Detection of Computer Crime

Computers aren't traced by the hard drive, so they wouldn't be able to track that. If someone wanted to track your computer they'd use the I.P (internet protocol) adress, unique to every computer. Wikpedia does it to see who vandalises posts.
http://en.wikipedia.org/wiki/IP_address

Hope this helps

It doesn't exactly HELP, because I now need to figure out how to set something up in a different way, but I appreciate your response and the link. Thanks.

Hello,

Let's see if I can help here.

See, the problem is that hard drives, themselves, do not send messages. They are simply storage mediums. A computer sends messages via a router/modem to the service provider. And to say that an IP address is "exclusive to each computer" is not quite accurate. Depending on how you have your network set up, each computer can have either a static IP (stays the same) or a Dynamic IP (a new one is generated every time you log in). However, the network address portion of the IP address should stay the same.

However, moving a hard drive from one node to another on a network would not be visible, normally.

There may be other ways to accomplish what you are talking about. In 1999, Intel planned to begin putting a unique identifier code on every Pentium III chip it made, that would be transmitted with every communication performed by the chip. The idea was to thward computer pirates. However, there was a huger outcry from privacy advocates, and the idea was dropped. However, there are rumors that after September 11, the US government pressured Intel to put the identifier back into the manufacturing process, and not tell anyone.

If, in your fictional world, this did occur, then this could be used to track a moved computer. However this code would be coming from the motherboard, not the hard drive.

Here's an idea: if the hard drive, before the "incident," was infected with a fairly unique virus that caused the computer to emit very specific messages, then any computer this hard drive was subsequently plugged into would also begin emitting these messages. The police could scour the internet for these unique messages, trace them back to a specific IP address, and that way identify the network where the hard drive was plugged in to.

The replies so far all assume that by "hard drive" you literally mean hard drive, so I'm going to ask for the clarification that may or may not solve the problem: When you say someone removed her hard drive from her office, do you mean that they opened up her computer case, and unplugged and removed a sandwich-sized device that looks sort of like this? Or did they run off with the entire case and everything in it?

If the latter, I imagine something or other might be traceable to a MAC address. Someone who knows more about how MAC addresses are built up and how they are used might be able to elaborate. If the former situation is necessary, then I guess the virus idea or something like it (some software or other on the hard drive doing something or other relatively unique that can be traced) is the best bet. You'd have to be creative.

IP addresses, just to make sure this gets through clearly, really don't have anything to do with a particular physical computer. You could trace it to a particular location, sure, with varying degrees of accuracy, but you can't tell from an IP address alone anything about the computer or network currently using it.

IP addresses probably aren't the way to go. The most you can do is trace that IP address back to an ISP. The ISP may keep records of which IP addresses were assigned to which MAC addresses at which times; it may or may not have deleted them after some time; it may or may not hand those records over without a fight. But even marginally smart crackers know enough to put several hops between himself and his victim. More than likely the computer that appeared to launch the attack wasn't the cracker's own computer but one he'd taken over for just this purpose.

MAC addresses are globally unique (i.e. every network card ever sold has a different one), but they can be spoofed (i.e. it's possible to get a computer to lie about its MAC address.)

What may come in handy for you is not MAC or IP addresses but a digital signature. You may wish to read up a bit on asymmetric cryptography, but in a nutshell: your protagonist keeps her private key on her computer, protected only by a very weak passphrase (naughty, naughty). Computer gets stolen; passphrase gets guessed; now the attacker can create messages that appear to come from her. "Appear to come from her" is too weak a term--they provably came from her.

A few years ago some academics devised a way that a specific computer processor (CPU) could be tracked across the Internet. From what I remember, the theory is that no two processors have the exact same clock speed and that these millisecond differences make each processors unique. Somehow using the timestamps the computers write into IP packets it would be possible to identify the origin of the computer. I don't remember much more than that or even if the theory was every really backed by empirical data.

Nightsky is absolutely correct about IP addresses and MAC addresses being unreliable. Tor software (http://tor.eff.org), for instance, is widely available and allows individuals to bounce their Internet connections through a series of other computers for anonymity. It was originally developed by the Navy and is used by spies, embassy personnel, individuals in countries with strict censorship, and individuals who simply want to use the Internet anonymously. MAC addresses can be forged in Linux, as an example, with a 2-3 typed commands.

Oh, and there is "low-jack" software available for computers that will check in with a central server whenever the computer is turned on. The problem is that it only works if there is an Internet connection and if the thief didn't bother to wipe the hard drive before using the computer.

Umm...one of my characters has a conversation in a hacker chatroom but I have no idea what they talk about. Could someone give me a clue please?

So, I've set out to write a technological thriller that involves complex natural systems and artificial life simulators, both of which I know very little about, so could anyone point me to a source where someone who had basic coding knowledge would be able to research and not get lost in the uber complicated stuff just yet?