[ale] lojack for laptops?
Jim Kinney
jim.kinney at gmail.com
Tue Jun 16 14:28:49 EDT 2009
RIAA/MPAA accuses your company of allowing illegal music/movie downloads and
no warrant is needed...
On Tue, Jun 16, 2009 at 2:13 PM, Bob Toxen <transam at verysecurelinux.com>wrote:
> It's gets better.
>
> M$ accuses your company of something bad. "Pay up or we'll shut down
> ALL of your company's Winboz computers." Bye bye Fortune 500 company.
>
> A hacker could do the same. Blackmail possibilities are unlimited.
>
> Bob Toxen
> bob at verysecurelinux.com [Please use for email to me]
> http://www.verysecurelinux.com [Network&Linux security consulting]
> http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security
> 2/e"]
> Quality spam and virus filters.
> Quality Linux & UNIX security and SysAdmin & software consulting since
> 1990.
>
> "One disk to rule them all, One disk to find them. One disk to bring
> them all and in the darkness grind them. In the Land of Redmond where
> the shadows lie...and the Eye is everwatching"
> -- The Silicon Valley Tarot Henrique Holschuh with ... by Bob
>
> On Tue, Jun 16, 2009 at 01:00:01PM -0400, Jim Kinney wrote:
> > All tools have both benign and nefarious uses and that one just scared
> > the bejeezus out me. Imagine a scenario where a particular laptop is
> > targeted, remotely activated over a wake-on-lan wireless NIC which
> > then is used to modify the bios to phone home on boot and report GPS
> > coordinates, upload keystroke logger, etc.
> >
> > The potential for large-scale abuse it staggering. Maybe I _should_
> > keep some of my old hardware that required a physical _wire_ for WoL
> > to work.
> >
> > Hmm. I recall seeing a similar remote capability in a thinkpad T20
> > bios. At that time, it required a mini-pci card to activate but once
> > activated, it could not be deactivated with out destroying the
> > computer.
> >
> > where's my tin-foil beanie cap!
> >
> > On Tue, Jun 16, 2009 at 12:42 PM, Michael H. Warfield<mhw at wittsend.com>
> wrote:
> > > $$!#@$@#!#!@
> > >
> > > That was not suppose to get sent yet... Fat fingers...
> > >
> > > On Tue, 2009-06-16 at 12:35 -0400, Michael H. Warfield wrote:
> > >> On Mon, 2009-06-15 at 18:34 -0400, Bob Toxen wrote:
> > >> > On Mon, Jun 15, 2009 at 02:52:24PM -0500, Preston Boyington wrote:
> > >> > > Geoffrey wrote:
> > >> > > > Anyone use any software like this? I'm considering it for my
> daughter's
> > >> > > > macbook as she heads off to Tech in the fall.
> > >> > > >
> > >> > > > Suggestions, recommendations?
> > >> > > >
> > >> > > > Anyone know of anything like this for Linux??
> > >> > > >
> > >>
> > >> > > I would love a hardware solution. That way the thief wouldn't
> need to
> > >> > > power on the unit for the locator to work.
> > >> > Uh, is that like the Pointy Hair Boss saying that he wanted the unit
> > >> > to have a light that comes on when the battery is dead? Yes there
> was
> > >> > Dilbert about this. Sorry I couldn't resist.
> > >>
> > >> > Seriously, this would be a device physically attached to this but
> not
> > >> > electrically connected -- since all such PCMCIA cards and such don't
> > >> > have power unless the laptop is running. Hence, it's not really
> laptop
> > >> > related as you could just as easily attach it to your pen (if it
> were
> > >> > small enough).
> > >>
> > >> Actually, that's not totally true. PCI includes a backup power
> buss (B
> > >> Bus or something like that, I don't recall the exact nominclature) for
> > >> things like "wake on lan". If you didn't have that, wake-on-lan
> > >> wouldn't work. Certain very low level functions and powered and
> > >> operational even if you only have power to the device and don't have
> it
> > >> powered up.
> > >
> > > Wake-on-lan info:
> > >
> > > http://en.wikipedia.org/wiki/Wake-on-LAN
> > >
> > >> The really scary extension to that is the Intel ATM / vPro
> technology.
> > >
> > >> http://en.wikipedia.org/wiki/Intel_Active_Management_Technology
> > >
> > >> "Almost all AMT features are available even if PC power is off, the OS
> > >> is crashed, the software agent is missing, or hardware (such as a hard
> > >> drive or memory) has failed."
> > >
> > >> Intel AMT supports these management tasks:
> > >>
> > >> * Remotely power up, power down, power cycle, and power reset
> the
> > >> computer.[1]
> > >> * Remote boot the PC by remotely redirecting the PC’s boot
> > >> process, causing it to boot from a different image, such as a
> > >> network share, bootable CD-ROM or DVD, remediation drive, or
> > >> other boot device.[1][7] This feature supports remote booting
> a
> > >> PC that has a corrupted or missing OS.
> > >> * Remotely redirect the system’s I/O via console redirection
> > >> through serial over LAN (SOL).[1] This feature supports remote
> > >> troubleshooting, remote repair, software upgrades, and similar
> > >> processes.
> > >> * Access and change BIOS settings remotely.[1] This feature is
> > >> available even if PC power is off, the OS is down, or hardware
> > >> has failed. This feature is designed to allow remote updates
> and
> > >> corrections of configuration settings. This feature supports
> > >> full BIOS updates, not just changes to specific settings.
> > >
> > > There are other potential uses for the ATM technology and, if
> you can
> > > load certitificates and other software up there, there's quite a few
> > > possiblities. But it is intended to be tightly restricted. You can't
> > > update it from the normal running OS. But it is intended for remote
> > > management, EVEN WHEN THE MACHINE IS INITIALLY turned off. A "lojack"
> > > functionality has been discussed in some forums. I'm not aware of any
> > > product that actually takes advantage of it for those purposes and I'm
> > > not sure how widely deployed it is (like the accelerometers on our
> > > laptops, Bob, or VT/SVM capabilities for virtualization).
> > >
> > >> > > Early possibilities for this seem to be a company called S5
> Wireless
> > >> > > (http://www.s5w.com/):
> > >> > >
> > >> > >
> http://www.gadgetvenue.com/s5-gps-like-tracking-device-is-tiny-12174830/
> > >> >
> > >> > Bob Toxen
> > >> > bob at verysecurelinux.com [Please use for email to me]
> > >> > http://www.verysecurelinux.com [Network&Linux security
> consulting]
> > >> > http://www.realworldlinuxsecurity.com [My book:"Real World Linux
> Security 2/e"]
> > >> > Quality spam and virus filters.
> > >> > Quality Linux & UNIX security and SysAdmin & software consulting
> since 1990.
> > >
> > > Mike
> > > --
> > > Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
> > > /\/\|=mhw=|\/\/ | (678) 463-0932 |
> http://www.wittsend.com/mhw/
> > > NIC whois: MHW9 | An optimist believes we live in the best
> of all
> > > PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of
> it!
> > >
> > >
> > > _______________________________________________
> > > Ale mailing list
> > > Ale at ale.org
> > > http://mail.ale.org/mailman/listinfo/ale
> > >
> > >
> >
> >
> >
> > --
> > --
> > James P. Kinney III
> > Actively in pursuit of Life, Liberty and Happiness
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
--
--
James P. Kinney III
Actively in pursuit of Life, Liberty and Happiness
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20090616/8e885bd8/attachment.html
More information about the Ale
mailing list