I have a Treo 650 on Verizon. Wouldn't they have to have a _working_ network to actually track me?<br><br>I swear Verizon runs their backbone on NT4 (based on the "No Network" notice and my memory of NT4 reboot cycles).<br>
<br><div class="gmail_quote">On Tue, Jun 16, 2009 at 2:02 PM, Jeff Lightner <span dir="ltr"><<a href="mailto:jlightner@water.com">jlightner@water.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Since they're already keeping tabs on you with your wireless phone you have no reason worry about this.<br>
<div class="im"><br>
-----Original Message-----<br>
From: <a href="mailto:ale-bounces@ale.org">ale-bounces@ale.org</a> [mailto:<a href="mailto:ale-bounces@ale.org">ale-bounces@ale.org</a>] On Behalf Of Jim Kinney<br>
</div><div class="im">Sent: Tuesday, June 16, 2009 1:00 PM<br>
To: <a href="mailto:mhw@wittsend.com">mhw@wittsend.com</a>; Atlanta Linux Enthusiasts - Yes! We run Linux!<br>
Subject: Re: [ale] lojack for laptops?<br>
<br>
</div><div><div></div><div class="h5">All tools have both benign and nefarious uses and that one just scared<br>
the bejeezus out me. Imagine a scenario where a particular laptop is<br>
targeted, remotely activated over a wake-on-lan wireless NIC which<br>
then is used to modify the bios to phone home on boot and report GPS<br>
coordinates, upload keystroke logger, etc.<br>
<br>
The potential for large-scale abuse it staggering. Maybe I _should_<br>
keep some of my old hardware that required a physical _wire_ for WoL<br>
to work.<br>
<br>
Hmm. I recall seeing a similar remote capability in a thinkpad T20<br>
bios. At that time, it required a mini-pci card to activate but once<br>
activated, it could not be deactivated with out destroying the<br>
computer.<br>
<br>
where's my tin-foil beanie cap!<br>
<br>
On Tue, Jun 16, 2009 at 12:42 PM, Michael H. Warfield<<a href="mailto:mhw@wittsend.com">mhw@wittsend.com</a>> wrote:<br>
> $$!#@$@#!#!@<br>
><br>
> That was not suppose to get sent yet... Fat fingers...<br>
><br>
> On Tue, 2009-06-16 at 12:35 -0400, Michael H. Warfield wrote:<br>
>> On Mon, 2009-06-15 at 18:34 -0400, Bob Toxen wrote:<br>
>> > On Mon, Jun 15, 2009 at 02:52:24PM -0500, Preston Boyington wrote:<br>
>> > > Geoffrey wrote:<br>
>> > > > Anyone use any software like this? I'm considering it for my daughter's<br>
>> > > > macbook as she heads off to Tech in the fall.<br>
>> > > ><br>
>> > > > Suggestions, recommendations?<br>
>> > > ><br>
>> > > > Anyone know of anything like this for Linux??<br>
>> > > ><br>
>><br>
>> > > I would love a hardware solution. That way the thief wouldn't need to<br>
>> > > power on the unit for the locator to work.<br>
>> > Uh, is that like the Pointy Hair Boss saying that he wanted the unit<br>
>> > to have a light that comes on when the battery is dead? Yes there was<br>
>> > Dilbert about this. Sorry I couldn't resist.<br>
>><br>
>> > Seriously, this would be a device physically attached to this but not<br>
>> > electrically connected -- since all such PCMCIA cards and such don't<br>
>> > have power unless the laptop is running. Hence, it's not really laptop<br>
>> > related as you could just as easily attach it to your pen (if it were<br>
>> > small enough).<br>
>><br>
>> Actually, that's not totally true. PCI includes a backup power buss (B<br>
>> Bus or something like that, I don't recall the exact nominclature) for<br>
>> things like "wake on lan". If you didn't have that, wake-on-lan<br>
>> wouldn't work. Certain very low level functions and powered and<br>
>> operational even if you only have power to the device and don't have it<br>
>> powered up.<br>
><br>
> Wake-on-lan info:<br>
><br>
> <a href="http://en.wikipedia.org/wiki/Wake-on-LAN" target="_blank">http://en.wikipedia.org/wiki/Wake-on-LAN</a><br>
><br>
>> The really scary extension to that is the Intel ATM / vPro technology.<br>
><br>
>> <a href="http://en.wikipedia.org/wiki/Intel_Active_Management_Technology" target="_blank">http://en.wikipedia.org/wiki/Intel_Active_Management_Technology</a><br>
><br>
>> "Almost all AMT features are available even if PC power is off, the OS<br>
>> is crashed, the software agent is missing, or hardware (such as a hard<br>
>> drive or memory) has failed."<br>
><br>
>> Intel AMT supports these management tasks:<br>
>><br>
>> * Remotely power up, power down, power cycle, and power reset the<br>
>> computer.[1]<br>
>> * Remote boot the PC by remotely redirecting the PC's boot<br>
>> process, causing it to boot from a different image, such as a<br>
>> network share, bootable CD-ROM or DVD, remediation drive, or<br>
>> other boot device.[1][7] This feature supports remote booting a<br>
>> PC that has a corrupted or missing OS.<br>
>> * Remotely redirect the system's I/O via console redirection<br>
>> through serial over LAN (SOL).[1] This feature supports remote<br>
>> troubleshooting, remote repair, software upgrades, and similar<br>
>> processes.<br>
>> * Access and change BIOS settings remotely.[1] This feature is<br>
>> available even if PC power is off, the OS is down, or hardware<br>
>> has failed. This feature is designed to allow remote updates and<br>
>> corrections of configuration settings. This feature supports<br>
>> full BIOS updates, not just changes to specific settings.<br>
><br>
> There are other potential uses for the ATM technology and, if you can<br>
> load certitificates and other software up there, there's quite a few<br>
> possiblities. But it is intended to be tightly restricted. You can't<br>
> update it from the normal running OS. But it is intended for remote<br>
> management, EVEN WHEN THE MACHINE IS INITIALLY turned off. A "lojack"<br>
> functionality has been discussed in some forums. I'm not aware of any<br>
> product that actually takes advantage of it for those purposes and I'm<br>
> not sure how widely deployed it is (like the accelerometers on our<br>
> laptops, Bob, or VT/SVM capabilities for virtualization).<br>
><br>
>> > > Early possibilities for this seem to be a company called S5 Wireless<br>
>> > > (<a href="http://www.s5w.com/" target="_blank">http://www.s5w.com/</a>):<br>
>> > ><br>
>> > > <a href="http://www.gadgetvenue.com/s5-gps-like-tracking-device-is-tiny-12174830/" target="_blank">http://www.gadgetvenue.com/s5-gps-like-tracking-device-is-tiny-12174830/</a><br>
>> ><br>
>> > Bob Toxen<br>
>> > <a href="mailto:bob@verysecurelinux.com">bob@verysecurelinux.com</a> [Please use for email to me]<br>
>> > <a href="http://www.verysecurelinux.com" target="_blank">http://www.verysecurelinux.com</a> [Network&Linux security consulting]<br>
>> > <a href="http://www.realworldlinuxsecurity.com" target="_blank">http://www.realworldlinuxsecurity.com</a> [My book:"Real World Linux Security 2/e"]<br>
>> > Quality spam and virus filters.<br>
>> > Quality Linux & UNIX security and SysAdmin & software consulting since 1990.<br>
><br>
> Mike<br>
> --<br>
> Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw@WittsEnd.com<br>
> /\/\|=mhw=|\/\/ | (678) 463-0932 | <a href="http://www.wittsend.com/mhw/" target="_blank">http://www.wittsend.com/mhw/</a><br>
> NIC whois: MHW9 | An optimist believes we live in the best of all<br>
> PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!<br>
><br>
><br>
> _______________________________________________<br>
> Ale mailing list<br>
> <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
> <a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
><br>
><br>
<br>
<br>
<br>
--<br>
--<br>
James P. Kinney III<br>
Actively in pursuit of Life, Liberty and Happiness<br>
<br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
<br>
</div></div><div class="im">Please consider our environment before printing this e-mail or attachments.<br>
----------------------------------<br>
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.<br>
----------------------------------<br>
<br>
_______________________________________________<br>
</div><div><div></div><div class="h5">Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>-- <br>James P. Kinney III<br>Actively in pursuit of Life, Liberty and Happiness <br><br>