Schneier on Security: Tagged theft

Entries Tagged "theft"

Page 8 of 22

Police Sting Operation Yields No Mobile Phone Thefts

Police in Hastings, in the UK, outfitted mobile phones with tracking devices and left them in bars and restaurants, hoping to catch mobile phone thieves in the act. But no one stole them:

Nine premises were visited in total and officers were delighted that not one of the bait phones was ‘stolen’. In fact, on nearly every occasion good hearted members of the public handed them to bar or security staff.

I’m not sure about the headline: “Operation Mobli deters mobile phone thieves in Hastings.”

There are two things going on here. One, people are generally nice and will return property to its rightful owner. Two, it’s hard for the average person to profit from a stolen cell phone. He already has a cell phone that’s assigned to his phone number. He doesn’t really know if he can sell a random phone, especially one assigned to the number of someone who had her phone stolen. Yes, professional phone thieves know what to do, but what’s the odds that one of those is dining out in Hastings on a particular night?

Posted on July 26, 2012 at 6:55 AM • View Comments

Hacking BMW's Remote Keyless Entry System

It turns out to be surprisingly easy:

The owner, who posted the video at 1addicts.com, suspects the thieves broke the glass to access the BMW’s on-board diagnostics port (OBD) in the footwell of the car, then used a special device to obtain the car’s unique key fob digital ID and reprogram a blank key fob to start the car. It took less than 3 minutes to accomplish the feat. (That said, despite their sophistication, the thieves were, comically, unable to thwart the surveillance cameras, though they tried.)

[…]

Jalopnik reports that BMW thieves are likely exploiting a gap in the car’s internal ultrasonic sensor system to avoid tripping its alarm when they access the car.

But there’s another security flaw in play. The OBD system doesn’t require a password to access it and program a key fob. According to Jalopnik, this is a requirement in Europe so that non-franchised mechanics and garages can read the car’s digital diagnostic data.

More details here.

Posted on July 13, 2012 at 6:51 AM • View Comments

Bar Code Switching

A particularly clever form of retail theft—especially when salesclerks are working fast and don’t know the products—is to switch bar codes. This particular thief stole Lego sets. If you know Lego, you know there’s a vast price difference between the small sets and the large ones. He was caught by in-store surveillance.

EDITED TO ADD (6/12): I posted about a similar story in 2008.

Posted on May 31, 2012 at 6:17 AM • View Comments

Dance Moves As an Identifier

A burglar was identified by his dance moves, captured on security cameras:

“The 16-year-old juvenile suspect is known for his ‘swag,’ or signature dance move,” Heyse said, “and [he] does it in the hallways at school.” Presumably, although the report doesn’t make it clear, a classmate or teacher saw the video, recognized the distinctive swag and notified authorities.

But is swag admissible to identify a defendant? Assuming it really is unique or distinctive—and it looks that way from the clip, but I’m no swag expert—I’d say yes.

Posted on April 19, 2012 at 1:03 PM • View Comments

Stolen Phone Database

This article talks about a database of stolen cell phone IDs that will be used to deny service. While I think this is a good idea, I don’t know how much it would deter cell phone theft. As long as there are countries that don’t implement blocking based on the IDs in the databases—and surely there will always be—there will be a market for stolen cell phones.

Plus, think of the possibilities for a denial-of-service attack. Can I report your cell phone as stolen and have it turned off? Surely no political party will think of doing that to the phones of all the leaders of a rival party the weekend before a major election.

Posted on April 18, 2012 at 6:49 AM • View Comments

Lost Smart Phones and Human Nature

Symantec deliberately “lost” a bunch of smart phones with tracking software on them, just to see what would happen:

Some 43 percent of finders clicked on an app labeled “online banking.” And 53 percent clicked on a filed named “HR salaries.” A file named “saved passwords” was opened by 57 percent of finders. Social networking tools and personal e-mail were checked by 60 percent. And a folder labeled “private photos” tempted 72 percent.

Collectively, 89 percent of finders clicked on something they probably shouldn’t have.

Meanwhile, only 50 percent of finders offered to return the gadgets, even though the owner’s name was listed clearly within the contacts file.

[…]

Some might consider the 50 percent return rate a victory for humanity, but that wasn’t really the point of Symantec’s project. The firm wanted to see if—even among what seem to be honest people—the urge to peek into someone’s personal data was just too strong to resist. It was.

EDITED TO ADD (4/13): Original study.

Posted on April 4, 2012 at 6:07 AM • View Comments

British Anti-Theft Briefcase from the 1960s

Fantastic.

Posted on March 5, 2012 at 6:45 AM • View Comments

Using False Alarms to Disable Security

I wrote about this technique in Beyond Fear:

Beginning Sunday evening, the robbers intentionally set off the gallery’s alarm system several times without entering the building, according to police.

The security staffers on duty, who investigated and found no disturbances, subsequently disabled at least one alarm. The burglars then entered through a balcony door.

Posted on January 19, 2012 at 6:36 AM • View Comments

Cutting Wallets Out of Drunks' Pockets on New York City Subways

It’s a crime with finesse:

But he is actually a middle-aged or older man who has been doing this for a very long time. And he is a fading breed.

“It’s like a lost art,” the lieutenant said. “It’s all old-school guys who cut the pocket. They die off.” And they do not seem to be replacing themselves, he said. “It’s like the TV repairman.”

Lush workers date back at least to the beginning of the last century, their ilk cited in newspaper crime stories like one in The New York Times in 1922, describing “one who picks the pockets of the intoxicated. He is the old ‘drunk roller’ under a new name.” While the term technically applies to anyone who steals from a drunken person, most police officers reserve it for a special kind of thief who uses straight-edge razors found in any hardware store.

EDITD TO ADD (11/14): Pick-pockets of all kinds may be a dying breed in New York.

Posted on November 7, 2011 at 12:43 PM • View Comments

Another ATM Theft Tactic

This brazen tactic is from Malaysia. Robbers sabotage the machines, and then report the damage to the bank. When the banks send repair technicians to open and repair the machines, the robbers take the money at gunpoint.

It’s hardly a technology-related attack. But from what I know about ATMs, the security of the money safe inside the machine is separate from the security of the rest of the machine. So it seems that the repair technicians might be given access to only the machine but not the safe inside.

Posted on October 31, 2011 at 8:18 AM • View Comments

←Previous 1 … 6 7 8 9 10 … 22 Next→

Sidebar photo of Bruce Schneier by Joe MacInnis.