Apparently the Yahoo (Reuters) story got it wrong. According to two other articles I read, he logged into the AOL account that was configured on the machine that he stole, not his *own* account. No "phone home" software, no MAC addresses, and no serial numbers in the CPU were used to find the machine. Of course, the more important question: If the computer had such sensitive data on it, why would it ever be granted network access? http://www.timesheraldonline.com/articles/2003/11/27/news/news05.txt http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2003/11/27/MNGUO3BN101.D... ... Investigators knew where to look for the gear not because of unusually intrepid sleuthing but because Krastof allegedly used the computer to log on to an AOL account belonging to the system's owner, Peter Gascoyne. This allowed authorities to eventually trace the call back to Krastof's residence, said the Police Department's White, who acknowledged that cracking the case was, as much as anything, a matter of pure luck. Jun at Cryptography Research said most people don't realize that they announce their presence and leave an electronic trail any time they go online. "Using a stolen computer to log onto the Net is like taking a stolen credit card (and) buying gas for all your friends at a single service station, " he said. "It's pretty easy to get caught." White said investigators had asked AOL as a routine precaution to watch for any log-ons in Gascoyne's name. He said the world's biggest online service had reported a hit earlier this month but then dragged its feet in providing information about the phone line used in the connection. White said telecom giant SBC, in turn, had not been very helpful in offering information about the location of the residence where the AOL dial-up originated. SBC and AOL privacy policies both say information can be shared with law-enforcement officials. "We ended up taking a while with search warrants," White said. "Part of the difficulty was the lack of cooperation among various entities." AOL did not return calls seeking comment. An SBC spokesman said company officials had fulfilled investigators' requests the same day they were asked. Once all the pieces were in place, though, White said, authorities arrived at Krastof's home around 7 p.m. Tuesday and were let in by his girlfriend. ... - Eric Tully Neil Johnson wrote:
From:
SAN FRANCISCO (Reuters) - Police have arrested a California man in connection to a burglary in which a computer with sensitive information about Wells Fargo & Co. (NYSE:WFC - news) customers was stolen, officials said on Wednesday.
(snip)
Investigators traced the computer to Krastof when he logged onto his own America Online account at home through one of the stolen computers, White said. That enabled authorities to connect the computer's Internet Protocol address, a number that identifies a computer on the Internet, to Krastof's home address through his AOL account, White said.
(snip)
My guess that there was some sort of application (maybe an internally based IM client) that "phoned home" when the thief started up the computer.
Or at least I hope ....