[G4] Stolen Powerbook

[Pastor Mac]

On Tuesday, June 22, 2004, at 09:46  AM, Richard Bright wrote:

> Thanks in advance for any help and don't hesitate to forward the above 
> info if you already know the procedure...
> also, if someone on this list is also on one or more of the Powerbook 
> lists would you be so kind as to post a copy of my note over there - 
> it's fine to give my dotMac addy to anyone who wants to contact me 
> directly with any pertinent info <modix at mac.com>

A recent issue that arose on a BSD list I'm had a laptop stolen in 
Montreal (the laptop was loaded with FreeBSD-what a sight that would 
have been for the thieves when they tried to start it!) but a possible 
trace was suggested if security folks at MSN Messenger were contacted 
since a client accessing Messenger started at boot.  Thus, if iChat or 
similar app started at boot, the IP of the machine *could* be traced 
based on the login ID used on the app.  Let's say your wife's ID 
'Biologist' and iChat started and immediately logged into the chat net 
as Biologist.  That means the laptop is working and connected AND 
traceable.

This does presuppose that the drive hasn't been wiped and formatted but 
how many thieves go thru the trouble of keeping various OS disks laying 
around?  They want to dump the goods post haste.  That's why tracing a 
machine as it gets logged into various servers does at least provide a 
trail.  For that matter, a log of email checks should not be hard to 
find.  If Mail had a password stored for her university acc't, ask the 
university IT staff to check their logs to see if an odd IP showed up.  
They should be able to track the IP to the provider.  Best of luck.
Pax,

Pastor Mac
On OS X