Thinkpads Forum

What can i do if somebody stolen my thinkpad? as i know IBM can track the ip address of the computer if the guy get it on internet? Do i have to register hte product first for doing this?

You would need to purchase the Computrace program and install it on your computer.

One thing that will happen is that IBM will void the warranty immediately upon verifying that you have reported it stolen to law enforcement. This is done through the National Registry of Stolen Goods. Your local law enforcement reports it there and it's registered via serial number(s). IBM can also supply all the bar code numbers off all the coded components so that even if it's pieced out it could still be traced should a part come in for warranty work.

How do I know this? Well lucky me just bought a stolen computer off eBay that's how! They guy was taking a long time to send me a part that was to be sent to him via IBM Support, and when I called IBM myself stating I was the new owner and asking if they could deal directly with me I was told the warranty was VOIDED. Then IBM entitlement called me to tell me it was stolen and I've been dealing with dozens of calls and reports and whatever else for the past 3 days. Now law enforcement has the computer and I wait for my credit card company to pay me back. I know you are all asking how did I not know? Well, the day I bought it I contacted IBM and the warranty checked out fine. The original owner never registered the laptop so IBM didn't have a name to confirm. When the warranty was voided it was done retroactive to the date it was stolen. That was 12 days before I bought it so the process is a bit slow on the discovery end. They seller had several sales and 100% feedback.

So, REGISTER YOUR LAPTOP AS SOON AS YOU BECOME THE LEGAL OWNER. If the owner would have done that, when I called to confirm warranty and ownership they could have flagged it right then and I would not have bought it. Law enforcement could have checked it out right away, and if it was indeed stolen they could have recovered the laptop AND the bad guy. Now, since the bad guy used different names and phone numbers with eBay and PayPal he's harder to find. How eBay and PayPal can be owned by the same company and NOT share information that is vital to the safety of buyers and sellers is beyond me. Basically, I don't think they care. I actually have some great ideas for class-action against eBay/PayPal should there be an attorney here that would like to listen.

Yak

p.s. This might not be the right forum for this to be posted but I guess the more people who see it the better (and I'm no administrator!).

Oh, one more thing. If you think going to the link privided in the FAQ here to check the warranty is good enough, you are a fool! Going here [ http://www-307.ibm.com/pc/support/site. ... arranty.vm ] is an EXTERNAL IBM site and isn't updated anything close to real-time per IBM. They have an INTERNAL warranty site that we can't get to and that is the official determiner of warranty. That's why you MUST call them to get the truth on warranty remaining. Again, this is what I was told by several people at IBM this week so use the link at your own risk. It might be correct, but them again I'm not willing to take the chance on a $1-2000 purchase that the external link isn't quite the same. If the external site results don't match the internal site results you lose!

Yak

what is Computrace program? I thought IBM Embedded Security Subsystem 2.0 can track the ip address, can't it?

brainpicker wrote:Oh, one more thing. If you think going to the link privided in the FAQ here to check the warranty is good enough, you are a fool!

I hate to nitpick, but how exactly would this make you a "fool?" Are we all supposed to know that the information provided from this is not updated?

Kenn wrote:I hate to nitpick, but how exactly would this make you a "fool?" Are we all supposed to know that the information provided from this is not updated?

The information IS updated. Eventually. It would be foolish to assume that one could go by the results obtained at that link as the TRUE state of warranty at that moment. My feeling is that this link is meant as a quick check for an owner of a Thinkpad, or maybe to verify information provided by and authorized dealer, and NOT for individuals trying to verify warranty on a laptop they hope to obtain from an unknown source. That in my opinion would be foolish. Heck, I actually CALLED IBM to check on warranty and was told it was valid TEN DAYS AFTER the laptop was stolen! So if their own internal information source takes that long to supply them with up-to-date information, how long would you expect a non-priority external site to be updated?

So in my opinion I feel #7 in the FAQ should be update to: "I would like to check my IBM warranty status but I'm not at that computer", and/or "I am interested in purchasing a computer from a known/trusted/authorized source and would like a quick way to verify its warranty without having to call IBM. I understand this information is not official, but I trust the source of the laptop and I'm willing to assume any risks that the website information is not the most current available". Yeah that's a bit long-winded, but it's more to the truth.

I believe the FAQ was put together to assist buyers with purchases from known or authorized sources and was never intended for eBay-type purchases. It is a wonderful guide if one keeps that in mind. But, since that's not how it's being used much of the time some aspects might, from time to time, need to be updated to reflect common use. I'm only warning those, who like I did, make purchases from sources that have not earned their trust.

Don't shoot the messenger.

Yak

brainpicker wrote:I believe the FAQ was put together to assist buyers with purchases from known or authorized sources and was never intended for eBay-type purchases.

What became the FAQ here was put together elsewhere to minimize the constant stream of requests for links to information on IBM's nomadic web pages. There was no other intention to assist anyone to do anything.

As a general rule if you're buying computer hardware with manufacturer warranty left, get the serial # and call yourself first hand BEFORE purchasing. Duh :p

Also DO use IBM's Personalization Editor. It allows you to put a graphic and message into the flash memory in your ThinkPad.

Then add a power-on and/or supervisor password.

Every time the machine is turned on, this message gets presented. (Mine has my work phone and address.) So it makes it very easy for some nice person who might find your laptop to return it to you. That's if you leave it somewhere, of course.

If it's stolen, it might make the bad guy realize that the machine might be hard to sell, and he might return it... or might not, but at least he knows how.

www.yellowtag.com lets people return items without even turning them on.

whizkid wrote:Also DO use IBM's Personalization Editor. .

Where is this tool? I've never heard or seen it.

Well, it looks like it only is available separately for numbered series, and not the lettered series.

There's a note that it is included in the Configuration Utility for later versions, but I cannot confirm that with a quick browse of IBM's support site.

I would start with a look in your online user's guide.

Would any experts with a newer machine care to chime in on how to accomplish this on newer 'Pads?

brainpicker wrote: Don't shoot the messenger.
Yak

Well, I understand how frustrated you must feel after going through such an ordeal, but I feel it would be more helpful to offer the information without editorializing in such broad strokes on what people should or should not know.

After all, what is the point of warning people not to rely on the IBM web check, when by your own words, everyone already knows, because only a FOOL would rely on it in the first place??

I guess this is just a friendly reminder to be mindful of how the tone of your message can come across over the internet!

A few thoughts on this. A lot of companies are addressing this as we speak since laptops often contain private and/or confidential information. Here are some best practices:

1. Obtain a laptop locking device to prevent people posing as employees from picking up your laptop and walking away with it.
2. Airports, hotels, conferences, and cars are the number 1 place that laptops are stolen from. Always lock your laptop in your trunk, keep it with you, or lock it with a cable lock.
3. Use a whole hard drive encryptor like PointSec or PGP Disk.
4. Use a laptop recovery software program like CompuTrace.

Pointsec is the market leader in whole hard drive encryption - it can use a USB memory key to store the keys for the laptop. No usb key = no access to the disk. It also has an active directory version as well

Computrace is a stealth program installed on the hard drive that occasionally phones home. It has two main functions, but I'm only interested in one. It can perform management of laptops and who's using them. In this manner it tracks inventory without user interaction. The second purpose it can serve is to locate stolen laptops. It does this by occasionally phoning a management center which tracks it's IP. It can use both dial up and Ethernet/wireless. Apparently it's installed via floppy or CDROM. Some initial pricing looked like about $47 / user.

Once a laptop is stolen the user would first call the police and file a police report, the theft would then be reported to Computrace. Computrace would put the laptop is "recovery mode" in which the stealth program would start calling home on every boot and change of IP. Computrace then works with the Police to obtain search warrants and actually recover the laptop. Computrace says that most laptops are recovered intact since the laptop is worth more with the software or data on it.

Computrace also claims that their software survives a high level format - but not a low level format. Which is interesting since other recovery companies also make this claim. Computrace also has a $1000 payout per laptop if the laptop isn't recovered.

One other thought was to partially encrypt the hard drive and not the trace program - which would provide both security and tracability at the expense of partially exposing the hard drive.

You may not recover the laptop all the time - but identity theives should not be able to break the encryption of the hard drive - if you use both the computrace and pointsec software it would break down like this:

Case 1: Laptop stolen containing confidential information - encryption not broken.

1. An identity thief steals a laptop from a user in an airport or hotel.
2. The user phones the police, then calls computrace, and the trace and recover process is started.
3. The laptop's hard drive is previously encrypted.
4. The thief then low-level formats the hard drive or removes the hard drive and replaces it with a new one.
5. The data is unusable.
6. The laptop may or many not be recovered.

Case 2: Laptop stolen containing confidential information - encryption successfully broken.

1. An identity thief steals a laptop from a user in an airport or hotel.
2. The user phones the police, then calls computrace, and the trace and recover process is started.
3. The laptop's hard drive is previously encrypted.
4. The thief breaks the encryption and boots the hard drive.
5. The software phones home and switches to recover mode.
6. The user may have access to the Data
7. The police arrest the thief and recover the laptop.