The Undercover MacBook

in , , , ,

For someone in possession of a stolen computer it is no longer enough to look over their shoulder while using it, these days the computer itself can turn informer and lead the police straight to them.

This summer I had my MacBook Air stolen from a hotel room while vacationing in Las Vegas. Along with the machine, roughly 1500 photos taken during the preceding three week road-trip through California and Nevada were gone. Thanks to my heavy reliance on the cloud storage service Dropbox I lost almost no other data, despite having used this as my main machine for the last couple of months. I would have been devastated had I for example lost the source codes to my apps.

I promptly made a report of the theft to the Las Vegas Metro Police Department where they let me know, in no uncertain terms, that I should not expect to see my computer again. They did however assign a detective, one Russel Lee to the case.

A Ray of Hope

Despite the Police's pessimism, I maintained a ray of hope. After buying the laptop I had invested in a piece of software called Undercover to keep my MacBook safe. Described as a “revolutionary theft-recovery software” it would supposedly provide me with all the information needed to recover the computer in case it was ever stolen.

Using my iPad I logged on to the Undercover recovery center website and marked my computer as missing — telling the software to start tracking it.

Things were quiet for several days. I had already made my way back to Sweden and the ray of hope was starting to fade when I finally received an e-mail proclaiming that the computer had been used to access the internet and that Undercover had started tracking it. As promised, I was provided with webcam photos, screenshots, the computer’s IP address, and an approximate location!

I could see that the person using it had logged in to the computer’s guest account and had connected to a Wifi network. While it’s no fun seeing someone using your computer without your consent, I was nevertheless relieved that the tracking software seemed to be working.

Hello there, what are you doing with my laptop?

Oh, you’re hitting up women on Facebook. Carry on then.

The location in Henderson, Nevada, wasn’t exact enough for the police to figure out which house to visit. Frustratingly, I also found out that it takes the police all of 60 days to get the subscriber information for an IP address.

Profiling the User

During the following weeks I was informed whenever the computer was used and I tried to piece together the information I could gather from the screenshots in an effort to point the police in the right direction. I quickly found out the user’s Facebook profile and Skype account, but he used the alias Dee Macc and I couldn’t figure out his real name and address. His Facebook profile did mention that he graduated from LA High class of 2007, so that prompted a search of their online yearbook, alas to no avail.

Eventually a bit of luck, he typed his phone number into a couple of chat windows while trying to pick up women. But according to whitepages.org the number he gave is registered to a 60 year old person in Los Angeles. Not the age you would expect of someone who uses the phrase “im not no baby yeah”. Also, according to his Facebook profile Dee Macc was born on February 5th 1990 making him 21 years old. Thus, the registered owner of the phone number is definitely not our man.

It looked as if my machine was making lots of new friends as other people also started using it now and then, always from the same location in Henderson, NV. Some of their Facebook profiles were under their real names. One of those people, let’s call him B., turned out to be the owner of a Las Vegas boxing gym near Las Vegas Boulevard. Another user was his son D., whom I could tell from his Facebook account is a promising young boxer.

As time passed and more information came in I forwarded everything to the police, but they still didn’t have enough to take action.

The Retrieval

One late evening as I was ready to turn in for the night I was alerted by Undercover that the computer had moved to a new location. At first I thought this was bad news since it meant the IP address subpoena would have to be restarted from scratch, but I couldn't have been more wrong. The location was reported to be close to Las Vegas Boulevard, and the webcam photos showed D. hanging out in a very nice boxing gym. For the first time in weeks I knew exactly where it was!

I sent a quick e-mail to Detective Lee.

New and actionable information.

D. XXXXX is at the time of me writing this using the computer at the XXX XXXXXX Boxing Gym, XXXX Paradise Road, Las Vegas.

I had a reply just minutes later

Perfect! Thanks, I’ll run over there and see.

As webcam photos continued to come in over the next few minutes, I forwarded them to Detective Lee to help him find the right people in the gym. Then all of a sudden the computer went offline. A worrying turn, but I maintained hope as the last screenshot contained an intriguing Facebook update.

“ugghhh i hate police officers…makes me wanna qweef”

Moments later the e-mail I had been hoping for arrived from Detective Lee.

I have your computer! Good Job!!

High fives all around! The Undercover software had delivered on its promise, and combined with the swift action from Detective Lee it had recovered my MacBook Air.

Conclusion

As I’m writing this I have just taken delivery of the computer from the Las Vegas Metro Police Department evidence vault, and I was glad to see my road-trip photos remain safely stored on the disk. Detective Lee had already mentioned that my user account was still on the computer which lead me to believe they would be there, but it’s good to have it confirmed.

After 10 weeks of being separated from my computer I can finally get back to app development and get som delayed updates out the door — once I'm done organizing the road-trip photos of course.

Lessons learned

I was lucky in having been sufficiently prepared before having my computer stolen. Take these lessons to heart, should it happen to you;

  • It’s a good idea to take the precaution of having theft-recovery software installed on your computer.
  • It is vital to have your computer’s serial number available when filing the police report, without it you may not be able to legally prove it’s yours even if you are able to track it.
  • Set up a guest account so the thief can log in and connect to a network, or tracking will not work.
  • Lock your user account whenever you step away from the computer so that a thief can’t access your files and won’t have administration privileges to the system.

This ordeal has made me consider taking a couple of additional measures now the computer is back in my possession.

  • For insurance reasons always make use of the hotel in-room safety box, no matter how insecure.
  • Set a firmware password, a simple measure which will make it impossible for a thief to wipe the system and reinstall the operating system, thus removing the tracking software.
  • Install some software to allow me to siphon off data in the background so that I could have copied over my photos while the computer was connected to the internet but not under my control.

Undercover is available from Orbicule. I highly recommend you install it on your Macs.

Excerpts of collected evidence

Below are some of my favorite screenshots and webcam photos selected from the huge amount of data I received from Undercover during this episode.

Installing Flash? Not on my computer you don’t!

Some webcam photos of people hanging out with my MacBook Air.

“yu cute” — Dee Macc using the shotgun approach on Taberah and Gisele.

“im not no baby yeah” — Dee Macc's failed attempt at sounding mature.

Fine prose from Dee Macc and friends.

iPhone App Store and the IRS - a study in frustration [Updated]

in , , , , , , ,

I decided to spend my friday afternoon setting up all the necessary information in preparation for selling my applications on the iPhone App Store. Since I am based in the EU, not in the US, I ran into a brick wall of trouble.

Once logged into the iTunesConnect system all seemed very straight forward. Since I watched the Publishing on the App Store video that Apple released on iTunes yesterday I knew I had to sign a contract, so I clicked the Contracts, Tax, & Banking Information link.

I then chose to add a new contract for Paid Applications to my account. There are three necessary steps, so I start by filling in my contact information. Not a problem.

Bank Info

I then need to supply Bank Info, like the name and address of my local bank. So far nothing troublesome at all. I also need to provide:
Account Name
Account Type
Branch/Branch ID
Account Number
Account IBAN
Bank Swift Code
Sort Code (UK) / SIC (SZ)

Here things were getting a little hairy, but I was able to figure everything out. My bank actually provided a convenient account number to IBAN converter and the Swift code (althought they call it a BIC code) on their website.

Tax Info

Finally I just have to add my tax info to the contract and I should be ready to go. But as it turns out, this step requires filling in something called Form W-8BEN and involves the IRS. I have to provide a US Taxpayer Identification Number, so I start exploring how to obtain one of these magic numbers.

As I am registered as an individual I need either a Social Security Number (SSN) or an Individual Taxpayer Identification Number (ITIN). I don't think I qualify for a SSN, not being a US citizen and living in Europe and all, so I start reading up on getting an ITIN. As it turns out this will take six to eight weeks and involves filling out another form, form W-7.

As forms go it is actually pretty good, only one page long. But reading the instructions it seems I have to send it in with my passport, not a copy mind you, the original passport. They promise to return it to me in 60 days.

Now, I'm not about to put my passport in an envelope and send it off across the Atlantic any time soon. I need it for my vacation this summer! I'm actually a bit disappointed as I was hoping to be able to start selling applications on the App Store in July. I just feel this could have been handled easier.
Apple Inc. does have a presence in the EU, so how come I have to register for an american tax number anyway?!

Getting an ITAN is a PAIN

Peter Nixey also notes the trouble getting an ITIN in his article about moving his business to the US:

You can’t get an Social Security Number SSN without being a US resident which means instead getting either an EIN (Employer ID Number) or an ITIN (Individual Tax Payer Number) both of which are a PAIN.
To cut a long story short, despite our best bureaucratic wrangling we were unable to attain ITINs. As if from nowhere though, an EIN popped out of a random conversation we were having with an official who it seems we charmed / confused into co-operation. It seems out that EINs actually require almost no paperwork and that the main thing required is persistence.


Quoted from Coming to America: Getting visas to do business in Silicon Valley

For me getting an EIN is not an option as I don't have a company. Although those numbers seem to be only a phone call away.

UPDATE: This turns out not to be true. After reading up on the SS-4 form for applying for an EIN it turns out foreign (non US) individuals can apply for EIN to comply with IRS withholding regulations. So I called the number (+1-215-516-6999) and ended up with an EIN in just 5 minutes. Very convenient, I just wish Apple had made this more clear on their application site.