Dear Lifehacker, I always take my thumb drive wherever I go. I’m also a bit absentminded. I want to guarantee my thumb drive gets returned to me if I ever lose it. My idea is to have malware hidden on the drive in a specific folder labelled ‘porn101’ or ‘myprivatefiles’. If the person opens that file, it will automatically encrypt their computer and ask them to email me to get the unlock code. (I will give it to them once they return the thumb drive to me, of course.)
Which brings me to my question – is this legal? It’s not like I’m demanding money or anything. I just want my property back! Thanks, Professor Moriarty
That’s an, uh, interesting contingency plan you have there. We’ll need to remember that one for our next Evil Week.
Under Australian larceny laws, members of the public are legally obligated to take reasonable measures to reunite lost property with its owner. The whole “finder’s keepers” thing is actually a myth – especially when it comes to items of value.
However, this doesn’t give you the right to take the law into your own hands with booby-trapped hardware. (This reminds me of a guy I knew in high school who used to leave a bottle of bourbon laced with rat poison in his glove box in case his car got stolen. He’s in jail now.)
In short, you can’t purposely infect a stranger’s computer and hold it to ransom just because you were silly enough to misplace your thumb drive. This would fall under fraud and/or extortion in the eyes of the law and make you no different to other so-called “cybercriminals”.
For example, under the NSW Crimes Act, SECT 249K it is illegal to threaten to damage property if a certain demand is not met. Threatening to brick a laptop unless your thumb drive is returned would definitely fall into this category.
Instead of employing the stick, we suggest using the carrot. Place a sticker on the drive promising a reward for its return at a denomination of your choosing. Also, try to have a little more faith in humanity, eh?
Got your own question you want to put to Lifehacker? Send it using our [contact text=”contact form”].