Your average thief is not going know anything about the OS, much less how a virtual private network works. And if it really comes down to that, just setup specific firewall rules.

Well first the user has to figure out how to reflash (I wonder if it's possible to lock people out of that.. would be worth investigating or making it hard enough that unless he/she is a Linux pro with the command line they couldn't do it). And secondly I think that you can still get stolen goods back with the help of the police (sucks for the guy who bought it though). So as long as you could provide the police (if they were helping) with GPS info and proof that it's in X location. But unlikely if it's being sold say out of state.