Facebook auto sign used as stolen laptop locator?

By +Warwagon
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

+Warwagon MVC

Posted
  • MVC
Posted

Facebook auto sign used as stolen laptop locator?

So I helped a girl out remotely with her computer this morning and then 2 hours after that when she returned from lunch someone had stolen her DSLR and her new laptop. So that made me think. What would have been on her computer, which could possibly help locate it? There was no anti-theft technology. But then I had a thought. What if she had her computer log her into automatically to Facebook? She told me she never uses Facebook on that computer, which sucks, but what if she had? Facebook keeps track of all of the locations you log into your Facebook from. So if a thief were to have obtained her machine, taken it home, connected it to his internet and proceeded to log into Facebook by going to Facebook.com, it would have logged her in automatically her into her account.

She could then go to her Facebook profile settings under security and Active sessions. She would then see her laptop log into to her Facebook account and the IP address it was done on.

So while it?s not perfect, it would be better than nothing.

Grand Master

Gerowen

Posted
Posted

At first I thought you were telling a heroic story about how you actually did this, then it turned sad, lol. You could potentially use this method with any website that she could automatically log into though, not just Facebook, or websites that support logging in with Facebook, like Neowin, since even though the user didn't actually sign in on Facebook.com, they authenticated with the Facebook servers.

Don't all modern Windows OSs "phone home" to ensure they are geunine when they are connected to the internet? So if she knew her Windows service tag, Microsoft could potentially tell you the IP that the computer checks in from. Then again, that adds a 3rd party to the mix, Microsoft, and not just the ISP, so you increase overhead and the time it would take to find the laptop.

Grand Master

+Warwagon MVC

Posted
  • Author
  • MVC
Posted

At first I thought you were telling a heroic story about how you actually did this, then it turned sad, lol. You could potentially use this method with any website that she could automatically log into though, not just Facebook, or websites that support logging in with Facebook, like Neowin, since even though the user didn't actually sign in on Facebook.com, they authenticated with the Facebook servers.

Don't all modern Windows OSs "phone home" to ensure they are geunine when they are connected to the internet? So if she knew her Windows service tag, Microsoft could potentially tell you the IP that the computer checks in from. Then again, that adds a 3rd party to the mix, Microsoft, and not just the ISP, so you increase overhead and the time it would take to find the laptop.

True, but it works better on a website that the thief is more than like going to go to first.

Grand Master

episode

Posted
Posted

Gmail also tracks and lets you view the IP address that the account has logged in from. But that doesn't really get you anywhere.

Simply having the IP address doesn't get you any closer to getting it back. You'd have to go through the police to get a warrant from the service provider to trace the IP to the physical location, which takes days, not minutes. By the time the police got the warrant (which they likely would not, because you don't really have enough evidence) the laptop would be long gone.

Grand Master

Nick H. Supervisor

Posted
  • Supervisor
Posted
Why not load this on all of your computers you touch. It works really well and is open source.

http://preyproject.com/

Yep, there are plenty of tools out there. The problem in this scenario though was that it was an end user who didn't think to install anti-theft software. Prey is supposed to be a great one. (Y)

But yeah, something like Facebook or Gmail would work if the user set the computer to automatically log them in when they went to the site. Obviously it's not an optimal solution, but it's some good thinking for a tough situation.

Grand Master

+Warwagon MVC

Posted
  • Author
  • MVC
Posted

Why not load this on all of your computers you touch. It works really well and is open source.

http://preyproject.com/

Good stuff, but for prey the user has to be pro active in installing it in case their PC gets stolen. With the facebook method, it would potentially be something the average user already had setup which might help them to find their pc.

Grand Master

sc302 Veteran

Posted
  • Veteran
Posted

Yep, there are plenty of tools out there. The problem in this scenario though was that it was an end user who didn't think to install anti-theft software. Prey is supposed to be a great one. (Y)

But yeah, something like Facebook or Gmail would work if the user set the computer to automatically log them in when they went to the site. Obviously it's not an optimal solution, but it's some good thinking for a tough situation.

"So I helped a girl out remotely with her computer this morning"

He touched it, if it were standard protocol he would recommend it or install it for them. He is the expert and should recommend certain things like antivirus, sandboxie, etc (which he already does). She already stated that she doesn't use facebook so facebook or gmail or anyother app would require the end user to do something. end users don't do anything until something bad happens to them.

Grand Master

Nick H. Supervisor

Posted
  • Supervisor
Posted
He touched it, if it were standard protocol he would recommend it or install it for them. He is the expert and should recommend certain things like antivirus, sandboxie, etc (which he already does). She already stated that she doesn't use facebook so facebook or gmail or anyother app would require the end user to do something. end users don't do anything until something bad happens to them.

Oh don't get me wrong, I try to remember to recommend various security tools to my "external" clients whenever I can. But this came across as more of a "whoops, this has now happened, I wonder if there is some way to progress" type thread rather than suggestions for future users. But you're right, as tech enthusiasts/workers we should always be recommending these kind of tools. I always recommend Lookout to people when I see that they have an Android, I should really make a more regular habit of suggesting similar software for laptops and computers of friends and families. (Y)

Grand Master

+Warwagon MVC

Posted
  • Author
  • MVC
Posted

"So I helped a girl out remotely with her computer this morning"

He touched it, if it were standard protocol he would recommend it or install it for them. He is the expert and should recommend certain things like antivirus, sandboxie, etc (which he already does). She already stated that she doesn't use facebook so facebook or gmail or anyother app would require the end user to do something. end users don't do anything until something bad happens to them.

Actually I don't recommend Sandboxie to regular people. It would drive them nuts.

Grand Master

n_K

Posted
Posted

It all depends really on who nicks the laptop.

If some random joe bloggs nicks the laptop, yes you can track them if you've got software on it or whatnot.

If someone that actually knows what they're doing nicks it, you can guarantee the first thing they'll be doing is either (re)installing a different OS or formatting the drive, although then you've got things like the intelligent ethernet used on business intel laptops that sends 'secret' ethernet packets to help track it - although once again these can be defeated.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Internet Download Manager (IDM) 6.43 Build 2

      By Copernic · Posted

      Internet Download Manager (IDM) 6.43 Build 2 by Razvan Serea Internet Download Manager (IDM) is a tool to increase download speeds by up to 8 times due to its smart dynamic file segmentation technology. Unlike other download managers and accelerators, Internet Download Manager segments downloaded files dynamically during download process, and it reuses available connections without additional connect and login stages to achieve the best possible acceleration performance. Comprehensive error recovery and resume capability will restart broken or interrupted downloads due to lost connections, network problems, computer shutdowns, or unexpected power outages. All popular browsers are supported IDM integrates seamlessly into Google Chrome, FireFox, Microsoft Edge, Opera, Safari, Internet Explorer, Maxthon and all other popular browsers to automatically handle your downloads. You can also drag and drop files, or use Internet Download Manager from command line. The program supports proxy servers, ftp and http protocols, firewalls, redirects, cookies, authorization, MP3 audio and video content processing. IDM includes web site spider and grabber IDM downloads all required files that are specified with filters from web sites, for example all pictures from a web site, or subsets of web sites, or complete web sites for offline browsing. It's possible to schedule multiple grabber projects to run them once at a specified time, stop them at a specified time, or run periodically to synchronize changes. Easy downloading with one click When you click on a download link in a browser, IDM will take over the download and accelerate it. You don't need to do anything special, just browse the Internet as you usually do. IDM will catch your downloads and accelerate them. IDM supports HTTP, FTP, HTTPS and MMS protocols. Changes in Internet Download Manager 6.43 Build 2: Resolved the problem that caused a "403 Forbidden" error when downloading some files Fixed a problem causing IDM download panel not to appear on some websites Fixed a bug that caused a crash when converting some TS files to MP4 Download: Internet Download Manager 6.43 Build 2 | 11.9 MB (Shareware) Links: Internet Download Manager Website | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Windows 11 is getting redesigned taskbar settings in new build

      By Captain_Eric · Posted

      It's in Experimental (26H2).
    • Why it's almost impossible to produce a smartphone in the United States

      By Shadow8 · Posted

      I am not a US citizen nor a Trump fan. Respect to both left and right. But I will, for the sake of fun, predict something for my own. There will come a day when the US and China will collide like titans ( over Taiwan or anything else ). Then, on that day, some people in this comment section will realize how good an idea it was to become independent in areas like that. ( Or atleast try )
    • Microsoft Edge gets tons of security features, including AI model that can see your screen

      By Usama Jawad96 · Posted

      Microsoft Edge gets tons of security features, including AI model that can see your screen by Usama Jawad Microsoft Edge may not be the most popular browser out there, but it does receive quite frequent updates that sometimes bring surprising new features and axe others that are not as popular. Now, Microsoft has detailed some of the new security enhancements that it has introduced in Edge for Business, typically used by commercial customers. Microsoft has emphasized that security features are baked into Edge for Business and offer native integration with security and governance tools like Defender and Purview. Browser sessions are governed by default on managed devices but can also be governed through dedicated work profiles on unmanaged devices. An important aspect in this area is controlling the use of shadow AI. We have talked about this before, but it essentially restricts employees from using unsanctioned AI apps through data loss prevention (DLP) policies, with Edge redirecting them to trusted AI services like Microsoft 365 Copilot. This feature, available as a pay-as-you-go (PAYG) license, ensures that confidential data never exits AI boundaries set by your organization in Purview. Additionally, Microsoft also has strong DLP policies for contractors. Contractors leveraging a Entra ID-joined work profile provisioned by their contracting company on a device managed by their actual employer can be restricted from downloading files locally. In such scenarios, the file is saved on the contracting firm's OneDrive rather than being downloaded locally. Another useful Edge security feature disallows copying and pasting from unmanaged locations and apps. Similarly, DLP policies can be configured at a granular level to restrict screenshots or downloading of files from certain locations. In the same vein, IT admins can block the installation of extensions, hosted apps, themes and scripts, and control if users can install extensions from external locations. They can also enable the installation of specific extensions and allow users to request access to certain extensions, so that they can be managed on a case-by-case basis. Finally, Edge for Business now has an on-device AI model that uses computer vision to see what's on your screen and block potentially malicious content immediately. This does not rely on site reputation, as it simply monitors what is being displayed on your screen, which means that it is effective against malicious content that takes over your screen and employs scareware tactics. Since this is an on-device AI model, it does use your system's resources, so it's enabled by default only on devices with at least 2GB of RAM and four CPU cores. You can find more details in the Microsoft Mechanics video here.
    • Linux 7.2's first release candidate gets off to a good start

      By thartist · Posted

      Could you come up with a slightly less depressing background for Tux instead of that gray gradient? Doesn't have to be cheerful, just less of a downer...

  • Recent Achievements

    • Dedicated
      Zeynel earned a badge
      Dedicated
    • One Month Later
      JKR earned a badge
      One Month Later
    • Dedicated
      Asgardi earned a badge
      Dedicated
    • Conversation Starter
      jessse3334 earned a badge
      Conversation Starter
    • Reacting Well
      JuvenileDelinquent earned a badge
      Reacting Well

  • Popular Contributors

    1. 1
      +primortal
      495
    2. 2
      +Edouard
      247
    3. 3
      PsYcHoKiLLa
      154
    4. 4
      Steven P.
      86
    5. 5
      macoman
      65
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!