1996-03-14 - Re:LACC: PC Phones Home?

Header Data

From: tcmay@got.net (Timothy C. May)
To: cypherpunks@toad.com
Message Hash: 5d437d7802c6ba204cb1c708038f080f47e6144ba3f1c295b48313153d88cbaf
Message ID: <ad6ceece080210040306@[205.199.118.202]>
Reply To: N/A
UTC Datetime: 1996-03-14 18:41:33 UTC
Raw Date: Thu, 14 Mar 1996 13:41:33 -0500

Raw message

From: tcmay@got.net (Timothy C. May)
Date: Thu, 14 Mar 1996 13:41:33 -0500
To: cypherpunks@toad.com
Subject: Re:LACC: PC Phones Home?
Message-ID: <ad6ceece080210040306@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain


At 3:41 AM 3/14/96, Jim McCoy wrote:

>A few questions:
>
>1- How does the PC know where it is?
>2- How does the PC know it has been stolen?

The Web reveals all:

1. If the PC has been _reported_ stolen by the owner, any call from that PC
triggers a phone trace, says the company.

2. See #1 (the key is that owner must call and report a particular PC stolen).


>Since this is a software product I am assuming that the answer to #1
>is the use of CallerID on the line when the software calls, which is
>defeated by the use of line blocking by the thief.  The obvious answer
>to #2 seems to me to have the system call the CompuTrace office at
>odd intervals to see if it has been reported stolen yet...
>
>Obvious solution for potential thieves: wipe the disks and reinstall
>an OS once you steal a PC.  This should be done anyway to remove any
>bits of data which might identify the original owner.

These points assume the thief is relatively sophisticated and that the
thief is aware that the CompuTrace system is installed. I suspect that
neither is likely, at least not until the system gets sufficient publicity
so that the first thing thieves and purchasers of suspected-to-be-hot PCs
do is to make plans to avoid this (reformat disks, etc.).

I think the scenario I described in my earlier post on this topic covers
about 97% of all PC thefts: relatively unsophisticated thieves who
warehouse the merchandise until buyers are found. The buyers, in turn, are
also relatively unsophisticated. They may be immigrant businesses looking
for a really good deal on PCs, they may be school systems strapped for
cash, they may be your mother buying her first PC at a flea market.

And they may be any of us, buying a surplus PC.

In none of these cases is the user likely to take steps to disable Caller
ID (and the company may actually do old-fashioned tracing).

>Conclusion:  Yet another useless piece of software riding the
>computer security bandwagon.

I'm not convinced it's software I would want to buy, but it fills a niche,
I think. And it's definitely not the snake oil we've seen recently, as it
makes no outrageous technical claims and seems to be going after a limited
market.

--Tim May


Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^756839 - 1  | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









Thread