[ale] lojack for laptops?

Jim Kinney jim.kinney at gmail.com
Tue Jun 16 14:13:19 EDT 2009 

I have a Treo 650 on Verizon. Wouldn't they have to have a _working_ network
to actually track me?

I swear Verizon runs their backbone on NT4 (based on the "No Network" notice
and my memory of NT4 reboot cycles).

On Tue, Jun 16, 2009 at 2:02 PM, Jeff Lightner <jlightner at water.com> wrote:

> Since they're already keeping tabs on you with your wireless phone you have
> no reason worry about this.
>
> -----Original Message-----
> From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Jim
> Kinney
> Sent: Tuesday, June 16, 2009 1:00 PM
> To: mhw at wittsend.com; Atlanta Linux Enthusiasts - Yes! We run Linux!
> Subject: Re: [ale] lojack for laptops?
>
> All tools have both benign and nefarious uses and that one just scared
> the bejeezus out me. Imagine a scenario where a particular laptop is
> targeted, remotely activated over a wake-on-lan wireless NIC which
> then is used to modify the bios to phone home on boot and report GPS
> coordinates, upload keystroke logger, etc.
>
> The potential for large-scale abuse it staggering. Maybe I _should_
> keep some of my old hardware that required a physical _wire_ for WoL
> to work.
>
> Hmm. I recall seeing a similar remote capability in a thinkpad T20
> bios. At that time, it required a mini-pci card to activate but once
> activated, it could not be deactivated with out destroying the
> computer.
>
> where's my tin-foil beanie cap!
>
> On Tue, Jun 16, 2009 at 12:42 PM, Michael H. Warfield<mhw at wittsend.com>
> wrote:
> > $$!#@$@#!#!@
> >
> > That was not suppose to get sent yet...  Fat fingers...
> >
> > On Tue, 2009-06-16 at 12:35 -0400, Michael H. Warfield wrote:
> >> On Mon, 2009-06-15 at 18:34 -0400, Bob Toxen wrote:
> >> > On Mon, Jun 15, 2009 at 02:52:24PM -0500, Preston Boyington wrote:
> >> > > Geoffrey wrote:
> >> > > > Anyone use any software like this?  I'm considering it for my
> daughter's
> >> > > > macbook as she heads off to Tech in the fall.
> >> > > >
> >> > > > Suggestions, recommendations?
> >> > > >
> >> > > > Anyone know of anything like this for Linux??
> >> > > >
> >>
> >> > > I would love a hardware solution.  That way the thief wouldn't need
> to
> >> > > power on the unit for the locator to work.
> >> > Uh, is that like the Pointy Hair Boss saying that he wanted the unit
> >> > to have a light that comes on when the battery is dead?  Yes there was
> >> > Dilbert about this.  Sorry I couldn't resist.
> >>
> >> > Seriously, this would be a device physically attached to this but not
> >> > electrically connected -- since all such PCMCIA cards and such don't
> >> > have power unless the laptop is running.  Hence, it's not really
> laptop
> >> > related as you could just as easily attach it to your pen (if it were
> >> > small enough).
> >>
> >>       Actually, that's not totally true.  PCI includes a backup power
> buss (B
> >> Bus or something like that, I don't recall the exact nominclature) for
> >> things like "wake on lan".  If you didn't have that, wake-on-lan
> >> wouldn't work.  Certain very low level functions and powered and
> >> operational even if you only have power to the device and don't have it
> >> powered up.
> >
> >        Wake-on-lan info:
> >
> >        http://en.wikipedia.org/wiki/Wake-on-LAN
> >
> >>       The really scary extension to that is the Intel ATM  / vPro
> technology.
> >
> >>       http://en.wikipedia.org/wiki/Intel_Active_Management_Technology
> >
> >> "Almost all AMT features are available even if PC power is off, the OS
> >> is crashed, the software agent is missing, or hardware (such as a hard
> >> drive or memory) has failed."
> >
> >> Intel AMT supports these management tasks:
> >>
> >>       * Remotely power up, power down, power cycle, and power reset the
> >>         computer.[1]
> >>       * Remote boot the PC by remotely redirecting the PC's boot
> >>         process, causing it to boot from a different image, such as a
> >>         network share, bootable CD-ROM or DVD, remediation drive, or
> >>         other boot device.[1][7] This feature supports remote booting a
> >>         PC that has a corrupted or missing OS.
> >>       * Remotely redirect the system's I/O via console redirection
> >>         through serial over LAN (SOL).[1] This feature supports remote
> >>         troubleshooting, remote repair, software upgrades, and similar
> >>         processes.
> >>       * Access and change BIOS settings remotely.[1] This feature is
> >>         available even if PC power is off, the OS is down, or hardware
> >>         has failed. This feature is designed to allow remote updates and
> >>         corrections of configuration settings. This feature supports
> >>         full BIOS updates, not just changes to specific settings.
> >
> >        There are other potential uses for the ATM technology and, if you
> can
> > load certitificates and other software up there, there's quite a few
> > possiblities.  But it is intended to be tightly restricted.  You can't
> > update it from the normal running OS.  But it is intended for remote
> > management, EVEN WHEN THE MACHINE IS INITIALLY turned off.  A "lojack"
> > functionality has been discussed in some forums.  I'm not aware of any
> > product that actually takes advantage of it for those purposes and I'm
> > not sure how widely deployed it is (like the accelerometers on our
> > laptops, Bob, or VT/SVM capabilities for virtualization).
> >
> >> > > Early possibilities for this seem to be a company called S5 Wireless
> >> > > (http://www.s5w.com/):
> >> > >
> >> > >
> http://www.gadgetvenue.com/s5-gps-like-tracking-device-is-tiny-12174830/
> >> >
> >> > Bob Toxen
> >> > bob at verysecurelinux.com               [Please use for email to me]
> >> > http://www.verysecurelinux.com        [Network&Linux security
> consulting]
> >> > http://www.realworldlinuxsecurity.com [My book:"Real World Linux
> Security 2/e"]
> >> > Quality spam and virus filters.
> >> > Quality Linux & UNIX security and SysAdmin & software consulting since
> 1990.
> >
> >        Mike
> > --
> > Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
> >   /\/\|=mhw=|\/\/          | (678) 463-0932 |
> http://www.wittsend.com/mhw/
> >   NIC whois: MHW9          | An optimist believes we live in the best of
> all
> >  PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of
> it!
> >
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> >
> >
>
>
>
> --
> --
> James P. Kinney III
> Actively in pursuit of Life, Liberty and Happiness
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
> Please consider our environment before printing this e-mail or attachments.
> ----------------------------------
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential
> information and is for the sole use of the intended recipient(s). If you are
> not the intended recipient, any disclosure, copying, distribution, or use of
> the contents of this information is prohibited and may be unlawful. If you
> have received this electronic transmission in error, please reply
> immediately to the sender that you have received the message in error, and
> delete it. Thank you.
> ----------------------------------
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>



-- 
-- 
James P. Kinney III
Actively in pursuit of Life, Liberty and Happiness
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20090616/ead58d51/attachment-0001.html

More information about the Ale mailing list