Saturday, April 11, 2009

Computer Nerd vs Robber: City of Buffalo NY

This is probably the most unbelievable story you will ever read. It sounds almost like a movie (anyone want to make a movie deal?), but believe me; every part of this has happened. It is a funny and sad story all at the same time with a happy ending.

I just graduated from college and moved to Buffalo, NY in early to November 2008 to start my career as a nerd programmer for a fast growing web technology company Synacor. I was enjoying the first few weeks on the job meeting people, learning a bunch of new skills, and enjoying living on my own.

Thanksgiving break quickly approached and I decided to go home to Rochester to celebrate with my family. In hindsight this decision might have saved my life.

On November 29th 2008 between 3am - 4am (I will explain how I know this later) my apartment and 2 others in my building were robbed. The person stole whatever they could get their hands on including my computer I just bought 4 months ago. The worst part about a robbery is the feeling you get when you arrive back at your apartment and feel completely violated. The stuff that is taken can be replaced, but the insecure feeling stays around for a long time.

I called the police, my landlord, and my parents. My landlord quickly came over and we determined the person entered through the sliding glass door. (Lesson Learned: Make sure everything is really locked up well). My parents dropped what they were doing and came to Buffalo to help me clean up. (Thank you Mom and Dad :))

The police were about to leave when they realized that two other apartments also got robbed that were in adjacent buildings. In one of the apartments a cat was injured. Since a cat was injured the detectives were brought in. (Nothing against animals, but I find it comical that a cat causes the detectives to be called in)

The detectives took a bit to arrive and they showed up right when my parents did. They took pictures, fingerprints, and did detective stuff. My dad, being the goofball that he is decided to take pictures with me and the detectives. (Probably to add to his 25,000 + iPhoto collection). My dad is great at taking everything as a joke. (Maybe I will write about him in my next blog entry)

The detectives left and my parents helped me cleanup the apartment. I went to bed next to my tennis rackets (for protection), phone, keys, and shoes. (I still do this most nights; so I can easily escape).

Police Report



This is where the story gets interesting...

Being the nerd that I am, I had a hostname from DynDns.com that would point to the public facing IP address of my computer (This would update whenever the computer's IP address changes). I also had an online backup service from mozy.com (That I signed up for about 1 week prior to the incident!).

Translation for non-nerds:
Using the combination of computer software, I could easily track down any person that would turn on the computer and connect it to the Internet.

After I got over the initial shock (my parents and friends were very supportive) I was able to continue on my life as normal. Just for fun I wrote a script that would check every 5 minutes if the hostname I setup with DynDns.com was active. (The script actually never worked because I was checking the web server I had installed on my computer was active and not just a simple ping). It turns out the computer was behind an Airport Extreme Base Station that might have had the IPV6 vulnerability, that I could have tried to exploit but it wasn't worth it. (I found out this information from a keychain file; I am really a nerd)

The way I determined that the robbery happened between 3am and 4am was the last "Time Machine" backup occurred at 3am (Automatic backups to my external hard drive happen every hour. The robbers didn't take my external hard drive or my printer!!)

Months passed by and no activity on the DynDNS.com front or Mozy front. I was starting to lose hope.

Then on February 8th I just decided to randomly login to dyndns.com and sure enough the hostname updated!! I got the IP address did a traceroute and found out it was a Buffalo Verizon IP address. I then logged into Mozy and sure enough a backups have been occurring since February 1st. I started downloading files from the computer. The computer was actually being used by kids (which I will NOT post). They absolutely loved the camera on my iMac and the photo booth application (which I admit is pretty fun).









I called Verizon, timewarner, the police, and anyone who could help me to get action happening. Verizon couldn't help me as they are not going to release information on their customer. Timewarner told me to call the police.

I dropped off all the information to the police in the next couple of days and gave them up to date information on the IP address (as it was dynamic). A couple weeks passed and I heard nothing back. There is a lot of crime in Buffalo so my stolen computer was not placed at the top of the priority list. I knew the people who had my computer were clueless so I was not too worried.

Towards the middle/end of February I did more exploring into the backed up files on Mozy and actually found the name of the person who had my computer. I gave this information to the police. I found this information in com.apple.recentitems.plist and did a white page search to get his address and phone number. (One of the computers on his network had his name in it and was recently connected to)

I finally received a phone call towards the end of February from a detective saying they were working hard to get a subpoena and would be picking up my computer soon.

I kept bugging them throughout the month. I felt so close and so far away at the same time.

Now the plot gets really scary. On the morning of Friday March 13th I received a call from a detective. He said you are not going to believe who stole your computer. I replied "Who". He said a person who is now in jail and murdered a lady . I was pretty scared when I heard that. He said the person is in jail which made me feel a little better. (The person in jail ended up selling the computer to the person who had my computer.)

He then said that they want to get physical evidence to link Earl Gill to the robbery of my apartment. They were going to take fingerprints of my computer. They said it would take a couple of weeks as they were pretty backed up. I was pretty happy, I knew for sure that I was going to get my computer back.

On Saturday March 14th, I heard some people talking outside about a robbery. The person said, my computer was stolen and apartment got trashed. I couldn't believe what I was hearing. I was wondering if someone cloned me and traveled back through time. (I actually wasn't thinking that, but I had to find out more information.)

I went outside and talk to them for a bit and the Robbery happened early in the morning, through an unlocked window. His apartment was on the 2nd floor (just like everyone else that was robbed) and his apartment was trashed with no personal identification information stolen and really odd items stolen (Like shampoo).

This kind of freaks me out a bit. The police story doesn't add up because they said they have the robber in jail, but the same type of robbery occurred again. My conclusion is that their are a lot of desperate people out there.

On Thursday April 2nd 2009 the police said my computer was ready to be picked up! I was pretty busy with work so I did not actually pick it up until the 3rd. I brought it home and cleaned it up and everything seemed to be in good working condition.

I turned it on and heard this loud crunching sound coming from the CD/DVD drive. It turns out that the CD/DVD drive was busted! It appears the people that were using my computer did not know how to get a CD out of the drive. (It is a slot loading drive). It appears they tried to pry it out as the case was damaged and a CD was still stuck in it. Everything else worked great, so I was still very happy.

I took my computer over to the apple store and they cut me a pretty good deal to get it fixed as they found the story pretty amazing. It took a few days to fix and it is now working great like nothing happened!

I am now home for Easter vacation in Rochester and am a little worried about my computer getting stolen again. But if anyone decides to take my computer, they are going to be surprised when the police show up at their door :)

In summary here is a time-line of the events:
  • Computer and lots of other stuff stolen over thanksgiving break in 2008 from my apartment. (I had dynamic dns daemon + automatic online backup software installed)
  • February 8th 2009 I noticed the dynamic dns software and automatic online backup software started working (Someone connected my computer to the Internet)
  • Got the IP address and started grabbing the files off the computer via Mozy (Pictures, documents, preference files...etc)
  • Got pictures of kids, their friends, videos, everything. (They were using the camera on my computer, which they really enjoyed)
  • In com.apple.recentitems.plist I found a name I did a white page search got the address and phone number
  • Gave the police all the information as I found it
  • On Friday March 13th I got a call from the police and they told me that the person who robbed my apartment murdered a women and is in jail. (The person who has my computer bought it from the murderer)
  • Saturday March 14th at night an apartment next to my building was robbed. I talked to the guy who got robbed, it happened around the same time, the same entry method, the same robbery style, on the same floor. (4 robberies in 4 months all on the 2nd floor of two different buildings that are adjacent). (3 robberies in 1 night + 1 at another night)
  • On Thursday April 2nd the police informed me I could pick my computer up!
  • I picked up my computer the next day and noticed the CD/DVD drive was damaged and took it to the apple store over the weekend
  • Apple cut me a deal and fixed up the computer and is now working great!

I told you this story was unbelievable with a happy ending!