spectrum48k

a laptop has been stolen, reformatted and used for a period of time. It is now in the possession of the police

the police want to prove a certain suspect used this laptop - is there any way to tie this laptop to this person, perhaps based on their internet activity ?

ie. is the laptop's mac address ever transmitted to an ISP ?

Iain Young

Did they not dust it for fingerprints?

I think the only mac address transmitted to an ISP is that of the modem.

Dedrater

Even if an ISP chooses to store such information, getting them to release information is very difficult, mainly due to the Data Protection Act.

I doubt this sort of effort is put in just for the sake of a laptop. You could check the internet history and saved passwords and see if he has logged into any personally sensitive sites.

Even if you could get the MAC address and prove it was used on X ISP, I further doubt the CPS would use it as the sole evidence, as MAC address's are easily spoofed.

BooSH

Where my brother works they had a customers expensive laptop stolen by some scumbags, but the police somehow recovered it, but by using the fingerprint dust on it managed to completely **** it up.

spectrum48k

thanks chaps, I can only assume they've checked it for prints - with no joy

Luminous

iTrader: (3)

I would have thought the police could contact the ISP the laptop was using. They should have the power to make them release information regarding what the pc was doing. If the RIAA manage to make them release this info, then the police should be able to.

If you then go to all the places that he went to, you should be able to find some personally sensitive sites that point back to the user (banks, forums, ebay etc).

As mentioned above the internet history (both explorer and firefox and whatever else he used) will be useful if he did not clear it.

MAC addresses should not be an issue, as the ISP will be able to tell you which physical phone number the connection was made from, and therefore what address. If it was a roaming laptop then they will be able to point to the specific mobile sim card that was used, and again from there to the person.

Surely the police have their own experts who do this? They are in the force and are quite effective. They have to do this sort of thing routinely for child ****/hackers etc.

The Rig

iTrader: (13)

MAC addresses etc wont prove person A was using the laptop, i mean,the laptop could be on and anyone can use it,provin in court the said suspect actually used it is pretty hard.

facebook/online banking etc being used, well, hacked accounts would be used as an aliby i would of thought.

scoobz72

Its about time IMEI was used for laptops in the bios to stop this happening.
I did read a while ago it was being pioneered and Dell have been protecting their bios's for years.
MAC addresses will not provide machine info,as has been said, they can be spoofed anyway. Besides, any adaptor used to connect to the internet will have a separate MAC to that of the laptop.
IBM & HP have used biometrics for a few years but its very inconsistent.

The FBI use a similar software to Acronis shredder, it can recover data from a formatted drive. It will even recover deleted files from recycle bin etc. probably our own feds wont use that. Temp files hold a lot of info as do cookies so i guess there would be a good place to start.

Email headers are the only identifiable info sent from a PC.

Sonic'

IIRC the police dont have the power as such, they can get a court order requesting the info from the ISP, and also the ISP can levy a charge depending on what information is required and length of time to obtain that information

We have done it in the past for someone who had their face shot off, cant remember whether it was our customer who got shot, or if he shot someone else, but we gave the information to the police and charged them about 500 quid, due to how much info they needed and how long it took to get it for them

It was a lot of messing about and im not sure that particular evidence amounted to much, it did help but not enough on its own