Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Crime Cellphones Handhelds Wireless Networking

Proposed MAC Sniffing Dongle Intended To Help Recover Stolen Electronics 120

An anonymous reader writes to say that an Iowa City police officer is developing a new concept to help police find more stolen property. The Gazette has a short report that officer David Schwindt, inspired by a forensics class, is working on L8NT, a specialized wireless dongle to help police officers locate stolen electronics (any of them with wireless capabilities and a MAC address, at least) by scanning for MAC addresses associated with stolen goods. The idea is to have police scan as they drive for these MAC entries, and match them against a database. The article notes a few shortcomings in this concept, but does not point out an even bigger one: MAC addresses are usually mutable, anyhow, in a way that's not as obvious as an obscured serial number, and thieves could refine their business model by automating the change.
This discussion has been archived. No new comments can be posted.

Proposed MAC Sniffing Dongle Intended To Help Recover Stolen Electronics

Comments Filter:
  • Should work fine (Score:5, Insightful)

    by Anonymous Coward on Tuesday September 08, 2015 @11:44AM (#50479419)

    Of course you can change a MAC address. However, your average 90 IQ bag snatcher can't do that. As with much policing, this is aimed at the low hanging criminal fruit - which is OK, because I imagine petty crime is the majority of crime.

    If some master hacker wants to steal your laptop and hide it, they could - however they could just buy their own seeing as how anyone with the skills likely can just get a decent job that is more rewarding that pinching electronics.

    • Of course you can change a MAC address. However, your average 90 IQ bag snatcher can't do that. As with much policing, this is aimed at the low hanging criminal fruit - which is OK, because I imagine petty crime is the majority of crime.

      And I'll believe that when actual statistics prove it. Until then, consider this another money pit at taxpayer expense.

      If some master hacker wants to steal your laptop and hide it, they could - however they could just buy their own seeing as how anyone with the skills likely can just get a decent job that is more rewarding that pinching electronics.

      If this were actually true, the world would be devoid of black hat hackers. After all, anyone with the skills...

      • Until then, consider this another money pit at taxpayer expense.

        Considering you can do all this stuff for free today, with Kismet and/or aircrack-ng stuff, with a cheap USB dongle . . . yes, it is a waste.

        Oh, FTF Link:

        L8NT's patent pending methodology strips the M.A.C. addresses from packet headers and compares them to the M.A.C. addresses of known stolen devices in its database.

        OK, so they want to become a patent troll.

        • by smartr ( 1035324 )

          L8NT's patent pending methodology strips the M.A.C. addresses from packet headers and compares them to the M.A.C. addresses of known stolen devices in its database.

          OK, so they want to become a patent troll.

          It's a cop doing the patenting. I have no doubt he's excited and proud of his "invention". Let's think about this... Not every mom and pop burglary shop has decent IT staff, and they can get caught with said software. In fact, not every mid-sized business has decent IT staff that can make software like this. Furthermore, chances are the cops also don't have IT staff to make stuff (or use existing stuff) and then easily share it with other publicly funded IT staffs.

          • by Gr8Apes ( 679165 ) on Tuesday September 08, 2015 @01:53PM (#50480923)
            Let's take this a step further - Apple added MAC address randomization [appleinsider.com] to ios 8. Android can't be far behind, so what, exactly, is this going to do other than result in more home invasions on known false pretenses?
            • Android can't be far behind

              I have been doing this on Android for a few years now.

              • by Gr8Apes ( 679165 )
                This is automatic, meaning that all iphones running iOS 8 and up do this. So that's only a few million devices.
            • by Agripa ( 139780 )

              Let's take this a step further - Apple added MAC address randomization [appleinsider.com] to ios 8. Android can't be far behind, so what, exactly, is this going to do other than result in more home invasions on known false pretenses?

              I fail to see a downside for law enforcement.

        • by Khyber ( 864651 )

          "patent pending methodology strips the M.A.C. addresses from packet headers and compares them to the M.A.C. addresses of known stolen devices in its database"

          Most of this is so obvious to anybody in IT that this should be immediately un-patentable.

          • by rtb61 ( 674572 )

            However mac address assignment is mostly random and only needs to be unique to that ip address and internal network. So you can have multiple devices with the same mac address and based upon the violent way law en-FORCE-ment responds, not really OK to start face planting people to the pavement and jumping on the backs and then kidnapping them and throwing them into a cell after sexually molesting them and then with a whoops tee hee and then letting them go. When arrest and the prosecutorial method become a

            • However mac address assignment is mostly random

              Eh? I thought that at least major manufacturers had a MAC range assigned, and carried out their own internal processes between models and individual products to at least give a fighting chance of uniqueness.

              From Wikipedia, "The first three octets (in transmission order) identify the organization that issued the identifier and are known as the Organizationally Unique Identifier (OUI).[5] The following three (MAC-48 and EUI-48) or five (EUI-64) octets are assign

              • by rtb61 ( 674572 )

                Yeah, I was going to go with that but apparently whilst it is fixed as far as the nic hardware is concerned some manufacturers are really slack and reused them and mac spoofing is easy and it appears even sensible. So random without knowing the source of the initial mac address.

                • Car registration (license) plates are unique in the same sense then. My (legal) registration in the UK might match one form 70 years ago in Swaziland. But the system is designed to encourage uniqueness, even though it's not strictly necessary. (MACs only need to be unique on a particular segment.)

                  One of the first bits of network troubleshooting I had to do was debugging an address conflict on HP-9800 series machines, which had a dip-switch set equivalent to a MAC on (I've forgotten the name of their networ

        • by Holi ( 250190 )
          Hmm compare mac addresses broadcast from wireless device, compare to database of known stolen devices, profit? Not seeing anything novel here.
      • Going out and physically taking a computer is very different than sitting behind a tor network and hacking. There are many black hat hackers who are averse to physical risk.

    • by AmiMoJo ( 196126 )

      Criminals have already learned to power off phones they steal, remove the SIM and not connect it to their wifi until after it's been properly sanitized to get rid of "find my phone" features. Chances are if this happens the people who already do the wiping and unlocking will just add a MAC address randomization step.

      Of course the other option is find some nearby MAC addresses, register them to yourself and go and claim your "stolen" property.

    • by rhazz ( 2853871 ) on Tuesday September 08, 2015 @12:07PM (#50479637)
      It won't work for exactly the same reason. Your average laptop owner doesn't know their device's MAC address. Even if they knew how to get it, they probably don't have it written down. The article also indicates they are not after bag-snatching types. This would be more likely to be used if there was a home burglary where a device happened to be taken among other things.
      • by mysidia ( 191772 )

        Your average laptop owner doesn't know their device's MAC address.

        This should be done with cooperation from device manufacturers.. so the owner just has to pay a nominal fee and have registered their product or know the serial number, "theft reporting key", and model number, and the manufacturer looks up a Device ID and a Key, publishes a "device stolen" record.

        Ideally.... i'd like to see them have all devices broadcast an encrypted implant though when doing something else with the wireless. Basical

      • It won't work for exactly the same reason. Your average laptop owner doesn't know their device's MAC address.

        There's an app for that! (Or easily could be.)

        It would be trivial to build an application that would squirrel this info away for the user - like onto a database on various services (paid or free) that he subscribes to or registers for. (A good one would be the registration for the manufacturer's warranty.)

        It would also be trivial to include the various device MAC addresses along with the serial num

      • by dave420 ( 699308 )
        MAC addresses are frequently written on the packaging that devices come in. Unless the thief steals that too, it could work.
    • Of course you can change a MAC address. However, your average 90 IQ bag snatcher can't do that.

      Of course they can. It doesn't take any special skill whatsoever, unless you count searching for, downloading, and installing a program a "special skill".

    • This is another Stingray variant, for acquiring information without warrants, and isn't about stolen goods. It just has a better cover story, and a developer who's not insisting on NDAs to cover illegal mobile phone wiretapping because sucking up publicly broadcast information like SSIDs and MACs isn't explicitly illegal.

      Your average 90 IQ police department isn't going to search for stolen iPhones even if the user comes to them and says"My phone got stolen, '$Get-My-Phone-Back-App' says it's located at 766

      • by mysidia ( 191772 )

        Can you walk upstairs and ask him to give my phone back?

        This isn't how you frame the question. You need to have a little chat with your buddy in the department and buy 'em a beer.

        Political connections also help.

    • by gweihir ( 88907 )

      As soon as this becomes a factor in arrests, somebody will sell a tool to do it. This is a stunt, nothing more. It has no lasting positive effects. Well, maybe it can be used fro even more surveillance.

  • by Ukab the Great ( 87152 ) on Tuesday September 08, 2015 @11:46AM (#50479441)

    Are going to get in trouble because they discussed dongle-sniffing?

  • by sinij ( 911942 ) on Tuesday September 08, 2015 @11:46AM (#50479449)
    Since the use of dogs is getting push-back in courts, this is the new police invention to sidestep probable cause. Especially considering how easy it is to have a discrete device to create on-demand red flag.
  • by Anonymous Coward

    While it is trivial for a well-informed thief to change their business model by swapping their mac address, you have to remember that most thieves have no idea what a mac address is. Even thieves in the business of stealing iPhones may not read slashdot, shocking as that may be to believe.

    Criminals regularly get caught every day because they left fingerprints behind, despite the fact that we've known for something like a century that the cops will try to track you by your fingerprints so you should wear gl

    • Re: (Score:2, Informative)

      by Anonymous Coward

      For every thief that gets their face shown on a camera, there are a lot more who know enough to wear a hoodie.

      Even the meth-head looking to snatch a phone knows enough to stuff the device in a pouch made of tinfoil, wait a few days so the device runs out of battery, then takes it apart and parts it out (or sells it to a fence for a rock, and the fence does that.)
      Same with bike thieves -- they know frames have serial numbers that are recorded, but the latest Shimano shifting set doesn't, and c

  • I just had a friend who had their house broken into, and the person who bought their laptop actually contacted them after realizing it was stolen. They had bought it at a gas station from a guy 'selling his stuff to get gas money'. Yeah, the guy should have realized this was a scam. So basically the guys who stole it probably never even turn the thing on. They just sell it for cash and get out of dodge. You will just find a bunch of suckers who couldn't turn down a good deal, and what kind of prosecuti
    • by vux984 ( 928602 )

      Even if they start reliably "catching the suckers" it may reduce the demand for the goods in the first place. The market for stolen phones dropped once the networks started blacklisting them. Sure savvy theives will still export them... or whatever... but getting them to Nigeria to sell them for $50 is beyond the average purse snatcher's level. Simpler to steal something else... like your laptop.

      So basically the guys who stole it probably never even turn the thing on.

      That laptop probably not. But do you think the laptop the thief actually uses himself to surf for porn was purcha

  • by DutchUncle ( 826473 ) on Tuesday September 08, 2015 @11:58AM (#50479555)
    You can only find MAC addresses to check against the "stolen/missing" list if you gather EVERYTHING all the time. So now, just like tracking all of our phone calls and vehicle movements, it's a "safety" idea to track every single wifi device. It sounds so helpful . . . and if only there were some way to add "think of the children!" it would be perfect . . .
    • if you gather EVERYTHING all the time.

      if you buy from newegg or target or such, they keep records of these things

      we have these powerful devices called computers that are really good at remembering things like numbers

      • You're missing the point. Yes, they know what my MAC was, but they don't know where I am right now; as opposed to police cars wardriving 24/7, and maybe scanners sitting by the doors of malls and stores and such, looking for the MAC in my cellphone 24/7. Instead of complicated Stingray trackers that spoof the IMEI wireless-phone side, it must be a lot easier to spoof the wifi side. Of course, one can turn off one's wifi, and even keep one's phone in airplane mode - or off! - except as needed . . . but th
      • Today's Slashdot: Boston tracks vehicles, after having claimed that they STOPPED doing it, and also left the files unsecured. http://yro.slashdot.org/story/... [slashdot.org]
  • I know we like to whine here about patent stuff, so let us start whining! Because scanning a network in order to find a specific set of MAC addresses has never been done before...
  • by bobbied ( 2522392 ) on Tuesday September 08, 2015 @12:03PM (#50479601)

    I've been war driving for years using software that collects, among other interesting things, the MAC addresses of every device it hears. Google got in trouble doing this kind of thing too.

    This is NOT new, nor should he get a patent on this....

    • I've been war driving for years using software that collects, among other interesting things, the MAC addresses of every device it hears. Google got in trouble doing this kind of thing too.

      This is NOT new, nor should he get a patent on this....

      Exactly. This cutting edge technique could be summed up as "war driving." His magic MAC sniffing dongle might be called a "USB Wifi adapter" and his specialized software could be described as "Kismet."

      You can do this cheaply and easily. Get an old laptop, maybe four wifi adapters with external antennas, a gps, and go. Your first three adapters cover channels 1, 6, and 11, and the fourth hops between the remaining channels.

  • Just no ... (Score:2, Insightful)

    by gstoddart ( 321705 )

    Why is it the idiotic response of law enforcement when confronted with dealing with a small problem always to create a big problem.

    So, if the problem is there are a small amount of people who are breaking the law ... we should constantly surveil all people at all times to find that small amount of people.

    Yes, there exist people who rob banks. That doesn't mean you stop everybody and fingerprint and interrogate them in case they robbed a bank. If you have no probable cause, you shut the fuck up and don't d

    • by OhPlz ( 168413 )

      It's even more stupid than that. What is the government going to do even if they do catch these criminals? They're not going to do any serious time in prison. The prisons are full. These types of criminals are the first to be let out so that they have room to house violent criminals. Then they're back on the street committing the same crimes again. It's not unlike people who get caught committing their 20th DUI. There are no serious punishments, so there's no reason for them to stop even if they do g

    • by Anonymous Coward

      When a police car drives down the street, the officer inside is "surveiling" for stolen cars (with his eyes and a hot sheet). A camera with image recognition that did the same thing would be more effective; but I don't see as it as a problem. How is having a radio receiver that listens for the MAC addresses of known to be stolen devices fundamentally different? Now if the software was to record the location of every MAC address and maintain a database forever that would be different. However, I see no

      • Well, that's it then. AC sees no problem with it. I'm sold. Good thing you were here with your timely opinion, because the rest of these people on slashdot are so unreasonable in their cavalier attitudes towards the safety of our children.

        When a police car drives down the street, the officer inside is "surveiling" for stolen cars (with his eyes and a hot sheet). A camera with image recognition that did the same thing would be more effective; but I don't see as it as a problem. How is having a radio receiver that listens for the MAC addresses of known to be stolen devices fundamentally different? Now if the software was to record the location of every MAC address and maintain a database forever that would be different. However, I see no indication that is what is being proposed. Sure it is a technically small step to do so; but until they do that I don't see the problem.

    • I seriously doubt the actual intent here is to help track down stolen electronics. When is the last time the police ever helped anyone recover their stolen electronics?

      The real intent is probably to build up a database of MAC addresses and their locations at any given time. So later when they're investigating a homicide, they can cross-reference the database, and say "Ah hah, John Doe's phone was at the scene of the crime at the time the blurry surveillance camera video shows someone killing the clerk
      • The real intent is probably to build up a database of MAC addresses and their locations at any given time.

        with fake mac addresses the whole thing is just a stupid game of collecting useless information that won't be any good to anyone

  • by spiritplumber ( 1944222 ) on Tuesday September 08, 2015 @12:06PM (#50479631) Homepage
    I've used find-my-phone type things a few times... the police don't care even if you can literally give them the thief's address. Every time it has been up to me and/or friends to enforce property rights, not the police.
  • by PopeRatzo ( 965947 ) on Tuesday September 08, 2015 @12:15PM (#50479717) Journal

    I met a mac-sniffing dongle once. He finally got his dream job working the Genius Bar.

  • The community Wi-Fi MAC database is already built.
    There's a map done by wardrivers that can be used.
    http://noquest.com/network/locating-stolen-ap/

  • just buy a mini pci express WLAN card from ebay (cheap cheaper extreme cheap) - hopefully it's not a stolen one!

    Replace "mini pci express" card and do what you like with your old card.

    And you have a new mac adress.

    Bad people could throw these in the garbage or the electronics dumps, or sell them at flea markets, so you should not dumpster dive and flea market for those cheap cards there!

  • I used to be a Sprint Wireless customer. They used to, and probably still do blacklist phones, based on ESN of the phone. The ideas was that stolen phones or phones that were not off contract could not be easily sold. The general concept is sound. And I want something like that for my expensive electronics as well.

    My fully loaded Macbook Pro cost a little more than $3K. If it gets stolen, I would like to be able to get it back. I understand that police may only recover it from an idiot who bought it f

    • Even as much as I disagree with even bricking stolen equipment (it's extremely wasteful in many regards to make perfectly usable equipment unusable), I do understand the sentiment behind why it would be a good thing to do.

      However, tracking stolen devices at coffee shops and public Wi-Fi? How could anything possibly go wrong?

      Step 1. Give your "enemy" (or whoever) a new iPhone and a $10 Starbucks giftcard.
      Step 2. Report device stolen to local police and/or otherwise have it added to the naughty database
      Ste

    • My fully loaded Macbook Pro cost a little more than $3K. If it gets stolen, I would like to be able to get it back.

      Buy a used cheapie for the road and leave the good stuff at home. Dings and dents are your friends, they decrease resale value and maybe the thief will pass over junk that he can't sell.

      • My fully loaded Macbook Pro cost a little more than $3K. If it gets stolen, I would like to be able to get it back.

        Buy a used cheapie for the road and leave the good stuff at home. Dings and dents are your friends, they decrease resale value and maybe the thief will pass over junk that he can't sell.

        THIS! I bought a cheap eePC netbook for road trips, and lately, a Chromebook. My good stuff is safe at home. Now of course, some people want whatever status may come from top-end macs and Sonys, but as much as I like the Apple offerings, I could not care less about wowing people. My only Apple product I take with me is my iPhone, because it would be kind of silly to get a smartphone, then leave it at home.

  • So he wants to build a license plate reader for technocrap. As most gear is set in WiFi whore mode by default, you could build a decent database of "who, where, when" the same way LPRs work. Stick these up on lamposts, or even better at the entrance and exit routes of your town and start building your database. What could go wrong?

    SD

  • What the hell do they mean "wireless dongle"? At first I thought they were talking about something that you attach to your devices that you don't want stolen. But that makes no sense at all, as the thieves would quickly learn to remove it. Then, after rereading the disclaimer " (any of them with wireless capabilities and a MAC address, at least) " I think that I realize that the "dongle" is some device that the cops would use to intercept wifi signals. Wouldn't make any sense to add a dongle to a wireles

  • Doors at 9pm. First set at 10.
  • by linuxwrangler ( 582055 ) on Tuesday September 08, 2015 @01:28PM (#50480653)

    Sure, some crooks might change the MAC but in many devices a hard reset will return it to the default. But a typical burglar kicks in your door, ransacks the house, grabs anything they think will make them a quick buck for next fix and runs.

    I found my camera on Craigslist a couple days after it was stolen in just such a burglary. The cops called him up to "buy" it back and busted him. When I got my camera back it not only had the original configuration settings including my name as the author and copyright holder but also photos of the thief himself taken at the camera store where he tried to sell it.

    Finding the manual and learning how to clear configurations and set MAC addresses is simply not in your average crook's play-book.

    • The cops called him up to "buy" it back and busted him.

      if you read the other stories here you will see that your experience is fairly unique, the cops don't seem to care about petty larceny very much

  • keep the good stuff at home, buy cheap junk for going out and about. stop worrying about theft, enjoy life.

  • Theft Victim: I would like to report my laptop stolen
    Police Officer: Okay, could I have the MAC number of your laptop?
    Theft Victim: It’s not a Mac, it’s a PC.
    Police Officer: I mean the unique number associated with your network card.
    Theft Victim: I don’t have a network card, but would my library card work?
    Police Officer: Nevermind.

    • this wont work anyway, you have to ask for the "hardware address of the wireless card"

      the mac address for the ethernet interface is not going to be very useful here

      • by marciot ( 598356 )

        this wont work anyway, you have to ask for the "hardware address of the wireless card"

        the mac address for the ethernet interface is not going to be very useful here

        Theft Victim: Huh?

  • So the cops want to drive around, scanning for mutable MACs, and if one matches up with a database they control, then they'll have probable cause to enter a dwelling. Yup, no way to abuse that!
  • Is that the Police can locate anybody, by reporting his device as stolen.

"To take a significant step forward, you must make a series of finite improvements." -- Donald J. Atwood, General Motors

Working...