[ale] lojack for laptops?
Bob Toxen
transam at VerySecureLinux.com
Tue Jun 16 14:13:09 EDT 2009
It's gets better.
M$ accuses your company of something bad. "Pay up or we'll shut down
ALL of your company's Winboz computers." Bye bye Fortune 500 company.
A hacker could do the same. Blackmail possibilities are unlimited.
Bob Toxen
bob at verysecurelinux.com [Please use for email to me]
http://www.verysecurelinux.com [Network&Linux security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality spam and virus filters.
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond where
the shadows lie...and the Eye is everwatching"
-- The Silicon Valley Tarot Henrique Holschuh with ... by Bob
On Tue, Jun 16, 2009 at 01:00:01PM -0400, Jim Kinney wrote:
> All tools have both benign and nefarious uses and that one just scared
> the bejeezus out me. Imagine a scenario where a particular laptop is
> targeted, remotely activated over a wake-on-lan wireless NIC which
> then is used to modify the bios to phone home on boot and report GPS
> coordinates, upload keystroke logger, etc.
>
> The potential for large-scale abuse it staggering. Maybe I _should_
> keep some of my old hardware that required a physical _wire_ for WoL
> to work.
>
> Hmm. I recall seeing a similar remote capability in a thinkpad T20
> bios. At that time, it required a mini-pci card to activate but once
> activated, it could not be deactivated with out destroying the
> computer.
>
> where's my tin-foil beanie cap!
>
> On Tue, Jun 16, 2009 at 12:42 PM, Michael H. Warfield<mhw at wittsend.com> wrote:
> > $$!#@$@#!#!@
> >
> > That was not suppose to get sent yet... Fat fingers...
> >
> > On Tue, 2009-06-16 at 12:35 -0400, Michael H. Warfield wrote:
> >> On Mon, 2009-06-15 at 18:34 -0400, Bob Toxen wrote:
> >> > On Mon, Jun 15, 2009 at 02:52:24PM -0500, Preston Boyington wrote:
> >> > > Geoffrey wrote:
> >> > > > Anyone use any software like this? I'm considering it for my daughter's
> >> > > > macbook as she heads off to Tech in the fall.
> >> > > >
> >> > > > Suggestions, recommendations?
> >> > > >
> >> > > > Anyone know of anything like this for Linux??
> >> > > >
> >>
> >> > > I would love a hardware solution. That way the thief wouldn't need to
> >> > > power on the unit for the locator to work.
> >> > Uh, is that like the Pointy Hair Boss saying that he wanted the unit
> >> > to have a light that comes on when the battery is dead? Yes there was
> >> > Dilbert about this. Sorry I couldn't resist.
> >>
> >> > Seriously, this would be a device physically attached to this but not
> >> > electrically connected -- since all such PCMCIA cards and such don't
> >> > have power unless the laptop is running. Hence, it's not really laptop
> >> > related as you could just as easily attach it to your pen (if it were
> >> > small enough).
> >>
> >> Actually, that's not totally true. PCI includes a backup power buss (B
> >> Bus or something like that, I don't recall the exact nominclature) for
> >> things like "wake on lan". If you didn't have that, wake-on-lan
> >> wouldn't work. Certain very low level functions and powered and
> >> operational even if you only have power to the device and don't have it
> >> powered up.
> >
> > Wake-on-lan info:
> >
> > http://en.wikipedia.org/wiki/Wake-on-LAN
> >
> >> The really scary extension to that is the Intel ATM / vPro technology.
> >
> >> http://en.wikipedia.org/wiki/Intel_Active_Management_Technology
> >
> >> "Almost all AMT features are available even if PC power is off, the OS
> >> is crashed, the software agent is missing, or hardware (such as a hard
> >> drive or memory) has failed."
> >
> >> Intel AMT supports these management tasks:
> >>
> >> * Remotely power up, power down, power cycle, and power reset the
> >> computer.[1]
> >> * Remote boot the PC by remotely redirecting the PC’s boot
> >> process, causing it to boot from a different image, such as a
> >> network share, bootable CD-ROM or DVD, remediation drive, or
> >> other boot device.[1][7] This feature supports remote booting a
> >> PC that has a corrupted or missing OS.
> >> * Remotely redirect the system’s I/O via console redirection
> >> through serial over LAN (SOL).[1] This feature supports remote
> >> troubleshooting, remote repair, software upgrades, and similar
> >> processes.
> >> * Access and change BIOS settings remotely.[1] This feature is
> >> available even if PC power is off, the OS is down, or hardware
> >> has failed. This feature is designed to allow remote updates and
> >> corrections of configuration settings. This feature supports
> >> full BIOS updates, not just changes to specific settings.
> >
> > There are other potential uses for the ATM technology and, if you can
> > load certitificates and other software up there, there's quite a few
> > possiblities. But it is intended to be tightly restricted. You can't
> > update it from the normal running OS. But it is intended for remote
> > management, EVEN WHEN THE MACHINE IS INITIALLY turned off. A "lojack"
> > functionality has been discussed in some forums. I'm not aware of any
> > product that actually takes advantage of it for those purposes and I'm
> > not sure how widely deployed it is (like the accelerometers on our
> > laptops, Bob, or VT/SVM capabilities for virtualization).
> >
> >> > > Early possibilities for this seem to be a company called S5 Wireless
> >> > > (http://www.s5w.com/):
> >> > >
> >> > > http://www.gadgetvenue.com/s5-gps-like-tracking-device-is-tiny-12174830/
> >> >
> >> > Bob Toxen
> >> > bob at verysecurelinux.com [Please use for email to me]
> >> > http://www.verysecurelinux.com [Network&Linux security consulting]
> >> > http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
> >> > Quality spam and virus filters.
> >> > Quality Linux & UNIX security and SysAdmin & software consulting since 1990.
> >
> > Mike
> > --
> > Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
> > /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> > NIC whois: MHW9 | An optimist believes we live in the best of all
> > PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
> >
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> >
> >
>
>
>
> --
> --
> James P. Kinney III
> Actively in pursuit of Life, Liberty and Happiness
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list