1997-06-12 - Re: [CNN] Stolen Laptops and lame ‘solution’

Header Data

From: Ray Arachelian <sunder@brainlink.com>
To: Raymond Mereniuk <raymond@wcs.net>
Message Hash: 6ba063ff90bf1918cb7b0d3b2cff0ad739c674c0027e9ff23cd8217e2fc971d8
Message ID: <Pine.SUN.3.96.970612114018.14283B-100000@beast.brainlink.com>
Reply To: <199706112341.QAA05443@mat.wcs.net>
UTC Datetime: 1997-06-12 16:02:30 UTC
Raw Date: Fri, 13 Jun 1997 00:02:30 +0800

Raw message

From: Ray Arachelian <sunder@brainlink.com>
Date: Fri, 13 Jun 1997 00:02:30 +0800
To: Raymond Mereniuk <raymond@wcs.net>
Subject: Re: [CNN] Stolen Laptops and lame 'solution'
In-Reply-To: <199706112341.QAA05443@mat.wcs.net>
Message-ID: <Pine.SUN.3.96.970612114018.14283B-100000@beast.brainlink.com>
MIME-Version: 1.0
Content-Type: text/plain



On Wed, 11 Jun 1997, Raymond Mereniuk wrote:

> This has been discussed on this list before, about 1 year ago.  The 
> Computrace software is installed on a place on the hard drive where 
> DOS utilities like Fdisk and Format can not get at it.  This is the 
> same as Diskmanager Version 7 or higher, Fdisk and Format will not 
> remove this version of Diskmanager.

Okay, so if format and fdisk won't get to it, then it must live in the
master boot record - (otherwise how would it run?)  Booting off a floppy
and running FDISK /MBR would wipe it.  If not, then a low level format
would.  If you lack the software for a low level wipe then a program that
zaps every sector of a drive including the MBR, and partition table would
fix it.  (If it lived on the boot sector than replacing it with the SYS
command would be possible.  If it lives in any other area, it can't
execute.)

Installing Linux with Lilo in the MBR would also zap it.  Can it work with
other operating systems?  Say NT, or Solaris x86, Linux, or OS/2?  It's
useless if someone can simply install a non-compatible OS.  If it still
works with other OS's, then it only runs durring the bootup processes.
Which means that you simply don't plug your modem on the phone line while
you boot up and that's that.  If it's only compatible with Win95 or DOS,
then you install NT or Linux, or Solaris, and that will bypass it.


[The other (unlikely) possibility is that it would live in the BIOS for
FlashBIOS machines, but this is not likely since if it were to go there,
chances are there would be bugs and incompatibilities between their
software and the BIOS that would damage the computer. ]
 
The 1st thing a smart theif would do is to remove the modem from the
notebook computer and sell it separatly.  That way until the sucker with
the stolen notebook buys and uses a modem, he's untraceable.  And he can
sell the modem to someone else.

> The Computrace software is configured to call the 1-800 number on a 
> regular pre-assigned schedule and talk to the computers at Absolute 
> Software.  If the notebook has been reported stolen the computers at 
> Absolute will advise the subject unit to call back on a more frequent 
> basis.  The Computrace software turns off all modem speaker 
> functionality.

What if the notebook HASN'T been reported as stolen?  Then this software
can be used to track the location of the notebook computer, and as such it
is a privacy intrusion device.  I don't want some piece of software, even
if it protects my computer from theft to report on where I am at a given
time.  It is none of Computrace's business.

As for the silent modem functionality, I can simply attach a phone monitor
on the line.  A simple $19 box from RadioShack that hooks up to a tape
recorder can be hooked up to a powered speaker.  If the theif hears the
notebook dial the phone, he'd know it's there.

In any case, I'm not as worried about notebook loss as I am about the data
on it, so having a good hard drive encryptor is more valuable to me than
losing $2K for a notebook computer.  I don't trust this hackish bit of
software, especially if it will keep tabs on my location when the thing
isn't stolen.

(And yes I have that same sentiment about the LoJack car transponder, and
the EZ-Pass toll paying system, and cell phones.  Each of these
technologies can report on your whereabouts and thus pinpoint your
location at any given time.  They're all invasion of privacy things that
the masses are suckered into buying for either protection or convenience.
Uncool stuff.  I'd rather get comprehensive theft insurance, and pay tolls
in cash. FYI: I do have a cell phone, but I keep it off so it can't
transmit anything when I'm not using it.  Of course toll boths take pix
of the licensplates that pass by, but that's something I've no control
over.)

=====================================Kaos=Keraunos=Kybernetos==============
.+.^.+.|  Ray Arachelian    | "Boy meets beer.  Boy drinks Beer,     |./|\.
..\|/..|sunder@sundernet.com|        Boy gets another beer!"         |/\|/\
<--*-->| ------------------ |                                        |\/|\/
../|\..| "A toast to Odin,  | For with those which eternal lie, with |.\|/.
.+.v.+.|God of screwdrivers"| strange aeons, even death may die.     |.....
======================== http://www.sundernet.com =========================






Thread