[ale] lojack for laptops?

Jeff Lightner jlightner at water.com
Tue Jun 16 14:02:48 EDT 2009


Since they're already keeping tabs on you with your wireless phone you have no reason worry about this.

-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Jim Kinney
Sent: Tuesday, June 16, 2009 1:00 PM
To: mhw at wittsend.com; Atlanta Linux Enthusiasts - Yes! We run Linux!
Subject: Re: [ale] lojack for laptops?

All tools have both benign and nefarious uses and that one just scared
the bejeezus out me. Imagine a scenario where a particular laptop is
targeted, remotely activated over a wake-on-lan wireless NIC which
then is used to modify the bios to phone home on boot and report GPS
coordinates, upload keystroke logger, etc.

The potential for large-scale abuse it staggering. Maybe I _should_
keep some of my old hardware that required a physical _wire_ for WoL
to work.

Hmm. I recall seeing a similar remote capability in a thinkpad T20
bios. At that time, it required a mini-pci card to activate but once
activated, it could not be deactivated with out destroying the
computer.

where's my tin-foil beanie cap!

On Tue, Jun 16, 2009 at 12:42 PM, Michael H. Warfield<mhw at wittsend.com> wrote:
> $$!#@$@#!#!@
>
> That was not suppose to get sent yet...  Fat fingers...
>
> On Tue, 2009-06-16 at 12:35 -0400, Michael H. Warfield wrote:
>> On Mon, 2009-06-15 at 18:34 -0400, Bob Toxen wrote:
>> > On Mon, Jun 15, 2009 at 02:52:24PM -0500, Preston Boyington wrote:
>> > > Geoffrey wrote:
>> > > > Anyone use any software like this?  I'm considering it for my daughter's
>> > > > macbook as she heads off to Tech in the fall.
>> > > >
>> > > > Suggestions, recommendations?
>> > > >
>> > > > Anyone know of anything like this for Linux??
>> > > >
>>
>> > > I would love a hardware solution.  That way the thief wouldn't need to
>> > > power on the unit for the locator to work.
>> > Uh, is that like the Pointy Hair Boss saying that he wanted the unit
>> > to have a light that comes on when the battery is dead?  Yes there was
>> > Dilbert about this.  Sorry I couldn't resist.
>>
>> > Seriously, this would be a device physically attached to this but not
>> > electrically connected -- since all such PCMCIA cards and such don't
>> > have power unless the laptop is running.  Hence, it's not really laptop
>> > related as you could just as easily attach it to your pen (if it were
>> > small enough).
>>
>>       Actually, that's not totally true.  PCI includes a backup power buss (B
>> Bus or something like that, I don't recall the exact nominclature) for
>> things like "wake on lan".  If you didn't have that, wake-on-lan
>> wouldn't work.  Certain very low level functions and powered and
>> operational even if you only have power to the device and don't have it
>> powered up.
>
>        Wake-on-lan info:
>
>        http://en.wikipedia.org/wiki/Wake-on-LAN
>
>>       The really scary extension to that is the Intel ATM  / vPro technology.
>
>>       http://en.wikipedia.org/wiki/Intel_Active_Management_Technology
>
>> "Almost all AMT features are available even if PC power is off, the OS
>> is crashed, the software agent is missing, or hardware (such as a hard
>> drive or memory) has failed."
>
>> Intel AMT supports these management tasks:
>>
>>       * Remotely power up, power down, power cycle, and power reset the
>>         computer.[1]
>>       * Remote boot the PC by remotely redirecting the PC's boot
>>         process, causing it to boot from a different image, such as a
>>         network share, bootable CD-ROM or DVD, remediation drive, or
>>         other boot device.[1][7] This feature supports remote booting a
>>         PC that has a corrupted or missing OS.
>>       * Remotely redirect the system's I/O via console redirection
>>         through serial over LAN (SOL).[1] This feature supports remote
>>         troubleshooting, remote repair, software upgrades, and similar
>>         processes.
>>       * Access and change BIOS settings remotely.[1] This feature is
>>         available even if PC power is off, the OS is down, or hardware
>>         has failed. This feature is designed to allow remote updates and
>>         corrections of configuration settings. This feature supports
>>         full BIOS updates, not just changes to specific settings.
>
>        There are other potential uses for the ATM technology and, if you can
> load certitificates and other software up there, there's quite a few
> possiblities.  But it is intended to be tightly restricted.  You can't
> update it from the normal running OS.  But it is intended for remote
> management, EVEN WHEN THE MACHINE IS INITIALLY turned off.  A "lojack"
> functionality has been discussed in some forums.  I'm not aware of any
> product that actually takes advantage of it for those purposes and I'm
> not sure how widely deployed it is (like the accelerometers on our
> laptops, Bob, or VT/SVM capabilities for virtualization).
>
>> > > Early possibilities for this seem to be a company called S5 Wireless
>> > > (http://www.s5w.com/):
>> > >
>> > > http://www.gadgetvenue.com/s5-gps-like-tracking-device-is-tiny-12174830/
>> >
>> > Bob Toxen
>> > bob at verysecurelinux.com               [Please use for email to me]
>> > http://www.verysecurelinux.com        [Network&Linux security consulting]
>> > http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
>> > Quality spam and virus filters.
>> > Quality Linux & UNIX security and SysAdmin & software consulting since 1990.
>
>        Mike
> --
> Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
>   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
>   NIC whois: MHW9          | An optimist believes we live in the best of all
>  PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of it!
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
>



-- 
-- 
James P. Kinney III
Actively in pursuit of Life, Liberty and Happiness

_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
 
Please consider our environment before printing this e-mail or attachments.
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------



More information about the Ale mailing list