[ale] lojack for laptops?
Richard Bronosky
Richard at Bronosky.com
Tue Jun 16 14:35:59 EDT 2009
I think I recall Sony already doing that.
On Tue, Jun 16, 2009 at 2:28 PM, Jim Kinney<jim.kinney at gmail.com> wrote:
> RIAA/MPAA accuses your company of allowing illegal music/movie downloads and
> no warrant is needed...
>
> On Tue, Jun 16, 2009 at 2:13 PM, Bob Toxen <transam at verysecurelinux.com>
> wrote:
>>
>> It's gets better.
>>
>> M$ accuses your company of something bad. "Pay up or we'll shut down
>> ALL of your company's Winboz computers." Bye bye Fortune 500 company.
>>
>> A hacker could do the same. Blackmail possibilities are unlimited.
>>
>> Bob Toxen
>> bob at verysecurelinux.com [Please use for email to me]
>> http://www.verysecurelinux.com [Network&Linux security consulting]
>> http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security
>> 2/e"]
>> Quality spam and virus filters.
>> Quality Linux & UNIX security and SysAdmin & software consulting since
>> 1990.
>>
>> "One disk to rule them all, One disk to find them. One disk to bring
>> them all and in the darkness grind them. In the Land of Redmond where
>> the shadows lie...and the Eye is everwatching"
>> -- The Silicon Valley Tarot Henrique Holschuh with ... by Bob
>>
>> On Tue, Jun 16, 2009 at 01:00:01PM -0400, Jim Kinney wrote:
>> > All tools have both benign and nefarious uses and that one just scared
>> > the bejeezus out me. Imagine a scenario where a particular laptop is
>> > targeted, remotely activated over a wake-on-lan wireless NIC which
>> > then is used to modify the bios to phone home on boot and report GPS
>> > coordinates, upload keystroke logger, etc.
>> >
>> > The potential for large-scale abuse it staggering. Maybe I _should_
>> > keep some of my old hardware that required a physical _wire_ for WoL
>> > to work.
>> >
>> > Hmm. I recall seeing a similar remote capability in a thinkpad T20
>> > bios. At that time, it required a mini-pci card to activate but once
>> > activated, it could not be deactivated with out destroying the
>> > computer.
>> >
>> > where's my tin-foil beanie cap!
>> >
>> > On Tue, Jun 16, 2009 at 12:42 PM, Michael H. Warfield<mhw at wittsend.com>
>> > wrote:
>> > > $$!#@$@#!#!@
>> > >
>> > > That was not suppose to get sent yet... Fat fingers...
>> > >
>> > > On Tue, 2009-06-16 at 12:35 -0400, Michael H. Warfield wrote:
>> > >> On Mon, 2009-06-15 at 18:34 -0400, Bob Toxen wrote:
>> > >> > On Mon, Jun 15, 2009 at 02:52:24PM -0500, Preston Boyington wrote:
>> > >> > > Geoffrey wrote:
>> > >> > > > Anyone use any software like this? I'm considering it for my
>> > >> > > > daughter's
>> > >> > > > macbook as she heads off to Tech in the fall.
>> > >> > > >
>> > >> > > > Suggestions, recommendations?
>> > >> > > >
>> > >> > > > Anyone know of anything like this for Linux??
>> > >> > > >
>> > >>
>> > >> > > I would love a hardware solution. That way the thief wouldn't
>> > >> > > need to
>> > >> > > power on the unit for the locator to work.
>> > >> > Uh, is that like the Pointy Hair Boss saying that he wanted the
>> > >> > unit
>> > >> > to have a light that comes on when the battery is dead? Yes there
>> > >> > was
>> > >> > Dilbert about this. Sorry I couldn't resist.
>> > >>
>> > >> > Seriously, this would be a device physically attached to this but
>> > >> > not
>> > >> > electrically connected -- since all such PCMCIA cards and such
>> > >> > don't
>> > >> > have power unless the laptop is running. Hence, it's not really
>> > >> > laptop
>> > >> > related as you could just as easily attach it to your pen (if it
>> > >> > were
>> > >> > small enough).
>> > >>
>> > >> Actually, that's not totally true. PCI includes a backup power
>> > >> buss (B
>> > >> Bus or something like that, I don't recall the exact nominclature)
>> > >> for
>> > >> things like "wake on lan". If you didn't have that, wake-on-lan
>> > >> wouldn't work. Certain very low level functions and powered and
>> > >> operational even if you only have power to the device and don't have
>> > >> it
>> > >> powered up.
>> > >
>> > > Wake-on-lan info:
>> > >
>> > > http://en.wikipedia.org/wiki/Wake-on-LAN
>> > >
>> > >> The really scary extension to that is the Intel ATM / vPro
>> > >> technology.
>> > >
>> > >> http://en.wikipedia.org/wiki/Intel_Active_Management_Technology
>> > >
>> > >> "Almost all AMT features are available even if PC power is off, the
>> > >> OS
>> > >> is crashed, the software agent is missing, or hardware (such as a
>> > >> hard
>> > >> drive or memory) has failed."
>> > >
>> > >> Intel AMT supports these management tasks:
>> > >>
>> > >> * Remotely power up, power down, power cycle, and power reset
>> > >> the
>> > >> computer.[1]
>> > >> * Remote boot the PC by remotely redirecting the PC’s boot
>> > >> process, causing it to boot from a different image, such as a
>> > >> network share, bootable CD-ROM or DVD, remediation drive, or
>> > >> other boot device.[1][7] This feature supports remote booting
>> > >> a
>> > >> PC that has a corrupted or missing OS.
>> > >> * Remotely redirect the system’s I/O via console redirection
>> > >> through serial over LAN (SOL).[1] This feature supports
>> > >> remote
>> > >> troubleshooting, remote repair, software upgrades, and
>> > >> similar
>> > >> processes.
>> > >> * Access and change BIOS settings remotely.[1] This feature is
>> > >> available even if PC power is off, the OS is down, or
>> > >> hardware
>> > >> has failed. This feature is designed to allow remote updates
>> > >> and
>> > >> corrections of configuration settings. This feature supports
>> > >> full BIOS updates, not just changes to specific settings.
>> > >
>> > > There are other potential uses for the ATM technology and, if
>> > > you can
>> > > load certitificates and other software up there, there's quite a few
>> > > possiblities. But it is intended to be tightly restricted. You can't
>> > > update it from the normal running OS. But it is intended for remote
>> > > management, EVEN WHEN THE MACHINE IS INITIALLY turned off. A "lojack"
>> > > functionality has been discussed in some forums. I'm not aware of any
>> > > product that actually takes advantage of it for those purposes and I'm
>> > > not sure how widely deployed it is (like the accelerometers on our
>> > > laptops, Bob, or VT/SVM capabilities for virtualization).
>> > >
>> > >> > > Early possibilities for this seem to be a company called S5
>> > >> > > Wireless
>> > >> > > (http://www.s5w.com/):
>> > >> > >
>> > >> > >
>> > >> > > http://www.gadgetvenue.com/s5-gps-like-tracking-device-is-tiny-12174830/
>> > >> >
>> > >> > Bob Toxen
>> > >> > bob at verysecurelinux.com [Please use for email to me]
>> > >> > http://www.verysecurelinux.com [Network&Linux security
>> > >> > consulting]
>> > >> > http://www.realworldlinuxsecurity.com [My book:"Real World Linux
>> > >> > Security 2/e"]
>> > >> > Quality spam and virus filters.
>> > >> > Quality Linux & UNIX security and SysAdmin & software consulting
>> > >> > since 1990.
>> > >
>> > > Mike
>> > > --
>> > > Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
>> > > /\/\|=mhw=|\/\/ | (678) 463-0932 |
>> > > http://www.wittsend.com/mhw/
>> > > NIC whois: MHW9 | An optimist believes we live in the best
>> > > of all
>> > > PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of
>> > > it!
>> > >
>> > >
>> > > _______________________________________________
>> > > Ale mailing list
>> > > Ale at ale.org
>> > > http://mail.ale.org/mailman/listinfo/ale
>> > >
>> > >
>> >
>> >
>> >
>> > --
>> > --
>> > James P. Kinney III
>> > Actively in pursuit of Life, Liberty and Happiness
>> >
>> > _______________________________________________
>> > Ale mailing list
>> > Ale at ale.org
>> > http://mail.ale.org/mailman/listinfo/ale
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>
>
>
> --
> --
> James P. Kinney III
> Actively in pursuit of Life, Liberty and Happiness
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
>
--
.!# RichardBronosky #!.
More information about the Ale
mailing list