again today (or even if I do and it's in the same spot), I may just wipe and forget about it. Will let you guys know.

WesCole
Sep 6, 2012, 06:59 AM
This might be a long shot, but maybe put the power adapter on Craigslist for free and see who responds since they didn't get the cord. Tell them you can bring it to their house even...that way if it's one of the houses in the area you located the Mac, you will know exactly which house (if you get an address that isn't close to the area, you can just tell them it is sold). You might not want to get personally involved, though, since it might put you at risk of retaliation, but I just thought I would mention it.

You might also get Identity Theft Protection for anyone who had personal information stored on the computer. Chances are, the people who stole it just wanted quick cash, but you never know.

boto
Sep 6, 2012, 07:31 AM
Free charger? Worst idea to get spams of email. Also, I wouldn't even dare try meeting them in person, I'm not gonna get myself robbed twice and it will probably be away from their own residence. If anything, I would try driving around that neighborhood for any suspicious behavior and WiFi networks available, although the person may have used ethernet or even possibly reinstalled the OS.

Puevlo
Sep 6, 2012, 07:50 AM
Just drive around the neighborhood and continually make the Mac beep. Eventually you will hear it and then you can knock on their door and tell them to give it back.

TheRealDamager
Sep 6, 2012, 08:58 AM
Just drive around the neighborhood and continually make the Mac beep. Eventually you will hear it and then you can knock on their door and tell them to give it back.

No Laptop is worth putting yourself in danger over - I wouldn't do this.

Puevlo
Sep 6, 2012, 09:02 AM
No Laptop is worth putting yourself in danger over - I wouldn't do this.

That's exactly something the thief would say.

TheRealDamager
Sep 6, 2012, 09:24 AM
Even the thief is smart enough to come to your place when you are away. Confrontation in this situation is stupid.

WesCole
Sep 6, 2012, 09:24 AM
Free charger? Worst idea to get spams of email. Also, I wouldn't even dare try meeting them in person, I'm not gonna get myself robbed twice and it will probably be away from their own residence. If anything, I would try driving around that neighborhood for any suspicious behavior and WiFi networks available, although the person may have used ethernet or even possibly reinstalled the OS.

I didn't say meet them in person. Just get their address so you "drop it off" and then let the police know the exact place. Sure, you would get a lot of email, but it might pay off. I think it has a better chance of working than driving around looking for "suspicious behavior". Plus, you're idea puts them closer to the perp than mine does.

KPOM
Sep 6, 2012, 10:50 AM
I'd wipe the data at this point, particularly if she kept any type of financial records on it. If they are drug dealers, they may attempt to steal someone's identity to enter into "legitimate" purchases using credit cards, etc.

DCRowe44
Sep 6, 2012, 11:35 AM
Personally... If this happened to me, the very first thing I would do it wipe the drive. My rationale is that the "expensive" risk is identity theft. The "cheap" risk is the computer.

I always start with turning on FV2 on every computer as soon as I set it up. Then I turn on the "find my device" feature. I would not try to track a stollen device, nor would I try to find the thieves. I would just wipe it. Depending on the value of the computer, I might file a homeowner's claim.

/Jim

Good idea, but what is FV2, I'm not familiar with that?

Sorry this happened to the original poster!

KPOM
Sep 6, 2012, 12:01 PM
Good idea, but what is FV2, I'm not familiar with that?

Sorry this happened to the original poster!

FileVault 2. It is Apple's built-in encryption system. What it does is encrypt your hard drive so that you must enter a password in order to read from the drive.

sidneyvanness
Sep 6, 2012, 12:47 PM
That stinks. I had a similar experience with an iPhone in May of last year, and might have some useful advice. I accidentally left the phone on a plane in Seattle when I was changing flights. A Delta employee cleaning the plane took it home with them. When they turned the phone on, I remote locked it and displayed a message saying that they should call me to return the phone, and there would be no consequences. They didn't. So I got a Wi-Fi + GPS lock on it, and contacted the Port of Seattle Police. Sent them a screenshot of where it was located, and they went out to the location. I used the "make it ring" feature at the same time the officer knocked on the door, thereby proving that I was in control/had access to the phone. When the officer heard the phone ringing concurrent with my remote requests, it constituted probable cause and they didn't need to get a search warrant. He confiscated the phone, arrested the man, and took his airport badge as well. Took about a week to get it back, because it had to go into evidence room first. Might be more difficult with an actual computer, but I suspect there is a way to demonstrate that you have the access credentials and can prove it is yours based on some piece of information. It would be even better if you could demonstrate something that the officer could detect while standing at the doorway. e.g. if you have Back to My Mac enabled, login remotely and make it play "I'm In the Jailhouse Now"....while the officer is standing in the doorway. That would be audible and very specific.
Here's what I sent Port of Seattle Police.

jrlepage
Sep 6, 2012, 04:05 PM
That stinks. I had a similar experience with an iPhone in May of last year, and might have some useful advice. I accidentally left the phone on a plane in Seattle when I was changing flights. A Delta employee cleaning the plane took it home with them. When they turned the phone on, I remote locked it and displayed a message saying that they should call me to return the phone, and there would be no consequences. They didn't. So I got a Wi-Fi + GPS lock on it, and contacted the Port of Seattle Police. Sent them a screenshot of where it was located, and they went out to the location. I used the "make it ring" feature at the same time the officer knocked on the door, thereby proving that I was in control/had access to the phone. When the officer heard the phone ringing concurrent with my remote requests, it constituted probable cause and they didn't need to get a search warrant. He confiscated the phone, arrested the man, and took his airport badge as well. Took about a week to get it back, because it had to go into evidence room first. Might be more difficult with an actual computer, but I suspect there is a way to demonstrate that you have the access credentials and can prove it is yours based on some piece of information. It would be even better if you could demonstrate something that the officer could detect while standing at the doorway. e.g. if you have Back to My Mac enabled, login remotely and make it play "I'm In the Jailhouse Now"....while the officer is standing in the doorway. That would be audible and very specific.
Here's what I sent Port of Seattle Police.

Thanks for the useful info - how do you make it play something specific? I can't remember if I enabled Back to My Mac and I've never used it before... Wouldn't I need the IP or something to connect to it?

The idea of making it beep while the officer is nearby is a good one though. Will pass that along... Yeah I don't think it's an area that we want to go cruising around ourselves. It's a nasty area. It has been online and connected to Wi-Fi most of the day today - same location.

I don't know about the Craigslist idea re: the power cable. I'm not sure if they're resourceful enough to go searching for a cable like that. As it turns out, the monitor they stole (an LED cinema display) actually has a magsafe adapter built into the cord, so if the same person is in possession of both, they may have it plugged in with that.

P.S. to the last poster - The pic you showed seems to be of an apartment complex. How did they know which apartment to search? Were the police able to cross-reference people's employment info with their addresses or did they just knock on all the doors?

sidneyvanness
Sep 6, 2012, 04:16 PM
I had the police officer on the phone while he was at the door of the suspect. I told him that I was going to initiate a remote audio tone, and within 5 seconds the phone was making noise from within the suspect's apartment. I repeated the process about 5 times to demonstrate that I was actually in control of the device from a remote location. In this case, it wasn't the exact tone that mattered, merely the fact that I could initiate the tone at will. That constituted probable cause.

The back to my mac feature is basically remote screen sharing. You would have needed to enable it. If enabled, you would be able to launch iTunes remotely, crank up the volume, and play any track...assuming, of course, that it is turned on.

m.demian
Sep 6, 2012, 04:17 PM
How do you know that it's been online all day and connected to a wireless network? What other information does your source give you?

sidneyvanness
Sep 6, 2012, 04:18 PM
Oh, and it was an apartment complex. The GPS location is actually very precise (more so than wi-fi). He was able to tell from that image which apartment the dot was on top of. Went directly to the door, knocked, and had me initiate the tone on the phone within about 15 seconds. He then hung up, arrested the guy, and called me back in about 10 minutes.

jrlepage
Sep 6, 2012, 04:20 PM
How do you know that it's been online all day and connected to a wireless network? What other information does your source give you?

Just based on the Find my Mac app and seeing the little green light next to it. It shows up as grey (offline) unless it's connected to Wi-Fi which enables it to be located.

----------

Oh, and it was an apartment complex. The GPS location is actually very precise (more so than wi-fi). He was able to tell from that image which apartment the dot was on top of. Went directly to the door, knocked, and had me initiate the tone on the phone within about 15 seconds. He then hung up, arrested the guy, and called me back in about 10 minutes.

Wow sounds like the police in that area are very resourceful. I'm hopeful that we can arrange something similar but not holding my breath...

dbdynsty25
Sep 6, 2012, 04:47 PM
Wow sounds like the police in that area are very resourceful. I'm hopeful that we can arrange something similar but not holding my breath...

Seriously...the time our house got broken in to, I was lucky to get a call back, let alone have them roaming around the streets listening to random doors. Very helpful police department you've got there whenever you live.

sidneyvanness
Sep 6, 2012, 07:26 PM
That's the kicker. I don't even live in Seattle. I was living in Anchorage, Alaska at the time. The officer did all of this remotely, with me on the phone nearly 3,000 miles away. I was WAY impressed with the Port of Seattle Police. I thought about writing the whole thing up, but there had been several similar "track down the thief" stories floating around. But I don't know of any where the distances were so extreme and where law enforcement did such a great job.