Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Catching an iPhone mugger without iCloud
5 points by mchannon on May 17, 2014 | hide | past | favorite | 6 comments
Last week I got mugged, and lost my iPhone as a result. iCloud was not enabled, so "find my iPhone" wouldn't work (phone's GPS was water damaged anyway; it'd always think I was in Union Square even though that's not where it got water damaged).

I called my provider to add the phone to the stolen registry, disable calling, all the usual stuff.

To my surprise, a group text a friend of mine sent out got a response; apparently iMessage was still working and the genius in possession of the phone decided to respond to the group text with a "who's this".

I'm thinking of having someone else send an iMessage with a hyperlink, and attaching a script to get their IP (since they must be connecting via wi-fi) and send it to the authorities. Normally I'd consider it unlikely to work but this person has already shown they're not the sharpest knife in the drawer.

My question is: if you were in unlawful possession of somebody else's iPhone and not bright enough to wipe the device or get rid of it, what's an example of a text message you would be most likely to tap a hyperlink through?



This is crazy but it might work:

1. Start talking about a prize you won, something like "Remember that radio show I called? Well, finally I won the macbook pro contest".

2. Set up an environment where you have to go somewhere but you simply can't so your friend needs to ask a favor to show up at "blablabla" and show "this code" in the name of "Blablabla". Another friend of yours should say "ok, I'll go".

3. Talk about when they are at the "public place" the day X from 10 to 12", your friend talk about he won't be able to arrive earlier than "11:30".

Give all the details like "I have already talked to them, and I have told them that my friend is going to pass by to get the iPad and that they only need to show the code in his mobile. Anyway, they are going to be there from 10 to publicite whatever...".

Just wait from 10 to 12 that day at that place, bonus points if you print some "radio t-shirts" or something...


As it turns out, they took the bait, clicking on the link and revealing a ClearWire IP address, which is probably neither static nor traceable.

Anyone got any ideas? (Getting them to click another link would probably be possible, but to what end?)


Something like "yo here are those girl's pics"


I had my Android stolen, and I GPS located it. The idiot even took a photograph of their medical paperwork, revealing thier identity, address, social security number, date of birth, etc... BUT THE SAN FRANCISCO POLICE DEPARTMENT MISSION PRECINCT WOULD NOT LIFT A FINGER TO HELP ME!!!

I finally published the photograph online, in hopes that some identity thief finds it.

FUCK PEOPLE WHO STEAL PHONES


Police must have been busy rounding up someone for jaywalking on an empty street.


Something that implies sex, such as pointing to a fake login page to a fake hookup site that requests his html5 geolocation to find "hot girls nearby who are down to fsck".

Alternatively, something that implies fast/easy cash or as a last resort, a reward with a details url with html5 geolocation code.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: