Steal an Xbox 360, don't forget to disable the auto sign-in feature before going online. That's the lesson high-tech crooks are probably gleaning from today's New York Post brief about a thief, 22-year-old Jeremy Gilliam, apprehended after logging into Xbox LIVE with his victim's online game ID.
Xbox LIVE requires a unique identifier known as a Gamertag, similar to an instant messaging id. The owner of the stolen Xbox 360 noticed his Gamertag was logged in without his permission, then told his parents, who contacted police. Detectives on the case would have worked with Microsoft to get the stolen Xbox 360's IP address, then followed the digital trail back through the ISP used at the time. That led them to Gilliam's grandmother's house, where they discovered a trove of pilfered games, laptops, and satnavs reportedly accumulated from hundreds of vehicle break-ins and multiple home burglaries.
Gilliam was already in the investigatory hotseat for stealing over a dozen unlocked cars, and according to the Post, he's now been charged with grand larceny.
It's not clear whether he logged in manually or automatically, or for how long the incriminating Gamertag was active. An internet connection with an Ethernet cable or Microsoft's wireless USB dongle is required to access Xbox LIVE, so it's a safe bet he was online intentionally.
Gamertags aren't the only way Microsoft can trace Xbox 360s. Each system has a unique identifier that's passed to Microsoft when you sign into Xbox LIVE. It's that identifier that allows Microsoft to give some of us in the press access to features ahead of the general public. Logic dictates Microsoft can match IP addresses to identifiers, thereby allowing someone whose Xbox 360 was stolen to trace it, if Microsoft's aware of the theft, should someone log into Xbox LIVE — with or without an incriminating Gamertag.
I'm pretty sure Microsoft doesn't support system ID tracking at this time, and for that matter, most people probably don't write down their system's serial number. But if they did, speaking hypothetically, Microsoft could trace stolen systems on that basis alone (the complex logistics of working with irate customers and the police and internet service providers notwithstanding, of course).
One of my friends using an Xbox 360 I'd given him had it stolen out from under his nose. He was just outside his apartment when it happened and heard the thieves through the ground floor window but didn't make it inside quick enough to see or stop them. Afterward, I helped him download his Gamertag to a new system — to date, several years on, no one's popped up on his login radar, meaning the ID's almost certainly been wiped and replaced with another. Had we recorded the serial number, and were Microsoft to offer a tracking service, however, it's likely we'd probably have found it by now.